Vulnerability Risk Assessment of Security Systems and Proposal for System SLA

• Project/Area Number: 21650011
• Research Category: Grant-in-Aid for Challenging Exploratory Research
• Allocation Type: Single-year Grants
• Research Field: Computer system/Network
• Research Institution: University of Tsukuba
• Principal Investigator: OKAMOTO Eiji 筑波大学, システム情報系, 教授 (60242567)
• Co-Investigator(Kenkyū-buntansha): KANAOKA Akira 筑波大学, システム情報系, 助教 (00455924)
• Project Period (FY): 2009 – 2011
• Project Status: Completed (Fiscal Year 2011)
• Budget Amount: ¥3,470,000 (Direct Cost: ¥3,200,000、Indirect Cost: ¥270,000); Fiscal Year 2011: ¥1,170,000 (Direct Cost: ¥900,000、Indirect Cost: ¥270,000); Fiscal Year 2010: ¥1,100,000 (Direct Cost: ¥1,100,000); Fiscal Year 2009: ¥1,200,000 (Direct Cost: ¥1,200,000)
• Keywords: ネットワークセキュリティ / リスク / 脆弱性 / ネットワーク / セキュリティ / プロトコル / 危殆化 / ネットワークセキュリティ技術

Research Abstract

A lot of security systems are introduced in recent highly advanced and sophisticated networks, but pre-active methods are used usually. However attacks are inevitable and it is not possible to stop all of them, so proactive methods are important. This is the idea of RISK. We presented a quantities approach for the effective and efficient assessment of risks related to information security, construct robust network systems using this assessment, and proposed a forecasting method of information security related incidents. SLA (Security Level Agreement) is possible using these methods.

