Updated on 2024/12/21

写真a

 
YAMAUCHI Toshihiro
 
Organization
Faculty of Environmental, Life, Natural Science and Technology Professor
Position
Professor
External link

Degree

  • Doctor of Engineering ( 2002.9   Kyushu University )

  • Master of Engineering ( 2000.3   Kyushu University )

  • Bachelor of Engineering ( 1998.3   Kyushu University )

Research Interests

  • System security

  • System software

  • Operating system

  • Computer security

Research Areas

  • Informatics / Computer system

  • Informatics / Information security

  • Informatics / Software

  • Informatics / High performance computing

Education

  • Kyushu University   大学院システム情報科学府   情報工学専攻

    2000.4 - 2002.9

      More details

    Country: Japan

    researchmap

  • Kyushu University   大学院システム情報科学研究科   情報工学専攻

    1998.4 - 2000.3

      More details

    Country: Japan

    researchmap

  • Kyushu University   工学部   情報工学科

    1994.4 - 1998.3

      More details

    Country: Japan

    researchmap

Research History

  • Faculty of Environmental, Life, Natural Science and Technology   計算機科学講座(大学院環境生命自然科学研究科 計算機科学コース,工学部 情報・電気・数理データサイエンス系 情報工学コース,情報工学先進コース,情報系学科)   Professor

    2023.4

      More details

  • Okayama University   学術研究院 自然科学学域(大学院自然科学研究科 計算機科学講座,工学部工学科 情報・電気・数理データサイエンス系 情報工学コース,工学部情報系学科)   Professor

    2021.4 - 2023.3

      More details

    Country:Japan

    researchmap

  • Japan Science and Technology Agency

    2019.10 - 2022.3

      More details

    Country:Japan

    researchmap

  • Advanced Telecommunications Research Institute International   適応コミュニケーション研究所

    2018.11 - 2025.3

      More details

    Country:Japan

    researchmap

  • Okayama University   Graduate School of Natural Science and Technology   Associate Professor

    2005.4 - 2021.3

      More details

  • Kyushu University   Faculty of Information Science and Electrical Engineering, Department of Computer Science and Communication Engineering   Research Associate

    2002.10 - 2005.3

      More details

  • Japan Society for Promotion of Science   Research Fellow

    2001.4 - 2002.9

      More details

▼display all

Professional Memberships

▼display all

Committee Memberships

  • 電子情報通信学会 情報通信システムセキュリティ(ICSS)研究会   副委員長  

    2023.6   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS)組織委員会   副組織委員長  

    2022.6   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Forefront Computing   Guest Editor-in-Chief  

    2021.9 - 2022.12   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会 コンピュータセキュリティ(CSEC)研究会   顧問  

    2021.4   

      More details

    Committee type:Academic society

    researchmap

  • システムソフトウェアとオペレーティング・システム(OS)研究会   運営委員  

    2021.4   

      More details

    Committee type:Academic society

    researchmap

  • 内閣サイバーセキュリティ戦略本部 研究開発戦略専門調査会 研究・産学官連携戦略ワーキンググループ   委員  

    2020.7 - 2021.3   

      More details

    Committee type:Government

    researchmap

  • 岡山県警察   サイバー犯罪対策テクニカルアドバイザー  

    2019.9   

      More details

  • 情報処理学会 コンピュータセキュリティ(CSEC)研究会   主査  

    2019.4 - 2021.3   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Forefront Computing   Associate Editor  

    2024.11 - 2026.1   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Information and Communication System Security   Associate Editor  

    2024.10 - 2025.6   

      More details

    Committee type:Academic society

    researchmap

  • コンピュータ・システムシンポジウム(ComSys2024)   プログラム委員  

    2024.10 - 2024.12   

      More details

    Committee type:Academic society

    researchmap

  • The 7th International Conference on Attacks and Defenses for Internet-of-Things (ADIoT 2024)   Program Committee  

    2024.8 - 2024.12   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「AI社会を安全にするコンピュータセキュリティ技術」特集号   編集委員  

    2024.7 - 2025.9   

      More details

    Committee type:Academic society

    researchmap

  • The 8th International Conference on Mobile Internet Security (MobiSec 2024)   Program Committee  

    2024.6 - 2024.12   

      More details

    Committee type:Academic society

    researchmap

  • The 7th IEEE Conference on Dependable and Secure Computing (DSC 2024)   Program Committee  

    2024.6 - 2024.11   

      More details

    Committee type:Academic society

    researchmap

  • 27th International Conference on Information Security and Cryptology (ICISC 2024)   Program Committee  

    2024.6 - 2024.11   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS) 2024   実行委員  

    2024.6 - 2024.10   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会コンピュータセキュリティシンポジウム(CSS)2024   実行委員  

    2024.6 - 2024.10   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会コンピュータセキュリティシンポジウム(CSS)2024   プログラム委員  

    2024.6 - 2024.10   

      More details

    Committee type:Academic society

    researchmap

  • 5th International Conference on Science of Cyber Security (SciSec 2024)   Program Committee  

    2024.3 - 2024.8   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Forefront Computing   Associate Editor  

    2023.11 - 2025.1   

      More details

    Committee type:Academic society

    researchmap

  • 26th International Conference on Information and Communications Security (ICICS 2024)   Program Committee  

    2023.10 - 2024.8   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「サプライチェーンを安全にするコンピュータセキュリティ技術」特集号   編集委員  

    2023.7 - 2024.9   

      More details

    Committee type:Academic society

    researchmap

  • The 7th International Symposium on Mobile Internet Security (MobiSec'23)   Program Committee  

    2023.7 - 2023.12   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS) 2023   副実行委員長  

    2023.6 - 2023.10   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌コンピューティングシステム編集委員会   編集委員  

    2023.3 - 2025.3   

      More details

    Committee type:Academic society

    researchmap

  • 18th International Conference on Information Security Practice and Experience (ISPEC2023)   Program Committee  

    2023.3 - 2023.8   

      More details

    Committee type:Academic society

    researchmap

  • 25th International Conference on Information and Communications Security (ICICS 2023)   Program Committee  

    2023.1 - 2023.11   

      More details

    Committee type:Academic society

    researchmap

  • 17th International Conference on Network and System Security (NSS2023)   Program Committee  

    2023.1 - 2023.8   

      More details

    Committee type:Academic society

    researchmap

  • 5th International Conference on Science of Cyber Security (SciSec 2023)   Program Committee  

    2022.12 - 2023.7   

      More details

    Committee type:Academic society

    researchmap

  • The 6th IEEE Conference on Dependable and Secure Computing (DSC 2023)   Program Committee  

    2022.11 - 2023.11   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「サイバー空間を安全にするコンピュータセキュリティ技術」特集号   編集委員  

    2022.7 - 2023.9   

      More details

    Committee type:Academic society

    researchmap

  • The 6th International Symposium on Mobile Internet Security (MobiSec'22)   Program Committee  

    2022.7 - 2022.12   

      More details

    Committee type:Academic society

    researchmap

  • 17th International Conference on Information Security Practice and Experience (ISPEC2022)   Program Committee  

    2022.7 - 2022.11   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS)2022   副実行委員長  

    2022.6 - 2022.10   

      More details

    Committee type:Academic society

    researchmap

  • The 25th Information Security Conference (ISC 2022)   Program Committee  

    2022.5 - 2022.12   

      More details

    Committee type:Academic society

    researchmap

  • The 16th International Conference on Network and System Security (NSS2022)   Program Committee  

    2022.5 - 2022.12   

      More details

    Committee type:Academic society

    researchmap

  • 25th International Conference on Information Security and Cryptology (ICISC 2022)   Program Committee  

    2022.5 - 2022.9   

      More details

    Committee type:Academic society

    researchmap

  • 日本ネットワークセキュリティ協会(JNSA) サイバーセキュリティ産学連携推進協議会   運営委員  

    2022.4   

      More details

    Committee type:Other

    researchmap

  • The 4th International Conference on Science of Cyber Security (SciSec 2022)   Program Committee  

    2022.4 - 2022.8   

      More details

    Committee type:Academic society

    researchmap

  • The 23rd World Conference on Information Security Applications (WISA 2022)   Program Committee  

    2022.3 - 2022.8   

      More details

    Committee type:Academic society

    researchmap

  • 「『IoT社会に対応したサイバー・フィジカル・セキュリティ』に係るOSSの技術検証のあり方等に関する調査」検討委員会   委員  

    2022.2 - 2022.7   

      More details

  • IEICE Transactions on Information and Systems, Special Section on Next-generation Security Applications and Practice   Guest Associate Editor  

    2021.12 - 2022.11   

      More details

    Committee type:Academic society

    researchmap

  • 2022 IEEE Conference on Dependable and Secure Computing (IEEE DSC)   Program Committee  

    2021.12 - 2022.6   

      More details

    Committee type:Academic society

    researchmap

  • 24th International Conference on Information and Communications Security (ICICS 2022)   Program Committee  

    2021.10 - 2022.10   

      More details

    Committee type:Academic society

    researchmap

  • The 24th International Conference on Network-Based Information Systems (NBiS-2021)   Program Committee  

    2021.8 - 2021.9   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「量子時代をみすえたコンピュータセキュリティ技術」特集号   編集委員  

    2021.7 - 2022.9   

      More details

    Committee type:Academic society

    researchmap

  • 16th International Conference on Information Security Practice and Experience (ISPEC2021)   Program Committee  

    2021.7 - 2021.11   

      More details

    Committee type:Academic society

    researchmap

  • The 15th International Conference on Network and System Security (NSS2021)   Program Committee  

    2021.7 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • 電子情報通信学会 情報通信システムセキュリティ(ICSS)研究会   幹事  

    2021.6 - 2023.6   

      More details

    Committee type:Academic society

    researchmap

  • The 17th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2022)   Workshop Chair  

    2021.5 - 2022.6   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS 2021)   副実行委員長  

    2021.5 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • The 5th International Symposium on Mobile Internet Security (MobiSec'21)   Program Committee  

    2021.5 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • コンピュータセキュリティシンポジウム2021 (CSS2021)   実行委員  

    2021.5 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • The 6th IEEE International Workshop on Big Data and Information Security (IWBIS) 2021   Program Committee  

    2021.4 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • 24th International Conference on Information Security and Cryptology (ICISC 2021)   Program Committee  

    2021.3 - 2021.12   

      More details

    Committee type:Academic society

    researchmap

  • 23rd International Conference on Information and Communications Security (ICICS 2021)   Program Committee  

    2021.3 - 2021.9   

      More details

    Committee type:Academic society

    researchmap

  • The 24th Information Security Conference (ISC 2021)   Program Committee  

    2021.2 - 2021.11   

      More details

    Committee type:Academic society

    researchmap

  • The 22nd World Conference on Information Security Applications (WISA 2021)   Program Committee  

    2021.2 - 2021.8   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Blockchain Systems and Applications   編集委員  

    2020.11 - 2022.2   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Parallel and Distributed Computing and Networking   編集幹事  

    2020.11 - 2021.12   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Next-generation Security Applications and Practice   編集委員  

    2020.11 - 2021.11   

      More details

    Committee type:Academic society

    researchmap

  • Australasian Information Security Conference (AISC 2021)   Program Committee  

    2020.9 - 2021.2   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「Society 5.0を実現するコンピュータセキュリティ技術」特集号   編集委員  

    2020.7 - 2021.9   

      More details

    Committee type:Academic society

    researchmap

  • コンピュータセキュリティシンポジウム2020 (CSS2020)   プログラム委員  

    2020.5 - 2020.10   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS 2020)   実行委員長  

    2020.4 - 2020.10   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Parallel and Distributed Computing and Networking   編集幹事  

    2019.11 - 2020.12   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「実世界を支える暗号・セキュリティ・プライバシ技術」特集号   編集委員  

    2019.7 - 2020.9   

      More details

    Committee type:Academic society

    researchmap

  • 電子情報通信学会 情報通信システムセキュリティ(ICSS)研究会   幹事補佐  

    2019.6 - 2021.6   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Information and Communication System Security   編集委員  

    2019.6 - 2020.7   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS 2019)   実行委員長  

    2019.5 - 2019.10   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Security, Privacy, Anonymity and Trust in Cyberspace Computing and Communications   編集委員  

    2019.1 - 2020.2   

      More details

    Committee type:Academic society

    researchmap

  • The 15th International Workshop on Security (IWSEC 2020)   General Co-Chair  

    2019 - 2020.9   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS)組織委員会   組織委員長  

    2018.12 - 2022.5   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Parallel and Distributed Computing and Networking   編集委員  

    2018.12 - 2019.12   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「デジタルトランスフォーメーションを加速するコンピュータセキュリティ技術」特集号   編集委員  

    2018.7 - 2019.9   

      More details

    Committee type:Academic society

    researchmap

  • The 14th International Workshop on Security (IWSEC 2019)   General Co-Chair  

    2018 - 2019.8   

      More details

    Committee type:Academic society

    researchmap

  • The 4th IEEE Cyber Science and Technology Congress (CyberSciTech 2019)   Program Co-Chair  

    2018 - 2019.8   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「超スマート社会を支えるコンピュータセキュリティ技術」特集号   編集委員  

    2017.7 - 2018.9   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会 システムソフトウェアとオペレーティング・システム(OS)研究会   幹事  

    2017.4 - 2021.3   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会 コンピュータセキュリティ(CSEC)研究会   幹事  

    2017.4 - 2019.3   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会 マルウェア対策研究人材育成ワークショップ2017 (MWS2017)   プログラム委員長  

