| 講演名 | 2017-03-03 Struggling against New-Born Malwares Attached to Mails 大森 幹之(鳥取大), 宮田 直輝(鳥取大), 中島 清之(鳥取大), 高橋 健一(鳥取大), |
|---|---|
| PDFダウンロードページ |  PDFダウンロードページへ |
| 抄録(和) | We, Tottori University, have been experiencing targeted attacks using malicious mails especially since fiscal year 2016. Those malicious mails contain {it malwares} such as viruses themselves or down-loaders. While some of those malwares are well-known to anti-virus softwares, others are not even to the state-of-the-art next-generation Intrusion Detection System (IDS) and/or Intrusion Prevention System (IPS). There is no reasonable way especially for small organizations like us, who cannot employ the state-of-the-art anti-virus equipment, to detect and prevent such new-born malwares. Those malwares then reach at end users, and end users may excute them and get infected. We then did not know what to do, and we thought that what all we could do was just to wait for our members to get infected. We, however, have found that there are not so many mails attached files. We have then decided to detect all attached files in mails, and been trying to quarantine malwares based upon empirical approaches. This paper present our findings, experiences and efforts. |
| 抄録(英) | We, Tottori University, have been experiencing targeted attacks using malicious mails especially since fiscal year 2016. Those malicious mails contain {it malwares} such as viruses themselves or down-loaders. While some of those malwares are well-known to anti-virus softwares, others are not even to the state-of-the-art next-generation Intrusion Detection System (IDS) and/or Intrusion Prevention System (IPS). There is no reasonable way especially for small organizations like us, who cannot employ the state-of-the-art anti-virus equipment, to detect and prevent such new-born malwares. Those malwares then reach at end users, and end users may excute them and get infected. We then did not know what to do, and we thought that what all we could do was just to wait for our members to get infected. We, however, have found that there are not so many mails attached files. We have then decided to detect all attached files in mails, and been trying to quarantine malwares based upon empirical approaches. This paper present our findings, experiences and efforts. |
| キーワード(和) | セキュリティ / 標的型攻撃 / メール添付 / マルウェア / 異常検知 |
| キーワード(英) | security / targeted attacks / mail attachment / malware / anomaly detection |
| 資料番号 | SITE2016-70,IA2016-100 |
| 発行日 | 2017-02-24 (SITE, IA) |
| 研究会情報 | |
| 研究会 | IA / SITE / IPSJ-IOT |
|---|---|
| 開催期間 | 2017/3/3(から2日開催) |
| 開催地(和) | カルチャーリゾート フェストーネ (沖縄県宜野湾市) |
| 開催地(英) | Culture Resort Festone (Okinawa) |
| テーマ(和) | インターネットと情報倫理教育、一般 |
| テーマ(英) | Internet and Information Ethics Education, etc. |
| 委員長氏名(和) | 吉田 健一(筑波大) / 岡田 仁志(NII) |
| 委員長氏名(英) | Ken-ichi Yoshida(Univ. of Tsukuba) / Hitoshi Okada(NII) |
| 副委員長氏名(和) | 大崎 博之(関西学院大) / 地引 昌弘(NICT) / 義久 智樹(阪大) / 森住 哲也(神奈川大) / 小川 賢(神戸学院大) |
| 副委員長氏名(英) | Hiroyuki Osaki(Kwansei Gakuin Univ.) / Masahiro Jibiki(NICT) / Tomoki Yoshihisa(Osaka Univ.) / Tetsuya Morizumi(Kanagawa Univ.) / Masaru Ogawa(Kobe Gakuin Univ.) |
| 幹事氏名(和) | 松浦 知史(東工大) / 山本 寛(立命館大) / 多川 孝央(九大) / 芳賀 高洋(岐阜聖徳学園大) |
| 幹事氏名(英) | Satoshi Matsuura(Tokyo Inst. of Tech.) / Hiroshi Yamamoto(Ritsumeikan Univ.) / Takahiro Tagawa(Kyushu Univ.) / Takahiro Haga(Gifu Shotoku Gakuen Univ.) |
| 幹事補佐氏名(和) | 作元 雄輔(首都大東京) / 屏 雄一郎(KDDI研) / 渡辺 俊貴(NEC) / 川口 嘉奈子(東京藝術大) / 壁谷 彰慶(千葉大) |
| 幹事補佐氏名(英) | Yusuke Sakumoto(Tokyo Metropolitan Univ.) / Yuichiro Hei(KDDI R&D Labs.) / Toshiki Watanabe(NEC) / Kanako Kawaguchi(Tokyo Univ. of the Arts) / Akiyoshi Kabeya(Chiba Univ.) |
| 講演論文情報詳細 | |
| 申込み研究会 | Technical Committee on Internet Architecture / Technical Committee on Social Implications of Technology and Information Ethics / Special Interest Group on Internet and Operation Technology |
|---|---|
| 本文の言語 | ENG |
| タイトル(和) | |
| サブタイトル(和) | |
| タイトル(英) | Struggling against New-Born Malwares Attached to Mails |
| サブタイトル(和) | |
| キーワード(1)(和/英) | セキュリティ / security |
| キーワード(2)(和/英) | 標的型攻撃 / targeted attacks |
| キーワード(3)(和/英) | メール添付 / mail attachment |
| キーワード(4)(和/英) | マルウェア / malware |
| キーワード(5)(和/英) | 異常検知 / anomaly detection |
| 第 1 著者 氏名(和/英) | 大森 幹之 / Motoyuki Ohmori |
| 第 1 著者 所属(和/英) | 鳥取大学(略称:鳥取大) Tottori University(略称:Tottori Univ.) |
| 第 2 著者 氏名(和/英) | 宮田 直輝 / Naoki Miyata |
| 第 2 著者 所属(和/英) | 鳥取大学(略称:鳥取大) Tottori University(略称:Tottori Univ.) |
| 第 3 著者 氏名(和/英) | 中島 清之 / Kiyoyuki Nakashima |
| 第 3 著者 所属(和/英) | 鳥取大学(略称:鳥取大) Tottori University(略称:Tottori Univ.) |
| 第 4 著者 氏名(和/英) | 高橋 健一 / Kenichi Takahashi |
| 第 4 著者 所属(和/英) | 鳥取大学(略称:鳥取大) Tottori University(略称:Tottori Univ.) |
| 発表年月日 | 2017-03-03 |
| 資料番号 | SITE2016-70,IA2016-100 |
| 巻番号(vol) | vol.116 |
| 号番号(no) | SITE-490,IA-491 |
| ページ範囲 | pp.51-56(SITE), pp.51-56(IA), |
| ページ数 | 6 |
| 発行日 | 2017-02-24 (SITE, IA) |