{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00098291","sets":["6164:6165:6462:7437"]},"path":["7437"],"owner":"11","recid":"98291","title":["通信源ホストの分類を利用したダークネット通信解析"],"pubdate":{"attribute_name":"公開日","attribute_value":"2013-10-14"},"_buckets":{"deposit":"3525e231-5c42-4a7c-9bba-00c3ed8c1e60"},"_deposit":{"id":"98291","pid":{"type":"depid","value":"98291","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"通信源ホストの分類を利用したダークネット通信解析","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"通信源ホストの分類を利用したダークネット通信解析"},{"subitem_title":"Darknet Traffic Analysis by Using Source Host Classification","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"ダークネット","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2013-10-14","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"早稲田大学"},{"subitem_text_value":"早稲田大学"},{"subitem_text_value":"早稲田大学"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"School of Fundamental Science and Engineering, Waseda University","subitem_text_language":"en"},{"subitem_text_value":"School of Fundamental Science and Engineering, Waseda University","subitem_text_language":"en"},{"subitem_text_value":"School of Fundamental Science and Engineering, Waseda University","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/98291/files/IPSJCSS2013097.pdf"},"date":[{"dateType":"Available","dateValue":"2015-10-14"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2013097.pdf","filesize":[{"value":"894.4 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"fd3b37aa-d63c-49c1-b6bc-64059cd4e142","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2013 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"笹生, 憲"},{"creatorName":"森, 達哉"},{"creatorName":"後藤, 滋樹"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Akira, Saso","creatorNameLang":"en"},{"creatorName":"Tatsuya, Mori","creatorNameLang":"en"},{"creatorName":"Shigeki, Goto","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"ダークネットで観測される片方向通信のパケットはペイロードを含まないため，通信解析時には主としてIPアドレスやポート番号等のパケットのヘッダに記録された限定的な情報が利用される．本研究は通信源ホストを分類した上で通信データを解析することによって，ダークネットの通信データからより多くの情報を獲得することを狙いとする．ホストを分類するためにホスト毎の通信パターンおよびOSフィンガープリントを利用する方法を提案する．4,096 個のIPアドレスで構成されるダークネットで2年間収集した通信データに提案手法を適用し，セキュリティ対策に有用な新規情報を抽出したケーススタディを報告する","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Since all the incoming packets destined to Darknet do not consist of payload, information available from packet headers such as source IP addresses, destination port numbers, and packet size are commonly used for Darknet traffic analysis. However, information obtained through IP address is limited. Based on the observation, this work aims to extend the information of source hosts by using two techniques: traffic pattern extraction and  OS finger printing. Through the analysis of Darknet traffic data that is collected from /20 size Darknet for two years, we report several case studies that successfully demonstrate the usefulness of our approach.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"736","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2013論文集"}],"bibliographicPageStart":"729","bibliographicIssueDates":{"bibliographicIssueDate":"2013-10-14","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"4","bibliographicVolumeNumber":"2013"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"updated":"2025-01-21T12:33:20.482811+00:00","created":"2025-01-18T23:44:34.451966+00:00","links":{},"id":98291}