    2017 - 2017.10   

      More details

    Committee type:Academic society

    researchmap

  • 岡山県警察サイバーセキュリティ研究会   委員  

    2017   

      More details

  • 情報処理学会論文誌 「高度化するサイバー攻撃に対応するコンピュータセキュリティ技術」特集号   編集委員長  

    2016 - 2017.9   

      More details

    Committee type:Academic society

    researchmap

  • 電子情報通信学会   情報通信システムセキュリティ小特集号(英文論文誌D) 編集委員長  

    2015 - 2016.4   

      More details

    Committee type:Academic society

    電子情報通信学会

    researchmap

  • 情報処理学会 コンピュータセキュリティシンポジウム2015 (CSS2015)   プログラム委員長  

    2015 - 2015.10   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会コンピュータセキュリティ(CSEC)研究会   幹事  

    2011.4 - 2015.3   

      More details

    Committee type:Academic society

    情報処理学会

    researchmap

  • Journal of Internet Services and Information Security (JISIS)   Editorial Board member  

    2011.1   

      More details

    Committee type:Academic society

    researchmap

  • The 7th International Workshop on Security (IWSEC 2012)   Program Co-Chair  

    2011 - 2012.9   

      More details

    Committee type:Academic society

    researchmap

  • 内閣官房 情報セキュリティセンター(NISC)委託調査「OSのセキュリティ機能等に関する調査研究」検討委員会   委員  

    2005.4 - 2006.3   

      More details

  • 内閣官房情報セキュリティ対策推進室委託調査「電子政府におけるセキュリティに配慮したOSを活用した情報システムに関する調査研究」検討委員会   委員  

    2004.11 - 2005.3   

      More details

  • 26th International Conference on Information Security and Cryptology (ICISC 2023)   Program Committee  

       

      More details

    Committee type:Academic society

    researchmap

▼display all

 

Papers

  • Detecting Unintended Redirects to Malicious Websites on Android Devices Based on URL-Switching Interval Reviewed

    Toshihiro Yamauchi, Rintaro Orito, Koji Ebisu, Masaya Sato

    IEEE Access   12   153285 - 153294   2024.10

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.1109/ACCESS.2024.3478748

    researchmap

  • Seeing is not always believing: Insights on IoT manufacturing from firmware composition analysis and vendor survey Reviewed

    Mitsuaki Akiyama, Shugo Shiraishi, Akifumi Fukumoto, Ryota Yoshimoto, Eitaro Shioji, Toshihiro Yamauchi

    Computers & Security   133   103389 - 103389   2023.10

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    Attacks on Internet of Things (IoT) devices have become increasingly sophisticated. However, there exist few comprehensive security investigations of IoT devices. We conducted a large-scale systematic investigation by assessing IoT firmware and follow-up survey with professionals involved in IoT-device manufacturing to understand the factors that prevent software security of IoT devices. Consequently, we discovered that many IoT devices continue to use old processor architecture and operating systems that are unable to efficiently use existing attack-mitigation features. Furthermore, we demonstrated that software patches are sometimes implicitly applied without changing the software version number (implicit patching); this may generate false positives in existing vulnerability assessments relying on software versions. On the basis of a follow-up survey, we determined technical and contractual constraints to IoT security emanating from the supply chain in the IoT device manufacturing industry. Based on the results, we discuss challenges associated with secure IoT manufacturing in the IoT-device supply chain.

    DOI: 10.1016/j.cose.2023.103389

    Scopus

    researchmap

  • Web access monitoring mechanism via Android WebView for threat analysis Reviewed International coauthorship

    Yuta Imamura, Rintaro Orito, Hiroyuki Uekawa, Kritsana Chaikaew, Pattara Leelaprute, Masaya Sato, Toshihiro Yamauchi

    International Journal of Information Security   20 ( 6 )   833 - 847   2021.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Springer Science and Business Media {LLC}  

    <title>Abstract</title>Many Android apps employ WebView, a component that enables the display of web content in the apps without redirecting users to web browser apps. However, WebView might also be used for cyberattacks. Moreover, to the best of our knowledge, although some countermeasures based on access control have been reported for attacks exploiting WebView, no mechanism for monitoring web access via WebView has been proposed and no analysis results focusing on web access via WebView are available. In consideration of this limitation, we propose a web access monitoring mechanism for Android WebView to analyze web access via WebView and clarify attacks exploiting WebView. In this paper, we present the design and implementation of this mechanism by modifying Chromium WebView without any modifications to the Android framework or Linux kernel. The evaluation results of the performance achieved on introducing the proposed mechanism are also presented here. Moreover, the result of threat analysis of displaying a fake virus alert while browsing websites on Android is discussed to demonstrate the effectiveness of the proposed mechanism.

    DOI: 10.1007/s10207-020-00534-3

    Web of Science

    Scopus

    researchmap

    Other Link: https://link.springer.com/article/10.1007/s10207-020-00534-3/fulltext.html

  • スマートフォン端末におけるセキュリティ上の脅威と対策:権限昇格攻撃と悪性Webサイトへの誘導に焦点を当てて Invited Reviewed

    山内 利宏

    金融研究   40 ( 4 )   25 - 54   2021.10

     More details

    Authorship:Lead author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    researchmap

  • Additional kernel observer: privilege escalation attack prevention mechanism focusing on system call privilege changes Reviewed

    Toshihiro Yamauchi, Yohei Akao, Ryota Yoshitani, Yuichi Nakamura, Masaki Hashimoto

    International Journal of Information Security   20 ( 4 )   461 - 473   2021.8

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Springer Science and Business Media {LLC}  

    © 2020, The Author(s). Cyberattacks, especially attacks that exploit operating system vulnerabilities, have been increasing in recent years. In particular, if administrator privileges are acquired by an attacker through a privilege escalation attack, the attacker can operate the entire system and cause serious damage. In this paper, we propose an additional kernel observer (AKO) that prevents privilege escalation attacks that exploit operating system vulnerabilities. We focus on the fact that a process privilege can be changed only by specific system calls. AKO monitors privilege information changes during system call processing. If AKO detects a privilege change after system call processing, whereby the invoked system call does not originally change the process privilege, AKO regards the change as a privilege escalation attack and applies countermeasures against it. AKO can therefore prevent privilege escalation attacks. Introducing the proposed method in advance can prevent this type of attack by changing any process privilege that was not originally changed in a system call, regardless of the vulnerability type. In this paper, we describe the design and implementation of AKO for Linux x86 64-bit. Moreover, we show that AKO can be expanded to prevent the falsification of various data in the kernel space. Then, we present an expansion example that prevents the invalidation of Security-Enhanced Linux. Finally, our evaluation results show that AKO is effective against privilege escalation attacks, while maintaining low overhead.

    DOI: 10.1007/s10207-020-00514-7

    Web of Science

    Scopus

    researchmap

  • Mitigating use-after-free attacks using memory-reuse-prohibited library Reviewed

    Toshihiro Yamauchi, Yuta Ikegami, Yuya Ban

    IEICE Transactions on Information and Systems   E100D ( 10 )   2295 - 2306   2017.10

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    Copyright © 2017 The Institute of Electronics, Information and Communication Engineers. Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. In particular, large-scale programs such as browsers often include many dangling pointers, and UAF vulnerabilities are frequently exploited by drive-by download attacks. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attackpreventionmethod that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. The first condition for reuse is that the total size of the freed memory area is beyond the designated size. The threshold for the conditions of reuse of the freed memory area can be randomized by HeapRevolver. Furthermore, we add a second condition for reuse in which the freed memory area is merged with an adjacent freed memory area before release. Furthermore, HeapRevolver can be applied without modifying the target programs. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small.

    DOI: 10.1587/transinf.2016INP0020

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet100d.html#YamauchiIB17

  • Startup Program Identification for Efficient and Accurate IoT Security Investigations Reviewed

    Yuta Shimamoto, Ryota Yoshimoto, Mitsuaki Akiyama, Toshihiro Yamauchi

    Journal of Information Processing   33   2025.2

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    researchmap

  • Developing the Flexible Conformance Test Execution Platform for OAuth 2.0-based Security Profiles Reviewed

    Takashi Norimatsu, Yuichi Nakamura, Toshihiro Yamauchi

    Journal of Information Processing   33   2025.1

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    researchmap

  • Evaluation of a Startup Program Identification for Efficient and Accurate IoT Security Investigations Reviewed

    Yuta Shimamoto, Jiratchaya Phinyodom, Ryota Yoshimoto, Hiroyuki Uekawa, Mitsuaki Akiyama, Toshihiro Yamauchi

    8th International Conference on Mobile Internet Security (MobiSec 2024)   2024.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    researchmap

  • Proposal of Open Source Software Security Risk Indicator based on Vulnerability Management Interview Reviewed

    Hiroki Kuzuno, Tomohiko Yano, Kazuki Omo, Jeroen van, der Ham, Toshihiro Yamauchi

    Journal of Information Processing   32   2024.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    researchmap

  • CPUアーキテクチャに依存しないIoTマルウェア分類木生成手法 Reviewed

    大迫勇太郎, 山内利宏, 吉岡克成, 藤橋卓也, 渡辺 尚, 猿渡俊介

    情報処理学会論文誌   65 ( 11 )   1604 - 1617   2024.11

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    DOI: 10.20729/00240596

    researchmap

  • RKPM: Restricted Kernel Page Mechanism to Mitigate Privilege Escalation Attacks Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    18th International Conference on Network and System Security (NSS 2024)   2024.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    researchmap

  • kdMonitor: Kernel Data Monitor for Detecting Kernel Memory Corruption Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    2024 7th IEEE Conference on Dependable and Secure Computing (IEEE DSC 2024)   2024.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    researchmap

  • 仮想計算機モニタによる複数OSに対応したシステムコール検知箇所推定手法 Reviewed

    大森 卓, 佐藤将也, 山内利宏, 谷口秀夫

    情報処理学会論文誌   65 ( 9 )   1374 - 1385   2024.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    DOI: 10.20729/00239255

    researchmap

  • Effectiveness of MAC Systems Based on LSM and Their Security Policy Configuration for Protecting IoT Devices Reviewed

    Masato Miki, Toshihiro Yamauchi, Satoru Kobayashi

    Journal of Internet Services and Information Security   14 ( 3 )   293 - 315   2024.8

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.58346/JISIS.2024.I3.018

    researchmap

  • Mitigation of privilege escalation attack using kernel data relocation mechanism Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    International Journal of Information Security   23   3351 - 3367   2024.7

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    Kernel memory corruption, which leads to a privilege escalation attack, has been reported as a security threat to operating systems. To mitigate privilege escalation attacks, several security mechanisms are proposed. Kernel address space layout randomization randomizes kernel code and data virtual address layout on the kernel memory. Privileged information protection methods monitor and restore illegal privilege modifications. Therefore, if an adversary identifies the kernel data containing privileged information, an adversary can achieve the privilege escalation in a running kernel. This paper proposes a kernel data relocation mechanism (KDRM) that dynamically relocates privileged information in the running kernel to mitigate privilege escalation attacks. The KDRM introduces the relocation-only page into the kernel. The relocation-only page allows the virtual address of the privileged information to change by dynamically relocating for the user process. One of the relocation-only pages is randomly selected to store the privileged information at the system call invocations. The evaluation results indicate the possibility of mitigating privilege escalation attacks through direct memory overwriting by user processes on Linux with KDRM. The KDRM showed an acceptable performance cost. The overhead of a system call was up to 11.52%, and the kernel performance score was 0.11%.

    DOI: 10.1007/s10207-024-00890-4

    Scopus

    researchmap

  • Automatic URL Signature Construction and Impact Assessment Reviewed

    Shota Fujii, Nobutaka Kawaguchi, Tomoya Suzuki, Toshihiro Yamauchi

    Information Engineering Express   10 ( 1 )   2024.5

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.52731/iee.v10.i1.794

    researchmap

  • Security Risk Indicator for Open Source Software to Measure Software Development Status Reviewed International coauthorship

    Hiroki Kuzuno, Tomohiko Yano, Kazuki Omo, Jeroen van der Ham, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   14402   143 - 156   2024.1

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    Recently, open source software (OSS) has become more mainstream. Therefore, the security of OSS is an important topic in information systems that use OSS. When vulnerabilities are discovered in OSS, it is difficult to fix or address for each information system developer or administrator. Existing security studies propose classifying vulnerabilities, estimating vulnerability risks, and analyzing exploitable vulnerabilities. However, it is still difficult to understand the threat of exploited vulnerabilities, and the development status of OSS used in information system operations. Determining whether vulnerabilities and the OSS development status are security risks is challenging. In this study, we propose a security risk indicator for OSS to address these problems. The proposed method calculates security risk indicators by combining vulnerability information with the development status of OSS. The proposed security risk indicator of OSS is a criterion for security measures during the operation of information systems. In the evaluation, we verified whether the proposed security risk indicator can be used to identify the threats of multiple OSS and the calculation cost of the security risk indicators.

