| Presentation | 2017-05-12 Distributive Analyzing Scheme of Host Operation for Blocking Information Leakage from an Intranet Ryuji Maeda, Junichi Murayama, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Recently, damage by targeted attacks is getting worse. These attacks leak corporate information. For preventing such leakage, a security gateway seems attractive. This device can block forwarding of confidential files. For the confidentiality check, a blacklist is searched. Here, the forwarding file name is used as a search key. This list is a name list of confidential files. When attackers segment or rename confidential files, the list is updated sequentially. Thus, confidential files may leak out when blacklist update is delayed. According to our study, a bottleneck of the update processing is network processing at log collection. To solve this problem, we propose a novel scheme. In our scheme, each host generates a local blacklist. The security gateway asks every hosts for searching blacklists. Consequently, network processing at log collection is not required. In our evaluation experiment, the period of updating a blacklist of our proposed scheme was almost 55 percent of that of the conventional scheme. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | targeted attack / advanced persistent threat / data leakage prevention / log tracing / blacklist |
| Paper # | IN2017-5 |
| Date of Issue | 2017-05-04 (IN) |
| Conference Information | |
| Committee | RCS / IN |
|---|---|
| Conference Date | 2017/5/11(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Kikai-Shinko-Kaikan Bldg. |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | Hidekazu Murata(Kyoto Univ.) / Katsunori Yamaoka(Tokyo Inst. of Tech.) |
| Vice Chair | Satoshi Denno(Okayama Univ.) / Yukitoshi Sanada(Keio Univ.) / Eisuke Fukuda(Fujitsu Labs.) / Takuji Kishida(NTT) |
| Secretary | Satoshi Denno(Toshiba) / Yukitoshi Sanada(NTT DoCoMo) / Eisuke Fukuda(KDDI R&D Labs.) / Takuji Kishida(NTT) |
| Assistant | Tetsuya Yamamoto(Panasonic) / Toshihiko Nishimura(Hokkaido Univ.) / Koichi Ishihara(NTT) / Kazushi Muraoka(NEC) / Shinsuke Ibi(Osaka Univ.) / Kunitake Kaneko(Keio Univ.) / Hiroaki Karasawa(NTT) |
| Paper Information | |
| Registration To | Technical Committee on Radio Communication Systems / Technical Committee on Information Networks |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Distributive Analyzing Scheme of Host Operation for Blocking Information Leakage from an Intranet |
| Sub Title (in English) | |
| Keyword(1) | targeted attack |
| Keyword(2) | advanced persistent threat |
| Keyword(3) | data leakage prevention |
| Keyword(4) | log tracing |
| Keyword(5) | blacklist |
| 1st Author's Name | Ryuji Maeda |
| 1st Author's Affiliation | Tokai University(Tokai Univ.) |
| 2nd Author's Name | Junichi Murayama |
| 2nd Author's Affiliation | Tokai University(Tokai Univ.) |
| Date | 2017-05-12 |
| Paper # | IN2017-5 |
| Volume (vol) | vol.117 |
| Number (no) | IN-21 |
| Page | pp.pp.21-24(IN), |
| #Pages | 4 |
| Date of Issue | 2017-05-04 (IN) |