Papers - YOSHIOKA Katsunari
about 165-
Am I Infected? Lessons from Operating a Large-Scale IoT Security Diagnostic Service
Takayuki Sasaki, Tomoya Inazawa, Youhei Yamaguchi, Simon Parkin, Michel van Eeten, Katsunari Yoshio … Show more authors
Takayuki Sasaki, Tomoya Inazawa, Youhei Yamaguchi, Simon Parkin, Michel van Eeten, Katsunari Yoshioka, Tsutomu Matsumoto, Hide authors
USENIX Security 2025 2025 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
Who Left the Door Open? Investigating the Causes of Exposed IoT Devices in an Academic Network
2024.5 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
Exposed Infrastructures: Discovery, Attacks and Remediation of Insecure ICS Remote Management Devices
Takayuki Sasaki, Akira Fujita, Carlos Hernandez Ganan, Michel van Eeten, Katsunari Yoshioka, Tsutom … Show more authors
Takayuki Sasaki, Akira Fujita, Carlos Hernandez Ganan, Michel van Eeten, Katsunari Yoshioka, Tsutomu Matsumoto Hide authors
Proc. 43rd IEEE Symposium on Security and Privacy (IEEE S&P) 2022.1 [Reviewed]
Authorship:Corresponding author Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
No Spring Chicken: Quantifying the Lifespan of Exploits in IoT Malware Using Static and Dynamic Analysis
Arwa Abdulkarim Al Alsadi, Kaichi Sameshima, Jakob Bleier, Katsunari Yoshioka, Martina Lindorfer, M … Show more authors
Arwa Abdulkarim Al Alsadi, Kaichi Sameshima, Jakob Bleier, Katsunari Yoshioka, Martina Lindorfer, Michel van Eeten, Carlos H. Ganan Hide authors
The 17th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2022) 2022.5 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
Cleaning Up the Internet of Evil Things: Real-World Evidence on ISP and Consumer Efforts to Remove Mirai
O. Cetin, C. Gañán, L. Altena, D. Inoue, T. Kasama, K. Tamiya, Y. Tie, K. Yoshioka, M. van Eeten
The Network and Distributed System Security Symposium (NDSS 2019) 2019.2 [Reviewed] [Invited]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
ナノ人工物メトリクスの耐クローン性: シンプルな白色干渉計の有効性
宮本岩麒, 岩橋虎, 吉田直樹, 吉岡克成, 松本勉
情報処理学会論文誌, 2025 2025 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
Unveiling IoT Threats: A Case Study on Darknet and Honeypot Analysis
Koji Nakao, Daisuke Inoue, Katsunari Yoshioka
IEEE Computer, 2025 2025 [Reviewed] [Invited]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
Uncovering Suspicious Posts on Abandoned Blogs
Hiroki Nakano, Takashi Koide, Daiki Chiba, Katsunari Yoshioka, Tsutomu Matsumoto
2025 IEEE International Conference on Communications (ICC) 2025 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
DeFiIntel: A Dataset Bridging On-Chain and Off-Chain Data for DeFi Token Scam Investigation
Iori Suzuki, Yin Minn Pa Pa, Nguyen Anh Thi Van, Katsunari Yoshioka
Proc. 7th Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb 2025) 2025 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
Observation of Human-Operated Accesses Using Remote Management Device Honeypot
SASAKI Takayuki, KAWAGUCHI Mami, KUMAGAI Takuhiro, YOSHIOKA Katsunari, MATSUMOTO Tsutomu
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E107.A ( 3 ) 291 - 305 2024.3 [Reviewed]
Authorship:Corresponding author Language:English Publishing type:Research paper (scientific journal) Publisher:一般社団法人 電子情報通信学会 Joint Work
<p>In recent years, cyber attacks against infrastructure have become more serious. Unfortunately, infrastructures with vulnerable remote management devices, which allow attackers to control the infrastructure, have been reported. Targeted attacks against infrastructure are conducted manually by human attackers rather than automated scripts. Here, open questions are how often the attacks against such infrastructure happen and what attackers do after intrusions. In this empirical study, we observe the accesses, including attacks and security investigation activities, using the customized infrastructure honeypot. The proposed honeypot comprises (1) a platform that easily deploys real devices as honeypots, (2) a mechanism to increase the number of fictional facilities by changing the displayed facility names on the WebUI for each honeypot instance, (3) an interaction mechanism with visitors to infer their purpose, and (4) tracking mechanisms to identify visitors for long-term activities. We implemented and deployed the honeypot for 31 months. Our honeypot observed critical operations, such as changing configurations of a remote management device. We also observed long-term access to WebUI and Telnet service of the honeypot.</p>
-
Understanding Characteristics of Phishing Reports from Experts and Non-experts on Twitter
Hiroki Nakano, Daiki Chiba, Takashi Koide, Naoki Fukushi, Takeshi Yagi, Takeo Hariu, Katsunari Yosh … Show more authors
Hiroki Nakano, Daiki Chiba, Takashi Koide, Naoki Fukushi, Takeshi Yagi, Takeo Hariu, Katsunari Yoshioka and Tsutomu Matsumoto Hide authors
IEICE Transaction E107-D ( 7 ) 2024.3
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
返信を装ったなりすましメール攻撃に対する攻撃メール訓練の実施効果に関する調査
渡辺露文、田辺瑠偉、吉岡克成、松本勉
情報処理学会論文誌 65 ( 2 ) 507 - 518 2024.2
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
Honeypot Method to Lure Attackers Without Holding Crypto-Assets
Hironori Uchibori, Katsunari Yoshioka, Kazumasa Omote
IEEE ACCESS 12 16059 - 16071 2024.1
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
SPOT: In-depth Analysis of IoT Ransomware Attacks Using Bare Metal NAS Devices
Hiroki Yasui, Takahiro Inoue, Takayuki Sasaki, Rui Tanabe, Katsunar Yoshioka, Tsutomu Matsumoto
Journal of Information Processing 32 23 - 34 2024.1
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
VT-SOS: A Cost-effective URL Warning utilizing VirusTotal as a Second Opinion Service
2024 [Reviewed]
Authorship:Corresponding author Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
Customized Malware: Identifying Target Systems using Personally Identifiable Information
2024 [Reviewed]
Authorship:Corresponding author Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
デマの検知に向けたモダリティの活用の検討
松田美慧, 藤田彬, 吉岡克成
情報処理学会論文誌, 2024 2024 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
CPUアーキテクチャに依存しないIoTマルウェア分類木生成手法
大迫勇太郎, 山内利宏, 吉岡克成, 藤橋卓也, 渡辺尚, 猿渡俊介
情報処理学会論文誌, 2024 2024 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
Basic認証が動作する機器へのサイバー攻撃の観測
大塚瑠莉, 九鬼琉, 吉岡克成
情報処理学会論文誌, 2024 2024 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
EtherWatch: A Framework for Detecting Suspicious Ethereum Accounts and Their Activities
Takayuki Sasaki, Jia Wang, Kazumasa Omote, Katsunari Yoshioka, Tsutomu Matsumoto
IPSJ Journal, 2024 2024 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
Characteristics Comparison between Carpet Bombing-type and Single Target DRDoS Attacks Observed by Honeypot
Qingxin Mao, Daisuke Makita, Michel Van Eeten, Katsunari Yoshioka, Tsutomu Matsumoto
IPSJ Journal, 2024. 2024 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
次世代型ウイルス対策ソフトに対する回避攻撃ならびに従来型ウイルス対策ソフトとの検出率の比較検証
新井悠、吉岡克成、松本勉
IPSJ Journal 64 ( 9 ) 1287 - 1294 2023.9
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
絨毯爆撃型DRDoS攻撃の実態把握に向けたDRDoSハニーポット観測データの分析
毛清昕、牧田大佑、吉岡克成、松本勉
IPSJ Journal 64 ( 9 ) 1266 - 1276 2023.9
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
Mitigate: Toward Comprehensive Research and Development for Analyzing and Combating IoT Malware
NAKAO Koji, YOSHIOKA Katsunari, SASAKI Takayuki, TANABE Rui, HUANG Xuping, TAKAHASHI Takeshi, FUJIT … Show more authors
NAKAO Koji, YOSHIOKA Katsunari, SASAKI Takayuki, TANABE Rui, HUANG Xuping, TAKAHASHI Takeshi, FUJITA Akira, TAKEUCHI Jun'ichi, MURATA Noboru, SHIKATA Junji, IWAMOTO Kazuki, TAKADA Kazuki, ISHIDA Yuki, TAKEUCHI Masaru, YANAI Naoto Hide authors
IEICE Transactions on Information and Systems E106.D ( 9 ) 1302 - 1315 2023.9 [Reviewed] [Invited]
Language:English Publishing type:Research paper (scientific journal) Publisher:一般社団法人 電子情報通信学会 Joint Work