    DOI: 10.1007/978-981-99-8024-6_12

    Scopus

    researchmap

  • Identification of Vulnerable Kernel Code Using Kernel Tracing Mechanism Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Journal of Information Processing(JIP)   31 ( 12 )   788 - 801   2023.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.2197/ipsjjip.31.788

    researchmap

  • netroub: Towards an Emulation Platform for Network Trouble Scenarios Reviewed International coauthorship

    Colin Regal-Mezin, Satoru Kobayashi, Toshihiro Yamauchi

    Proceedings of 19th International Conference on emerging Networking EXperiments and Technologies Student Workshop Student Workshop 2023 (CoNEXT 2023),19th International Conference on emerging Networking EXperiments and Technologies Student Workshop   17 - 18   2023.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1145/3630202.3630222

    researchmap

  • Evaluation of Effectiveness of MAC Systems Based on LSM for Protecting IoT Devices Reviewed

    Masato Miki, Toshihiro Yamauchi, Satoru Kobayashi

    Proceedings of 2023 11th International Symposium on Computing and Networking (CANDAR2023),11th International Symposium on Computing and Networking   161 - 167   2023.11

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1109/CANDAR60563.2023.00029

    researchmap

  • Prevention Method for Stack Buffer Overflow Attack in TA Command Calls in OP-TEE Reviewed

    Kaito Shiba, Hiroki Kuzuno, Toshihiro Yamauchi

    Proceedings of 2023 11th International Symposium on Computing and Networking Workshops (CANDARW2023),10th International Workshop on Information and Communication Security (WICS 2023)   274 - 278   2023.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1109/CANDARW60564.2023.00052

    researchmap

  • Analyzing Post-injection Attacker Activities in IoT Devices: A Comprehensive Log Analysis Approach Reviewed International coauthorship

    Hervet Victor, Satoru Kobayashi, Toshihiro Yamauchi

    Proceedings of 2023 11th International Symposium on Computing and Networking Workshops (CANDARW2023),10th International Workshop on Information and Communication Security (WICS 2023)   292 - 297   2023.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1109/CANDARW60564.2023.00055

    researchmap

  • Supporting multiple OS types on estimation of system call hook point by virtual machine monitor Reviewed

    Masaya Sato, Taku Omori, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of 2023 11th International Symposium on Computing and Networking Workshops (CANDARW2023),10th International Workshop on Information and Communication Security (WICS 2023)   267 - 278   2023.11

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1109/CANDARW60564.2023.00051

    researchmap

  • Policy-based method for applying OAuth 2.0-based security profiles Reviewed

    Takashi Norimatsu, Yuichi Nakamura, Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E106-D ( 9 )   1364 - 1379   2023.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Institute of Electronics, Information and Communications Engineers (IEICE)  

    DOI: 10.1587/transinf.2022ICP0004

    researchmap

  • Protection Mechanism of Kernel Data Using Memory Protection Key Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E106-D ( 9 )   1326 - 1338   2023.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.1587/transinf.2022ICP0013

    researchmap

  • Extracting and Analyzing Cybersecurity Named Entity and its Relationship with Noncontextual IOCs from Unstructured Text of CTI Sources Reviewed

    Shota Fujii, Nobutaka Kawaguchi, Tomohiro Shigemoto, Toshihiro Yamauchi

    Journal of Information Processing   31 ( 9 )   578 - 590   2023.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    DOI: 10.2197/ipsjjip.31.578

    researchmap

  • KDRM: Kernel Data Relocation Mechanism to Mitigate Privilege Escalation Attack Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Lecture Notes in Computer Science (LNCS), 17th International Conference on Network and System Security (NSS 2023)   13983   61 - 76   2023.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    A privilege escalation attack by memory corruption based on kernel vulnerability has been reported as a security threat to operating systems. Kernel address layout randomization (KASLR) randomizes kernel code and data placement on the kernel memory section for attack mitigation. However, a privilege escalation attack will succeed because the kernel data of privilege information is identified during a user process execution in a running kernel. In this paper, we propose a kernel data relocation mechanism (KDRM) that dynamically relocates privilege information in the running kernel to mitigate privilege escalation attacks using memory corruption. The KDRM provides multiple relocation-only pages in the kernel. The KDRM selects one of the relocation-only pages and moves the privilege information to the relocation-only pages when the system call is invoked. This allows the virtual address of the privilege information to change by dynamically relocating for a user process. The evaluation results confirmed that privilege escalation attacks by user processes on Linux could be prevented with KDRM. As a performance evaluation, we showed that the overhead of issuing a system call was up to 149.67%, and the impact on the kernel performance score was 2.50%, indicating that the impact on the running kernel can be negligible.

    DOI: 10.1007/978-3-031-39828-5_4

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nss/nss2023.html#KuzunoY23

  • Memory Analysis Based Estimation of Hook Point by Virtual Machine Monitor Reviewed

    Masaya Sato, Taku Omori, Toshihiro Yamauchi, Hideo Taniguchi

    International Journal of Networking and Computing   13 ( 2 )   273 - 286   2023.7

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:IJNC Editorial Committee  

    DOI: 10.15803/ijnc.13.2_273

    researchmap

  • Non real-time data transmission performance analysis of PROFINET for assuring data transmission quality Reviewed

    Takashi Norimatsu, Toshihiro Yamauchi

    Proceedings of 2023 5th International Conference on Computer Communication and the Internet (ICCCI)   236 - 244   2023.6

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    The industrial Ethernet PROFINET supports three different data transmission modes: isochronous real-time (IRT), real-time (RT), and non real-time (NRT) transmitting data requiring hard, soft, and no real-time performances, respectively. The data transmission latency in the NRT increased with the amount of data transmission in the IRT, RT, and NRT. Therefore, the quality of data transmission in NRT may degrade as the amount of data transmission in IRT, RT, and NRT increases. In this study, we derived the average data transmission latency in an NRT with data transmission in IRT and RT by applying stochastic processes. This allowed us to maintain the quality of data transmission in the NRT by adjusting the number of devices connected to the network and the number of applications transmitting data in the NRT so that the average latency of data in the NRT does not exceed a certain value.

    DOI: 10.1109/ICCCI59363.2023.10210171

    Scopus

    researchmap

  • Proposal and Evaluation of a Log Collection and Visualization Method for Malicious Website Access in Android Reviewed

    Shuichi Ichioka, Chiaki Kawashima, Masaya Sato, Toshihiro Yamauchi

    Transactions of Information Processing Society of Japan   64 ( 4 )   892 - 903   2023.4

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    researchmap

  • vkTracer: Vulnerable Kernel Code Tracing to Generate Profile of Kernel Vulnerability Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Lecture Notes in Computer Science (LNCS),The 23rd World Conference on Information Security Applications (WISA 2022)   13720   222 - 234   2023.1

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    Vulnerable kernel codes are a threat to an operating system kernel. An adversary’s user process can forcefully invoke a vulnerable kernel code to cause privilege escalation or denial of service (DoS). Although service providers or security operators have to determine the effect of kernel vulnerabilities on their environment to decide the kernel updating, the list of vulnerable kernel codes are not provided from the common vulnerabilities and exposures (CVE) report. It is difficult to identify the vulnerable kernel codes from the exploitation result of the kernel which indicates the account information or the kernel suspension. To identify the details of kernel vulnerabilities, this study proposes a vulnerable kernel code tracer (vkTracer), which employs an alternative viewpoint using proof-of-concept (PoC) code to create a profile of kernel vulnerability. vkTracer traces the user process of the PoC code and the running kernel to hook the invocation of the vulnerable kernel codes. Moreover, vkTracer extracts the whole kernel component’s information using the running and static kernel image and debug section. The evaluation results indicated that vkTracer could trace PoC code executions (e.g., privilege escalation and DoS), identify vulnerable kernel codes, and generate kernel vulnerability profiles. Furthermore, the implementation of vkTracer revealed that the identification overhead ranged from 5.2683 s to 5.2728 s on the PoC codes and the acceptable system call latency was 3.7197 μ s.

    DOI: 10.1007/978-3-031-25659-2_16

    Scopus

    researchmap

  • Mitigating Foreshadow Side-channel Attack Using Dedicated Kernel Memory Mechanism Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Journal of Information Processing   30   796 - 806   2022.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    DOI: 10.2197/ipsjjip.30.796

    researchmap

  • Survey and Analysis on ATT&CK Mapping Function of Online Sandbox for Understanding and Efficient Using Reviewed

    Shota Fujii, Rei Yamagishi, Toshihiro Yamauchi

    Journal of Information Processing   30   807 - 821   2022.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    DOI: 10.2197/ipsjjip.30.807

    researchmap

  • Hook Point Estimation of Monitoring Address for System Call Detection by Virtual Machine Monitor Reviewed

    Masaya Sato, Taku Omori, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of 2022 Tenth International Symposium on Computing and Networking Workshops   358 - 362   2022.11

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    DOI: 10.1109/CANDARW57323.2022.00069

    researchmap

  • Implementation and Evaluation of Function for Tracing Diffusion of Classified Information to Support Multiple Cores and VMs on KVM Reviewed

    大谷航平, 岡崎俊樹, 山内利宏, 森山英明, 佐藤将也, 谷口秀夫

    63 ( 9 )   1398 - 1409   2022.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    DOI: 10.20729/00220078

    researchmap

  • Prevention of Kernel Memory Corruption Using Kernel Page Restriction Mechanism. Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Journal of Information Processing   30   563 - 576   2022.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.2197/ipsjjip.30.563

    researchmap

  • Analysis of Android Applications Shared on Twitter Focusing on Accessibility Services. Reviewed International coauthorship

    Shuichi Ichioka, Estelle Pouget, Takao Mimura, Jun Nakajima, Toshihiro Yamauchi

    Journal of Information Processing   30   601 - 612   2022.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.2197/ipsjjip.30.601

    researchmap

  • KDPM: Kernel Data Protection Mechanism Using a Memory Protection Key. Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    17th International Workshop on Security (IWSEC 2022) Lecture Notes in Computer Science (LNCS)   13504   66 - 84   2022.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    The kernel data of an operating system kernel can be modified through memory corruption by exploiting kernel vulnerabilities. Memory corruption allows privilege escalation and defeats security mechanisms. The kernel control flow integrity verifies and guarantees the order of invoking kernel codes. The kernel address space layout randomization randomizes the virtual address layout of the kernel code and data. The additional kernel observer focuses on the unintended privilege modifications to restore the original privileges. However, these existing security mechanisms do not prevent writing to the kernel data. Therefore, kernel data can be overwritten by exploiting kernel vulnerabilities. Additionally, privilege escalation and the defeat of security mechanisms are possible. We propose a kernel data protection mechanism (KDPM), which is a novel security design that restricts the writing of specific kernel data. This mechanism protects privileged information and the security mechanism to overcome the limitations of existing approaches. The KDPM adopts a memory protection key (MPK) to control the write restriction of kernel data. The KDPM with the MPK ensures that the writing of privileged information for user processes is dynamically restricted during the invocation of specific system calls. To prevent the security mechanisms from being defeated, the KDPM dynamically restricts the writing of kernel data related to the mandatory access control during the execution of specific kernel codes. Further, the KDPM is implemented on the latest Linux with an MPK emulator. We also evaluated the possibility of preventing the writing of privileged information. The KDPM showed an acceptable performance cost, measured by the overhead, which was from 2.96% to 9.01% of system call invocations, whereas the performance load on the MPK operations was 22.1 ns to 1347.9 ns.

    DOI: 10.1007/978-3-031-15255-9_4

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2022.html#KuzunoY22

  • CyNER: Information Extraction from Unstructured Text of CTI Sources with Noncontextual IOCs. Reviewed

    Shota Fujii, Nobutaka Kawaguchi, Tomohiro Shigemoto, Toshihiro Yamauchi

    17th International Workshop on Security (IWSEC 2022) Lecture Notes in Computer Science (LNCS)   13504   85 - 104   2022.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1007/978-3-031-15255-9_5

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2022.html#FujiiKSY22

  • Design and Implementation of System for URL Signature Construction and Impact Assessment Reviewed

    Shota Fujii, Nobutaka Kawaguchi, Shoya Kojima, Tomoya Suzuki, Toshihiro Yamauchi

    Proceedings of 2022 11th International Congress on Advanced Applied Informatics (IIAI-AAI 2022)   95 - 100   2022.7

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1109/IIAIAAI55812.2022.00028

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iiaiaai/iiaiaai2022.html#FujiiKKSY22

  • Improving Transparency of Hardware Breakpoints with Virtual Machine Introspection. Reviewed

    Masaya Sato, Ryosuke Nakamura, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of 2022 11th International Congress on Advanced Applied Informatics (IIAI-AAI 2022)   113 - 117   2022.7

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1109/IIAIAAI55812.2022.00031

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iiaiaai/iiaiaai2022.html#SatoNYT22

  • Flexible Method for Supporting OAuth 2.0 Based Security Profiles in Keycloak. Reviewed

    Takashi Norimatsu, Yuichi Nakamura, Toshihiro Yamauchi

    Lecture Notes in Informatics (LNI)   P-325   87 - 98   2022.6

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    Keycloak is identity and access control open-source software. When used for open banking, where many OAuth 2.0 clients need to be managed and a different OAuth 2.0-based security profile needs to be applied to each type of API, the problem of increasing managerial costs by the Keycloak administrator occurs because Keycloak's security profile logic depends on the client settings, and the logic cannot be changed for each client's request. This paper proposes its solution by separating the security profile logic from the client settings, and by changing the security profile for each client's request based on the content of the request, and actual security profiles Financial-grade API (FAPI) are implemented to Keycloak. The paper calculates managerial costs in both the existing and proposed methods in scenarios managing FAPI, and compares the results. The comparison shows that using the proposed method reduces costs. Our implementations are contributed to Keycloak.

