A study on evaluating Insider Threats and fighting against Insider attacks in Cyber Systems

• Project/Area Number: 23300027
• Research Category: Grant-in-Aid for Scientific Research (B)
• Allocation Type: Single-year Grants
• Section: 一般
• Research Field: Computer system/Network
• Research Institution: Kyushu University
• Principal Investigator: SAKURAI Kouichi 九州大学, システム情報科学研究科(研究院, 教授 (60264066)
• Co-Investigator(Kenkyū-buntansha): TAKAHASHI Kenichi 鳥取大学, 工学研究科, 准教授 (30399670) ; NISHIDE Takashi 筑波大学, システム情報系, 准教授 (70570985) ; HORI Yoshiaki 佐賀大学, 全学教育機構, 教授 (90264126)
• Project Period (FY): 2011-04-01 – 2014-03-31
• Project Status: Completed (Fiscal Year 2013)
• Budget Amount: ¥12,220,000 (Direct Cost: ¥9,400,000、Indirect Cost: ¥2,820,000); Fiscal Year 2013: ¥3,380,000 (Direct Cost: ¥2,600,000、Indirect Cost: ¥780,000); Fiscal Year 2012: ¥3,770,000 (Direct Cost: ¥2,900,000、Indirect Cost: ¥870,000); Fiscal Year 2011: ¥5,070,000 (Direct Cost: ¥3,900,000、Indirect Cost: ¥1,170,000)
• Keywords: 内部脅威 / 情報漏洩対策 / 安全性評価 / 暗号・認証 / システムセキュリティ / 電子現金 / 情報セキュリティ / ネットワークセキュティ / サイバー攻撃 / ゲーム理論 / 内部攻撃 / ネットワークセキュリティ / 暗号理論 / コンピュータセキュリティ

Research Abstract

In cyber systems, we never assume attackers to come from outside. We shall consider serious threats by a system manager and the information leakage via some insiders. We have some published research reports about insider threats on Government networks or banking systems, whereas we do not know so much about insider attacks in recent new cyber systems including social networking or cloud computing services. This research investigates how to modeling insider attacks in cyber security and classify the type of attacks. Also we discuss the limitation of out known protection, and consider new ways of fighting against such insider attacks.

Research Products

• [Journal Article] Detection of Privacy Sensitive Information Retrieval Using API Call Logging Mechanism within Android Framework (2014)
  • Author(s): Naoya Kajiwara, Shinichi Matsumoto, Yuuki Nishimotoa,Yoshiaki Hori, Kouichi Sakurai
  • Journal Title: Journal of Network Volume: 未定
  • Peer Reviewed
• [Journal Article] Implementation of Logging for Information Tracking on Network (2013)
  • Author(s): Akihiko Maeta, Kenichi Takahashi, Takao Kawamura, Kazunori Sugahara
  • Journal Title: Proc. of the International Conference on IT Convergence and Security Pages: 392-395
  • DOI: 10.1109/icitcs.2013.6717841
  • Peer Reviewed
• [Journal Article] Analysis of Methods for Detecting Compromised Nodes and Its Countermeasures (2013)
  • Author(s): Fangming Zhao, Takashi Nishide, Yoshiaki Hori, Kouichi Sakurai
  • Journal Title: Proc. of the International Conference on IT Convergence and Security Pages: 53-60
  • DOI: 10.1007/978-94-007-5860-5_7
  • ISBN: 9789400758599, 9789400758605
  • Peer Reviewed
• [Journal Article] Detection of Android API Call Using Logging Mechanism within Android Framework (2013)