<p>In this paper, we developed the latest IoT honeypots to capture IoT malware currently on the loose, analyzed IoT malware with new features such as persistent infection, developed malware removal methods to be provided to IoT device users. Furthermore, as attack behaviors using IoT devices become more diverse and sophisticated every year, we conducted research related to various factors involved in understanding the overall picture of attack behaviors from the perspective of incident responders. As the final stage of countermeasures, we also conducted research and development of IoT malware disabling technology to stop only IoT malware activities in IoT devices and IoT system disabling technology to remotely control (including stopping) IoT devices themselves.</p>
-
複数のSNSを悪用したオンライン詐欺の観測に向けた検討
川口大翔, 高田一樹, インミン パパ, 田辺瑠偉, 吉岡克成, 松本 勉
ICSS研究会 2023.3
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
IoT機器に対するマルウェア持続感染性の診断手法の提案
添田隼喜, 井上貴弘, インミン パパ, 田辺瑠偉, 吉岡克成, 松本 勉
ICSS研究会 2023.3
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
VirusTotalとWebアクセスログを用いたURL警告リストの作成・管理手法の提案
高尾恭平, 平石知佳, 高田一樹, 藤田 彬, 井上大介, 田辺瑠偉, 吉岡克成, 松本 勉
ICSS研究会 2023.3
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
IoTボットのC&C通信を模したスクリプトによる攻撃インフラの観測
鮫嶋海地, 遠藤祐輝, 田辺瑠偉, 吉岡克成, 中尾康二, 松本 勉
ICSS研究会 2023.3
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
Canary in Twitter Mine: Collecting Phishing Reports from Experts and Non-experts,
Hiroki Nakano, Daiki Chiba, Takashi Koide, Naoki Fukushi, Takeshi Yagi, Takeo Hariu, Katsunari Yosh … Show more authors
Hiroki Nakano, Daiki Chiba, Takashi Koide, Naoki Fukushi, Takeshi Yagi, Takeo Hariu, Katsunari Yoshioka and Tsutomu Matsumoto Hide authors
Proc. The 18th International Conference on Availability, Reliability and Security (ARES 2023) 2023 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
Birds of a Feather? A Comparative Analysis of DDoS Victimisation by IoT Botnet and Amplification Attacks
Swaathi Vetrivel, Arman Noroozian, Daisuke Makita, Katsunari Yoshioka, Michel van Eeten, Carlos H. … Show more authors
Swaathi Vetrivel, Arman Noroozian, Daisuke Makita, Katsunari Yoshioka, Michel van Eeten, Carlos H. Ganan Hide authors
The 22nd Workshop on the Economics of Information Security (WEIS2023) 2023 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
Bin there, target that: Analyzing the target selection of IoT vulnerabilities in malware binaries
Proc. The 26th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2023) 2023 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
Peering into the Darkness: The Use of UTRS in Combating DDoS Attacks
2023 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
Huang Xuping, Mochizuki Shunsuke, Fujita Akira, Yoshioka Katsunari
Journal of Information Processing 31 ( 0 ) 165 - 173 2023
Language:English Publishing type:Research paper (international conference proceedings) Publisher:一般社団法人 情報処理学会 Joint Work
<p>In recent years, malware-infected devices, such as Mirai, have been used to conduct impactful attacks like massive DDoS attacks. Internet Service Providers (ISPs) respond by sending security notifications to infected users, instructing them to remove the malware; however, there are no approaches to quantify or simulate the performance and effectiveness of the notification activities. In this paper, we propose a model of security notification by ISPs. In the proposed model, we simulate the security notification with composite parameters, indicating the nature of malware attacks such as persistence of malware, user response ratio, and notification efforts by ISPs, and then discuss their effectiveness. Moreover, we conduct a simulation based on the actual attack.</p>
-
Who are you? OSINT-based Profiling of Infrastructure Honeypot Visitors
Takayuki Sasaki, Katsunari Yoshioka, Tsutomu Matsumoto
11th INTERNATIONAL SYMPOSIUM ON DIGITAL FORENSICS AND SECURITY (ISDFS 2023) 2023
Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
An Attacker's Dream? Exploring the Capabilities of ChatGPT for Developing Malware
Pa, YMP; Tanizaki, S; Kou, T; van Eeten, M; Yoshioka, K; Matsumoto, T
PROCEEDINGS OF 16TH CYBER SECURITY EXPERIMENTATION AND TEST WORKSHOP, CSET 2023 10 - 18 2023 [Reviewed]
Authorship:Corresponding author Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
am I infected? IoTセキュリティ診断Webサービスを用いたエンドユーザへの注意喚起の実証実験
稲澤 朋也, 佐々木 貴之, 吉岡 克成, 松本 勉
情報処理学会コンピュータセキュリティシンポジウム2022 2022.10
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
IoTマルウェアの感染処理に着目したアクセス制御手法の提案
山内 利宏, 吉元 亮太, 吉岡 克成
情報処理学会コンピュータセキュリティシンポジウム2022 2022.10
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
ハニーポットで観測されたエクスプロイトのライフサイクルに関する実態調査
九鬼 琉, 佐々木 貴之, 吉岡 克成, 松本 勉
情報処理学会コンピュータセキュリティシンポジウム2022 2022.10
Language:Japanese Publishing type:Research paper (scientific journal) Single Work
-
imulation of Security Notification to Malware-infected Users by ISP
2022.8
Language:English Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
SPOT: Analyzing IoT Ransomware Attacks using Bare Metal NAS Devices
The 17th Asia Joint Conference on Information Security (AsiaJCIS2022) 2022.8
Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
An Internet-wide View of Connected Cars: Discovery of Exposed Automotive Devices
Takahiro Ueda, Takayuki Sasaki, Katsunari Yoshioka, and Tsutomu Matsumoto
2022.8
Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
Amplification Chamber: Dissecting the Attack Infrastructure of Memcached DRDoS Attacks
Mizuki Kondo, Rui Tanabe, Natsuo Shintani, Daisuke Makita, Katsunari Yoshioka, and Tsutomu Matsumoto
2022.6
Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
ハニーポットで観測されたサイバー攻撃の対象機器及び脆弱性の自動推定手法の提案
九鬼琉, 植田岳洋, 佐々木貴之, 吉岡克成, 松本勉
情報処理学会コンピュータセキュリティ研究会 2022.5
Authorship:Corresponding author Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
ハニーポットによる攻撃観測と多角的分析のための統合アーキテクチャの提案
佐々木貴之, 九鬼琉, 植田岳洋, 鮫嶋海地, Guo Binnan, 市川詩恩, 山口陽平, 岡田晃市郎, 吉岡克成, 松本勉
情報処理学会コンピュータセキュリティ研究会 2022.5
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
am I infected? エンドユーザのIoT機器のマルウェア感染と脆弱性の有無を検査するWebサービスの提案
何 松?, 乃万誉也, 佐々木貴之, 吉岡克成, 松本 勉
電子情報通信学会情報システムセキュリティ研究会,信学技報 2022.3
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
パーソナライズドマルウェアの実現可能性の実ユーザ環境調査による検証
市川大悟, 田辺瑠偉, 徐 浩源, 吉岡克成, 松本 勉
電子情報通信学会情報システムセキュリティ研究会,信学技報 2022.3
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
IoTマルウェアの動的解析におけるC&C通信の機械学習を用いた検出
遠藤祐輝, 鮫嶋海地, 田辺瑠偉, 吉岡克成, 松本 勉
電子情報通信学会情報システムセキュリティ研究会,信学技報 2022.3
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
IoTマルウェアによるポート開閉動作の実機を利用した解析
小川航汰, 田辺瑠偉, 吉岡克成, 松本 勉
電子情報通信学会情報システムセキュリティ研究会,信学技報 2022.3
Authorship:Corresponding author Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
重要施設に設置されたIoT機器のインターネット全域探索
平工瑞希, 佐々木貴之, 吉岡克成, 松本 勉
電子情報通信学会情報システムセキュリティ研究会,信学技報 2022.3
Authorship:Corresponding author Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
IoT機器のファイル構成を模したサンドボックスによる持続感染型IoTマルウェアの実行環境依存性の分析
井上貴弘, 岡田英造, 岡田晃市郎, 塩治榮太朗, 秋山満昭, 田辺瑠偉, 吉岡克成, 中尾康二, 松本 勉
ICSS研究会 2022.3
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
ハニーポットで観測される絨毯爆撃型DRDoS攻撃の分析
毛 清昕, 牧田 大佑, 吉岡 克成, 松本 勉
電子情報通信学会 暗号と情報セキュリティシンポジウム 2022 2022.1
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
ドアを開け放したのは誰か?IoT機器のセキュリティ問題の改善に向けた根本原因調査
乃万 誉也, 佐々木 貴之, 神野 亮, 萩原 雄一, 志村 俊也, 吉岡 克成, 松本 勉
電子情報通信学会 暗号と情報セキュリティシンポジウム 2022 2022.1
Authorship:Corresponding author Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
NASを標的とするランサムウェア攻撃のハニーポットと動的解析による分析
安井浩基, 井上貴弘, 佐々木貴之, 田辺瑠偉, 吉岡克成, 松本勉
電子情報通信学会 暗号と情報セキュリティシンポジウム 2022 2022.1
Authorship:Corresponding author Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
家庭を模したIoT家電ハニーポットを用いた攻撃者の行動の観測および検証
大塚瑠莉, 吉岡克成, 岡田晃市郎
電子情報通信学会 暗号と情報セキュリティシンポジウム 2022 2022.1
Language:Japanese Publishing type:Research paper (international conference proceedings) Single Work
-
Multifaceted Analysis of Malicious Ethereum Accounts and Corresponding Activities
2022 [Reviewed]
Authorship:Corresponding author Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
コネクテッドカーはインターネット上から発見可能か?