    DOI: 10.18420/OID2022_07

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/openidentity/openidentity2022.html#NorimatsuNY22

  • Malware Classification by Deep Learning Using Characteristics of Hash Functions Reviewed

    Takahiro Baba, Kensuke Baba, Toshihiro Yamauchi

    Proceedings of the 36th International Conference on Advanced Information Networking and Applications (AINA-2022)   2   480 - 481   2022.3

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1007/978-3-030-99587-4_40

    researchmap

  • Improvement and Evaluation of a Function for Tracing the Diffusion of Classified Information on KVM. Reviewed

    Hideaki Moriyama, Toshihiro Yamauchi, Masaya Sato, Hideo Taniguchi

    Journal of Internet Services and Information Security (JISIS)   12 ( 1 )   26 - 43   2022.2

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    The leakage of computerized classified information can cause serious losses for companies and individuals. In a prior work, we addressed this by providing a function for tracing the diffusion of classified information in a guest operating system (OS). However, that method was vulnerable to attack and was tightly coupled to the OS. Hence, in another previous work, we applied the tracing function using a virtual machine monitor that hooks into system calls that handle classified information, allowing us to understand the diffusion path in a more robust and OS-agnostic fashion. However, as the overhead of the tracing function increases, so does the performance degradation of each system call. Hence, in the current research, the processing performance of the tracing function is further analyzed in depth by identifying the processes that cause the large overhead. We find that the performance overhead generated by outputting the diffusion path log is too burdensome. Therefore, improvements are implemented, and the effectiveness of the upgraded performance is described. Ultimately, the log-output overhead problem is improved.

    DOI: 10.22667/JISIS.2022.02.28.026

    Scopus

    researchmap

  • Function for Tracing Diffusion of Classified Information to Support Multiple VMs with KVM Reviewed

    Kohei Otani, Toshiki Okazaki, Toshihiro Yamauchi, Hideaki Moriyama, Masaya Sato, Hideo Taniguchi

    Proceedings of 2021 nineth International Symposium on Computing and Networking Workshops, 8th International Workshop on Information and Communication Security (WICS 2021)   352 - 358   2021.11

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    DOI: 10.1109/CANDARW53999.2021.00066

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2021w.html#OtaniOYMST21

  • Proposal of Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites and Analysis Using Demonstration Experiment Data Reviewed

    石原聖, 佐藤将也, 佐藤将也, 山内利宏

    情報処理学会論文誌ジャーナル(Web)   62 ( 9 )   1536 - 1548   2021.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    One of the methods to attack mobile devices is redirecting a user to unwanted websites. To the best of our knowledge, there is no method to generate a blacklist that focuses on such attacks. Therefore, we propose a method to generate a blacklist for mobile devices by searching malicious websites. To detect new malicious websites, this method collects HTML files from the webspace using a crawler and searches for HTML files highly likely to be malicious using keywords extracted from known malicious websites. In the evaluation, we performed detection experiments with the blacklist generated by the proposed method using the demonstration experiment data. The evaluation results showed that the generated blacklist detects malicious websites used in attacks of redirecting a user to unwanted websites with few false positives. In addition, new malicious websites were discovered using the generated blacklist; furthermore, we describe an analysis of attacks of redirecting a user to unwanted websites.

    DOI: 10.20729/00212759

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • KPRM: Kernel Page Restriction Mechanism to Prevent Kernel Memory Corruption Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   12835 LNCS   45 - 63   2021.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer International Publishing  

    An operating system (OS) comprises a mechanism for sharing the kernel address space with each user process. An adversary’s user process compromises the OS kernel through memory corruption, exploiting the kernel vulnerability. It overwrites the kernel code related to security features or the kernel data containing privilege information. Process-local memory and system call isolation divide one kernel address space into multiple kernel address spaces. While user processes create their own kernel address space, these methods leave the kernel code vulnerable. Further, an adversary’s user process can involve malicious code that elevates from user mode to kernel mode. Herein, we propose the kernel page restriction mechanism (KPRM), which is a novel security design that prohibits vulnerable kernel code execution and prevents writing to the kernel data from an adversary’s user process. The KPRM dynamically unmaps the kernel page of vulnerable kernel code and attack target kernel data from the kernel address space. This removes the reference of the unmapped kernel page from the kernel page table at the system call invocation. The KPRM achieves that an adversary’s user process can not employ the reference of unmapped kernel page to exploit the kernel through vulnerable kernel code on the running kernel. We implemented KPRM on the latest Linux kernel and showed that it successfully thwarts actual proof-of-concept kernel vulnerability attacks that may cause kernel memory corruption. In addition, the KPRM performance results indicated limited kernel processing overhead in software benchmarks and a low impact on user applications.

    DOI: 10.1007/978-3-030-85987-9_3

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2021.html#KuzunoY21

  • Physical Memory Management with Two Page Sizes in Tender OS. Reviewed

    Koki Kusunoki, Toshihiro Yamauchi, Hideo Taniguchi

    Lecture Notes in Networks and Systems   313   238 - 248   2021.9

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    Physical memory capacity has increased owing to large-scale integration. In addition, memory footprints have increased in size, as multiple programs are executed on a single computer. Many operating systems manage physical memory by paging a 4 KB page. Therefore, the number of entries in the virtual address translation table for virtual to physical increases along with the size of the memory footprints. This cause a decrease in the translation lookaside buffer (TLB) hit ratio, resulting in the performance degradation of the application. To address this problem, we propose the implementation of physical memory management with two page sizes: 4 KB and 4 MB. This allows us to expand range of addresses to be translated by a single TLB entry, thereby improving the TLB hit rate. This paper describes the design and implementation of the physical memory management mechanism that manages physical memory using two page sizes on The ENduring operating system for Distributed EnviRonment (OS). Our results showed that when the page size is 4 MB, the processing time of the memory allocation can be reduced by as much as approximately 99.7%, and the processing time for process creation can be reduced by as much as approximately 51%, and the processing time of the memory operation could be reduced by as much as 91.9%.

    DOI: 10.1007/978-3-030-84913-9_22

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nbis/nbis2021.html#KusunokiYT21

  • (Short Paper) Evidence Collection and Preservation System with Virtual Machine Monitoring Reviewed

    Toru Nakamura, Hiroshi Ito, Shinsaku Kiyomoto, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   12835 LNCS   64 - 73   2021.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer International Publishing  

    In a system audit and verification, it is important to securely collect and preserve evidence of execution environments, execution processes, and program execution results. Evidence-based verification of program processes ensures their authenticity; for example, the processes include no altered/infected program library. This paper proposes a solution for collection of evidence on program libraries based on Virtual Machine Monitor (VMM). The solution can solve semantic gap by obtaining library file path names. This paper also shows a way to obtain hash values of library files from a guest OS. Furthermore, this paper provides examples of evidence on program execution and the overhead of the solution.

    DOI: 10.1007/978-3-030-85987-9_4

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2021.html#NakamuraIKY21

  • Mitigation of Kernel Memory Corruption Using Multiple Kernel Memory Mechanism. Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    IEEE Access   9   111651 - 111665   2021.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Institute of Electrical and Electronics Engineers ({IEEE})  

    Operating systems adopt kernel protection methods (e.g., mandatory access control, kernel address space layout randomization, control flow integrity, and kernel page table isolation) as essential countermeasures to reduce the likelihood of kernel vulnerability attacks. However, kernel memory corruption can still occur via the execution of malicious kernel code at the kernel layer. This is because the vulnerable kernel code and the attack target kernel code or kernel data are located in the same kernel address space. To gain complete control of a host, adversaries focus on kernel code invocations, such as function pointers that rely on the starting points of the kernel protection methods. To mitigate such subversion attacks, this paper presents multiple kernel memory (MKM), which employs an alternative design for kernel address space separation. The MKM mechanism focuses on the isolation granularity of the kernel address space during each execution of the kernel code. MKM provides two kernel address spaces, namely, i) the trampoline kernel address space, which acts as the gateway feature between user and kernel modes and ii) the security kernel address space, which utilizes the localization of the kernel protection methods (i.e., kernel observation). Additionally, MKM achieves the encapsulation of the vulnerable kernel code to prevent access to the kernel code invocations of the separated kernel address space. The evaluation results demonstrated that MKM can protect the kernel code and kernel data from a proof-of-concept kernel vulnerability that could lead to kernel memory corruption. In addition, the performance results of MKM indicate that the system call overhead latency ranges from 0.020 μs to 0.5445 μs , while the web application benchmark ranges from 196.27 μs to 6, 685.73 μs for each download access of 100,000 Hypertext Transfer Protocol sessions. MKM attained a 97.65% system benchmark score and a 99.76% kernel compilation time.

    DOI: 10.1109/ACCESS.2021.3101452

    Web of Science

    Scopus

    researchmap

  • Analysis of commands of Telnet logs illegally connected to IoT devices Reviewed

    Toshihiro Yamauchi, Ryota Yoshimoto, Takahiro Baba, Katsunari Yoshioka

    Proceedings of 2021 10th International Congress on Advanced Applied Informatics (IIAI-AAI 2021)   913 - 915   2021.7

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    researchmap

  • Implementation and Evaluation of Resource Pooling Function for High-speed Process Creation Reviewed

    谷口秀夫, 山内利宏, 田村大

    情報処理学会論文誌ジャーナル(Web)   62 ( 2 )   443 - 454   2021.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    In the recent cloud computing environment, many short-lived processes are created, a method of realizing a service by mutual cooperation of these processes has been attracting attention. Therefore, speeding up the process creation is very important. Tender OS, thus, proposes a mechanism for fast process creation and deletion. The proposed mechanism involves the recycling of process resources. However, the proposed mechanism cannot recycle process resources during process creation if the stored process resources are not adequate. Stored process resources may increase monotonically if they are not recycled for process creation, which in turn can cause memory starvation. This paper, therefore, proposes a resource pooling function for addressing the these problems. In addition to the function for resource recycling, the resource pooling function incorporates the resource creation function and the resource reduction function. Furthermore, this paper reports the effectiveness of the resource pooling function in terms of processing time efficiency and memory usage.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Improvement and Evaluation of a Function for Tracing the Diffusion of Classified Information on KVM Reviewed

    Moriyama, H., Yamauchi, T., Sato, M., Taniguchi, H.

    Advances in Intelligent Systems and Computing   1264 AISC   338 - 349   2021.1

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Advances in Intelligent Systems and Computing  

    © 2021, Springer Nature Switzerland AG. The increasing amount of classified information currently being managed by personal computers has resulted in the leakage of such information to external computers, which is a major problem. To prevent such leakage, we previously proposed a function for tracing the diffusion of classified information in a guest operating system (OS) using a virtual machine monitor (VMM). The tracing function hooks a system call in the guest OS from the VMM, and acquiring the information. By analyzing the information on the VMM side, the tracing function makes it possible to notify the user of the diffusion of classified information. However, this function has a problem in that the administrator of the computer platform cannot grasp the transition of the diffusion of classified processes or file information. In this paper, we present the solution to this problem and report on its evaluation.

    DOI: 10.1007/978-3-030-57811-4_32

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nbis/nbis2020.html#MoriyamaYST20

  • Accessibility service utilization rates in android applications shared on Twitter Reviewed

    Ichioka, S., Pouget, E., Mimura, T., Nakajima, J., Yamauchi, T.

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   12583 LNCS   101 - 111   2020.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

    © Springer Nature Switzerland AG 2020. The number of malware detected has been increasing annually, and 4.12% of malware reported in 2018 attacked Android phones. Therefore, preventing attacks by Android malware is critically important. Several previous studies have investigated the percentage of apps that utilize accessibility services and are distributed from Google Play, that have been reportedly used by Android malware. However, the Social Networking Services (SNSs) that are used to spread malware have distributed apps not only from Google Play but also from other sources. Therefore, apps distributed from within and outside of Google Play must be investigated to capture malware trends. In this study, we collected apps shared on Twitter in 2018, which is a representative SNS, and created a Twitter shared apps dataset. The dataset consists of 32,068 apps downloaded from the websites of URLs collected on Twitter. We clarified the proportion of apps that contained malware and proportion of apps utilizing accessibility services. We found that both, the percentage of malware and percentage of total apps using accessibility services have been increasing. Notably, the percentages of malware and un-suspicious apps using accessibility services were quite similar. Therefore, this problem cannot be solved by automatically blocking all apps that use accessibility services. Hence, specific countermeasures against malware using accessibility services will be increasingly important for online security in the future.

    DOI: 10.1007/978-3-030-65299-9_8

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/wisa/wisa2020.html#IchiokaPMNY20

  • Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites. Reviewed

    Takashi Ishihara, Masaya Sato, Toshihiro Yamauchi

    Proceedings - 2020 8th International Symposium on Computing and Networking Workshops, CANDARW 2020   328 - 333   2020.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2020 IEEE. As mobile devices have become more popular, mal-ware and attacks directed at them have significantly increased. One of the methods to attack mobile devices is redirecting a user to unwanted websites by unwanted page transition. One of the countermeasures against such attacks is to generate a blacklist of URLs and hostnames, which can prevent access to malicious websites. To generate a blacklist, first, malicious websites are collected in the web space. Then, URLs and hostnames of the malicious websites are added to the blacklist. However, URLs of the malicious websites are typically changed frequently; thus, it is necessary to keep track of the malicious websites and update the blacklist in a timely manner. In this study, we proposed a method to generate blacklists for mobile devices by searching malicious websites. The method collects many HTML files from the web space using a crawler and searches for HTML files that are highly likely to be malicious using keywords extracted from the known malicious websites to discover the new ones. Thus, new malicious websites can be added to the blacklist in a timely manner. Using the proposed method, we discovered malicious websites that were not detected by Google Safe Browsing. Moreover, the blacklist generated using the method had a high detection rate for certain malicious websites. This paper reports the design process and the results of the evaluation of the new method.

