{"created":"2025-01-18T23:44:34.500566+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00098292","sets":["6164:6165:6462:7437"]},"path":["7437"],"owner":"11","recid":"98292","title":["ライブネットにおける不正通信の早期検知手法"],"pubdate":{"attribute_name":"公開日","attribute_value":"2013-10-14"},"_buckets":{"deposit":"95787dd9-df4f-48b1-950b-84f4e4b1c35d"},"_deposit":{"id":"98292","pid":{"type":"depid","value":"98292","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"ライブネットにおける不正通信の早期検知手法","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"ライブネットにおける不正通信の早期検知手法"},{"subitem_title":"Realtime Detection Method to Malicious Traffic in Livenet","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"標的型攻撃，ライブネット通信，不正通信検知，ダークネット，ブラックリスト","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2013-10-14","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"独立行政法人情報通信研究機構"},{"subitem_text_value":"独立行政法人情報通信研究機構"},{"subitem_text_value":"独立行政法人情報通信研究機構"},{"subitem_text_value":"独立行政法人情報通信研究機構"},{"subitem_text_value":"独立行政法人　情報通信研究機構"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"National Institute of Information and Communications Technology (NICT)","subitem_text_language":"en"},{"subitem_text_value":"National Institute of Information and Communications Technology (NICT)","subitem_text_language":"en"},{"subitem_text_value":"National Institute of Information and Communications Technology (NICT)","subitem_text_language":"en"},{"subitem_text_value":"National Institute of Information and Communications Technology (NICT)","subitem_text_language":"en"},{"subitem_text_value":"National Institute of Information and Communications Technology (NICT)","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/98292/files/IPSJCSS2013098.pdf"},"date":[{"dateType":"Available","dateValue":"2015-10-14"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2013098.pdf","filesize":[{"value":"472.2 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"b810d836-b422-4d93-92ca-32590f7c8a18","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2013 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"嶌田, 一郎"},{"creatorName":"津田, 侑"},{"creatorName":"神薗, 雅紀"},{"creatorName":"井上, 大介"},{"creatorName":"中尾, 康二"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Ichiro, Shimada","creatorNameLang":"en"},{"creatorName":"Yu, Tsuda","creatorNameLang":"en"},{"creatorName":"Masaki, Kamizono","creatorNameLang":"en"},{"creatorName":"Daisuke, Inoue","creatorNameLang":"en"},{"creatorName":"Koji, Nakao","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"標的型攻撃は，侵入防止を目的とした境界防御型のセキュリティ対策を標的型攻撃メールなどにより突破後，マルウェアを組織内ネットワークへ侵入させ，情報を窃取し，組織外部の悪性ホストへ窃取した情報を送出する.したがって，標的型攻撃の対策の一つとして，悪性ホストとの通信を迅速に検知することが有効と考えられる．そこで，本研究では組織内の膨大なライブネット通信の中から迅速に不正通信を検知する手法の一つとして，nicterのダークネット観測情報（膨大な悪性ホストのリスト）とライブネット通信をリアルタイムに照合し，不正通信検知に応用する手法を提案する．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In targeted cyber attacks, malicious software is first used to breach into the internal network of an organization. That software then usually searches the network for valuable information and if found, transmits it to a remote server to be processed by the attacker. Therefore, it is important to detect suspicious communications with external hosts as early as possible to prevent information leakage. In this paper, we propose a method to identify such malicious traffic in \"live\" networks based on the observation of the traffic sent to the darknet overseen by the nicter project from NICT.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"744","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2013論文集"}],"bibliographicPageStart":"737","bibliographicIssueDates":{"bibliographicIssueDate":"2013-10-14","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"4","bibliographicVolumeNumber":"2013"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"links":{},"id":98292,"updated":"2025-01-21T12:33:22.314150+00:00"}