• Search Research Projects
  • Search Researchers
  • How to Use
  1. Back to previous page

Structure discovery of Network Services by Using Network Traffic

Research Project

Project/Area Number 21500078
Research Category

Grant-in-Aid for Scientific Research (C)

Allocation TypeSingle-year Grants
Section一般
Research Field Computer system/Network
Research InstitutionKyushu University

Principal Investigator

HORI Yoshiaki  九州大学, システム情報科学研究院, 准教授 (90264126)

Co-Investigator(Kenkyū-buntansha) SAKURAI Kouichi  九州大学, 大学院・システム情報科学研究院, 教授 (60264066)
TAKEUCHI Jun-ichi  九州大学, 大学院・システム情報科学研究院, 教授 (80432871)
Project Period (FY) 2009 – 2011
Project Status Completed (Fiscal Year 2011)
Budget Amount *help
¥4,420,000 (Direct Cost: ¥3,400,000、Indirect Cost: ¥1,020,000)
Fiscal Year 2011: ¥1,170,000 (Direct Cost: ¥900,000、Indirect Cost: ¥270,000)
Fiscal Year 2010: ¥1,430,000 (Direct Cost: ¥1,100,000、Indirect Cost: ¥330,000)
Fiscal Year 2009: ¥1,820,000 (Direct Cost: ¥1,400,000、Indirect Cost: ¥420,000)
Keywordsトラヒック観測 / ネットワークセキュリティ / ネットワーク管理運用 / 構造発見 / 異常発見 / 異常検知 / トラフィック観測
Research Abstract

We carry out research for discovering the structure of network services by using network traffic analysis. We propose a flow traffic classification scheme with machine learning by using payload length. We also propose bot detection scheme based on inter-arrival-time analysis on messages between an IRC client and an IRC server. Furthermore, we propose malicious domain evaluation scheme based on analysis of graph structure of domain information and its attributes.

Report

(4 results)
  • 2011 Annual Research Report   Final Research Report ( PDF )
  • 2010 Annual Research Report
  • 2009 Annual Research Report
  • Research Products

    (31 results)

All 2012 2011 2010 2009 Other

All Journal Article (8 results) (of which Peer Reviewed: 8 results) Presentation (20 results) Remarks (3 results)

  • [Journal Article] "Proactive Blacklisting for Malicious Web Sites by Reputation Evaluation Based on Domain and IP Address Registration,"2011

    • Author(s)
      Yoshiro Fukushima, Yoshiaki Hori, Kouichi Sakurai
    • Journal Title

      Proceedings of the 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications(IEEE TrustCom-11)

      Pages: 352-361

    • Related Report
      2011 Final Research Report
    • Peer Reviewed
  • [Journal Article] Proactive Blacklisting for Malicious Web Sites by Reputation Evaluation Based on Domain and IP Address Registration2011

    • Author(s)
      Yoshiro Fukushima
    • Journal Title

      Proc.of the 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-11)

      Pages: 352-361

    • DOI

      10.1109/trustcom.2011.46

    • Related Report
      2011 Annual Research Report
    • Peer Reviewed
  • [Journal Article] "Implementation and Evaluation of Bot Detection Scheme based on Data Transmission Interval,"2010

    • Author(s)
      Seiichiro Mizoguchi, Yuji Kugisaki, Yoshiaki Kasahara, Yoshiaki Hori, Kouichi Sakurai
    • Journal Title

      Proceedings of the 6th Workshop on Secure Network Protocols(NPsec2010)

      Pages: 73-78

    • Related Report
      2011 Final Research Report
    • Peer Reviewed
  • [Journal Article] "Darknet Monitoring on Real-Operated Networks,"2010

    • Author(s)
      Seiichiro Mizoguchi, Yoshiro Fukushima, Yoshiaki Kasahara, Yoshiaki Hori, Kouichi Sakurai
    • Journal Title

      Proceedings of the 5th International Conference on Broadband, Wireless Computing, Communication and Applications(BWCCA2010)

      Pages: 278-285

    • Related Report
      2011 Final Research Report
    • Peer Reviewed
  • [Journal Article] Darknet Monitoring on Real-Operated Networks2010

    • Author(s)
      S.Mizoguchi, Y.Fukushima, Y.Kasahara, Y.Hori, K.Sakurai
    • Journal Title

      Prof.of The 5th International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA)

      Pages: 287-285

    • Related Report
      2010 Annual Research Report
    • Peer Reviewed
  • [Journal Article] Implementation and Evaluation of Bot Detection Scheme based on Data Transmission Intervals2010

    • Author(s)
      S.Mizoguchi, Y.Kugisaki, Y.Kasahara, Y.Hori, K.Sakurai
    • Journal Title

      Prof.of the 6th Workshop on Secure Network Protocols (NPsec2010)