    DOI: 10.1109/CANDARW51189.2020.00070

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2020w.html#IshiharaSY20

  • Privilege Escalation Attack Prevention Method by Focusing on Privilege Changes on 64-bit ARM Reviewed

    61 ( 9 )   1531 - 1541   2020.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Privilege escalation attacks that exploit operating system vulnerabilities can cause significant damage to the associated systems. We previously proposed an additional kernel observer (AKO), a prevention method that focuses on modifying process privileges by system calls. AKO verifies the modification in process privilege data and monitors the modification in privilege data by storing them in the kernel stack before processing the system call. However, if an attacker identifies the storage location of privilege data in the kernel stack and alters both process privilege data and privilege data in the kernel stack while the system call is being processed, AKO can be bypassed. Hence, in this paper, we propose a new method for preventing privilege escalation attacks in the 64-bit ARM environment as well as AKO for protecting mobile devices and IoT devices. To address the issues of AKO, the new method protects the stored privilege data employing the ARM TrustZone technology. In this paper, the new method's design, implementation, and evaluation results are described. In the evaluation, we performed a privilege escalation attack detection experiment using an exploit code and measured performance of system calls and applications. The evaluation results showed that protection by attack detection was successful and the performance degradation due to this method was limited.

    CiNii Article

    CiNii Books

    researchmap

  • Privilege Escalation Attack Prevention Method Focusing on Privilege Changes in Guest OS on KVM Reviewed

    61 ( 9 )   1507 - 1518   2020.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Privilege escalation attacks can lead to system tampering and information leakage. To address such attacks, we previously proposed a privilege escalation attack prevention method that focus on the modification of privileges by system calls. However, the said method needs to be implemented in the operating system (OS), and its application thus requires alteration of the kernel source code. Additionally, privilege data stored in the kernel space may be forged by attackers. To address these issues, we propose a new method in this paper for preventing privilege escalation attacks by employing KVM, (a virtual machine monitor). The new method hooks the system call invoked in the guest OS and verifies the modification of privileges through system call processing. Application of the new method does not require alteration of the kernel source code. Furthermore, forging of privilege data is deterred by storing privilege data in the memory of the host OS. In this paper, drawbacks of the previously proposed method are discussed, and the new proposed method and its evaluation results are described.

    CiNii Article

    CiNii Books

    researchmap

  • Method to Reduce Redundant Security Policy Using SELinux CIL Reviewed

    61 ( 9 )   1519 - 1530   2020.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Application of SELinux involves incorporating a general security policy that permits redundant privileges for individual systems. Hence, we previously proposed a method that eliminates redundant policies from the general policy. However, the said method cannot be applied when there is no policy source file or policies include an attribute that is not supported. During eliminating policies period, the log of access permitted by a particular policy is continually produced as an output, and the associated overhead is large. Furthermore, redundant policies in the base module cannot be eliminated. To address these issues, we propose a new method that extends the previously proposed method. The new method involves the processing of files written in SELinux CIL (an intermediate language) for eliminating redundant policies. Additionally, the new method considers attributes and eliminates policies with fine granularity. The overhead is reduced by eliminating the auditallow statement associated with the policy once converted to the policy format from the policy. Furthermore, by replacing the typeattributeset statement, redundant policies can be eliminated without modifying the base module. In this study, the effectiveness of our method is demonstrated through evaluation of policy elimination and through an attack prevention experiment by incorporating the vulnerabilities in Apache Struts2.

    CiNii Article

    CiNii Books

    researchmap

  • MKM: Multiple Kernel Memory for Protecting Page Table Switching Mechanism Against Memory Corruption. Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   12231 LNCS   97 - 116   2020.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    © Springer Nature Switzerland AG 2020. Countermeasures against kernel vulnerability attacks on an operating system (OS) are highly important kernel features. Some kernels adopt several kernel protection methods such as mandatory access control, kernel address space layout randomization, control flow integrity, and kernel page table isolation; however, kernel vulnerabilities can still be exploited to execute attack codes and corrupt kernel memory. To accomplish this, adversaries subvert kernel protection methods and invoke these kernel codes to avoid administrator privileges restrictions and gain complete control of the target host. To prevent such subversion, we present Multiple Kernel Memory (MKM), which offers a novel security mechanism using an alternative design for kernel memory separation that was developed to reduce the kernel attack surface and mitigate the effects of illegal data manipulation in the kernel memory. The proposed MKM is capable of isolating kernel memory and dedicates the trampoline page table for a gateway of page table switching and the security page table for kernel protection methods. The MKM encloses the vulnerable kernel code in the kernel page table. The MKM mechanism achieves complete separation of the kernel code execution range of the virtual address space on each page table. It ensures that vulnerable kernel code does not interact with different page tables. Thus, the page table switching of the trampoline and the kernel protection methods of the security page tables are protected from vulnerable kernel code in other page tables. An evaluation of MKM indicates that it protects the kernel code and data on the trampoline and security page tables from an actual kernel vulnerabilities that lead to kernel memory corruption. In addition, the performance results show that the overhead is 0.020 $$\mu $$s to 0.5445 $$\mu $$s, in terms of the system call latency and the application overhead average is 196.27 $$\mu $$s to 6,685.73 $$\mu $$s, for each download access of 100,000 Hypertext Transfer Protocol sessions.

    DOI: 10.1007/978-3-030-58208-1_6

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2020.html#KuzunoY20

  • Identification of kernel memory corruption using kernel memory secret observation mechanism Reviewed

    Kuzuno, H., Yamauchi, T.

    IEICE Transactions on Information and Systems   E103D ( 7 )   1462 - 1475   2020.7

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    Copyright © 2020 The Institute of Electronics, Information and Communication Engineers. Countermeasures against attacks targeting an operating system are highly effective in preventing security compromises caused by kernel vulnerability. An adversary uses such attacks to overwrite credential information, thereby overcoming security features through arbitrary program execution. CPU features such as Supervisor Mode Access Prevention, Supervisor Mode Execution Prevention and the No eXecute bit facilitate access permission control and data execution in virtual memory. Additionally, Linux reduces actual attacks through kernel vulnerability affects via several protection methods including Kernel Address Space Layout Randomization, Control Flow Integrity, and Kernel Page Table Isolation. Although the combination of these methods can mitigate attacks as kernel vulnerability relies on the interaction between the user and the kernel modes, kernel virtual memory corruption can still occur (e.g., the eBPF vulnerability allows malicious memory overwriting only in the kernel mode). We present the Kernel Memory Observer (KMO), which has a secret observation mechanism to monitor kernel virtual memory. KMO is an alternative design for virtual memory can detect illegal data manipulation/writing in the kernel virtual memory. KMO determines kernel virtual memory corruption, inspects system call arguments, and forcibly unmaps the direct mapping area. An evaluation of KMO reveals that it can detect kernel virtual memory corruption that contains the defeating security feature through actual kernel vulnerabilities. In addition, the results indicate that the system call overhead latency ranges from 0.002 μs to 8.246 μs, and the web application benchmark ranges from 39.70 μs to 390.52 μs for each HTTP access, whereas KMO reduces these overheads by using tag-based Translation Lookaside Buffers.

    DOI: 10.1587/transinf.2019ICP0011

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicetd/ieicetd103.html#KuzunoY20

  • Support System for Assessing Anti-analysis JavaScript Code by Using Proxy Objects Reviewed

    61 ( 6 )   1134 - 1145   2020.6

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    JavaScript code used by web-based attacks is usually protected by some anti-analysis techniques such as obfuscation or cloaking in order to hide its intent or avoid detection. Analyzing such code becomes an urgent task to counter cyber attacks. Therefore, we propose an analysis support system for anti-analysis JavaScript code. The proposed system comprehensively monitors browser API operations and outputs API operation logs for helping analyst's understanding the behavior of code. By using Proxy objects to capture API operations, the proposed system successfuly monitors API operations that could not be captured completely by existing methods. In addition, by replacing variable references, it is able to comprementally monitor API operations for non-replaceable APIs. In this paper, we describe the concept of the proposed system and the implementation of analysis method. We also report the result of analyzing anti-analysis JavaScript codes as an evaluation.

    CiNii Article

    CiNii Books

    researchmap

  • 第3編―情報技術の発展と展望 [CSEC]コンピュータセキュリティ研究会

    山内 利宏

    情報処理学会60年のあゆみ   2020

     More details

    Authorship:Lead author, Corresponding author   Language:Japanese  

    researchmap

  • Method for Delegating I/O Functions to Linux in AnT Operating System Reviewed

    60 ( 12 )   2279 - 2290   2019.12

     More details

    Authorship:Lead author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    A specialized operating system (OS) can provide some order-made service efficiently. However, development of the specialized OS takes a large amount of cost (e.g., device driver, file management functions). Thus, it is important to reduce the cost. In this paper, we describe a method for introducing the specialized OS and Linux run independently in multicore processors, and the specialized OS uses Linux file I/O functions. This paper describes the design and the implementation of the proposed method for AnT operating system as the specialized OS, and reports the evaluation results of the proposed method.

    CiNii Article

    CiNii Books

    researchmap

  • KMO: Kernel Memory Observer to Identify Memory Corruption by Secret Inspection Mechanism Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   11879 LNCS   75 - 94   2019.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    © Springer Nature Switzerland AG, 2019. Kernel vulnerability attacks may allow attackers to execute arbitrary program code and achieve privilege escalation through credential overwriting, thereby avoiding security features. Major Linux protection methods include Kernel Address Space Layout Randomization, Control Flow Integrity, and Kernel Page Table Isolation. All of these mitigate kernel vulnerability affects and actual attacks. In addition, the No eXecute bit, Supervisor Mode Access Prevention, and Supervisor Mode Execution Prevention are CPU features for managing access permission and data execution in virtual memory. Although combinations of these methods can reduce the attack availability of kernel vulnerability based on the interaction between the user and kernel modes, kernel virtual memory corruption is still possible (e.g., the eBPF vulnerability executes the attack code only in the kernel mode). To monitor kernel virtual memory, we present the Kernel Memory Observer (KMO), which has a secret inspection mechanism and offers an alternative design for virtual memory. It allows the detection of illegal data manipulation/writing in the kernel virtual memory. KMO identifies the kernel virtual memory corruption, monitors system call arguments, and enables unmapping from the direct mapping area. An evaluation of our method indicates that it can detect the actual kernel vulnerabilities leading to kernel virtual memory corruption. In addition, the results show that the overhead is 0.038 &#x0024;&#x0024;\upmu &#x0024;&#x0024; s to 2.505 &#x0024;&#x0024;\upmu &#x0024;&#x0024; s in terms of system call latency, and the application benchmark is 371.0 &#x0024;&#x0024;\upmu &#x0024;&#x0024; s to 1,990.0 &#x0024;&#x0024;\upmu &#x0024;&#x0024; s for 100,000 HTTP accesses.

    DOI: 10.1007/978-3-030-34339-2_5

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ispec/ispec2019.html#KuzunoY19

  • Threat Analysis of Fake Virus Alerts Using WebView Monitor Reviewed International coauthorship

    Yuta Imamura, Rintaro Orito, Kritsana Chaikaew, Celia Manardo, Pattara Leelaprute, Masaya Sato, Toshihiro Yamauchi

    Proceedings - 2019 7th International Symposium on Computing and Networking, CANDAR 2019   28 - 36   2019.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2019 IEEE. As mobile devices have become more popular, mobile web browsing has surpassed desktop browser use and the number of mobile malware cases has increased. The methods of infiltrating Android devices with malware include malvertising and scams. Android users can access websites via web browsers and Android apps using WebView, which displays web content inside an app without redirecting users to web browsers. However, WebView is vulnerable to cyberattacks and the security mechanisms are not sufficient to prevent all attacks. In this study, to analyze web access threats via WebView, we investigated web access to malicious websites against Android mobile devices. In particular, we focused on fake virus alerts. To monitor web access for threat analysis, we improved the WebView Monitor [1] to capture all web access via Android WebView. In particular, we analyzed the mechanism of displaying a fake virus alert while browsing websites on Android.

    DOI: 10.1109/CANDAR.2019.00012

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2019.html#ImamuraOCMLSY19

  • 仮想計算機を利用した性能プロファイリングシステムの分散化とデータ収集停止時間の短縮 Reviewed

    山本 昌生,中島 耕太,山内 利宏,名古屋 彰,谷口 秀夫

    電子情報通信学会論文誌D   J102-D ( 10 )   674 - 684   2019.10

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    DOI: 10.14923/transinfj.2018JDP7035

    researchmap

  • (Short Paper) method for preventing suspicious web access in android WebView Reviewed

    Masaya Sato, Yuta Imamura, Rintaro Orito, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   11689 LNCS   241 - 250   2019.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    © 2019, Springer Nature Switzerland AG. WebView is commonly used by applications on the Android OS. Given that WebView is used as a browsing component on applications, they can be attacked via the web. Existing security mechanisms mainly focus on web browsers; hence, securing WebView is an important challenge. We proposed and implemented a method for preventing suspicious web access in Android WebView. Attackers distribute their malicious content including malicious applications, potentially unwanted programs, and coin miners, by inserting contents into a web page. Because loading malicious content involves HTTP communication, our proposed method monitors HTTP communication by WebView and blocks suspicious web accesses. To apply the proposed method to widely used applications, we implemented our method inside WebView. We also evaluated the proposed method with some popular applications and confirmed that the method can block designated web content without impeding the functionality of applications.