  • Author(s): Yuuki Nishimoto, Naoya Kajiwara, Shinichi Matsumoto, Yoshiaki Hori, Kouichi Sakurai
  • Journal Title: Proc. of the 4th International Workshop on Applications and Techniques in Information Security Pages: 393-404
  • DOI: 10.1007/978-3-319-04283-1_25
  • ISBN: 9783319042824, 9783319042831
  • Peer Reviewed
• [Journal Article] HTTPリクエストの情報量の異常値検出を用いた漏洩検知 (2013)
  • Author(s): 千葉一輝, 堀良彰, 櫻井幸一
  • Journal Title: 情報処理学会論文誌 Volume: Vol. 54, No. 3 Pages: 1071-1076
  • NAID: 110009552593
  • URL: http://ci.nii.ac.jp/naid/110009552593
  • Peer Reviewed
• [Journal Article] HTTPリクエストの情報量の異常値検出を用いた漏洩検知 (2013)
  • Author(s): 千葉 一輝 , 堀 良彰 , 櫻井 幸一
  • Journal Title: 情報処理学会論文誌 Volume: 54巻 Pages: 1071-1076
  • NAID: 110009552593
  • Peer Reviewed
• [Journal Article] A Resource Minimizing Scheduling Algorithm with Ensuring the Deadline and Reliability in Heterogeneous Systems (2012)
  • Author(s): Dong Hao, Kouichi Sakurai
  • Journal Title: Proc. of the 26th IEEE International Conference on Advanced Information Networking and Applications Pages: 495-502
  • DOI: 10.1109/aina.2011.87
  • Peer Reviewed
• [Journal Article] Security Analysis of Offline E-Cash Systems with Malicious Insider, Journal of Wireless Mobile Networks (2012)
  • Author(s): Takashi Nishide, Shingo Miyazaki, Kouichi Sakurai
  • Journal Title: Ubiquitous Computing and Dependable Applications Volume: Vol. 3, No. 1/2 Pages: 55-71
  • URL: http://www.techrepublic.com/resourcelibrary/whitepapers/security-analysis-of-offline-e-cash-systems-with-malicious-insider/
  • Peer Reviewed
• [Journal Article] Detecting Information Leakage via a HTTP Request Based on the Edit Distance (2012)
  • Author(s): Kazuki Chiba, Yoshiaki Hori, Kouichi Sakurai
  • Journal Title: Journal of Internet Services and Information Security Volume: Vol. 2, Issue 3/4 Pages: 18-28
  • URL: http://isyou.info/jisis/vol2/no34/jisis-2012-vol2-no34-02.pdf
  • Peer Reviewed
• [Journal Article] Mixed-Strategy Game Based Trust Management for Clustered Wireless Sensor Networks (2012)
  • Author(s): Dong Hao, Avishek Adhikari, Kouichi Sakurai
  • Journal Title: Proc. of Third International Conference on Trusted Systems Pages: 239-257
  • DOI: 10.1007/978-3-642-32298-3_16
  • ISBN: 9783642322976, 9783642322983
  • Peer Reviewed
• [Journal Article] Detecting Information Leakage via a HTTP Request Based on the Edit Distance (2012)
  • Author(s): Kazuki Chiba,Yosiaki Hori and Kouichi Sakurai
  • Journal Title: Journal of Internet Services and Information Security (JISIS) Volume: 2巻 3/4号 Pages: 18-28
  • Peer Reviewed
• [Journal Article] Security Analysis of Offline E-Cash Systems with Malicious Insider (2012)
  • Author(s): Takashi Nishide, Shingo Miyazaki, and Kouichi Sakurai
  • Journal Title: Journal of Wireless Mobile Networks, Ubiquitous Computing and Dependable Applications(JoWUA) Volume: Vol. 3, No. 1/2 Pages: 55-71
  • Peer Reviewed
