| Presentation | 2015-06-12 Experimental Results on an Attack Detection System for Advanced Persistent Threats Kenichiro Muto, Yasuhiro Okumura, Shinya Kuramoto, Hidemori Ikeda, Mitsuhiro Hatada, Takayuki Watanabe, Tohru Sato, Kazufumi Aoki, Junichi Murakami, Kazuyuki Iso, Yasuhiro Kunda, Toshio Nawa, Mai Kiuchi, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | In this paper, we proposed an attack detection system, which is a component of the model a security model against advanced persistent threats or target attacks. We introduce detection rules focused on normal office operations, detecting anomalies that deviate from the normal operation patterns. We replicated pseudo patterns of attacks and normal operations on an experimental network that simulated an enterprise or government LAN environment, and evaluated the proposed detection system. Results show that the proposed detection system detects the pseudo attack patterns. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Cyber Attack / Advanced Persistent Threats / Defense Model / Attack Detection / Matching Analysis / Statistical Analysis / Compound Analysis |
| Paper # | IA2015-9,ICSS2015-9 |
| Date of Issue | 2015-06-04 (IA, ICSS) |
| Conference Information | |
| Committee | IA / ICSS |
|---|---|
| Conference Date | 2015/6/11(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Kyushu Institute of Technology Univ. |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Internet Security, etc. |
| Chair | Ken-ichi Yoshida(Univ. of Tsukuba) / Yutaka Miyake(KDDI R&D Labs.) |
| Vice Chair | Hiroyuki Osaki(Kwansei Gakuin Univ.) / Masahiro Jibiki(NICT) / Yutaka Nakamura(Kyushu Inst. of Tech.) / Takashi Nishide(Univ. of Tsukuba) / Yoshiaki Shiraishi(Kobe Univ.) |
| Secretary | Hiroyuki Osaki(Tokyo Inst. of Tech.) / Masahiro Jibiki(Osaka Univ.) / Yutaka Nakamura(Mitsubishi Electric) / Takashi Nishide(NII) / Yoshiaki Shiraishi |
| Assistant | Yuichiro Hei(KDDI R&D Labs.) / Hiroshi Yamamoto(Ritsumeikan Univ.) / Toshiki Watanabe(NEC) / Katsunari Yoshioka(Yokohama National Univ.) / Kazunori Kamiya(NTT) |
| Paper Information | |
| Registration To | Technical Committee on Internet Architecture / Technical Committee on Information and Communication System Security |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Experimental Results on an Attack Detection System for Advanced Persistent Threats |
| Sub Title (in English) | |
| Keyword(1) | Cyber Attack |
| Keyword(2) | Advanced Persistent Threats |
| Keyword(3) | Defense Model |
| Keyword(4) | Attack Detection |
| Keyword(5) | Matching Analysis |
| Keyword(6) | Statistical Analysis |
| Keyword(7) | Compound Analysis |
| 1st Author's Name | Kenichiro Muto |
| 1st Author's Affiliation | NTT Communications Corporation(NTT Communications) |
| 2nd Author's Name | Yasuhiro Okumura |
| 2nd Author's Affiliation | NTT Communications Corporation(NTT Communications) |
| 3rd Author's Name | Shinya Kuramoto |
| 3rd Author's Affiliation | NTT Communications Corporation(NTT Communications) |
| 4th Author's Name | Hidemori Ikeda |
| 4th Author's Affiliation | NTT Communications Corporation(NTT Communications) |
| 5th Author's Name | Mitsuhiro Hatada |
| 5th Author's Affiliation | NTT Communications Corporation(NTT Communications) |
| 6th Author's Name | Takayuki Watanabe |
| 6th Author's Affiliation | NTT Communications Corporation(NTT Communications) |
| 7th Author's Name | Tohru Sato |
| 7th Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
| 8th Author's Name | Kazufumi Aoki |
| 8th Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
| 9th Author's Name | Junichi Murakami |
| 9th Author's Affiliation | FFRI Inc.(FFRI) |
| 10th Author's Name | Kazuyuki Iso |
| 10th Author's Affiliation | FFRI Inc.(FFRI) |
| 11th Author's Name | Yasuhiro Kunda |
| 11th Author's Affiliation | FFRI Inc.(FFRI) |
| 12th Author's Name | Toshio Nawa |
| 12th Author's Affiliation | Cyber Defence Institute Inc.(CDI) |
| 13th Author's Name | Mai Kiuchi |
| 13th Author's Affiliation | Cyber Defence Institute Inc.(CDI) |
| Date | 2015-06-12 |
| Paper # | IA2015-9,ICSS2015-9 |
| Volume (vol) | vol.115 |
| Number (no) | IA-80,ICSS-81 |
| Page | pp.pp.45-50(IA), pp.45-50(ICSS), |
| #Pages | 6 |
| Date of Issue | 2015-06-04 (IA, ICSS) |