    DOI: 10.1007/978-3-030-26834-3_14

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2019.html#SatoIOY19

  • Design and implementation of hiding method for file manipulation of essential services by system call proxy using virtual machine monitor. Reviewed

    Masaya Sato, Hideo Taniguchi, Toshihiro Yamauchi

    Int. J. Space Based Situated Comput.   9 ( 1 )   1 - 10   2019.5

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:INDERSCIENCE ENTERPRISES LTD  

    Security or system management software is essential for keeping systems secure. To deter attacks on essential services, hiding information related to essential services is helpful. This paper describes the design, the implementation, and the evaluation of a method to make files invisible to all services except their corresponding essential services and provides access methods to those files in a virtual machine (VM). In the proposed method, the virtual machine monitor (VMM) monitors the system call, which invoked by an essential process to access essential files, and requests proxy execution to the proxy process on another VM. The VMM returns the result and skips the execution of the original system call on the protection target VM. Thus, access to essential files by the essential service is skipped on the protection target VM, but the essential service can access the file content.

    DOI: 10.1504/IJSSC.2019.100007

    Web of Science

    researchmap

  • Hiding File Manipulation of Essential Services by System Call Proxy Reviewed

    Masaya Sato, Hideo Taniguchi, Toshihiro Yamauchi

    Lecture Notes on Data Engineering and Communications Technologies   22   853 - 863   2019.3

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Part of collection (book)   Publisher:Springer  

    © 2019, Springer Nature Switzerland AG. Security software or logging programs are frequently attacked because they are an obstruction to attackers. Protecting these essential services from attack is crucial to preventing and mitigating damage. Hiding information related to essential services, such as that of the files and processes, can help to deter attacks on these services. This paper proposes a method of hiding file manipulation for essential services. The method makes the files invisible to all services except their corresponding essential services and provides access methods to those files in a virtual machine (VM) environment. In the proposed method, system calls to those files are executed by a proxy process on the other VM. The original system call is not executed in the operating system of the original VM, however, the result of file access is returned to the original process. Thus, the files of essential services are placed on the other VM and other processes on the original VM cannot access to them. Therefore, the proposed method can prevent or deter identification of essential services based on file information monitoring.

    DOI: 10.1007/978-3-319-98530-5_76

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nbis/nbis2018.html#SatoTY18

  • Implementation and Evaluation of Batch Processing Request for Leveraging Distributed Execution of OS Processing Reviewed

    60 ( 2 )   430 - 439   2019.2

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    In microkernel operating systems (OSes), some parts of OS functions are implemented as processes, which called OS server. For this reason, OS functions can be distributed by placing OS servers to multiple processors. However, it is difficult to reduce the response time of a processing request from an application program (AP) to an OS server. This is due to invocation of multiple inter server communication for processing requests. In addition, an interface of processing requests from AP to OS servers is blocking in most cases. Hence, a processing request is forced to be done successively even though multiple processing are concurrently executable and related OS servers are independent. In this paper, we propose a batch process request function with blocking interface to request multiple processing to OS servers at one time. We also present evaluation results of basic performance, and distributed processing by the proposed function can reduce the response time for a service consists of multiple processing.

    CiNii Article

    CiNii Books

    researchmap

  • Live Forensic Method Using Process Duplication to Maintain High System Availability Reviewed

    60 ( 2 )   696 - 705   2019.2

     More details

    Authorship:Lead author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Most conventional digital forensic methods are designed to target hard disk drives, making them ineffective at detecting in-memory malware. In addition, in order to prevent a target system from changing the evidence on hard disk drives, it is necessary to shut down the system or stop its processing, reducing system availability. In this paper, we propose a live forensic method using process duplication to maintain high system availability. The proposed method duplicates the virtual address space of a target process for investigation, and obtains the relevant evidence from the duplicate. By reducing the occurrence of memory copy in the duplication process, it is possible to detect in-memory malware while retaining system availability. We describe the effectiveness of the proposed method, and furthermore, evaluate and report on the delay time when this method is applied to a periodically executing process.

    CiNii Article

    CiNii Books

    researchmap

  • Additional Kernel Observer to Prevent Privilege Escalation Attacks by Focusing on System Call Privilege Changes Reviewed

    Toshihiro Yamauchi, Yohei Akao, Ryota Yoshitani, Yuichi Nakamura, Masaki Hashimoto

    DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing   1 - 8   2019.1

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2018 IEEE. In recent years, there has been an increase in attacks that exploit operating system vulnerabilities. In particular, if an administrator's privilege is acquired by an attacker through a privilege escalation attack, the attacker can operate the entire system and the system can suffer serious damage. In this paper, an additional kernel observer (AKO) method is proposed. It prevents privilege escalation attacks that exploit operating system vulnerabilities. We focus on the fact that a process privilege can be changed only by specific system calls. AKO monitors privilege information changes during system call processing. If AKO detects a privilege change after system call processing, whereby the invoked system call does not originally change the process privilege, AKO regards the change as a privilege escalation attack and applies countermeasures against it. In this paper, we describe the design and implementation of AKO for Linux x86, 64 bit. Moreover, AKO can be expanded to prevent the falsification of various data in the kernel space. We present an expansion example that prevents the invalidation of Security-Enhanced Linux. Evaluation results show that AKO is effective against privilege escalation attacks, while maintaining low overhead.

    DOI: 10.1109/DESEC.2018.8625137

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/desec/desec2018.html#YamauchiAYNH18

  • Acceleration of analysis processing on decentralized performance profiling system using virtual machines Reviewed

    Masao Yamamoto, Kohta Nakashima, Toshihiro Yamauchi, Akira Nagoya, Hideo Taniguchi

    Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   152 - 158   2018.12

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE Computer Society  

    © 2018 IEEE. To detect the performance anomaly of a computer, as a structure for continuous performance profiling, decentralization of the performance profiling system using virtual machines has been proposed. Moreover, there have already been evaluation results reported regarding overhead, including data storing, and data sampling stall time. On the other hand, for continuous performance profiling, the continuous processing of performance profiling is needed, including not only data sampling and data storing but also analysis processing. Therefore, first, this paper describes a relationship condition among data sampling time, data storing time, and analysis processing time as the necessary condition for continuous performance profiling on a decentralized performance profiling system. Second, in order to satisfy the relationship condition, we propose a concurrent operation technique as the acceleration method of analysis processing for a decentralized performance profiling system. Finally, this paper presents quantitative evaluations of the proposed method, including the case of a multi-VMM environment.

    DOI: 10.1109/CANDARW.2018.00035

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2018w.html#YamamotoNYNT18

  • Mitigating use-after-free attack using library considering size and number of freed memory Reviewed

    Yuya Ban, Toshihiro Yamauchi

    Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   398 - 404   2018.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE Computer Society  

    © 2018 IEEE. Use-after-free (UAF) vulnerabilities, are abused by exploiting a dangling pointer that refers to a freed memory, location and then executing arbitrary code. Vulnerabilities are caused by bugs in software programs, particularly large scale programs such as browsers. We had previously proposed HeapRevolver, which prohibits freed memory area from being reused for a certain period. HeapRevolver on Windows uses the number of freed memory areas that are prohibited for reuse as a trigger to release the freed memory area. Alternatively, HeapRevolver uses the number of the freed memory areas as a threshold for releasing freed memory. However, when the size of individual freed memory area is large, HeapRevolver on Windows increases the memory overhead. In this paper, we propose an improved HeapRevolver for Windows considering the size and number of the freed memory areas. The improved HeapRevolver prohibits the reuse of a certain number of freed memory areas at a given time by considering the size and number of freed memory areas as thresholds. Evaluation results demonstrate that the improved HeapRevolver can prevent attacks that exploit UAF vulnerabilities. Particularly, when the size of individual freed memory area is small in a program, HeapRevolver is effective in decreasing the attack success rate.

    DOI: 10.1109/CANDARW.2018.00080

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2018w.html#BanY18

  • マルチコア環境におけるスケジューラ連携による優先度逆転抑制法 Reviewed

    鴨生悠冬, 山内利宏, 谷口秀夫

    電子情報通信学会論文誌D   J101-D ( 6 )   998 - 1008   2018.6

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    DOI: 10.14923/transinfj.2017JDP7061

    researchmap

  • Performance Improvement and Evaluation of Function for Tracing Diffusion of Classified Information on KVM Reviewed

    Hideaki Moriyama, Toshihiro Yamauchi, Masaya Sato, Hideo Taniguchi

    Proceedings - 2017 5th International Symposium on Computing and Networking, CANDAR 2017   2018-January   463 - 468   2018.4

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE Computer Society  

    © 2017 IEEE. As a result of the increasing amounts of classified information being managed by personal computers, leakage of this information to external computers has become a serious problem. To prevent such leakage, we previously proposed a function for tracing the diffusion of classified information in a guest operating system (OS) using a virtual machine monitor (VMM). This function allows determination of the classified information location and information leakage detection without modification of the guest OS source code. In addition, it is more difficult for attacks to target this function, because the VMM is isolated from the guest OS. The tracing function hooks a system call in the guest OS from the VMM and judges whether the hooked system call is related to the diffusion of classified information. However, if the tracing function induces processing of large overheads, introduction of this function may degrade performance. In this paper, we analyze the processing performance of the tracing function in detail, identifying processing involving large overheads. Hence, we determine that the recording overheads for files or processes having the potential to diffuse classified information are especially large. To reduce the influence of the tracing function introduction, it is necessary to reduce these overheads. Therefore, we present a policy for efficient management. Further, we propose an improved tracing function and report on its evaluation.

    DOI: 10.1109/CANDAR.2017.91

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2017.html#MoriyamaYST17

  • Web access monitoring mechanism for Android WebView Reviewed

    Yuta Imamura, Hiroyuki Uekawa, Yasuhiro Ishihara, Masaya Sato, Toshihiro Yamauchi

    ACM International Conference Proceeding Series   1 - 8   2018.1

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:ACM  

    © 2018 Association for Computing Machinery. In addition to conventional web browsers, WebView is used to display web content on Android. WebView is a component that enables the display of web content in mobile applications, and is extensively used. As WebView displays web content without having to redirect the user to web browsers, there is the possibility that unauthorized web access may be performed secretly via Web-View, and information in Android may be stolen or tampered with. Therefore, it is necessary to monitor and analyze web access via WebView, particularly because attacks exploiting WebView have been reported. However, there is no mechanism for monitoring web access viaWebView. In this work, the goals are to monitor web access via WebView and to analyze mobile applications using Web-View. To achieve these goals, we propose a web access monitoring mechanism for Android WebView. In this paper, the design and implementation of a mechanism that does not require any modifications to the Android Framework and Linux kernel are presented for the Chromium Android System WebView app. In addition, this paper presents evaluation results for the proposed mechanism.

    DOI: 10.1145/3167918.3167942

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/acsw/acsw2018.html#ImamuraUISY18

  • Access control mechanism to mitigate cordova plugin attacks in hybrid applications Reviewed

    Naoki Kudo, Toshihiro Yamauchi, Thomas H. Austin

    Journal of Information Processing   26   396 - 405   2018.1

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2018 Information Processing Society of Japan. Hybrid application frameworks such as Cordova are more and more popular to create platform-independent applications (apps) because they provide special APIs to access device resources in a platform-agonistic way. By using these APIs, hybrid apps can access device resources through JavaScript. In this paper, we present a novel apprepackaging attack that repackages hybrid apps with malicious code; this code can exploit Cordova’s plugin interface to steal and tamper with device resources. We address this attack and cross-site scripting attacks against hybrid apps. Since these attacks need to use plugins to access device resources, we refer to both of these attacks as Cordova plugin attacks. We further demonstrate a defense against Cordova plugin attacks through the use of a novel runtime access control mechanism that restricts access based on the mobile user’s judgement. Our mechanism is easy to introduce to existing Cordova apps, and allows developers to produce apps that are resistant to Cordova plugin attacks. Moreover, we evaluate the effectiveness and performance of our mechanism.

    DOI: 10.2197/ipsjjip.26.396

    Scopus

    researchmap

  • ディレクトリ優先方式における未参照バッファ数に着目した入出力バッファ分割法 Reviewed

    横山和俊, 土谷彰義, 山本光一, 河辺誠弥, 山内利宏, 乃村能成, 谷口秀夫

    電子情報通信学会論文誌D   J101-D ( 1 )   46 - 56   2018

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    DOI: 10.14923/transinfj.2017SKP0012

    J-GLOBAL

    researchmap

  • Kernel rootkits detection method by monitoring branches using hardware features Reviewed

    Toshihiro Yamauchi, Yohei Akao

    IEICE Transactions on Information and Systems   E100D ( 10 )   2377 - 2381   2017.10

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    Copyright © 2017 The Institute of Electronics, Information and Communication Engineers. An operating system is an essential piece of software that manages hardware and software resources. Thus, attacks on an operating system kernel using kernel rootkits pose a particularly serious threat. Detecting an attack is difficult when the operating system kernel is infected with a kernel rootkit. For this reason, handling an attack will be delayed causing an increase in the amount of damage done to a computer system. In this paper, we propose Kernel Rootkits Guard (KRGuard), which is a new method to detect kernel rootkits that monitors branch records in the kernel space. Since many kernel rootkits make branches that differ from the usual branches in the kernel space, KRGuard can detect these differences by using the hardware features of commodity processors. Our evaluation shows that KRGuard can detect kernel rootkits that involve new branches in the system call handler processing with small overhead.

    DOI: 10.1587/transinf.2016INL0003

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet100d.html#YamauchiA17

  • Access control for plugins in cordova-based hybrid applications Reviewed

    Naoki Kudo, Toshihiro Yamauchi, Thomas H. Austin

    Proceedings - International Conference on Advanced Information Networking and Applications, AINA   1063 - 1069   2017.5

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2017 IEEE. Hybrid application frameworks such as Cordovaallow mobile application (app) developers to create platformindependent apps. The code is written in JavaScript, with special APIs to access device resources in a platform-agnostic way. In this paper, we present a novel app-repackaging attack that repackages hybrid apps with malicious code, this code can exploit Cordova's plugin interface to tamper with device resources. We further demonstrate a defense against this attack through the use of a novel runtime access control mechanism that restricts access based on the mobile user's judgement. Our mechanism is easy to introduce to existing Cordova apps, and allows developers to produce apps that are resistant to app-repackaging attacks.