Research Products

• [Journal Article] Chaos-cryptography based privacy preservation technique for video surveillance, Special Issue on Privacy-aware multimedia surveillance systems (2012)
  • Author(s): k. Md. Mizanur Rahman, M. Anwar Hossain, Hussein Mouftah, Abdulmotaleb El Saddik and Eiji Okamoto
  • Journal Title: ultmedia Systems, Springer Volume: Vol.18, No.2 Pages: 145-155
  • URL: http://dx.doi.org/10.1007/s00530-011-0246-9
  • Peer Reviewed
• [Journal Article] 検索クエリ中のワイルドカードを秘匿する隠れベクトル暗号システム (2011)
  • Author(s): 秋山浩岐, 満保雅浩, 岡本栄司
  • Journal Title: 情報処理学会論文誌 Volume: Vol.52, No.9 Pages: 2662-2673
  • NAID: 110008608829
  • Peer Reviewed
• [Journal Article] 確率的パケットマーキングにおける最適マーキング確率の推定 (2011)
  • Author(s): 岡田雅之, 金岡晃, 勝野恭治, 岡本栄司
  • Journal Title: 情報処理学会論文誌 Volume: Vol.52, No.9 Pages: 2718-2728
  • NAID: 110008608834
  • Peer Reviewed
• [Journal Article] ネットワークシステムにおける脆弱性影響の測定手法とシステム実装 (2011)
  • Author(s): 原田敏樹, 金岡晃, 加藤雅彦, 岡本栄司
  • Journal Title: 情報処理学会論文誌 Volume: Vol.52, No.9 Pages: 2613-2623
  • NAID: 110008608824
  • Peer Reviewed
• [Journal Article] 確率的パケットマーキングにおける最適マーキング確率の推定 (2011)
  • Author(s): 岡田雅之、金岡晃、勝野恭治、岡本栄司
  • Journal Title: 情報処理学会論文誌 Volume: 52 Pages: 2718-2728
  • NAID: 110008608834
  • Peer Reviewed
• [Journal Article] An approach to perform quantitative information security risk assessment in IT landscape (2010)
  • Author(s): A. Romanov, H. Tsubaki and E. Okamoto
  • Journal Title: 情報処理学会論文誌 Volume: 51巻9号 Pages: 1726-1749
  • NAID: 130000418495
  • Peer Reviewed
• [Journal Article] 安全なネットワークシステム設計のためのマルチレイヤネットワークモデルの提案と応用 (2010)
  • Author(s): 金岡晃, 原田敏樹, 加藤雅彦, 勝野恭治, 岡本栄司
  • Journal Title: 情報処理学会論文誌 Volume: Vol.51, No.9 Pages: 1726-1735
  • NAID: 110007970774
  • Peer Reviewed
• [Journal Article] Amount of spam messages as a case study (2010)
  • Author(s): A. Romanov and E. Okamoto ; Forecasting of information security related incidents
  • Journal Title: 電子情報通信学会論文誌 Volume: E93-B巻6号 Pages: 1411-1421
  • Peer Reviewed
• [Journal Article] 我々をとりまく情報社会と暗号危殆化のかかわり (2010)
  • Author(s): 猪俣敦夫, 岡本栄司
  • Journal Title: 情報処理学会50周年記念「情報処理技術の未来地図」 Volume: 51巻、5号 Pages: 528-528
  • NAID: 110007612515
  • Peer Reviewed
• [Journal Article] メーリングリストを考慮したマスメール型ワームの感染数理モデル (2010)
  • Author(s): 金岡晃, 勝野恭治, 岡本栄司
  • Journal Title: 情報処理学会論文誌 Volume: Vol.51, No.3 Pages: 682-690
  • NAID: 110007970675
  • Peer Reviewed
• [Journal Article] An Approach to Perform Quantitative Information Security Risk Assessment in IT Landscape (2010)
  • Author(s): A.Romanov, H.Tsubaki, E.Okamoto
  • Journal Title: 情報処理学会論文誌 Volume: 51 Pages: 1736-1749
  • NAID: 130000418495
  • Peer Reviewed
• [Journal Article] 我々をとりまく情報社会と暗号危殆化のかかわり (2010)
  • Author(s): 猪俣敦夫、岡本栄司
  • Journal Title: 情報処理学会誌 Volume: 51 Pages: 523-523
  • NAID: 110007612515
  • Peer Reviewed
• [Journal Article] Forecasting of Information Security Related Incidents : Amount of Spam Messages as a Case Study (2010)
  • Author(s): A.Romanov, E.Okamoto
  • Journal Title: 電子情報通信学会英論文誌 Volume: E93-B Pages: 1411-1421
  • NAID: 120007137775
  • Peer Reviewed
• [Journal Article] メーリングリストを考慮したマスメール型ワームの感染数理モデル (2010)
  • Author(s): 金岡晃、勝野恭治、岡本栄司
  • Journal Title: 情報処理学会論文誌 Vol.51 Pages: 682-690
  • NAID: 110007970675
  • Peer Reviewed
• [Presentation] BlueSnarf revisited : OBEX FTP service directory traversal (2011)
  • Author(s): Alberto Moreno, Eiji Okamoto
  • Organizer: Workshop on Wireless Cooperative Network Security (WCNS 2011)
  • Place of Presentation: Universitat Politecnica de Valencia(バルセロナ,スペイン)
  • Year and Date: 2011-05-13
• [Presentation] 確率的パケットマーキング手法の実用化検討 (2011)
  • Author(s): 金岡晃, 岡田雅之, 岡本栄司
  • Organizer: CSS2011
  • Place of Presentation: 朱鷺メッセ(新潟県)
• [Presentation] マルチレイヤのネットワークトポロジ抽出手法、第10回情報科学技術フォーラム(FIT2011) (2011)
  • Author(s): 日暮一太, 金岡晃, 加藤雅彦, 岡本栄司
  • Organizer: 電子情報通信学会 & 情報処理学会
  • Place of Presentation: 函館大学(北海道)
• [Presentation] BlueSnarf revisited : OBEX FTP services directory traversal (2011)
  • Author(s): A. Moreno, E. Okamoto
  • Organizer: Workshop on Wireless Cooperative Network Security (WCNS 2011)
  • Place of Presentation: Valencia, Spain
• [Presentation] 2-bit AS Number Based IP Traceback (2011)
  • Author(s): Masayuki Okada, Akira Kanaoka, Yasuharu Katsuno, Eiji Okamoto
