2023 Fiscal Year Final Research Report
Research on intrusion expansion route estimation in targeted attacks using machine learning
| Project/Area Number |
19K11961
|
|---|
| Research Category |
Grant-in-Aid for Scientific Research (C)
|
| Allocation Type | Multi-year Fund |
|---|
| Section | 一般 |
|---|
| Review Section |
Basic Section 60070:Information security-related
|
|---|
| Research Institution | Nagoya University |
|---|
Principal Investigator |
YAMAGUCHI Yukiko 名古屋大学, 情報基盤センター, 協力研究員 (90239921)
|
|---|
| Project Period (FY) |
2019-04-01 – 2024-03-31
|
| Keywords | サイバーセキュリティ / 悪性通信検知 |
|---|
| Outline of Final Research Achievements |
In order to counter cyber-attacks targeting organizations, we performed research on methods for detecting malicious communications hidden in communication data by monitoring Internet/intranet communications during daily activities. We conducted research on feature value analysis for selecting features in malicious communication detection using LightGBM, poisoning attack detection method for additional learning, and hybrid malicious communication detection system for high-bandwidth communication using FPGA.
In addition, we performed malware detection using machine learning targeting binary data, real-time updating of WAF signatures using unofficial information sources such as SNS, and automatic knowledge base configuration method.
|
| Free Research Field |
サイバーセキュリティ
|
| Academic Significance and Societal Importance of the Research Achievements |
機械学習を用いたサイバーセキュリティの研究として、本研究課題で目的としている悪性通信検知とその派生である中毒攻撃検知ほか、バイナリデータを利用したマルウェア検知、GNNを用いた特徴量抽出など幅広い分野で検知技術の向上に貢献した。
また、チャット系アプリのハイパーリンク生成機能における不具合を発見、開発元に連絡することで安全なアプリ利用に貢献した。
|
