Robust Detecting Malicious Accesses to Information Manipulation Based on Behavior Estimation of Software

Research Project

Project/Area Number	19700053
Research Category	Grant-in-Aid for Young Scientists (B)
Allocation Type	Single-year Grants
Research Field	Computer system/Network
Research Institution	Tohoku University
Principal Investigator	WAIZUMI Yuji Tohoku University, 大学院情報科学研究科, 講師 (90333872)
Project Period (FY)	2007 – 2008
Project Status	Completed (Fiscal Year 2008)
Budget Amount *help	¥2,900,000 (Direct Cost: ¥2,600,000、Indirect Cost: ¥300,000) Fiscal Year 2008: ¥1,300,000 (Direct Cost: ¥1,000,000、Indirect Cost: ¥300,000) Fiscal Year 2007: ¥1,600,000 (Direct Cost: ¥1,600,000)
Keywords	不正アクセス検知 / 情報流出 / アプリケーション識別 / ペイロード長 / パケット送受信間隔 / 遷移パターン / 情報流出事故 / パケットサイズ / アプリケーションペイロード
Research Abstract	情報流出事故を引き起こす不正アクセスを検知するために,ソフトウエアの挙動をネットワークトラヒックから推定し,プロトコルヘッダなどが改竄された場合でも適切に動作可能なトラヒックの解析・評価方式を構築した.

Report

(3 results)

2008 Annual Research Report Final Research Report ( PDF )
2007 Annual Research Report

Research Products
(17 results)

All 2009 2008 2007

All Journal Article (12 results) (of which Peer Reviewed: 12 results) Presentation (5 results)

[Journal Article] Combating against internet worms in large-scale networks : an autonomic signature-based solution2009
- Author(s)
  K. Simkhada, T. Taleb, Y. Waizumi, A. Jamalipour, Y. Nemoto
- Journal Title
  
  SECURITY AND COMMUNICATION NETWORKS Vol.2
  
  Pages: 11-28
- Related Report
  2008 Final Research Report
- Peer Reviewed
[Journal Article] Combating against internet worms in large-scale networks : an autonomic signature-based solution2009
- Author(s)
  K. Simkhada, T. Taleb, Y. Waizumi, A. Jamalipour, Y. Nemoto
- Journal Title
  
  SECURITY AND COMMUNICATION NETW ORKS 2
  
  Pages: 11-28
- Related Report
  2008 Annual Research Report
- Peer Reviewed
[Journal Article] Network Application Identification Using Transition Pattern of Payload Length2008
- Author(s)
  S. Yagi, Y. Waizumi, H. Tsunoda, A. Jamalipour, N. Kato, Y. Nemoto
- Journal Title
  
  Proc. of WCNC Globecom CDROM
- Related Report
  2008 Final Research Report
- Peer Reviewed
[Journal Article] A Reliable Network Application Identification Based on Transition Pattern of Payload Length2008
- Author(s)
  S. Yagi, Y. Waizumi, H. Tsunoda, Y. Nemoto
- Journal Title
  
  Proc. of Globecom CDROM
- Related Report
  2008 Final Research Report
- Peer Reviewed
[Journal Article] Network Application Identification Using Transition Pattern of Payload Length2008
- Author(s)
  S. Yagi, Y. Waizumi, H. Tsunoda, A . Jamalipour, N. Kato, Y. Nemoto
- Journal Title
  
  IEEE WCNC 2008 (CDROM)
- Related Report
  2008 Annual Research Report
- Peer Reviewed
[Journal Article] A Reliable Network Application Identification Based on Transition Pattern of Payload Length2008
- Author(s)
  S. Yagi, Y. Waizumi, H. Tsunoda, Y. Nemoto
- Journal Title
  
  IEEE Globecom 2008 (CDROM)
- Related Report
  2008 Annual Research Report
- Peer Reviewed
[Journal Article] Network Application Identiffication Based on Transition Pattern of Packets2007
- Author(s)
  Yuji Waizumi, Abbas Jamalipour, and Yoshiaki Nemoto
- Journal Title
  
  Proc. of IEEE Wireless Rural and Emergency Communications Conference CDROM
- Related Report
  2008 Final Research Report
- Peer Reviewed
[Journal Article] 相関係数発生確率行列を利用したネットワーク状態評価方式2007
- Author(s)
  和泉勇治,廣瀬淳一,角田裕,根元義章
- Journal Title
  
  電子情報通信学会論文誌B 90-B, No.7
  
  Pages: 660-669
- NAID
  110007379003
- Related Report
  2008 Final Research Report
- Peer Reviewed
[Journal Article] Distributed Early Worm Detection Based on Payload Histogram Similarity2007
- Author(s)
  Y. WAIZUMI, M. TSUJI, H. TSUNODA, N. ANSARI, Y. NEMOTO
- Journal Title
  
  Proc. of 2007 IEEE International Conference on Communications CDROM
- Related Report
  2008 Final Research Report
- Peer Reviewed
[Journal Article] 相関係数発生確率行列を利用したネットワーク状態評価方式2007
- Author(s)
  和泉勇治、廣瀬淳一、角田裕、根元義章
- Journal Title
  
