{"created":"2023-07-25T10:33:22.537137+00:00","id":4753,"links":{},"metadata":{"_buckets":{"deposit":"035c3428-f8b6-4f0c-b314-73326963eaa9"},"_deposit":{"created_by":3,"id":"4753","owners":[3],"pid":{"revision_id":0,"type":"depid","value":"4753"},"status":"published"},"_oai":{"id":"oai:shizuoka.repo.nii.ac.jp:00004753","sets":["80:222"]},"author_link":["1198","1202","1210","941","1200","1201"],"item_26_alternative_title_1":{"attribute_name":"その他のタイトル","attribute_value_mlt":[{"subitem_alternative_title":"An unknown-worm and mutated-worm detection scheme based on capturing self-initiated READ behavior"}]},"item_26_biblio_info_5":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicIssueDates":{"bibliographicIssueDate":"2006-03-16","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"26","bibliographicPageEnd":"280","bibliographicPageStart":"275","bibliographicVolumeNumber":"2006","bibliographic_titles":[{"bibliographic_title":"情報処理学会研究報告. CSEC, [コンピュータセキュリティ]"}]}]},"item_26_description_30":{"attribute_name":"フォーマット","attribute_value_mlt":[{"subitem_description":"application/pdf","subitem_description_type":"Other"}]},"item_26_description_9":{"attribute_name":"抄録","attribute_value_mlt":[{"subitem_description":"ワームの感染は,ワーム自身を他のPCにネットワーク経由でコピーすることに他ならない.よってワームの感染行動は,OSのファイルシステム上では,自分自身のファイルをREAD(コピー)し,これを通信APIにWRITE (ペースト)するという動作として現れる.本稿では,この「ワームの自己ファイルREAD」を検出することにより,ワームを検知する方式を提案する.原理的にはワームは必ず自己ファイルREADを行うため,本方式によれば未知ワームや変異型ワームも検知可能であると考えられる.また本方式は,エンドユーザのPCにおける各プロセスのファイルアクセスを常時監視することにより実装可能であるため,ワームのリアルタイム検知も実現できる.本稿では本方式のコンセプトを示した上で,ファイルアクセスを監視するモニタツールを用いて擬似的に本方式の未知ワーム検知能力を検証する.","subitem_description_type":"Abstract"}]},"item_26_publisher_6":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会"}]},"item_26_relation_22":{"attribute_name":"NII論文ID","attribute_value_mlt":[{"subitem_relation_type":"isIdenticalTo","subitem_relation_type_id":{"subitem_relation_type_id_text":"110004683678","subitem_relation_type_select":"NAID"}}]},"item_26_rights_7":{"attribute_name":"権利","attribute_value_mlt":[{"subitem_rights":"本文データは学協会の許諾に基づきCiNiiから複製したものであるここに掲載した著作物の利用に関する注意 本著作物の著作権は（社）情報処理学会に帰属します。本著作物は著作権者である情報処理学会の許可のもとに掲載するものです。ご利用に当たっては「著作権法」ならびに「情報処理学会倫理綱領」に従うことをお願いいたします。 Notice for the use of this material The copyright of this material is retained by the Information Processing Society of Japan (IPSJ). This material is published on this web site with the agreement of the author (s) and the IPSJ. Please be complied with Copyright Law of Japan and the Code of Ethics of the IPSJ if any users wish to reproduce, make derivative work, distribute or make available to the public any part or whole thereof. All Rights Reserved, Copyright (C) Information Processing Society of Japan."}]},"item_26_source_id_19":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"09196072","subitem_source_identifier_type":"ISSN"}]},"item_26_source_id_23":{"attribute_name":"NII書誌ID","attribute_value_mlt":[{"subitem_source_identifier":"AA11235941","subitem_source_identifier_type":"NCID"}]},"item_26_subject_8":{"attribute_name":"NDC","attribute_value_mlt":[{"subitem_subject":"007","subitem_subject_scheme":"NDC"}]},"item_26_version_type_32":{"attribute_name":"著者版フラグ","attribute_value_mlt":[{"subitem_version_resource":"http://purl.org/coar/version/c_970fb48d4fbd8a85","subitem_version_type":"VoR"}]},"item_creator":{"attribute_name":"著者","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"鈴木, 功一"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"松本, 隆明"}],"nameIdentifiers":[{},{},{}]},{"creatorNames":[{"creatorName":"高見, 知寛"}],"nameIdentifiers":[{},{}]},{"creatorNames":[{"creatorName":"馬場, 達也"}],"nameIdentifiers":[{},{}]},{"creatorNames":[{"creatorName":"前田, 秀介"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"西垣, 正勝"}],"nameIdentifiers":[{},{},{},{}]}]},"item_files":{"attribute_name":"ファイル情報","attribute_type":"file","attribute_value_mlt":[{"accessrole":"open_date","date":[{"dateType":"Available","dateValue":"2017-12-14"}],"displaytype":"detail","filename":"101101004.pdf","filesize":[{"value":"433.4 kB"}],"format":"application/pdf","licensetype":"license_note","mimetype":"application/pdf","url":{"label":"101101004.pdf","url":"https://shizuoka.repo.nii.ac.jp/record/4753/files/101101004.pdf"},"version_id":"1cc39ee7-960e-42c7-8f60-3486423e5bf6"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourcetype":"journal article","resourceuri":"http://purl.org/coar/resource_type/c_6501"}]},"item_title":"自己ファイルREADの検出による未知ワーム・変異型ワームの検知方式の提案(セッション8-B:ワーム対策)","item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"自己ファイルREADの検出による未知ワーム・変異型ワームの検知方式の提案(セッション8-B:ワーム対策)"}]},"item_type_id":"26","owner":"3","path":["222"],"pubdate":{"attribute_name":"公開日","attribute_value":"2010-11-01"},"publish_date":"2010-11-01","publish_status":"0","recid":"4753","relation_version_is_last":true,"title":["自己ファイルREADの検出による未知ワーム・変異型ワームの検知方式の提案(セッション8-B:ワーム対策)"],"weko_creator_id":"3","weko_shared_id":-1},"updated":"2024-02-14T02:53:10.668194+00:00"}