{"created":"2025-01-18T23:44:52.428849+00:00","updated":"2025-01-21T12:21:58.017450+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00098671","sets":["1164:1579:7406:7463"]},"path":["7463"],"owner":"11","recid":"98671","title":["不正侵入検知システムにおけるマルチコア上でのシグネチャ割当によるレイテンシ削減手法"],"pubdate":{"attribute_name":"公開日","attribute_value":"2014-02-27"},"_buckets":{"deposit":"2e4ce6ef-d14e-4103-9de0-5c4def73a51a"},"_deposit":{"id":"98671","pid":{"type":"depid","value":"98671","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"不正侵入検知システムにおけるマルチコア上でのシグネチャ割当によるレイテンシ削減手法","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"不正侵入検知システムにおけるマルチコア上でのシグネチャ割当によるレイテンシ削減手法"},{"subitem_title":"A Latency Reduction Technique for IDS by Allocating Decomposed Signature on Multi-core","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"実行効率化","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2014-02-27","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"早稲田大学"},{"subitem_text_value":"早稲田大学"},{"subitem_text_value":"早稲田大学"},{"subitem_text_value":"早稲田大学"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Waseda University","subitem_text_language":"en"},{"subitem_text_value":"Waseda University","subitem_text_language":"en"},{"subitem_text_value":"Waseda University","subitem_text_language":"en"},{"subitem_text_value":"Waseda University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/98671/files/IPSJ-ARC14209002.pdf"},"date":[{"dateType":"Available","dateValue":"2016-02-27"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-ARC14209002.pdf","filesize":[{"value":"1.6 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"16"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"afa7315d-a0d2-4406-9f04-9651d08729d9","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2014 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"山田, 正平"},{"creatorName":"見神, 広紀"},{"creatorName":"木村, 啓二"},{"creatorName":"笠原, 博徳"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Shohei, Yamada","creatorNameLang":"en"},{"creatorName":"Hiroki, Mikami","creatorNameLang":"en"},{"creatorName":"Keiji, Kimura","creatorNameLang":"en"},{"creatorName":"Hironori, Kasahara","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN10096105","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"企業や政府機関を標的としたサイバー攻撃が年々高度で大規模なものになっている．これらサイバー攻撃の有効策のひとつとして不正侵入検知システムが挙げられる．不正侵入検知システムはネットワークを監視し，IP パケットをフィルタリングすることで不審なアクセスをリアルタイムで検知する．一方で，膨大なパケットを処理するための処理性能が求められる．そこで本研究では，シグネチャ型の不正侵入検知システムにおいてシグネチャを分割し，マルチコアへの割当によるレイテンシ削減手法を提案する．本手法は，並列処理によってパケットあたりの検知処理時間の短縮が可能である．レイテンシ削減手法をオープンソースの不正侵入検知システムであるSuricataにおいて適用し，DARPA Intrusion Detection Evaluation Data Setなどのデータセットを入力とした際の検知処理性能を評価した．その結果，2 コア上でシグネチャを分割しない場合と比較して DARPA Intrusion Detection Evaluation Data Set において 4 コア上で最大 3.22 倍の検知処理時間の短縮を得ることができた．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Cyber attacks targeting on companies and government organizations have been increasing and highly developed. An Intrusion Detection System (IDS) is one of efficient solutions to prevent those attacks. An IDS detects illegal network accesses in realtime by monitoring the network and filtering suspicious IP packets. Large processing performance is required for IDSs to process a large number of IP packets in realtime. In order to satisfy this requirement, a latency reduction technique for signature-based IDSs by allocating decomposed signature on multicores is proposed in this paper. The proposed technique is implemented in Suricata, which is an open source IDS, and evaluated it with several data sets, such as DARPA Intrusion Detection Evaluation Data Set. The evaluation results show the proposed techniques with four cores achieves 3.22 times performance improvement in maximum comparing with two cores without signature decomposition.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"8","bibliographic_titles":[{"bibliographic_title":"研究報告計算機アーキテクチャ（ARC）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2014-02-27","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"2","bibliographicVolumeNumber":"2014-ARC-209"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"id":98671,"links":{}}