  電子情報通信学会論文誌B 90-B, No.7
  
  Pages: 660-669
- NAID
  110007379003
- Related Report
  2007 Annual Research Report
- Peer Reviewed
[Journal Article] Network Application Identiffication Based on Transition Pattern of Packets2007
- Author(s)
  Yuji Waizumi, Abbas Jamalipour, and Yoshiaki Nemoto
- Journal Title
  
  Proc. of IEEE Wireless Rural and Emergency Communications Conference (CDROM)
- Related Report
  2007 Annual Research Report
- Peer Reviewed
[Journal Article] Distributed Early Worm Detection Based on Payload Histogram Similarity2007
- Author(s)
  Y. WAIZUMI, M. TSUJI, H. TSUNODA, N. ANSARI, Y. NEMOTO
- Journal Title
  
  Proc. of 2007 IEEE International Conference on Communications (CDROM)
- Related Report
  2007 Annual Research Report
- Peer Reviewed
[Presentation] 効率的なアプリケーション識別のためのテンプレート生成方式2008
- Author(s)
  船木彰人, 和泉勇治, 角田裕, 根元義章
- Organizer
  電子情報通信学会技術研究報告
- Place of Presentation
  山口大学
- Year and Date
  2008-03-07
- Related Report
  2007 Annual Research Report
[Presentation] ネットワークアプリケーション弁別のためのペイロード長の遷移パタンの評価方式に関する-検討2007
- Author(s)
  八木清之介, 和泉勇治, 角田裕, 根元義章
- Organizer
  電子情報通信学会技術研究報告
- Place of Presentation
  福岡システムLSI総合開発センター
- Year and Date
  2007-11-15
- Related Report
  2007 Annual Research Report
[Presentation] パケットペイロードの類似性に基づいたネットワークアプリケーション識別手法2007
- Author(s)
  船木彰人, 和泉勇治, 角田裕, 根元義章
- Organizer
  電子情報通信学会技術研究報告
- Place of Presentation
  東北大学
- Year and Date
  2007-09-20
- Related Report
  2007 Annual Research Report
[Presentation] ペイロード長の遷移パタンを用いたネットワークアプリケーション弁別手法2007
- Author(s)
  八木清之介, 和泉勇治, 角田裕, 根元義章
- Organizer
  電子情報通信学会技術研究報告
- Place of Presentation
  高知工科大学
- Year and Date
  2007-05-10
- Related Report
  2007 Annual Research Report
[Presentation] 異常度の差分を利用した異常原因ホスト特定方式に関する研究2007
- Author(s)
  和泉勇治, 角田裕, 根元義章
- Organizer
  電子情報通信学会技術研究報告
- Place of Presentation
  鹿児島大学
- Year and Date
  2007-04-23
- Related Report
  2007 Annual Research Report

Robust Detecting Malicious Accesses to Information Manipulation Based on Behavior Estimation of Software

Principal Investigator

WAIZUMI Yuji Tohoku University, 大学院情報科学研究科, 講師 (90333872)

¥2,900,000 (Direct Cost: ¥2,600,000、Indirect Cost: ¥300,000)

Report

Research Products

[Journal Article] Combating against internet worms in large-scale networks : an autonomic signature-based solution2009

Author(s)

Journal Title

Related Report

[Journal Article] Combating against internet worms in large-scale networks : an autonomic signature-based solution2009

Author(s)

Journal Title

Related Report

[Journal Article] Network Application Identification Using Transition Pattern of Payload Length2008

Author(s)

Journal Title

Related Report

[Journal Article] A Reliable Network Application Identification Based on Transition Pattern of Payload Length2008

Author(s)

Journal Title

Related Report

[Journal Article] Network Application Identification Using Transition Pattern of Payload Length2008

Author(s)

Journal Title

Related Report

[Journal Article] A Reliable Network Application Identification Based on Transition Pattern of Payload Length2008

Author(s)

Journal Title

Related Report

[Journal Article] Network Application Identiffication Based on Transition Pattern of Packets2007

Author(s)

Journal Title

Related Report

[Journal Article] 相関係数発生確率行列を利用したネットワーク状態評価方式2007

Author(s)

Journal Title

NAID

Related Report

[Journal Article] Distributed Early Worm Detection Based on Payload Histogram Similarity2007

Author(s)

Journal Title

Related Report

[Journal Article] 相関係数発生確率行列を利用したネットワーク状態評価方式2007

Author(s)

Journal Title

NAID

Related Report

[Journal Article] Network Application Identiffication Based on Transition Pattern of Packets2007

Author(s)

Journal Title

Related Report

[Journal Article] Distributed Early Worm Detection Based on Payload Histogram Similarity2007

Author(s)

Journal Title

Related Report

[Presentation] 効率的なアプリケーション識別のためのテンプレート生成方式2008

Author(s)

Organizer

Place of Presentation

Year and Date

Related Report

[Presentation] ネットワークアプリケーション弁別のためのペイロード長の遷移パタンの評価方式に関する-検討2007

Author(s)

Organizer

Place of Presentation

Year and Date

Related Report

[Presentation] パケットペイロードの類似性に基づいたネットワークアプリケーション識別手法2007

Author(s)

Organizer

Place of Presentation

Year and Date

Related Report

[Presentation] ペイロード長の遷移パタンを用いたネットワークアプリケーション弁別手法2007

Author(s)

Organizer

Place of Presentation

Year and Date

Related Report