| Presentation | 2018-03-07 A Study on Malware Activity Detection Based on Real-time Analysis of Darknet Data Using Graphical Lasso Chansu Han, Jumpei Shimamura, Takeshi Takahashi, Daisuke Inoue, Masanori Kawakita, Jun'ichi Takeuchi, Koji Nakao, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | In this study, we considered a method to detect malignant activity (especially botnet) in cyber space automatically and in real-time from darknet traffic data. A method to grasp the cooperative relationship between the source hosts from the traffic data based on the graph density obtained by the Graphical Lasso algorithm, and to detect abnormality was studied. We developed the method and proposed a method to detect malignant activities in real-time by using a new alert judgment method. In our research, we implemented a tool to carry out the analysis using the proposed method against actual darknet traffic and confirmed that it operates in real-time. At the same time, we shortened the program calculation time and evaluated parameter tuning. Finally, we introduced examples of malicious activities detected in continuous operation. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Malware Activity Detection / Graphical Lasso / Graph Density / Online Processing / Real-time Analysis |
| Paper # | ICSS2017-51 |
| Date of Issue | 2018-02-28 (ICSS) |
| Conference Information | |
| Committee | ICSS / IPSJ-SPT |
|---|---|
| Conference Date | 2018/3/7(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Okinawa Hokubu Koyou Nouryoku Kaihatsu Sougou Center |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Security, Trust, etc. |
| Chair | Yoshiaki Shiraishi(Kobe Univ.) |
| Vice Chair | Takeshi Ueda(Mitsubishi Electric) / Hiroki Takakura(NII) |
| Secretary | Takeshi Ueda(Yokohama National Univ.) / Hiroki Takakura(NTT) |
| Assistant | Takahiro Kasama(NICT) / Akira Yamada(KDDI labs.) |
| Paper Information | |
| Registration To | Technical Committee on Information and Communication System Security / Special Interest Group on Security Psychology and Trust |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Study on Malware Activity Detection Based on Real-time Analysis of Darknet Data Using Graphical Lasso |
| Sub Title (in English) | |
| Keyword(1) | Malware Activity Detection |
| Keyword(2) | Graphical Lasso |
| Keyword(3) | Graph Density |
| Keyword(4) | Online Processing |
| Keyword(5) | Real-time Analysis |
| 1st Author's Name | Chansu Han |
| 1st Author's Affiliation | Kyushu University(Kyushu Univ.) |
| 2nd Author's Name | Jumpei Shimamura |
| 2nd Author's Affiliation | Clwit Incorporated(Clwit Inc.) |
| 3rd Author's Name | Takeshi Takahashi |
| 3rd Author's Affiliation | National Institute of Information and Communications Technology(NICT) |
| 4th Author's Name | Daisuke Inoue |
| 4th Author's Affiliation | National Institute of Information and Communications Technology(NICT) |
| 5th Author's Name | Masanori Kawakita |
| 5th Author's Affiliation | Kyushu University(Kyushu Univ.) |
| 6th Author's Name | Jun'ichi Takeuchi |
| 6th Author's Affiliation | Kyushu University(Kyushu Univ.) |
| 7th Author's Name | Koji Nakao |
| 7th Author's Affiliation | National Institute of Information and Communications Technology(NICT) |
| Date | 2018-03-07 |
| Paper # | ICSS2017-51 |
| Volume (vol) | vol.117 |
| Number (no) | ICSS-481 |
| Page | pp.pp.1-6(ICSS), |
| #Pages | 6 |
| Date of Issue | 2018-02-28 (ICSS) |