植田 岳洋, 佐々木 貴之 , 吉岡 克成 , 松本 勉
情報処理学会主催コンピュータセキュリティシンポジウム2021 2022
Language:Japanese Publishing type:Research paper (scientific journal) Single Work
-
Exploring Event-synced Navigation Attacks across User-generated Content Platforms in the Wild
Hiroki Nakano, Daiki Chiba, Takashi Koide, Mitsuaki Akiyama, Katsunari Yoshioka, Tsutomu Matsumoto
IPSJ Journal 2022 [Reviewed]
Authorship:Corresponding author Language:English Publishing type:Research paper (scientific journal) Single Work
-
VirusTotalとWebアクセスログを用いたURLブロックリストの作成・管理手法の改良
平石 知佳, 高尾 恭平, 高田 一樹, Charmet Fabien, 藤田 彬, 井上 大介, 田辺 瑠偉, 吉岡 克成, 松本 勉
情報処理学会コンピュータセキュリティシンポジウム2022 2022
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
Disposable Botnets: Long-term Analysis of IoT Botnet Infrastructure
Tanabe Rui, Watanabe Tsuyufumi, Fujita Akira, Isawa Ryoichi, Gañán Carlos, Eeten Michel van, Yoshio … Show more authors
Tanabe Rui, Watanabe Tsuyufumi, Fujita Akira, Isawa Ryoichi, Gañán Carlos, Eeten Michel van, Yoshioka Katsunari, Matsumoto Tsutomu Hide authors
Journal of Information Processing 30 ( 0 ) 577 - 590 2022
Language:English Publishing type:Research paper (scientific journal) Publisher:一般社団法人 情報処理学会 Joint Work
<p>Large botnets made up of Internet-of-Things (IoT) devices have a steady presence in the threat landscape since 2016. However, it has not explained how attackers maintain control over their botnets. In this paper, we present a long-term analysis of the infrastructure of IoT botnets based on 36 months of data gathered via honeypots and the monitoring of botnet infrastructure. We collected 64,260 IoT malware samples, 35,494 download servers, and 4,736 C&C servers during 2016 to 2021. Not only are most binaries distributed for less than three days, but the connection of bots to the rest of the botnet is also short-lived. To reach the C&C server, the binaries typically contain only a single hard-coded IP address or domain. Long-term dynamic analysis finds no mechanism for the attackers to migrate the bots to a new C&C server. Although malware binaries that use domain names to connect to their C&C servers increased in 2020, the C&C servers themselves have a short lifespan and this tendency has not changed. The picture that emerges is that of highly disposable botnets. IoT botnets are reconstituted from scratch all the time rather than maintained.</p>
-
Connection Type Identification and Uplink Speed Estimation of Malware Infected Hosts
Huang Xuping, Mochizuki Shunsuke, Yoshioka Katsunari
Journal of Information Processing 30 ( 0 ) 859 - 864 2022
Language:English Publishing type:Research paper (scientific journal) Publisher:一般社団法人 情報処理学会 Joint Work
<p>IoT malware Mirai and its variants continue to evolve and their activities consume network resources, particularly radio resources. This paper proposes a method to identify connection types and estimate the wireless uplink speed of malware-infected hosts observed by IoT honeypot by using the Connection Type Database of Maxmind's GeoIP2, a well-known industrial resource for IP address related information, and Network Diagnosis Tool (NDT) database, a measurement data set of the uplink speed of various networks. The proposed Mobile Network Identification method divides IP addresses into IP ranges assigned to each Autonomous System (AS), and then employs the NDT database based on the IP ranges. We analyzed the infected hosts observed by IoT honeypot to assess and validate the precision of the proposed technique. Our method estimates the maximum average uplink speed of the infected cellular host to be 40.6Mbps, which is between two reference measurement results of cellar networks, indicating the adequacy of the proposed method.</p>
-
セキュリティ設定に不備のあるIoT機器の所有者に対する専用アプリを介した注意喚起の効果検証
村上 颯人, 藤田 彬, 佐々木 貴之, 田辺 瑠偉, 山田 明, 吉岡 克成, 松本 勉
情報処理学会主催コンピュータセキュリティシンポジウム2021 2021.10
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
IoTマルウェアの分類方法に関する検討
大迫 勇太郎, 山内 利宏, 吉岡 克成, 藤橋 卓也, 渡辺 尚 , 猿渡 俊介
情報処理学会主催コンピュータセキュリティシンポジウム2021 2021.10
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
IoT機器へのTelnet接続ログのコマンドに着目したクラスタリングによる分析
馬場 隆寛, 馬場 謙介, 吉岡 克成, 山内 利宏
情報処理学会主催コンピュータセキュリティシンポジウム2021 2021.10
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
金融系マルウェア脅威情報配信の実証と考察
高田 一樹, 邦本 理夫, 山下 知起, 寺田 真敏 , 吉岡 克成
情報処理学会主催コンピュータセキュリティシンポジウム2021 2021.10
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
コネクテッドカーはインターネット上から発見可能か?─広域スキャンによる車載機器探索とセキュリティ分析─
植田 岳洋, 佐々木 貴之 , 吉岡 克成 , 松本 勉
公益社団法人自動車技術会会誌「自動車技術」, 2022 2021.10
Language:English Publishing type:Research paper (scientific journal) Single Work
-
Etherpot: A Honeypot for Observing Cyberattacks on Ethereum Client
IEICE, 2021-06-IA-ICSS 2021.6
Language:English Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
Adaptive Observation of Emerging Cyber Attacks targeting Various IoT Devices
Seiya Kato, Rui Tanabe, Katsunari Yoshioka, Tsutomu Matsumoto
IFIP/IEEE International Symposium on Integrated Network Management (IM) 2021.5 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
Leveraging Machine Learning Techniques to Identify Deceptive Decoy Documents Associated with Targeted Email Attacks
2021.5
Language:English Publishing type:Research paper (scientific journal) Single Work
-
VirusTotalを用いた悪性サ イト検知における費用対効果の分析
高尾恭平, 森博志, 田辺瑠偉, 吉岡克成, 松本勉
信学技報 2021.5
Language:Japanese Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
Measurement and Factor Analysis of the Impact of Amplification DDoS Attacks Observed by Amppot
2021.5
Language:English Publishing type:Research paper (research society, symposium materials, etc.) Single Work
-
Designing Comprehensive Cyber Threat Analysis Platform: Can We Orchestrate Analysis Engines?