• [Journal Article] Achieving Cooperative Detection against Sybil Attack in Wireless Ad Hoc Networks : A Game Theoretic Approach (2012)
  • Author(s): Y.Xu, K.Sakurai
  • Journal Title: ACM ICUIMC Volume: (掲載予定)
  • Peer Reviewed
• [Journal Article] A Differential Game Approach to Mitigating Primary User Emulation Attacks in Cognitive Radio Networks (2012)
  • Author(s): D.Hao, K.Sakurai
  • Journal Title: IEEE Advanced Information Networking and Applications Volume: (掲載予定)
  • Peer Reviewed
• [Journal Article] Towards Countermeasure of Insider Threat in Network Security (2011)
  • Author(s): Yoshiaki Hori, Takashi Nishide, Kouichi Sakurai
  • Journal Title: Proc. of the Third International Conference on Intelligent Networking and Collaborative Systems Pages: 634-636
  • DOI: 10.1109/incos.2011.156
  • Peer Reviewed
• [Journal Article] Security of Offline Anonymous Electronic Cash Systems Against Insider Attacks By Untrusted Authorities Revisited (2011)
  • Author(s): Takashi Nishide, Kouichi Sakurai
  • Journal Title: Proc. of 3rd International Conference on Intelligent Networking and Collaborative Systems Pages: 656-661
  • DOI: 10.1109/incos.2011.146
  • Peer Reviewed
• [Journal Article] Using Game Theory to Classify Wireless Ad Hoc Network Attacks with Analysis on Countermeasures (2011)
  • Author(s): X.Liao, D.Hao, K.Sakurai
  • Journal Title: International Journal of Advancements in Computer Technology Volume: 3 Issue: 8 Pages: 296-303
  • DOI: 10.4156/ijact.vol3.issue8.35
  • Peer Reviewed
• [Journal Article] Classification on Attacks in Wireless Ad Hoc Networks : A Game Theoretic View (2011)
  • Author(s): X.Liao, D.Hao, K.Sakurai
  • Journal Title: Networked Computing and Advanced Information Management (NCM) Pages: 144-149
  • Peer Reviewed
• [Journal Article] Achieving Cooperative Detection against Sybil Attack in Wireless Ad Hoc Networks : A Game Theoretic Approach (2011)
  • Author(s): X.Liao, D.Hao, K.Sakurai
  • Journal Title: Asia-Pacific Conference on Communications Pages: 806-811
  • Peer Reviewed
• [Presentation] 生体認証プロトコルにおける無証拠性確保に関する考察 (2014)
  • Author(s): 上繁義史
  • Organizer: 電子情報通信学会総合大会
  • Place of Presentation: 新潟
  • Year and Date: 2014-03-20
• [Presentation] 機密情報の拡散追跡における追跡対象の削減 (2014)
  • Author(s): 前田明彦
  • Organizer: 2014年暗号と情報セキュリティシンポジウム
  • Place of Presentation: 鹿児島
  • Year and Date: 2014-01-24
• [Presentation] プロキシ型しきい値パスワード鍵共有 (2014)
  • Author(s): 小林佑行
  • Organizer: 暗号と情報セキュリティシンポジウム
  • Place of Presentation: 鹿児島
  • Year and Date: 2014-01-23
• [Presentation] 生体認証プロトコルにおける証拠性・無証拠性に関する一検討 (2014)
  • Author(s): 上繁義史
  • Organizer: 2014年暗号と情報セキュリティシンポジウム
  • Place of Presentation: 鹿児島
  • Year and Date: 2014-01-23
• [Presentation] AndroidOS における動作特徴に着目した広告ライブラリ挙動解析 (2014)
  • Author(s): 梶原直也
  • Organizer: 2014年 暗号と情報セキュリティシンポジウム
  • Place of Presentation: 鹿児島
• [Presentation] 機密情報の拡散追跡における追跡対象の削減 (2014)
  • Author(s): 前田明彦