      Pages: 73-78

    • Related Report
      2010 Annual Research Report
    • Peer Reviewed
  • [Journal Article] "Flow Traffic Classification with Support Vector Machine by Using Payload Length,"2009

    • Author(s)
      Masayoshi Kohara, Yoshiaki Hori, Kouichi Sakurai, Heejo Lee, Jae-Cheol Ryou
    • Journal Title

      Proceedings of the 2nd International Conference on Computer Science and its Applications(CSA2009)

      Volume: 2 Pages: 703-707

    • Related Report
      2011 Final Research Report
    • Peer Reviewed
  • [Journal Article] Flow Traffic Classification with Support Vector Machine by using Payload Length2009

    • Author(s)
      Yoshiaki Hori
    • Journal Title

      Proceedings of the 2009 2nd International Conference on Computer Science and its Applications(CSA2009), NTCCA2009 Workshop 2

      Pages: 703-707

    • Related Report
      2009 Annual Research Report
    • Peer Reviewed
  • [Presentation] HTTPリクエストにおける情報量の外れ値検出を用いた漏洩検知"2012

    • Author(s)
      千葉一輝, 堀良彰, 櫻井幸一
    • Organizer
      2012年電子情報通信学会総合大会
    • Place of Presentation
      岡山市
    • Year and Date
      2012-03-23
    • Related Report
      2011 Final Research Report
  • [Presentation] HTTPリクエストにおける情報量の外れ値検出を用いた漏洩検知2012

    • Author(s)
      千葉一輝
    • Organizer
      電子情報通信学会総合大会
    • Place of Presentation
      岡山市
    • Year and Date
      2012-03-23
    • Related Report
      2011 Annual Research Report
  • [Presentation] "ウェブサーバのログ解析による異常検知"2012

    • Author(s)
      落水壱歩, 堀良彰, 櫻井幸一
    • Organizer
      火の国情報シンポジウム2012
    • Place of Presentation
      福岡県飯塚市
    • Year and Date
      2012-03-15
    • Related Report
      2011 Final Research Report
  • [Presentation] ウェブサーバのログ解析による異常検知2012

    • Author(s)
      落水壱歩
    • Organizer
      火の国情報シンポジウム2012
    • Place of Presentation
      福岡県飯塚市
    • Year and Date
      2012-03-15
    • Related Report
      2011 Annual Research Report
  • [Presentation] データ送信間隔のエントロピーに着目した挙動の数値化手法,"2012

    • Author(s)
      溝口誠一郎, 堀良彰, 櫻井幸一
    • Organizer
      2012年暗号と情報セキュリティシンポジウム(SCIS2012)
    • Place of Presentation
      金沢市
    • Year and Date
      2012-01-31
    • Related Report
      2011 Final Research Report
  • [Presentation] "Reviewing the Way to Quantifying Information Leaks on HTTP Requests and Proposing the Detection System,"2012

    • Author(s)
      Kazuki Chiba, Yoshiaki Hori, Kouichi Sakurai
    • Organizer
      5th Workshop among Asian Information Security Labs(WAIS 2012)
    • Place of Presentation
      Pohang, South Korea
    • Year and Date
      2012-01-13
    • Related Report
      2011 Final Research Report
  • [Presentation] Reviewing the Way to Quantifying Information Leaks on HTTP Requests, and Proposing the Detection System2012

    • Author(s)
      Kazuki Chiba
    • Organizer
      Fifth Workshop among Asian Information Security Labs (WAIS'2012)
    • Place of Presentation
      Pohang, South Korea
    • Year and Date
      2012-01-13
    • Related Report
      2011 Annual Research Report
  • [Presentation] "Entropy based Network Behavior Characterization and Bot Detection,"2011

    • Author(s)
      Seiichiro Mizoguchi, Yoshiaki Hori, Kouichi Sakurai
    • Organizer
      The 6th International Workshop on Security(IWSEC 2011)
    • Place of Presentation
      東京都
    • Year and Date
      2011-11-09
    • Related Report
      2011 Final Research Report
  • [Presentation] Entropy based Network Behavior Characterization and Bot Detection," International Workshop on Security2011

    • Author(s)
      Seiichiro Mizoguchi
    • Organizer
      The 6th International Workshop on Security (IWSEC2011)
    • Place of Presentation
      東京都
    • Year and Date
      2011-11-09
    • Related Report
      2011 Annual Research Report
  • [Presentation] 履歴情報に基づくHTTPリクエストにおける情報量の数値化手法の検討と検知システムの考案"2011

    • Author(s)
      千葉一輝, 堀良彰, 櫻井幸一
    • Organizer
      2011年コンピュータセキュリティシンポジウム(CSS2011)
    • Place of Presentation
      新潟市
    • Year and Date
      2011-10-19
    • Related Report
      2011 Final Research Report
  • [Presentation] 履歴情報に基づくHTTPリクエストにおける情報量の数値化手法の検討と検知システムの考案2011