akeshi Takahashi, Yuki Umemura, Chansu Han, Tao Ban, Keisuke Furumoto, Ohnori Nakamura, Katsunari Y … Show more authors
akeshi Takahashi, Yuki Umemura, Chansu Han, Tao Ban, Keisuke Furumoto, Ohnori Nakamura, Katsunari Yoshioka, Junichi Takeuchi, Noboru Murata, Yoshiaki Shiraishi Hide authors
Work in Progress Session, The 19th International Conference on Pervasive Computing and Communications (PerCom 2021) 2021.3 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
Understanding the Fake Removal Information Advertisement Sites
Journal of Information Processing 2021.2 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
To Get Lost is to Learn the Way: An Analysis of Multi-Step Social Engineering Attacks on the Web
KOIDE Takashi, CHIBA Daiki, AKIYAMA Mitsuaki, YOSHIOKA Katsunari, MATSUMOTO Tsutomu
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences 104 ( 1 ) 162 - 181 2021
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:一般社団法人 電子情報通信学会 Joint Work
<p>Web-based social engineering (SE) attacks manipulate users to perform specific actions, such as downloading malware and exposing personal information. Aiming to effectively lure users, some SE attacks, which we call multi-step SE attacks, constitute a sequence of web pages starting from a landing page and require browser interactions at each web page. Also, different browser interactions executed on a web page often branch to multiple sequences to redirect users to different SE attacks. Although common systems analyze only landing pages or conduct browser interactions limited to a specific attack, little effort has been made to follow such sequences of web pages to collect multi-step SE attacks. We propose STRAYSHEEP, a system to automatically crawl a sequence of web pages and detect diverse multi-step SE attacks. We evaluate the effectiveness of STRAYSHEEP's three modules (landing-page-collection, web-crawling, and SE-detection) in terms of the rate of collected landing pages leading to SE attacks, efficiency of web crawling to reach more SE attacks, and accuracy in detecting the attacks. Our experimental results indicate that STRAYSHEEP can lead to 20% more SE attacks than Alexa top sites and search results of trend words, crawl five times more efficiently than a simple crawling module, and detect SE attacks with 95.5% accuracy. We demonstrate that STRAYSHEEP can collect various SE attacks, not limited to a specific attack. We also clarify attackers' techniques for tricking users and browser interactions, redirecting users to attacks.</p>
Other Link: https://ci.nii.ac.jp/naid/130007964807
-
Editor's Message to Special Issue of Computer Security Technologies for Realizing Society 5.0
Yoshioka Katsunari
Journal of Information Processing 29 ( 0 ) 504 - 504 2021
Language:English Publishing type:Research paper (scientific journal) Publisher:一般社団法人 情報処理学会 Single Work
-
Bokhari Aamir H., Inoue Yuta, Kato Seiya, Yoshioka Katsunari, Matsumoto Tsutomu
Journal of Information Processing 29 ( 0 ) 572 - 580 2021
Language:English Publishing type:Research paper (scientific journal) Publisher:一般社団法人 情報処理学会 Joint Work
<p>The digital boom brought empowerment to seamless connectivity by enabling manufacturers to harness the power of the Internet into their products, opening up the world of the Internet of Things (IoT). However, such connectivity has also brought the side effect of such power being abused by unscrupulous agents, who scan open ports for services and exploit vulnerabilities in the system. The Mirai botnet malware attack is one such example that caused havoc by compromising millions of IoT devices having unpatched/weaker security. There is an increasing need to enable IoT devices to be fully patched and secured, but such methods are often under attack. This paper examines a stealth technology and its impact on the CPU and power consumption to secure resource-constraint IoT devices that are growing exponentially. By enabling secure remote operations and management of such devices using a unique but practical method of security called “Port Knocking, ” we can ensure timely patching of security vulnerabilities in a safe and stealthy manner. Our experimental results on a resource-constraint IoT device show that port knocking not only secures the device and provides a secure remote management option but also helps in keeping its power consumption low. The results obtained make it an effective security layer for securing resource-constraint IoT devices.</p>
-
IoTマルウェア感染解析における通信形態及びアップリンク速度の推定手法
黄 緒平 , 望月 俊輔 , 吉岡 克成
情報処理学会 研究報告 コンピュータセキュリティ(CSEC) 2021
Language:Japanese Publishing type:Research paper (bulletin of university, research institution) Single Work
-
Understanding the Fake Removal Information Advertisement Sites
Koide Takashi, Chiba Daiki, Akiyama Mitsuaki, Yoshioka Katsunari, Matsumoto Tsutomu
Journal of Information Processing 29 ( 0 ) 392 - 405 2021
Language:English Publishing type:Research paper (scientific journal) Publisher:一般社団法人 情報処理学会 Joint Work
<p>Fake antivirus (AV) software is a type of malware that disguises as legitimate antivirus software and causes harm to users and their devices. Fake removal information advertisement (FRAD) sites, which introduce fake removal information for cyber threats, have emerged as platforms for distributing fake AV software. Although FRAD sites seriously threaten users who have been suffering from cyber threats and need information for removing them, little attention has been given to revealing these sites. In this paper, we propose a system to automatically crawl the web and identify FRAD sites. To shed light on the pervasiveness of this type of attack, we performed a comprehensive analysis of both passively and actively collected data. Our system collected 2, 913 FRAD sites in 31 languages, which have 73.5 million visits per month in total. We show that FRAD sites occupy search results when users search for cyber threats, thus preventing the users from obtaining the correct information.</p>
-
Tracing and Analyzing Web Access Paths Based on User-Side Data Collection: How Do Users Reach Malicious URLs?
Takeshi Takahashi, Christopher Kruegel, Giovanni Vigna, Katsunari Yoshioka, Daisuke Inoue
Proc. 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID2020) 2020.10 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
On the Origin of Scanning: The Impact of Location on Internet-Wide Scans
Gerry Wan, Liz Izhikevich, David Adrian, Katsunari Yoshioka, Ralph Holz, Christian Rossow, Zakir Du … Show more authors
Gerry Wan, Liz Izhikevich, David Adrian, Katsunari Yoshioka, Ralph Holz, Christian Rossow, Zakir Durumeric Hide authors
The 2020 Internet Measurement Conference (IMC) 2020.10
Language:English Publishing type:Research paper (scientific journal) Publisher:ACM Single Work
-
IoT機器の実機を用いたマルウェア動的解析手法の検証
原悟史, 熊佳, 玉井達也, 田宮和樹, 田辺瑠偉, 藤田彬, 吉岡克成, 松本勉,
電子情報通信学会論文誌, 2020 2020.8
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
Validation of Malware Dynamic Analysis Method Using Real IoT Devices
HARA Satoshi, XIONG Jia, TAMAI Tatsuya, TAMIYA Kazuki, TANABE Rui, FUJITA Akira, YOSHIOKA Katsunari … Show more authors
HARA Satoshi, XIONG Jia, TAMAI Tatsuya, TAMIYA Kazuki, TANABE Rui, FUJITA Akira, YOSHIOKA Katsunari, MATSUMOTO Tsutomu Hide authors
J103-B ( 8 ) 272 - 283 2020.8
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
Attacks on IoT devices are increasing and becoming more diverse. Many existing IoT malwares often used common functions to many devices, so it is possible to analysis dynamically in a general-purpose analysis environment built on a virtual environment. In recent years, malware depending on the function of a specific device has been observed. Such malware can not be analyzed correctly in a general-purpose analysis environment. Also, IoT devices have various configurations and are often closely related to the behavior of hardware. However, it is difficult to emulate hardware behavior faithfully in a virtual environment. In addition, some IoT malware is also known to detect virtual environments and modify their behavior. In order to analyze such IoT malware dynamically, an analysis environment using real IoT devices is required. However, dynamic analysis using real IoT devices has not been verified in detail. In this paper, we discuss the minimum requirements for analyzing malware dynamically on real IoT devices. Next, we experimented 87 IoT malware samples with 5 real IoT devices and virtual environment. Finally, we discussed the limitations of dynamic analysis methods using real IoT devices based on experimental results.
