{"created":"2025-01-18T23:44:36.408463+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00098331","sets":["6164:6165:6462:7437"]},"path":["7437"],"owner":"11","recid":"98331","title":["プロセス関連情報の不可視化によりプロセスの識別を困難にする攻撃回避手法"],"pubdate":{"attribute_name":"公開日","attribute_value":"2013-10-14"},"_buckets":{"deposit":"fd49e255-7e82-4852-9b5c-9d786bf642a2"},"_deposit":{"id":"98331","pid":{"type":"depid","value":"98331","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"プロセス関連情報の不可視化によりプロセスの識別を困難にする攻撃回避手法","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"プロセス関連情報の不可視化によりプロセスの識別を困難にする攻撃回避手法"},{"subitem_title":"Attack Avoiding Method Obscuring Process Identification by Making Process Information Invisible","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"攻撃回避，仮想化技術","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2013-10-14","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"岡山大学大学院自然科学研究科"},{"subitem_text_value":"岡山大学大学院自然科学研究科"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Graduate School of Natural Science and Technology, Okayama University","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Natural Science and Technology, Okayama University","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/98331/files/IPSJCSS2013137.pdf"},"date":[{"dateType":"Available","dateValue":"2015-10-14"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2013137.pdf","filesize":[{"value":"260.4 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"29336ca3-1c69-462d-90a9-b0784d0d7e5e","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2013 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"佐藤, 将也"},{"creatorName":"山内, 利宏"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Masaya, Sato","creatorNameLang":"en"},{"creatorName":"Toshihiro, Yamauchi","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"マルウェア対策ソフトウェアや管理ツールなど，セキュリティにおいて重要なソフトウェアは，攻撃の対象となり，無力化される恐れがある．そこで，攻撃者から重要なソフトウェアの識別を困難にし，攻撃の対象から除外する手法として，プロセスの識別を困難にする攻撃回避手法を提案する．提案手法では，カーネル内に保持するプロセス関連情報を偽の情報に動的に入れ替えることにより，プロセス関連情報をもとにしたプロセスの識別を困難にする．提案手法を仮想計算機モニタの改変により実現することで，機構自体の安全性を高める．また，仮想計算機モニタ以外は改変しないことで，既存のOSやAPの改変なしに提案手法を実現する．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Security-critical software has risk of attacks on the software itself to disable its functionality by adversaries. To decrease the risk, we propose an attack avoidance method that obscure process identification. The proposed method obscure process identification based on process-related information by dynamically replacing that information held by a kernel to dummy information.  Implementation of the proposed method with a virtual machine monitor enhances security of the mechanism itself. Further, by implementing our proposal with a virtual machine monitor, OSes and APs are not modified.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"1049","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2013論文集"}],"bibliographicPageStart":"1042","bibliographicIssueDates":{"bibliographicIssueDate":"2013-10-14","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"4","bibliographicVolumeNumber":"2013"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"id":98331,"updated":"2025-01-21T12:34:36.716055+00:00","links":{}}