    • Author(s)
      千葉一輝
    • Organizer
      コンピュータセキュリティシンポジウム2011
    • Place of Presentation
      新潟市
    • Year and Date
      2011-10-19
    • Related Report
      2011 Annual Research Report
  • [Presentation] "履歴情報に基づくHTTPリクエストにおける情報漏洩量の数値化手法の検討,"2011

    • Author(s)
      千葉一輝, 堀良彰, 櫻井幸一
    • Organizer
      2011年電気関係学会九州支部連合大会(第64回連合大会)
    • Place of Presentation
      佐賀市
    • Year and Date
      2011-09-27
    • Related Report
      2011 Final Research Report
  • [Presentation] "エントロピーを用いた機械的特徴のスコアリングとボット検知への応用"2011

    • Author(s)
      溝口誠一郎, 堀良彰, 櫻井幸一
    • Organizer
      2011年電気関係学会九州支部連合大会(第64回連合大会)
    • Place of Presentation
      佐賀市
    • Year and Date
      2011-09-27
    • Related Report
      2011 Final Research Report
  • [Presentation] "悪性Webサイト間の関連性に着目した信頼性評価によるブラックリスト方式の検討"2011

    • Author(s)
      福島祥郎,堀良彰,櫻井幸一
    • Organizer
      情報処理学会第146回マルチメディア通信と分散処理・第52回コンピュータセキュリティ合同研究発表会
    • Place of Presentation
      大阪府吹田市
    • Year and Date
      2011-03-11
    • Related Report
      2011 Final Research Report
  • [Presentation] 悪性Webサイト間の関連性に着目した信頼性評価によるブラックリスト方式の検討2011

    • Author(s)
      福島祥郎, 堀良彰, 櫻井幸一
    • Organizer
      第146回 マルチメディア通信と分散処理・第52回コンピュータセキュリティ合同研究発表会
    • Place of Presentation
      大阪府吹田市
    • Year and Date
      2011-03-11
    • Related Report
      2010 Annual Research Report
  • [Presentation] 情報量を用いたHTTPリクエストにおける情報漏洩検知システム"2011

    • Author(s)
      千葉一輝,西出隆志,堀良彰,櫻井幸一
    • Organizer
      2011年火の国情報シンポジウム
    • Place of Presentation
      福岡市
    • Year and Date
      2011-03-09
    • Related Report
      2011 Final Research Report
  • [Presentation] 情報量を用いたHTTPリクエストにおける情報漏洩検知システム2011

    • Author(s)
      千葉一輝, 西出隆志, 堀良彰, 櫻井幸一
    • Organizer
      火の国情報シンポジウム
    • Place of Presentation
      福岡市(福岡大学)
    • Year and Date
      2011-03-09
    • Related Report
      2010 Annual Research Report
  • [Presentation] "データ送信間隔に基づくボット検知手法の実装ならびに評価,"マルチメディア,分散2010

    • Author(s)
      溝口誠一郎,釘崎裕司,笠原義晃,堀良彰,櫻井幸一
    • Organizer
      協調とモバイルシンポジウム(DICOMO2010)
    • Place of Presentation
      岐阜県下呂市
    • Year and Date
      2010-07-07
    • Related Report
      2011 Final Research Report
  • [Presentation] "低レート攻撃トラフィック検出に関する検討",マルチメディア,分散2010

    • Author(s)
      福島祥郎,堀良彰,櫻井幸一
    • Organizer
      協調とモバイルシンポジウム(DICOMO2010)
    • Place of Presentation
      岐阜県下呂市
    • Year and Date
      2010-07-07
    • Related Report
      2011 Final Research Report
  • [Presentation] 低レート攻撃トラフィック検出に関する検討2010

    • Author(s)
      福島祥郎, 堀良彰, 櫻井幸一
    • Organizer
      マルチメディア、分散、協調とモバイル(DICOMO2010)シンポジウム
    • Place of Presentation
      岐阜県下呂市
    • Year and Date
      2010-07-07
    • Related Report
      2010 Annual Research Report
  • [Remarks]

    • URL

      http://itslab.inf.kyushu-u.ac.jp/index-j.html

    • Related Report
      2011 Final Research Report
  • [Remarks]

    • URL

      http://itslab.inf.kyushu-u.ac.jp/index.html

    • Related Report
      2011 Annual Research Report
  • [Remarks]

    • URL

      http://itslab.csce.kyushu-u.ac.jp/

    • Related Report
      2010 Annual Research Report

URL: 

Published: 2009-04-01   Modified: 2016-04-21  

Information User Guide FAQ News Terms of Use Attribution of KAKENHI

Powered by NII kakenhi