-
Disposable Botnets: Examining the Anatomy of IoT Botnet Infrastructure
Rui Tanabe, Tatsuya Tamai, Akira Fujita, Ryoichi Isawa, Katsunari Yoshioka, Tsutomu Matsumoto, Carl … Show more authors
Rui Tanabe, Tatsuya Tamai, Akira Fujita, Ryoichi Isawa, Katsunari Yoshioka, Tsutomu Matsumoto, Carlos Ganan and Michel Van Eeten Hide authors
roc. International Conference on Availability, Reliability, and Security (ARES2020) 2020.8 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
APTGen: An Approach towards Generating Practical Dataset Labelled with Targeted Attack Sequences
Yusuke Takahashi, Shigeyoshi Shima, Rui Tanabe, Katsunari Yoshioka
Proc. 13th USENIX Workshop on Cyber Security Experimentation and Test, (USENIX CSET'20) 2020.8 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
特定のIoT機器のWebUIを狙ったサイバー攻撃の分析
藤田 彬, 江澤優太, 田宮和樹, 中山 颯, 鉄頴, 吉岡克成, 松本 勉
情報処理学会論文誌, Vol. 61, No. 3, 2020 2020
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
実攻撃の観測と疑似攻撃の試行に基づくホームネットワークセキュリティの検証
藤田 彬, 楊 志勇, 熊 佳, 鉄 頴, 楊 笛, 江澤優太, 中山 颯, 田宮和樹, 西田 慎, 吉岡克成, 松本 勉
情報処理学会論文誌, Vol. 61, No. 3, 2020 2020
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
It Never Rains but It Pours: Analyzing and Detecting Fake Removal Information Advertisement Sites
Takashi Koide, Daiki Chiba, Mitsuaki Akiyama, Katsunari Yoshioka, and Tsutomu Matsumoto,
The Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2020), 2020. 2020
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
Detecting and Understanding Online Advertising Fraud in the Wild
2020
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
ThingGate: A Gateway for Managing Traffic of Bare-metal IoT Honeypot
Wu Chun-Jung, Yoshioka Katsunari, Matsumoto Tsutomu
Journal of Information Processing 28 ( 0 ) 481 - 492 2020
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:一般社団法人 情報処理学会 Joint Work
<p>The Internet of Things (IoT) malware keep evolving and utilize multiple vulnerabilities to infect IoT devices. Besides malware, human attackers also utilize various tools to access and collect variable information on the device. For instances, web UI of IP Cameras and routers are constantly searched and accessed if vulnerable. In order to observe and analyze such a variety of attacks in depth, there is an increasing need for bare-metal IoT devices as a honeypot, since it is costly to emulate device-specific vulnerabilities and complex functionalities from dedicated services. However, operating bare-metal IoT honeypots has unique technical challenges mostly coming from their low configurability as an embedded system. A bare-metal honeypot needs proper access control while it is allowing attackers to access its inside to some degree, such as filter out bricking commands and changes of critical configuration. From this observation, we propose ThingGate, a gateway for flexible operation of bare-metal IoT honeypot. ThingGate employs a man-in-the-middle proxy to control and manage inbound and outbound traffic of the bare-metal IoT honeypot. Moreover, it adds the functionality of web tracking, which is not provided by the web UI of the original devices. We evaluate ThingGate with seven bare-metal IoT devices and show that it successfully blocks unwanted incoming attacks, masks wireless access point information of the devices, and tracks attackers on the device web UI while showing high observability of various attacks exploiting different vulnerabilities.</p>
Other Link: https://ci.nii.ac.jp/naid/130007904800
-
Dangers of IP Camera - An Observational Study on Peeping
Tamiya Kazuki, Bokhari Aamir H., Ezawa Yuta, Nakayama Sou, Tie Ying, Tanabe Rui, Fujita Akira, Yosh … Show more authors
Tamiya Kazuki, Bokhari Aamir H., Ezawa Yuta, Nakayama Sou, Tie Ying, Tanabe Rui, Fujita Akira, Yoshioka Katsunari, Matsumoto Tsutomu Hide authors
Journal of Information Processing 28 ( 0 ) 502 - 510 2020
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:一般社団法人 情報処理学会 Joint Work
<p>Existing research on information security for IP cameras has been primarily focused on issues with authentication or malware, but not on the peeping method itself. How cyber peeping is conducted in real world can further help in strengthening defenses accordingly and spread more awareness about dangers of IP camera. In this research, we observed peeps by setting up a honeypot using decoy cameras in two scenarios. First, where background information (handwritten URL and ID/password bait) can be read by humans. Second, simulating a living-room in a home environment. As a result, many examples of peeping into the decoy cameras were confirmed in reality. Also, a rapid increase in peeping (over 20, 000 times/day) was seen after a decoy camera's feed got posted on a well-known website, showing a large scale peeping danger also exists due to such websites. The results of this study were used in several TV programs to show the dangers of using IP cameras over a national broadcasting station and also were directly shared with IP camera vendors, resulting in the improvement of IP camera security. Therefore, we believe that this study can further help in improving the security and awareness on the dangers associated with IP cameras.</p>
Other Link: https://ci.nii.ac.jp/naid/130007904808
-
Detecting and Understanding Online Advertising Fraud in the Wild
KANEI Fumihiro, CHIBA Daiki, HATO Kunio, YOSHIOKA Katsunari, MATSUMOTO Tsutomu, AKIYAMA Mitsuaki
IEICE Transactions on Information and Systems 103 ( 7 ) 1512 - 1523 2020
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:一般社団法人 電子情報通信学会 Joint Work
<p>While the online advertisement is widely used on the web and on mobile applications, the monetary damages by advertising frauds (ad frauds) have become a severe problem. Countermeasures against ad frauds are evaded since they rely on noticeable features (e.g., burstiness of ad requests) that attackers can easily change. We propose an ad-fraud-detection method that leverages robust features against attacker evasion. We designed novel features on the basis of the statistics observed in an ad network calculated from a large amount of ad requests from legitimate users, such as the popularity of publisher websites and the tendencies of client environments. We assume that attackers cannot know of or manipulate these statistics and that features extracted from fraudulent ad requests tend to be outliers. These features are used to construct a machine-learning model for detecting fraudulent ad requests. We evaluated our proposed method by using ad-request logs observed within an actual ad network. The results revealed that our designed features improved the recall rate by 10% and had about 100,000-160,000 fewer false negatives per day than conventional features based on the burstiness of ad requests. In addition, by evaluating detection performance with long-term dataset, we confirmed that the proposed method is robust against performance degradation over time. Finally, we applied our proposed method to a large dataset constructed on an ad network and found several characteristics of the latest ad frauds in the wild, for example, a large amount of fraudulent ad requests is sent from cloud servers.</p>
Other Link: https://ci.nii.ac.jp/naid/130007867697
-
Detect Me If You... Oh Wait. An Internet-Wide View of Self-Revealing Honeypots
Shun Morishita, Takuya Hoizumi, Wataru Ueno, Rui Tanabe, Carlos Hernandez Gañán, Michel J.G. van Ee … Show more authors
Shun Morishita, Takuya Hoizumi, Wataru Ueno, Rui Tanabe, Carlos Hernandez Gañán, Michel J.G. van Eeten, Katsunari Yoshioka, and Tsutomu Matsumoto Hide authors
IFIP/IEEE International Symposium on Integrated Network Management (IFIP/IEEE IM2019) 2019.4 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
WebUIの画像的特徴に基づくIoT機器判別手法
藤田彬,内田佳介,森博志,吉岡克成,松本勉
情報処理学会論文誌 60 ( 3 ) 849 - 858 2019.3 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
ハニーポットによるApache Struts の脆弱性に対する攻撃の観測
田辺瑠偉, 上野航, 吉岡克成, 松本勉
情報処理学会論文誌 60 ( 3 ) 839 - 848 2019.3 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
標的端末上でのみ動作するマルウェアに対するセキュリティアプライアンスの有効性評価
田辺瑠偉, 上野航, 吉岡克成, 松本勉, 齋藤 孝道, 笠間 貴弘, 井上 大介
情報処理学会論文誌 2019 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
感染持続型IoTマルウェアの実態調査と実機による概念実証
原悟史, 田宮和樹, 鉄穎, 渡辺露文, 吉岡克成, 松本勉
IEICE transactions 2019 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
MITB攻撃においてコンテンツ改ざんを行う不正JavaScriptの解析手法
高田一樹, 松本英樹, 邦本理夫, 吉岡克成, 松本勉
情報処理学会論文誌 2019 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
Pay the Piper: DDoS mitigation technique to deter financially-motivated attackers
SASAKI Takayuki, GAÑÁN Carlos HERNANDEZ, YOSHIOKA Katsunari, EETEN Michel VAN, MATSUMOTO Tsutomu
IEICE Transactions on Communications E103.B ( 4 ) 389 - 404 2019
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:一般社団法人 電子情報通信学会 Joint Work