  • Organizer: 2014年 暗号と情報セキュリティシンポジウム
  • Place of Presentation: 鹿児島
• [Presentation] 暗号化データベースモデルにおける問合せの関連情報を秘匿する範囲検索 (2014)
  • Author(s): 川本淳平
  • Organizer: 2014年暗号と情報セキュリティシンポジウム
  • Place of Presentation: 鹿児島
• [Presentation] プライバシを考慮したクラウド型 IME (2014)
  • Author(s): 川本淳平
  • Organizer: 第92回グループウェアとネットワークサービス・第9回セキュリティ心理学とトラスト合同研究発表会
  • Place of Presentation: 東京
• [Presentation] Implementation of Logging for Information Tracking on Network (2013)
  • Author(s): Akihiko Maeta
  • Organizer: International Conference on IT Convergence and Security
  • Place of Presentation: マカオ
  • Year and Date: 2013-12-17
• [Presentation] 多人数の署名者によるFail-Stop署名とその応用 (2013)
  • Author(s): 北島暢曜
  • Organizer: 第36回情報理論とその応用シンポジウム
  • Place of Presentation: 静岡
  • Year and Date: 2013-11-27
• [Presentation] Detection of Android API Call Using Logging Mechanism within Android Framework (2013)
  • Author(s): Naoya Kajiwara
  • Organizer: the 4th International Workshop on Applications and Techniques in Information Security
  • Place of Presentation: オーストラリア
  • Year and Date: 2013-09-26
• [Presentation] ネットワークへの情報拡散追跡のためのデータ取得 (2013)
  • Author(s): 前田明彦
  • Organizer: 第12回情報科学技術フォーラム
  • Place of Presentation: 鳥取
  • Year and Date: 2013-09-05
• [Presentation] 情報フロー追跡を用いたAndroid端末における情報送信制御 (2013)
  • Author(s): 梶原直也
  • Organizer: 2013年暗号と情報セキュリティシンポジウム
  • Place of Presentation: 京都
  • Year and Date: 2013-01-24
• [Presentation] 多人数の署名者によるFail-Stop署名とその応用 (2013)
  • Author(s): 北島暢曜
  • Organizer: Symposium on Information Theory
  • Place of Presentation: 静岡
• [Presentation] Detection of Android API Call Using Logging Mechanism within Android Framework (2013)
  • Author(s): 梶原直也
  • Organizer: The 4th International Workshop on Applications and Techniques in Information Security
  • Place of Presentation: Sydney
• [Presentation] 情報フロー追跡を用いたAndoroid端末における情報送信制御 (2013)
  • Author(s): 梶原 直也
  • Organizer: 2013年暗号と情報セキュリティシンポジウム（SCIS2013）
  • Place of Presentation: 京都
• [Presentation] 情報フローを単位とする出力制御機構の提案 (2013)
  • Author(s): 梶原 直也
  • Organizer: 2013年暗号と情報セキュリティシンポジウム（SCIS2013）
  • Place of Presentation: 熊本
• [Presentation] Embedding Information in a Public Key Efficiently (2012)
  • Author(s): Motoki Kitahara
  • Organizer: 7th International Workshop on Security
  • Place of Presentation: 福岡
  • Year and Date: 2012-11-08
• [Presentation] RSA公開鍵における情報埋め込みサイズの上限に関する考察 (2012)
  • Author(s): 北原基貴
  • Organizer: コンピュータセキュリティシンポジウム
  • Place of Presentation: 島根
  • Year and Date: 2012-10-31
• [Presentation] A Note on Detection of Compromised Resource-Constrained Nodes and Its Countermeasure (2012)
  • Author(s): Fangming Zhao
  • Organizer: コンピュータセキュリティシンポジウム
  • Place of Presentation: 島根
  • Year and Date: 2012-10-31
• [Presentation] 複数計算機でのファイル拡散追跡に関するログ管理 (2012)
  • Author(s): 前田明彦
  • Organizer: 電気・情報関連学会中国支部第63回連合大会
  • Place of Presentation: 島根
  • Year and Date: 2012-10-20