    DOI: 10.1109/AINA.2017.61

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/aina/aina2017.html#KudoYA17

  • KRGuard: Kernel Rootkits Detection Method by Monitoring Branches Using Hardware Features Reviewed

    Yohei Akao, Toshihiro Yamauchi

    ICISS 2016 - 2016 International Conference on Information Science and Security   100-D ( 10 )   22 - 26   2017.3

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    © 2016 IEEE. Attacks on an operating system kernel using kernel rootkits pose a particularly serious threat. Detecting an attack is difficult when the operating system kernel is infected with a kernel rootkit. For this reason, handling an attack will be delayed causing an increase in the amount of damage done to a computer system. In this paper, we discuss KRGuard (Kernel Rootkits Guard), which is a new method to detect kernel rootkits that monitors branch records in the kernel space. Since many kernel rootkits make branches that differ from the usual branches in the kernel space, KRGuard can detect these differences by using hardware features of commodity processors. Our evaluation shows that KRGuard can detect kernel rootkits with small overhead.

    DOI: 10.1109/ICISSEC.2016.7885860

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet100d.html#YamauchiA17

  • Memory access monitoring and disguising of process information to Avoid Attacks to essential services Reviewed

    Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016   635 - 641   2017.1

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2016 IEEE. To prevent attacks on essential software and to mitigate damage, an attack avoiding method that complicates process identification from attackers is proposed. This method complicates the identification of essential services by replacing process information with dummy information. However, this method allows attackers to identify essential processes by detecting changes in process information. To address this problems and provide more complexity to process identification, this paper proposes a memory access monitoring by using a virtual machine monitor. By manipulating the page access permission, a virtual machine monitor detects page access, which includes process information, and replaces it with dummy information. This paper presents the design, implementation, and evaluation of the proposed method.

    DOI: 10.1109/CANDAR.2016.89

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2016.html#SatoYT16

  • Rule-based sensor data aggregation system for M2M gateways Reviewed

    Yuichi Nakamura, Akira Moriguchi, Masanori Irie, Taizo Kinoshita, Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E99D ( 12 )   2943 - 2955   2016.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    © Copyright 2016 The Institute of Electronics, Information and Communication Engineers. To reduce the server load and communication costs of machine-to-machine (M2M) systems, sensor data are aggregated in M2M gateways. Aggregation logic is typically programmed in the C language and embedded into the firmware. However, developing aggregation programs is difficult for M2M service providers because it requires gatewayspecific knowledge and consideration of resource issues, especially RAM usage. In addition, modification of aggregation logic requires the application of firmware updates, which are risky. We propose a rule-based sensor data aggregation system, called the complex sensor data aggregator (CSDA), for M2M gateways. The functions comprising the data aggregation process are subdivided into the categories of filtering, statistical calculation, and concatenation. The proposed CSDA supports this aggregation process in three steps: the input, periodic data processing, and output steps. The behaviors of these steps are configured by an XML-based rule. The rule is stored in the data area of flash ROM and is updatable through the Internet without the need for a firmware update. In addition, in order to keep within the memory limit specified by the M2M gateway's manufacturer, the number of threads and the size of the working memory are static after startup, and the size of the working memory can be adjusted by configuring the sampling setting of a buffer for sensor data input. The proposed system is evaluated in an M2M gateway experimental environment. Results show that developing CSDA configurations is much easier than using C because the configuration decreases by 10%. In addition, the performance evaluation demonstrates the proposed system's ability to operate on M2M gateways.

    DOI: 10.1587/transinf.2016PAP0020

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet99d.html#NakamuraMIKY16

  • プロセス間通信を抑制しデータ共有するマイクロカーネル構造OS向けファイル操作機能の実現と評価 Reviewed

    江原寛人, 枡田圭祐, 山内利宏, 谷口秀夫

    電子情報通信学会論文誌D   J99-D ( 10 )   1069 - 1079   2016.10

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    researchmap

  • Heaprevolver: Delaying and randomizing timing of release of freed memory area to prevent use-after-free attacks Reviewed

    Toshihiro Yamauchi, Yuta Ikegami

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   9955 LNCS   219 - 234   2016.9

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER INT PUBLISHING AG  

    © Springer International Publishing AG 2016. Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attack-prevention method that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small.

    DOI: 10.1007/978-3-319-46298-1_15

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nss/nss2016.html#YamauchiI16

  • Implementation and Evaluation of Partitioning Method of I/O Buffer Based on Cache Hit Ratio Reviewed

    57 ( 6 )   1539 - 1553   2016.6

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    In order to improve file access performance of the processing that users would like to execute at high priority, it is effective to improve cache hit ratio of I/O buffer. Thus, a directory oriented buffer cache mechanism was proposed. This mechanism divides I/O buffer into two areas, and gives higher caching priority to files in specified directories. However, this mechanism monotonically expands the area used for caching files given higher priority. Therefore, this mechanism declines the performance of the whole computer due to deterioration of cache hit ratio of files not given higher priority. Thus, this paper proposes the dynamic partitioning method based on cache hit ratio. The proposed method divides I/O buffer to maintain high cache hit ratio of files given higher priority and prevent cache hit ratio of the other files from degradation. Additionally, this paper describes the evaluation of effectivity of the proposed method.

    CiNii Article

    CiNii Books

    researchmap

  • Evaluation and design of function for tracing diffusion of classified information for file operations with KVM Reviewed

    Shota Fujii, Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Journal of Supercomputing   72 ( 5 )   1841 - 1861   2016.5

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:SPRINGER  

    © 2016, Springer Science+Business Media New York. Cases of classified information leakage have become increasingly common. To address this problem, we have proposed a function for tracing the diffusion of classified information within an operating system. However, this function suffers from the following two problems: first, in order to introduce the function, the operating system’s source code must be modified. Second, there is a risk that the function will be disabled when the operating system is attacked. Thus, we have designed a function for tracing the diffusion of classified information in a guest operating system by using a virtual machine monitor. By using a virtual machine monitor, we can introduce the proposed function in various environments without modifying the operating system’s source code. In addition, attacks aimed at the proposed function are made more difficult, because the virtual machine monitor is isolated from the operating system. In this paper, we describe the implementation of the proposed function for file operations and child process creation in the guest operating system with a kernel-based virtual machine. Further, we demonstrate the traceability of diffusing classified information by file operations and child process creation. We also report the logical lines of code required to introduce the proposed function and performance overheads.

    DOI: 10.1007/s11227-016-1671-5

    Web of Science

    Scopus

    researchmap

  • Plate: Persistent memory management for nonvolatile main memory Reviewed

    Toshihiro Yamauchi, Yuta Yamamoto, Kengo Nagai, Tsukasa Matono, Shinji Inamoto, Masaya Ichikawa, Masataka Goto, Hideo Taniguchi

    Proceedings of the ACM Symposium on Applied Computing   04-08-April-2016   1885 - 1892   2016.4

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:ACM  

    © 2016 ACM. Over the past few years, nonvolatile memory has actively been researched and developed. Therefore, studying operating system (OS) designs predicated on the main memory in the form of a nonvolatile memory and studying methods to manage persistent data in a virtual memory are crucial to encourage the widespread use of nonvolatile memory in the future. However, the main memory in most computers today is volatile, and replacing highcapacity main memory with nonvolatile memory is extremely cost-prohibitive. This paper proposes an OS structure for nonvolatile main memory. The proposed OS structure consists of three functions to study and develop OSs for nonvolatile main memory computers. First, a structure, which is called plate, is proposed whereby persistent data are managed assuming that nonvolatile main memory is present in a computer. Second, we propose a persistent-data mechanism to make a volatile memory function as nonvolatile main memory, which serves as a basis for the development of OSs for computers with nonvolatile main memory. Third, we propose a continuous operation control using the persistent-data mechanism and plates. This paper describes the design and implementation of the OS structure based on the three functions on The ENduring operating system for Distributed EnviRonment and describes the evaluation results of the proposed functions.

    DOI: 10.1145/2851613.2851744

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/sac/sac2016.html#YamauchiYNMIIGT16

  • Attacker Investigation System Triggered by Information Leakage Reviewed

    Yuta Ikegami, Toshihiro Yamauchi

    Proceedings - 2015 IIAI 4th International Congress on Advanced Applied Informatics, IIAI-AAI 2015   24 - 27   2016.1

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2015 IEEE. While a considerable amount of research has been devoted to preventing leakage of classified information, little attention has been paid to identifying attackers who steal information. If attackers can be identified, more precise countermeasures can be taken. In this paper, we propose an attacker investigation system that focuses on information leakage. The system traces classified information in a computer and substitutes it with dummy data, which is then sent to the outside. Moreover, a program embedded in the dummy data transmits information back from the attacker's computer to a pre-specified system for investigation. Information about the attacker can be obtained by an attacker executing the program.

    DOI: 10.1109/IIAI-AAI.2015.247

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iiaiaai/iiaiaai2015.html#IkegamiY15

  • Proposal of Kernel Rootkits Detection Method by Monitoring Branches Using Hardware Features Reviewed

    Yohei Akao, Toshihiro Yamauchi

    Proceedings - 2015 IIAI 4th International Congress on Advanced Applied Informatics, IIAI-AAI 2015   721 - 722   2016.1

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2015 IEEE. Attacks on computer systems have become more frequent in recent years. Attacks using kernel root kits pose a particularly serious threat. When a computer system is infected with a kernel root kit, attack detection is difficult. Because of this, handling the attack will be delayed causing an increase in the amount of damage done to the computer system. This paper proposes a new method to detect kernel root kits by monitoring the branch records in kernel space using hardware features of commodity processors. Our method utilizes the fact that many kernel root kits make branches that differ from the usual branches. By introducing our method, it is possible to detect kernel root kits immediately and, thereby, reduce damages to a minimum.

    DOI: 10.1109/IIAI-AAI.2015.243

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iiaiaai/iiaiaai2015.html#AkaoY15

  • Design of function for tracing diffusion of classified information for IPC on KVM Reviewed

    Shota Fujii, Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Journal of Information Processing   24 ( 5 )   781 - 792   2016

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2016 Information Processing Society of Japan. The leaking of information has increased in recent years. To address this problem, we previously proposed a function for tracing the diffusion of classified information in a guest OS using a virtual machine monitor (VMM). This function makes it possible to grasp the location of classified information and detect information leakage without modifying the source codes of the guest OS. The diffusion of classified information is caused by a file operation, child process creation, and inter-process communication (IPC). In a previous study, we implemented the proposed function for a file operation and child process creation excluding IPC using a kernel-based virtual machine (KVM). In this paper, we describe the design of the proposed function for IPC on a KVM without modifying the guest OS. The proposed function traces the local and remote IPCs inside the guest OS from the outside so as to trace the information diffusion. Because IPC with an outside computer might cause information leakage, tracing the IPCs enables the detection of such a leakage. We also report the evaluation results including the traceability and performance of the proposed function.

    DOI: 10.2197/ipsjjip.24.781

    Scopus

    researchmap

  • Foreword.

    Toshihiro Yamauchi

    IEICE Trans. Inf. Syst.   99-D ( 4 )   785 - 786   2016

     More details

  • Fast control method of software-managed TLB for reducing zero-copy communication overhead Reviewed

    Toshihiro Yamauchi, Masahiro Tsuruya, Hideo Taniguchi

    IEICE Transactions on Information and Systems   E98D ( 12 )   2187 - 2191   2015.12

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    © Copyright 2015 The Institute of Electronics, Information and Communication Engineers. Microkernel operating systems (OSes) use zero-copy communication to reduce the overhead of copying transfer data, because the communication between OS servers occurs frequently in the case of microkernel OSes. However, when a memory management unit manages the translation lookaside buffer (TLB) using software, TLB misses tend to increase the overhead of interprocess communication (IPC) between OS servers running on a microkernel OS. Thus, improving the control method of a software-managed TLB is important for microkernel OSes. This paper proposes a fast control method of software-managed TLB that manages page attachment in the area used for IPC by using TLB entries, instead of page tables. Consequently, TLB misses can be avoided in the area, and the performance of IPC improves. Thus, taking the SH-4 processor as an example of a processor having a software-managed TLB, this paper describes the design and the implementation of the proposed method for AnT operating system, and reports the evaluation results of the proposed method.

    DOI: 10.1587/transinf.2015PAL0003

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet98d.html#YamauchiTT15

  • マルチコア向けAnTオペレーティングシステムのファイル操作における分散効果の評価 Reviewed

    河上 裕太, 山内 利宏, 谷口 秀夫

    マルチマディア通信と分散処理ワークショップ2015論文集   2015 ( 5 )   100 - 106   2015.10

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    CiNii Article

    researchmap

  • Process hiding by virtual machine monitor for attack avoidance Reviewed

    Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Journal of Information Processing   23 ( 5 )   673 - 682   2015.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2015 Information Processing Society of Japan. As attacks to computers increase, protective software is developed. However, that software is still open to attacks by adversaries that disable its functionality. If that software is stopped or disabled, the risk of damage to the computer increases. Protections of that software are proposed however existing approaches are insufficient or cannot use those software without modification. To decrease the risk and to address these problems, this paper presents an attack avoidance method that hides process from adversaries who intend to terminate essential services. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems is unnecessary.