<p>Distributed Denial of Service attacks against the application layer (L7 DDoS) are among the most difficult attacks to defend against because they mimic normal user behavior. Some mitigation techniques against L7 DDoS, e.g., IP blacklisting and load balancing using a content delivery network, have been proposed; unfortunately, these are symptomatic treatments rather than fundamental solutions. In this paper, we propose a novel technique to disincentivize attackers from launching a DDoS attack by increasing attack costs. Assuming financially motivated attackers seeking to gain profit via DDoS attacks, their primary goal is to maximize revenue. On the basis of this assumption, we also propose a mitigation solution that requires mining cryptocurrencies to access servers. To perform a DDoS attack, attackers must mine cryptocurrency as a proof-of-work (PoW), and the victims then obtain a solution to the PoW. Thus, relative to attackers, the attack cost increases, and, in terms of victims, the economic damage is compensated by the value of the mined coins. On the basis of this model, we evaluate attacker strategies in a game theory manner and demonstrate that the proposed solution provides only negative economic benefits to attackers. Moreover, we implement a prototype to evaluate performance, and we show that this prototype demonstrates practical performance.</p>
Other Link: https://ci.nii.ac.jp/naid/130007743902
-
Wu Chun-Jung, Huang Shin-Ying, Yoshioka Katsunari, Matsumoto Tsutomu
IEICE Transactions on Communications E103.B ( 1 ) 32 - 42 2019
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:一般社団法人 電子情報通信学会 Joint Work
<p>A drastic increase in cyberattacks targeting Internet of Things (IoT) devices using telnet protocols has been observed. IoT malware continues to evolve, and the diversity of OS and environments increases the difficulty of executing malware samples in an observation setting. To address this problem, we sought to develop an alternative means of investigation by using the telnet logs of IoT honeypots and analyzing malware without executing it. In this paper, we present a malware classification method based on malware binaries, command sequences, and meta-features. We employ both unsupervised or supervised learning algorithms and text-mining algorithms for handling unstructured data. Clustering analysis is applied for finding malware family members and revealing their inherent features for better explanation. First, the malware binaries are grouped using similarity analysis. Then, we extract key patterns of interaction behavior using an N-gram model. We also train a multiclass classifier to identify IoT malware categories based on common infection behavior. For misclassified subclasses, second-stage sub-training is performed using a file meta-feature. Our results demonstrate 96.70% accuracy, with high precision and recall. The clustering results reveal variant attack vectors and one denial of service (DoS) attack that used pure Linux commands.</p>
Other Link: https://ci.nii.ac.jp/naid/130007687659
-
A Cross-Platform Study on Emerging Malicious Programs Targeting IoT Devices
BAN Tao, ISAWA Ryoichi, HUANG Shin-Ying, YOSHIOKA Katsunari, INOUE Daisuke
IEICE Transactions on Information and Systems 102 ( 9 ) 1683 - 1685 2019
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:一般社団法人 電子情報通信学会 Joint Work
<p>Along with the proliferation of IoT (Internet of Things) devices, cyberattacks towards them are on the rise. In this paper, aiming at efficient precaution and mitigation of emerging IoT cyberthreats, we present a multimodal study on applying machine learning methods to characterize malicious programs which target multiple IoT platforms. Experiments show that opcode sequences obtained from static analysis and API sequences obtained by dynamic analysis provide sufficient discriminant information such that IoT malware can be classified with near optimal accuracy. Automated and accelerated identification and mitigation of new IoT cyberthreats can be enabled based on the findings reported in this study.</p>
Other Link: https://ci.nii.ac.jp/naid/130007699781
-
静的解析と挙動観測を組合せた金融系マルウェア長期観測手法の提案
高田一樹, 岩本一樹, 遠藤基, 奥村吉生, 岡田晃市郎, 西田雅太, 吉岡克成, 松本勉
情報処理学会論文誌 59 ( 12 ) 2087 - 2104 2018.12 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
統合型マルウェア検査サービスVirus Totalを用いた悪性ドメイン検知手法
田辺瑠偉、森 博志、原田耕也、吉岡克成、松本 勉
情報処理学会論文誌 59 ( 9 ) 1610 - 1623 2018.9 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
Evasive Malware via Identifier Implanting
Rui Tanabe, Wataru Ueno, Kou Ishii, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama, Daisuke … Show more authors
Rui Tanabe, Wataru Ueno, Kou Ishii, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama, Daisuke Inoue, Christian Rossow Hide authors
Proc. The Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2018), LNCS 10885 162 - 184 2018.6 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
IoTマルウェアによるDDoS攻撃の動的解析による観測と分析
鉄 穎、楊 笛、保泉拓哉、中山 颯、吉岡克成、松本 勉
情報処理学会論文誌 59 ( 5 ) 1321 - 1333 2018.5 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
Toward Collaborative Defense Across Organizations
Sasaki Takayuki, Yoshioka Katsunari, Matsumoto Tsutomu
Journal of Information Processing 26 ( 0 ) 790 - 803 2018
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:一般社団法人 情報処理学会 Joint Work
<p>New attack methods, such as new malware and exploits are released every day. Attack information is essential to improve defense mechanisms. However, we can identify barriers against attack information sharing. One barrier is that most targeted organizations do not want to disclose the attack and incident information because they fear negative public relations caused by disclosing incident information. Another barrier is that attack and incident information include confidential information. To address this problem, we propose a confidentiality-preserving collaborative defense architecture that analyzes incident information without disclosing confidential information of the attacked organizations. To avoid disclosure of confidential information, the key features of the proposed architecture are (1) exchange of trained classifiers, e.g., neural networks, that represent abstract information rather than raw attack/incident information and (2) classifier aggregation via ensemble learning to build an accurate classifier using the information of the collaborative organizations. We implement and evaluate an initial prototype of the proposed architecture. The results indicate that the malware classification accuracy improved from 90.4% to 92.2% by aggregating five organization classifiers. We conclude that the proposed architecture is feasible and demonstrates practical performance. We expect that the proposed architecture will facilitate an effective and collaborative response to current attack-defense situations.</p>
-
IoTProtect: Highly Deployable Whitelist-based Protection for Low-cost Internet-of-Things Devices
Wu Chun-Jung, Tie Ying, Hara Satoshi, Tamiya Kazuki, Fujita Akira, Yoshioka Katsunari, Matsumoto Ts … Show more authors
Wu Chun-Jung, Tie Ying, Hara Satoshi, Tamiya Kazuki, Fujita Akira, Yoshioka Katsunari, Matsumoto Tsutomu Hide authors
Journal of Information Processing 26 ( 0 ) 662 - 672 2018
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:一般社団法人 情報処理学会 Joint Work
<p>In recent years, many Internet-of-Things (IoT) devices, such as home routers and Internet Protocol (IP) cameras, have been compromised through infection by malware as a consequence of weak authentication and other vulnerabilities. Malware infection can lead to functional disorders and/or misuse of these devices in cyberattacks of various kinds. However, unlike personal computers (PCs), low-cost IoT devices lack rich computational resources, with the result that conventional protection mechanisms, such as signature-based anti-virus software, cannot be used. In this study, we present IoTProtect, a light-weight, whitelist-based protection mechanism that can be deployed easily on existing commercial products with very little modification of their firmware. IoTProtect uses a whitelist to check processes running on IoT devices and terminate unknown processes periodically. Our experiments using four low-cost IoT devices and 4, 981 in-the-wild malware binaries show that IoTProtect successfully terminated 99.92% of the processes created by the binaries within 44 seconds after their infection with central processing unit (CPU) overhead of 24% and disk space overhead of 288KB.</p>
-
Evaluating Disassembly-Code Based Similarity between IoT Malware Samples
Ryoichi Isawa, Tao Ban, Ying Tie, Katsunari Yoshioka, Daisuke Inoue
Proc. AsiaJCIS 2018 2018 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
Towards Finding Code Snippets on a Question and Answer Website Causing Mobile App Vulnerabilities
Hiroki Nakano, Fumihiro Kanei, Yuta Takata, Mitsuaki Akiyama and Katsunari Yoshioka
IEICE Trans. E101-D ( 11 ) 2018 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
IoT機器へのTelnetを用いたサイバー攻撃の分析
中山 颯, 鉄 穎, 楊 笛, 田宮 和樹, 吉岡 克成, 松本 勉
情報処理学会論文誌 58 ( 9 ) 2017.9 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Joint Work
-
An efficient method for detecting obfuscated suspicious JavaScript based on text pattern analysis