  • Organizer: Fifth International Workshop on Advances in Information Security (WAIS-2011) Seoul, Korea
• [Presentation] Web感染型マルウェアリスク評価を可能とするネットワークトポロジ分析 (2010)
  • Author(s): 金岡晃, 加藤雅彦, 岡本栄司
  • Organizer: 電子情報通信学会ICSS研究会
  • Place of Presentation: 広島市立大学(広島県)
  • Year and Date: 2010-11-05
• [Presentation] Identifying Potentially-Impacted Area by Vulnerabilities in Networked Systems using CVSS (2010)
  • Author(s): T.Harada, A.Kanaoka, E.Okamoto, M.Kato.
  • Organizer: CSnP/SAINT2010, IEEE CS
  • Place of Presentation: Seoul, Korea
  • Year and Date: 2010-07-21
• [Presentation] 入力の1つの点が共通な複数ペアリングの同時計算法 (2010)
  • Author(s): 坂下泰紀、金山直樹、岡本栄司
  • Organizer: SCIS2010
  • Place of Presentation: 全日空ホテルクレメント高松(香川県)
  • Year and Date: 2010-01-20
• [Presentation] スケールフリーネットワークにおけるQoSの輻輳制御を用いたDDoS攻撃対策 (2010)
  • Author(s): 足立正天、金岡晃、岡本栄司
  • Organizer: SCIS2010
  • Place of Presentation: 全日空ホテルクレメント高松(香川県)
  • Year and Date: 2010-01-19
• [Presentation] Key agreement for large-scale dynamic peer group (2010)
  • Author(s): Xun Yi and Eiji Okamoto
  • Organizer: ADPC2010 (Advances in Distributed and Parallel Computing)
  • Place of Presentation: Mandarin Orchard Hotel, Singapore
• [Presentation] Design and analysis of "Flexible" k-out-of-n Signatures (2010)
  • Author(s): Raylin Tso, Xun Yi, Tadahiko Ito, Takeshi Okamoto and Eiji Okamoto
  • Organizer: ATC2010 (The 7th International Conference on Autonomic and Trusted Computing)
  • Place of Presentation: Xi!~an, China
• [Presentation] An Approach for designing of enterprise IT landscapes to perform quantitative information security risk assessment (2010)
  • Author(s): Anton Romanov and Eiji Okamoto
  • Organizer: ICETE/SECRYPT2009
  • Place of Presentation: Milan, Italy
• [Presentation] 向きを持つマルチレイヤネットワークモデルの提案とセキュリティへの応用 (2009)
  • Author(s): 金岡晃、原田敏樹、加藤雅彦、岡本栄司
  • Organizer: 情報処理学会CSEC研究会
  • Place of Presentation: 東京理科大学 森戸記念会館(東京都)
  • Year and Date: 2009-12-18
• [Presentation] ネットワークシステムにおけるCVSSを用いた脆弱性影響範囲特定手法の検討 (2009)
  • Author(s): 原田敏樹、金岡晃、岡本栄司、加藤雅彦
  • Organizer: 情報通信システムセキュリティ研究会
  • Place of Presentation: 宮崎大学(宮崎県)
  • Year and Date: 2009-11-13
• [Presentation] インターネットのトポロジ特性を考慮した確率的パケットマーキング手法の提案 (2009)
  • Author(s): 國分淳次、金岡晃、岡本栄司
  • Organizer: CSS2009
  • Place of Presentation: 富山国際会議場(富山県)
  • Year and Date: 2009-10-28
• [Presentation] A quantative approach to access information secruity related risks (2009)
  • Author(s): Anton Romanov, Eiji Okamoto
  • Organizer: CRISIS2009
  • Place of Presentation: LAAS-CNRS, (Toulouse, France)
  • Year and Date: 2009-10-22
• [Presentation] A Framework for Building and Managing Secured ERP Landscape (2009)
  • Author(s): Anton Romanov, Eiji Okamoto
  • Organizer: WORLDCOMP'09/SAM'09
  • Place of Presentation: Monte Carlo R&C, (Las Vegas, NV, USA.)
  • Year and Date: 2009-07-15
• [Presentation] An Approach for designing of enterprise IT landscapes to perform quantitative information security risk assessment (2009)
  • Author(s): Anton Romanov, Eiji Okamoto
  • Organizer: ICETE/SECRYPT2009
  • Place of Presentation: Milanofiori, (Milan, Italy)
  • Year and Date: 2009-07-09
• [Presentation] Extraction of Parameters from Well Managed Networked System in Access Control (2009)
  • Author(s): Akira Kanaoka, Masahito Kato, Nobukatsu Todo, Eiji Okamoto
  • Organizer: ICIMP 2009
  • Place of Presentation: NOVOTEL VENEZIA MESTRE CASTELLANA, (Venice/Mestre, Italy)
  • Year and Date: 2009-05-25
• [Presentation] A quantitative approach to access information security related risks (2009)
  • Author(s): Anton Romanov and Eiji Okamoto
  • Organizer: 4th International Conference on Risks and Security of Internet and Systems (CRISIS2009)
  • Place of Presentation: Toulouse, France
• [Presentation] A Framework for Building and Managing Secured ERP Landscape (2009)
  • Author(s): Anton Romanov and Eiji Okamoto
  • Organizer: WORLDCOMP'09/SAM'09
  • Place of Presentation: LasVegas, Nevada, USA
• [Presentation] Extraction of Parameters from Well Managed Networked System in Access Control (2009)
  • Author(s): Akira Kanaoka, Masahito Kato, Nobukatsu Todo and Eiji Okamoto
  • Organizer: The Fourth International Conference on Internet Monitoring and Protection (ICIMP 2009)
  • Place of Presentation: Venice/Mestre, Italy