| Project/Area Number |
15K00115
|
|---|
| Research Category |
Grant-in-Aid for Scientific Research (C)
|
| Allocation Type | Multi-year Fund |
|---|
| Section | 一般 |
|---|
| Research Field |
Information network
|
|---|
| Research Institution | Tokyo Institute of Technology |
|---|
Principal Investigator |
MATSUURA Satoshi 東京工業大学, 学術国際情報センター, 准教授 (00533845)
|
|---|
| Project Period (FY) |
2015-04-01 – 2019-03-31
|
| Project Status |
Completed (Fiscal Year 2018)
|
| Budget Amount *help |
¥4,550,000 (Direct Cost: ¥3,500,000、Indirect Cost: ¥1,050,000)
Fiscal Year 2017: ¥1,560,000 (Direct Cost: ¥1,200,000、Indirect Cost: ¥360,000)
Fiscal Year 2016: ¥1,820,000 (Direct Cost: ¥1,400,000、Indirect Cost: ¥420,000)
Fiscal Year 2015: ¥1,170,000 (Direct Cost: ¥900,000、Indirect Cost: ¥270,000)
|
|---|
| Keywords | サービス構築基盤技術 |
|---|
| Outline of Final Research Achievements |
Depending on the type of cyber attack or incident response, search requests for security logs may differ significantly, and search patterns may not be matched in a particular static logical space. Therefore, we concluded that the construction of a distributed environment system based on time axis is appropriate, and we have actually designed / constructed and verified the proposed system on our SOC. In a distributed environment with time constraint, searching by other attributes (for example, IP address) will result in a complete survey and the efficiency will be extremely low. The search imposed was not a problem in many cases, and was shown to be usable in a wide range of cases and also useful in the actual operation environment.
|
| Academic Significance and Societal Importance of the Research Achievements |
サイバー攻撃が高度多様化する中で多層防御が一般的となり、各組織で対策が進んでいる。一方でそれらのセキュリティ機器を扱うためには多くの計算機資源と高度な専門知識を有する技術者が必要である。本研究では時間軸に着目し、実際の運用現場で利用可能なログ分析基盤の構築を行い検証を重ねた。またその提案システムをさらに活用するために技術者の知見蓄積および再利用にも取り組み、セキュリティの現場において成果を得る事が出来た。このような具体的で実践的な取り組みは他組織のセキュリティ現場においても利活用出来る成果であり、一定の社会的意義を持つ研究であると考えられる。
|