Jiawei Su, Katsunari Yoshioka, Junji Shikata, Tsutomu Matsumoto
Proc. 2016 ACM International Workshop on Traffic Measurements for Cybersecurity, WTMC2016 2016
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
Wamber: Defending Web Sites on Hosting Services with Self-Learning Honeypots
Satomi Saito, Satoru Torii, Katsunari Yoshioka and Tsutomu Matsumoto
The 11th Asia Joint Conference on Information Security (AsiaJCIS2016), 60 - 66 2016
Language:English Publishing type:Research paper (international conference proceedings) Publisher:IEEE Joint Work
-
Evaluating Malware Mitigation by Android Market Operators
Yosuke Kikuchi, Hiroshi Mori, Hiroki Nakano, Katsunari Yoshioka, Tsutomu Matsumoto, Michel van Eeten
9th USENIX Workshop on Cyber Security Experimentation and Test (USENIX CSET 2016) 2016 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Single Work
-
"Who Gets the Boot? Analyzing Victimization by DDoS-as-a-Service," Proc. Research in Attacks, Intrusions, and Defenses (RAID16)
Arman Noroozian, Maciej Korczynski, Carlos Hernandez Ganan, Daisuke Makita, Katsunari Yoshioka, Mic … Show more authors
Arman Noroozian, Maciej Korczynski, Carlos Hernandez Ganan, Daisuke Makita, Katsunari Yoshioka, Michel van Eeten Hide authors
Lecture Notes in Computer Science, 2016 2016
Language:English Publishing type:Research paper (scientific journal) Publisher:Springer Joint Work
-
"SANDPRINT: Fingerprinting Malware Sandboxes to Provide Intelligence for Sandbox Evasion," Proc. Research in Attacks, Intrusions, and Defenses (RAID16)
Akira Yokoyama, Kou Ishii, Rui Tanabe, Yin Minn Papa, Katsunari Yoshioka, Tsutomu Matsumoto, Takahi … Show more authors
Akira Yokoyama, Kou Ishii, Rui Tanabe, Yin Minn Papa, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama, Daisuke Inoue, Michael Brengel, Michael Backes, Christian Rossow Hide authors
Lecture Notes in Computer Science 2016
Language:English Publishing type:Research paper (scientific journal) Publisher:Springer Joint Work
-
Correlation Analysis between DNS Honeypot and Darknet toward Proactive Countermeasures against DNS Amplification Attacks
MAKITA Daisuke,YOSHIOKA Katsunari,MATSUMOTO Tsutomu,NAKAZATO Junji,SHIMAMURA Junpei,INOUE Daisuke
Transactions of Information Processing Society of Japan 57 ( 2 ) 597 - 610 2016 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:Information Processing Society of Japan Single Work
-
Malware Expansion Interception Method Focused on Remote Takeover against Malware-infected Hosts
TANABE Rui,SUZUKI Shogo, Yin Minn Pa Pa,YOSHIOKA Katsunari,MATSUMOTO Tsutomu
Transactions of Information Processing Society of Japan 57 ( 9 ) 2021 - 2033 2016 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:Information Processing Society of Japan Joint Work
-
IoTPOT: A Novel Honeypot for Revealing Current IoT Threats
Yin Minn Pa Pa, Suzuki Shogo, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama, Christian Ros … Show more authors
Yin Minn Pa Pa, Suzuki Shogo, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama, Christian Rossow Hide authors
Journal of Information Processing 24 ( 3 ) 522 - 533 2016 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Publisher:Information Processing Society of Japan Joint Work
Other Link: https://www.jstage.jst.go.jp/article/ipsjjip/24/3/24_522/_article
-
Detection Method for Malicious Packets with Characteristic Network Protocol Header
Transactions of Information Processing Society of Japan 57 ( 9 ) 1986 - 2002 2016 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:Information Processing Society of Japan Joint Work
-
DRDoS Attack Alert System for Early Incident Response
MAKITA Daisuke,NISHIZOE Tomomi,YOSHIOKA Katsunari,MATSUMOTO Tsutomu,INOUE Daisuke,NAKAO Koji
Transactions of Information Processing Society of Japan 57 ( 9 ) 1974 - 1985 2016 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:Information Processing Society of Japan Single Work
-
Analysis of Targeted Attack Mail Sent to an Enterprise Group from Social Engineering Point of View
WATANABE Masafumi,SHIMA Shigeyoshi,IMAHASHI Yasunori,YOSHIOKA Katsunari,TAKAGI Daisuke
Transactions of Information Processing Society of Japan 57 ( 12 ) 2731 - 2742 2016 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:Information Processing Society of Japan Single Work
-
Detecting Obfuscated Suspicious JavaScript Based on Information-Theoretic Measures and Novelty Detection
J. Su, K. Yoshioka, J. Shikata and T. Matsumoto
Proc. of the The 18th Annual International Conference on Information Security and Cryptology (ICISC 2015) 2015.11
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
Correlation Analysis between DNS Honeypot and Darknet toward Proactive Countermeasures against DNS Amplification Attacks
MAKITA Daisuke,YOSHIOKA Katsunari,MATSUMOTO Tsutomu,NAKAZATO Junji,SHIMAMURA Junpei,INOUE Daisuke
Transactions of Information Processing Society of Japan 56 ( 3 ) 921 - 931 2015 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:Information Processing Society of Japan Joint Work
-
IoTPOT: Analysing the Rise of IoT Compromises
Yin Minn Pa Pa, Shogo Suzuki, Katsunari Yoshioka, and Tsutomu Matsumoto, Takahiro Kasama, Christian … Show more authors
Yin Minn Pa Pa, Shogo Suzuki, Katsunari Yoshioka, and Tsutomu Matsumoto, Takahiro Kasama, Christian Rossow Hide authors
Proceedings of USENIX WOOT 2015 2015 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
Detecting Malicious Domains and Authoritative Name Servers Based on Their Distinct Mappings to IP Addresses
Yinmin Papa, Katsunari Yoshioka, Tsutomu Matsumoto
IPSJ Journal 2015 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
Evaluating Resistance of Android Applications to Automated Repackaging
MAKITA Daisuke,YOSHIOKA Katsunari,MATSUMOTO Tsutomu,NAKAZATO Junji,SHIMAMURA Junpei,INOUE Daisuke
Transactions of Information Processing Society of Japan 56 ( 12 ) 2275 - 2288 2015 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:Information Processing Society of Japan Joint Work
-
AmpPot: Monitoring and Defending Amplification DDoS Attacks," Proc. Research in Attacks, Intrusions, and Defenses (RAID15)
Lukas Kramer, Johannes Krupp, Daisuke Makita, Tomomi Nishizoe, Takashi Koide, Katsunari Yoshioka, C … Show more authors
Lukas Kramer, Johannes Krupp, Daisuke Makita, Tomomi Nishizoe, Takashi Koide, Katsunari Yoshioka, Christian Rossow Hide authors
Lecture Notes in Computer Science 9404 615 - 636 2015
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
Improvement of Android Malware Detection Using Method Invocation Graph
SHODA Yuki,KANAI Fumihiro,HASHIDA Keisuke,YOSHIOKA Katsunari,MATSUMOTO Tsutomu
Transactions of Information Processing Society of Japan 56 ( 12 ) 2289 - 2301 2015 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:Information Processing Society of Japan Single Work
-
Structural Classification and Similarity Measurement of Malware
Hongbo Shia, Tomoki Hamagami, Katsunari Yoshioka, Haoyuan Xu, Kazuhiro Tobe, Shigeki Goto
IEEJ Trans 9 ( 6 ) 621 - 632 2014 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Publisher:WILEY-BLACKWELL Joint Work
-
Catching the Behavioral Differences between Multiple Executions for Malware Detection
Kasama Takahiro, Yoshioka Katsunari, Inoue Daisuke, Matsumoto Tsutomu
IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES E96A ( 1 ) 225 - 232 2013.1 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
PRACTICE-Proactive Response Against Cyber Attacks Through International Collaborative Exchange
YOSHIOKA Katsunari
Information and communication system security 112 ( 449 ) 55 2013
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:Institute of Electronics, Information and Communication Engineers (Japan) Single Work
-
Search Engine Based Investigation on Misconfiguration of Zone Transfer
Yin Minn Pa Pa, K. Yoshioka, T. Matsumoto
AsiaJCIS2013 56 - 62 2013
Language:English Publishing type:Research paper (international conference proceedings) Publisher:IEEE Joint Work
-
A Method of Preventing Unauthorized Data Transmission in Controller Area Network
T. Matsumoto, M. Hata, M. Tanabe, K. Yoshioka, K. Oishi
The 2012 IEEE 75th Vehicular Technology Conference 2012 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
Malware Detection Method by Catching Their Random Behavior in Multiple Executions
T. Kasama, K. Yoshioka, D. Inoue, and T. Matsumoto
2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet 262 - 266 2012
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
An Efficient Dynamic Detection Method for Various x86 Shellcodes
T. Fujii, K. Yoshioka, J.Shikata, and T. Matsumoto
2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet 284 - 289 2012
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
Your Sandbox is Blinded: Impact of Decoy Injection to Public Malware Analysis Systems
K. Yoshioka, Y. Hosobuchi, T. Orii, and T. Matsumoto
Journal of Information Processing 52 ( 3 ) 1144 - 1159 2011.3 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