• [Presentation] A Differential Game Approach to Mitigating Primary User Emulation Attacks in Cognitive Radio Networks (2012)
  • Author(s): Dong Hao
  • Organizer: IEEE 26th International Conference on Advanced Information Networking and Applications
  • Place of Presentation: 福岡
  • Year and Date: 2012-03-27
• [Presentation] 動的解析を用いたAndroid における端末情報の取得検知手法 (2012)
  • Author(s): 西本祐揮
  • Organizer: 火の国情報シンポジウム2012
  • Place of Presentation: 福岡
  • Year and Date: 2012-03-15
• [Presentation] 複数計算機間での機密情報拡散を追跡するためのログ管理手法 (2012)
  • Author(s): 前田明彦
  • Organizer: 第14回IEEE広島支部学生シンポジウム
  • Place of Presentation: 岡山
• [Presentation] Lenstraアルゴリズムにおける効率的な埋め込み情報量の限界点の検証 (2012)
  • Author(s): 北原基貴
  • Organizer: 電気関係学会九州支部第65回連合大会
  • Place of Presentation: 長崎
• [Presentation] RSA公開鍵における情報埋め込みサイズの上限に関する考察 (2012)
  • Author(s): 北原基貴
  • Organizer: 2012年コンピュータセキュリティシンポジウム(CSS2012)
  • Place of Presentation: 島根
• [Presentation] A Note on Detection of Compromised Resource-Constrained Nodes and Its Countermeasure (2012)
  • Author(s): Fangming Zhao
  • Organizer: 2012年コンピュータセキュリティシンポジウム(CSS2012)
  • Place of Presentation: 島根
• [Presentation] Embedding Information in a Public Key Efficiently (2012)
  • Author(s): Motoki Kitahara
  • Organizer: the 7th International Workshop on Security (IWSEC2012)
  • Place of Presentation: 福岡
• [Presentation] Towards Countermeasure Against Insider Threat on Network Security (2011)
  • Author(s): Yoshiaki Hori
  • Organizer: 3rd International Workshop on Managing Insider Security Threats
  • Place of Presentation: 福岡
  • Year and Date: 2011-12-01
• [Presentation] Security of Offline Anonymous Electronic Cash Systems Against Insider Attacks By Untrusted Authorities Revisited (2011)
  • Author(s): Takashi Nishide
  • Organizer: 3rd International Workshop on Managing Insider Security Threats
  • Place of Presentation: 福岡
  • Year and Date: 2011-12-01
• [Presentation] Towards Countermeasure of Insider Threat in Network Security (2011)
  • Author(s): Yoshiaki Hori
  • Organizer: Third International Conference on Intelligent Networking and Collaborative Systems
  • Place of Presentation: 福岡
  • Year and Date: 2011-11-30
• [Presentation] Mixed-Strategy Game Based Trust Management for Clustered Wireless Sensor Networks (2011)
  • Author(s): Dong Hao
  • Organizer: Third International Conference on Trusted Systems
  • Place of Presentation: 中国
  • Year and Date: 2011-11-29
• [Presentation] ネットワークセキュリティにおけるインサイダー脅威対策 (2011)
  • Author(s): 堀良彰
  • Organizer: 2011年暗号と情報セキュリティシンポジウム
  • Place of Presentation: 福岡
  • Year and Date: 2011-01-18
• [Remarks] 九州大学-研究者情報[櫻井幸一(教授)システム情報科学研究院情報学部門]
  • URL: http://hyoka.ofc.kyushu-u.ac.jp/search/details/K000220
• [Remarks] 櫻井研究室
  • URL: http://itslab.inf.kyushu-u.ac.jp/
• [Remarks] 九州大学-研究者情報 [櫻井 幸一 (教授) システム情報科学研究院 情報学部門]
  • URL: http://hyoka.ofc.kyushu-u.ac.jp/search/details/K000220
• [Remarks] 櫻井研究室
  • URL: http://itslab.inf.kyushu-u.ac.jp