On the Power of Decoy Injection which Threatens Public Malware Sandbox Analysis Systems
KASAMA Takahiro,ORII Tatsunori,YOSHIOKA Katsunari,MATSUMOTO Tsutomu
Transactions of Information Processing Society of Japan 52 ( 9 ) 2761 - 2774 2011 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:Information Processing Society of Japan Joint Work
-
An Empirical Evaluation of an Unpacking Method Implemented with Dynamic Binary Instrumentation
H. C. Kim, T. Orii, K. Yoshioka, D. Inoue, J. Song, M. Eto, J. Shikata, T. Matsumoto, and K. Nakao
IEICE Trans E94D ( 9 ) 1778 - 1791 2011 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG Joint Work
-
Network Scan Method and Its Automated Signature Generation for Detecting Malware Infected Hosts
Katsunari Yoshioka, Kosuke Murakami, Tsutomu Matsumoto
Transactions of Information Processing Society of Japan 51 ( 9 ) 1633 - 1644 2010.9 [Reviewed]
Language:Japanese Publishing type:Research paper (scientific journal) Publisher:Information Processing Society of Japan Joint Work
-
Fine-Grain Feature Extraction from Malware's Scan Behavior Based on Spectrum Analysis
Masashi ETO, Kotaro SONODA, Daisuke INOUE, and Koji NAKAO
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E93D ( 5 ) 1106 - 1116 2010.5 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG Joint Work
-
Multi-Pass Malware Sandbox Analysis with Controlled Internet Connection
Katsunori Yoshioka,Tsutomu Matsumoto
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E93A ( 1 ) 210 - 218 2010.1 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG Joint Work
-
Malware Sandbox Analysis with Automatic Collection of Server Responses using Dummy Client
T. Kasama, K. Yoshioka, T. Matsumoto, M. Yamagata
Proc. 5th Joint Workshop Workshop on Information Security 2010 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
Vulnerability in Public Malware Sandbox Analysis Systems
K. Yoshioka, Y. Hosobuchi, T. Orii, and T. Matsumoto
IEEE 10th Annual International Symposium on Applications and the Internet 2010 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
Practical Correlation Analysis between Scan and Malware Profiles against Zero-Day Attacks based on Darknet Monitoring
NAKAO Koji,INOUE Daisuke,ETO Masashi,YOSHIOKA Katsunari
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS E92D ( 5 ) 787 - 798 2009 [Invited]
Language:English Publishing type:Research paper (other science council materials etc.) Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG Joint Work
-
Malware sandbox analysis for secure observation of vulnerability exploitation
YOSHIOKA Katsunari,INOUE Daisuke,ETO Masashi,HOSHIZAWA Yuji,NOGAWA Hiroki,NAKAO Koji
IEICE Trans. E92D ( 5 ) 955 - 966 2009 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG Joint Work
-
Automated Malware Analysis System and its Sandbox for Revealing Malware's Internal and External Activities
Daisuke INOUE Katsunari YOSHIOKA Masashi ETO Yuji HOSHIZAWA Koji NAKAO
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS E92D ( 5 ) 945 - 954 2009 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG Joint Work
-
A Proposal of Malware Distinction Method based on Scan Patterns using Spectrum Analysis
M. Eto, K. Sonoda, D. Inoue, K. Yoshioka, and K. Nakao
NEURAL INFORMATION PROCESSING, PT 2, PROCEEDINGS 5864 565 2009 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Publisher:SPRINGER Joint Work
-
DAEDALUS: Novel Application of Large-scale Darknet Monitoring for Practical Protection of Live Networks
D. Inoue, M. Suzuki, M. Eto, K. Yoshioka, and K. Nakao
12th International Symposium on Recent Advances in Intrusion Detection 5768 381 - 382 2009
Language:English Publishing type:Research paper (international conference proceedings) Publisher:SPRINGER Joint Work
-
Sandbox Analysis with Controlled Internet Connection for Observing Temporal Changes of Malware Behavior
K. Yoshioka, T. Kasama, and T. Matsumoto
Proc. 4th Joint Workshop on Information Security 2009 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
An Incident Analysis System nicter and Its Analysis Engines Based on Data Mining Techniques
D. Inoue, K. Yoshioka, M. Eto, M. Yamagata, E. Nishino, J. Takeuchi, K. Ohkouchi, and K. Nakao
15th International Conference on Neural Information Processing of the Asia-Pacific Neural Network Assembly 5506 579 - 586 2009 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Publisher:SPRINGER Joint Work
-
Information hiding on lossless data compression
Journal of Digital Information Management 6 ( 2 ) 2008 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
nicter: An Incident Analysis System Toward Binding Network Monitoring with Malware Analysis
D. Inoue, M. Eto, K. Yoshioka, S. Baba, K. Suzuki, J. Nakazato, K. Ohtaka, K. Nakao
Proc. WOMBAT Workshop on Information Security Threats Data Collection and Sharing, 2008 58 - 66 2008 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Publisher:IEEE COMPUTER SOC Joint Work
-
Malware Sandbox Analysis for Extracting Exploit Codes
K. Yoshioka, D. Inoue, M. Eto, Y. Hoshizawa, H. Nogawa, K. Nakao
Proc. 3rd Joint Workshop on Information Security 2008 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
Fingerprinting Traffic Log
K. Yoshioka, T. Matsumoto
Proc. 2008 IEEE International Conference on Intelligent Information Hiding and Multimedia Signal Processing 143 - 146 2008 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Publisher:IEEE COMPUTER SOC Joint Work
-
Malware Behavior Analysis in Isolated Miniature Network for Revealing Malware's Network Activity
D. Inoue, K. Yoshioka, M. Eto, Y. Hoshizawa, K. Nakao
Proc. 2008 IEEE International Conference on Communications 1715 2008 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Publisher:IEEE Joint Work
-
Information Hiding for Public Address Audio Signal using FH/FSK Spread-spectrum Scheme
K. Sonoda, K. Yoshioka, O. Takizawa
2006 IEEE International Conference on Intelligent Information Hiding and Multimedia Signal Processing 2 279 - 282 2007 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Publisher:IEEE COMPUTER SOC Joint Work
-
A Novel Concept of Network Incident Analysis based on Multi-layer Observations of Malware Activities
K. Nakao, K. Yoshioka, D. Inoue, M. Eto
Proceedings of The 2nd Joint Workshop on Information Security 2007 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
Hiding Information into Emergency Public Address Sound
K. Yoshioka, K. Sonoda, O. Takizawa, K. Nakao
The 9th Western Pacific Acoustics Conference (WESPAC IX 2006) 2006 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
Information Hiding on Lossless Data Compression
K. Yoshioka, K. Sonoda, O. Takizawa, T. Matsumoto
2006 IEEE International Conference on Intelligent Information Hiding and Multimedia Signal Processing 2006 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
nicter: An Incident Analysis System using Correlation between Network Monitoring and Malware Analysis
K. Nakao, K. Yoshioka, D. Inoue, M. Eto, K. Rikitake
Proceedings of The 1st Joint Workshop on Information Security 106 ( 290 ) 25 - 30 2006 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work
-
Digital Audio Watermarking Based on Quantization Index Modulation of Wavelet Domain
K. Sonoda,K. Yoshioka,O. Takizawa,K. Nakao
The 9th Western Pacific Acoustics Conference (WESPAC IX 2006) 2006 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
On collusion security of random codes
YOSHIOKA Katsunari,SHIKATA Junji,MATSUMOTO Tsutomu
IEICE Transactions E88A ( 1 ) 296 - 304 2005 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG Joint Work
-
Collusion secure codes: systematic security definitions and their relations
YOSHIOKA Katsunari,SHIKATA Junji,MATSUMOTO Tsutomu
IEICE Transactions E87A ( 5 ) 1162 - 1171 2004 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG Joint Work
-
Implementing XML Information Hiding by XSLT
K. Akai, M. Murano, I. Murase, K. Makino, O. Takizawa, T. Matsumoto, M. Suzuki, K. Yoshioka and H. … Show more authors
K. Akai, M. Murano, I. Murase, K. Makino, O. Takizawa, T. Matsumoto, M. Suzuki, K. Yoshioka and H. Nakagawa Hide authors
Proceedings of STEG'04:Pacific Rim Workshop on Digital Steganography 96 - 100 2004
Language:English Publishing type:Research paper (international conference proceedings) Joint Work
-
Systematic treatment of collusion secure codes: security definitions and their relations
K. Yoshioka, J. Shikata, T. Matsumoto
LNCS, Springer-Verlag 2851 408 - 421 2003 [Reviewed]
Language:English Publishing type:Research paper (international conference proceedings) Publisher:SPRINGER Joint Work
-
Random-error-resilience of a short collusion-secure code
YOSHIOKA Katsunari,MATSUMOTO Tsutomu
IEICE Transactions E86A ( 5 ) 1147 - 1155 2003 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG Joint Work
-
Random-error-resilient tracing algorithm for a collusion-secure fingerprinting code
IPSJ Journal 43 ( 8 ) 2502 - 2510 2002 [Reviewed]
Language:English Publishing type:Research paper (scientific journal) Joint Work