    DOI: 10.2197/ipsjjip.23.673

    Scopus

    researchmap

  • Dynamic Control Method for Sending User Information Using TaintDroid Reviewed

    56 ( 9 )   1857 - 1867   2015.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    In recent years, Android malware has been increasing, and countermeasures against them have become an issue. In particular, the leakage of user information by malware has become an important issue. In order to address this problem, we design and implement a method that uses TaintDroid to prevent the leakage of user information from Android device. This method tracks the diffusion of user information in a device and dynamically controls the action of application program (AP) when the leakage of user information is detected. As a result, this method prevents the leakage of user information from the device. In addition, this method obtains the AP name involved in the leakage of user information and understands the diffusion path of user information when APs communicate user information with each other. Therefore, a user can deal with each AP of leakage factors. Furthermore, this method replaces user information that is leaked from a device with a dummy data. As a result, this method prevents the leakage of user information from the device without interfering the process of AP.

    CiNii Article

    CiNii Books

    researchmap

  • Reducing resource consumption of SELinux for embedded systems with contributions to open-source ecosystems Reviewed

    Yuichi Nakamura, Yoshiki Sameshima, Toshihiro Yamauchi

    Journal of Information Processing   23 ( 5 )   664 - 672   2015.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2015 Information Processing Society of Japan. Security-Enhanced Linux (SELinux) is a useful countermeasure for resisting security threats to embedded systems, because of its effectiveness against zero-day attacks. Furthermore, it can generally mitigate attacks without the application of security patches. However, the combined resource requirements of the SELinux kernel, userland, and the security policy reduce the performance of resource-constrained embedded systems. SELinux requires tuning, and modified code should be provided to the open-source software (OSS) community to receive value from its ecosystem. In this paper, we propose an embedded SELinux with reduced resource requirements, using code modifications that are acceptable to the OSS community. Resource usage is reduced by employing three techniques. First, the Linux kernel is tuned to reduce CPU overhead and memory usage. Second, unnecessary code is removed from userland libraries and commands. Third, security policy size is reduced with a policy-writing tool. To facilitate acceptance by the OSS community, build flags can be used to bypass modified code, such that it will not affect existing features; moreover, side effects of the modified code are carefully measured. Embedded SELinux is evaluated using an evaluation board targeted for M2M gateway, and benchmark results show that its read/write overhead is almost negligible. SELinux's file space requirements are approximately 200 Kbytes, and memory usage is approximately 500 Kbytes; these account for approximately 1% of the evaluation board's respective flash ROM and RAM capacity . Moreover, the modifications did not result in any adverse side effects. The modified code was submitted to the OSS community along with the evaluation results, and was successfully merged into the community code.

    DOI: 10.2197/ipsjjip.23.664

    Scopus

    researchmap

  • Setting Method of Opportunity of Updating File Importance on FFU Reviewed

    56 ( 6 )   1451 - 1462   2015.6

     More details

    Authorship:Lead author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Buffer cache is implemented to improve I/O performance with data in disks. As buffer cache management, there are many mechanisms based on access pattern of block. On the other hand, we proposed I/O buffer cache mechanism based on the frequency of file usage (FFU). Our previous proposed mechanism calculates file importance from the information of system-call of the file operation. Then, it controls two level buffer cache based on the file importance. In this paper, we propose a setting method of opportunity of updating file importance on FFU. The proposed method focuses on whether the file state is access intensive or not. This paper also describes a setting method of parameters of the proposed method based on access information of a target system. Finally, this paper reports the evaluation results of the proposed method by using typical access pattern data and real access patterns.

    CiNii Article

    CiNii Books

    researchmap

  • Access control to prevent malicious javascript code exploiting vulnerabilities of webview in android OS Reviewed

    Jing Yu, Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E98D ( 4 )   807 - 811   2015.4

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    Copyright © 2015 The Institute of Electronics, Information and Communication Engineers. Android applications that using WebView can load and display web pages. Interaction with web pages allows JavaScript code within the web pages to access resources on the Android device by using the Java object, which is registered into WebView. If this WebView feature were exploited by an attacker, JavaScript code could be used to launch attacks, such as stealing from or tampering personal information in the device. To address these threats, we propose an access control on the security-sensitive APIs at the Java object level. The proposed access control uses static analysis to identify these security-sensitive APIs, detects threats at runtime, and notifies the user if threats are detected, thereby preventing attacks from web pages.

    DOI: 10.1587/transinf.2014ICL0001

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet98d.html#YuY15

  • CSDA: Rule-based complex sensor data aggregation system for M2M gateway Reviewed

    Yuichi Nakamura, Akira Moriguchi, Toshihiro Yamauchi

    2015 8th International Conference on Mobile Computing and Ubiquitous Networking, ICMU 2015   108 - 113   2015.3

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    © 2015 IPSJ. To reduce the server load and communication cost of machine-to-machine (M2M) systems, sensor data are aggregated in M2M gateways. The C language is typically used for programming the aggregation logic, and the program is embedded into the firmware. However, developing aggregation programs is difficult for M2M service providers because it requires gateway-specific knowledge, and consideration must be given to CPU and memory resources. In addition, modifying aggregation logic requires firmware updates, which are risky. We propose a rule-based sensor data aggregation system, called the complex sensor data aggregator (CSDA) for M2M gateways. Data aggregation is categorized into filtering, statistical calculation, and concatenation. The proposed CSDA supports this aggregation process in three steps: the input, data processing, and output steps. The behaviors of these steps are configured by an XML based rule. The CSDA also supports update modules, which download and overwrite aggregation rules from the server when the modification of data aggregation logic is required. In this case, firmware updates are not necessary. The proposed system is evaluated in an M2M gateway experimental environment. Results show that developing CSDA configurations is much easier than using C because the configuration amount decreases by 10%. In addition, the performance evaluation demonstrates the proposed system's ability to operate on M2M gateways. CPU usage was less than 10%, even with a heavy load, and memory consumption was 128 Kbytes.

    DOI: 10.1109/ICMU.2015.7061051

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/icmu/icmu2015.html#NakamuraMY15

  • Malware detection method focusing on anti-debugging functions Reviewed

    Kota Yoshizaki, Toshihiro Yamauchi

    Proceedings - 2014 2nd International Symposium on Computing and Networking, CANDAR 2014   563 - 566   2015.2

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2014 IEEE. Malware has received much attention in recent years. Antivirus software is widely used as a countermeasure against malware. However, some kinds of malware can evade detection by antivirus software, hence, a new detection method is required. In this paper, we propose a malware detection method that focuses on Anti-Debugging functions. An Anti-Debugging function is a method that prevents malware analysts from analyzing an application program (AP). The function can form part of benign as well as malicious APs. Our method focuses on a behavioral difference between benign and malicious APs and detects malware by comparing the two behavioral patterns. Evaluation results with malware confirmed our method to be capable of successfully detecting malware.

    DOI: 10.1109/CANDAR.2014.36

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2014.html#YoshizakiY14

  • Design of a Function for Tracing the Diffusion of Classified Information for File Operations with a KVM Reviewed

    Shota Fujii, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of the 2015 International Symposium on Advances in Computing, Communications, Security, and Applications (ACSA 2015)   77   2015

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    researchmap

  • Secure and fast log transfer mechanism for virtual machine Reviewed

    Masaya Sato, Toshihiro Yamauchi

    Journal of Information Processing   22 ( 4 )   597 - 608   2014.10

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2014 Information Processing Society of Japan. Ensuring the integrity of logs is essential to reliably detect and counteract attacks because adversaries tamper with logs to hide their activities on a computer. Even though some studies proposed various protections of log files, adversaries can tamper with logs in kernel space with kernel-level malicious software (malware) because file access and inter-process communication are provided by an OS kernel. Virtual machine introspection (VMI) can collect logs from virtual machines (VMs) without interposition of a kernel. It is difficult for malware to hinder that log collection, because a VM and VM monitor (VMM) are strongly separated. However, complexity and unnecessary performance overhead arise because VMI is not specialized for log collection. This paper proposes a secure and fast log transfer method using library replacement for VMs. In the proposed method, a process on a VM requests a log transfer to a VMM using the modified library, which contains a trigger for a log transfer. The VMM collects logs from the VM and isolate them to another VM. The proposed method provides VM-level log isolation and security for the mechanism itself with low performance overhead.

    DOI: 10.2197/ipsjjip.22.597

    Scopus

    researchmap

  • Proposal of Kernel Rootkits Detection Method by Comparing Kernel Stack Reviewed

    55 ( 9 )   2047 - 2060   2014.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    CiNii Article

    CiNii Books

    researchmap

  • Implementation of Multi-core Tender with Mutual Exclusion Localization Based on Mechanism of Resource Independence Reviewed

    7 ( 3 )   25 - 36   2014.8

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    CiNii Article

    CiNii Books

    researchmap

  • Complicating process identification by replacing process information for attack avoidance Reviewed

    Masaya Sato, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   8639 LNCS   33 - 47   2014.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer Verlag  

    Security-critical software is open to attacks by adversaries that disable its functionality. To decrease the risk, we propose an attack avoidance method for complicating process identification. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems and application programs are unnecessary. © 2014 Springer International Publishing.

    DOI: 10.1007/978-3-319-09843-2_3

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2014.html#SatoY14

  • A new OS structure for simplifying understanding of operating system behavior Reviewed

    Toshihiro Yamauchi, Akira Kinoshita, Taisuke Kawahara, Hideo Taniguchi

    Information (Japan)   17 ( 5 )   1945 - 1950   2014.5

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    It is difficult to understand the processing flow of complicated software such as operating systems (OSs). Thus, a mechanism that can collect and analyze behavioral information in order to comprehend the behavior of OS is necessary. Although several collection mechanisms have been developed, their OS structures were not designed to collect OS behavior. In this paper, we describe an OS structure that simplifies comprehension of OS behavior and the implementation of it on Tender OS. We also describe a mechanism for the visualization of OS behavior. Finally, we investigate the cost of introducing our proposed comprehension mechanism and the overhead and efficiency of the proposed mechanism. © 2014 International Information Institute.

    Scopus

    researchmap

  • Implementation and Evaluation of Software Control Method for TLB on Microkernel OS

    TSURUYA Masahiro, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems (Japanese edition)   97 ( 1 )   216 - 225   2014.1

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • DroidTrack: Tracking and Visualizing Information Diffusion for Preventing Information Leakage on Android.

    Shunya Sakamoto, Kenji Okuda, Ryo Nakatsuka, Toshihiro Yamauchi

    Journal of Internet Services and Information Security   4 ( 2 )   55 - 69   2014

     More details

    Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.22667/JISIS.2014.05.31.055

    researchmap

  • KRGuard: Kernel Rootkits Detection Method by Monitoring Branches Using Hardware Features Reviewed

    Yohei Akao, Toshihiro Yamauchi

    2016 INTERNATIONAL CONFERENCE ON INFORMATION SCIENCE AND SECURITY (ICISS)   22 - 26   2014

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    Attacks on an operating system kernel using kernel rootkits pose a particularly serious threat. Detecting an attack is difficult when the operating system kernel is infected with a kernel rootkit. For this reason, handling an attack will be delayed causing an increase in the amount of damage done to a computer system. In this paper, we discuss KRGuard (Kernel Rootkits Guard), which is a new method to detect kernel rootkits that monitors branch records in the kernel space. Since many kernel rootkits make branches that differ from the usual branches in the kernel space, KRGuard can detect these differences by using hardware features of commodity processors. Our evaluation shows that KRGuard can detect kernel rootkits with small overhead.

    Web of Science

    researchmap

  • Implementation of the Localized Exclusive Control for Multi-core Tender

    Takahiro Yamamoto, Toshihiro Yamauchi, Hideo Taniguchi

    2013 ( 2013 )   14 - 23   2013.11

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Secure log transfer by replacing a library in a virtual machine Reviewed

    Masaya Sato, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   8231 LNCS   1 - 18   2013.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    Ensuring the integrity of logs is essential to reliably detect and counteract attacks, because adversaries tamper with logs to hide their activities on a computer. Even though some research studies proposed different ways to protect log files, adversaries can tamper with logs in kernel space with kernel-level malicious software (malware). In an environment where Virtual Machines (VM) are utilized, VM Introspection (VMI) is capable of collecting logs from VMs. However, VMI is not optimized for log protection and unnecessary overhead is incurred, because VMI does not specialize in log collection. To transfer logs out of a VM securely, we propose a secure log transfer method of replacing a library. In our proposed method, a process on a VM requests a log transfer by using the modified library, which contains a trigger for a log transfer. When a VM Monitor (VMM) detects the trigger, it collects logs from the VM and sends them to another VM. The proposed method provides VM-level log isolation and security for the mechanism itself. This paper describes design, implementation, and evaluation of the proposed method. © 2013 Springer-Verlag.

    DOI: 10.1007/978-3-642-41383-4_1

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2013.html#SatoY13

  • Access control to prevent attacks exploiting vulnerabilities of WebView in android OS Reviewed

    Jing Yu, Toshihiro Yamauchi

    Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013   1628 - 1633   2013.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    Android applications that using WebView can load and display web pages. Furthermore, by using the APIs provided in WebView, Android applications can interact with web pages. The interaction allows JavaScript code within the web pages to access resources on the Android device by using the Java object, which is registered into WebView. If this WebView feature were exploited by an attacker, JavaScript code could be used to launch attacks, such as stealing from or tampering personal information in the device. To address these threats, we propose a method that performs access control on the security-sensitive APIs at the Java object level. The proposed method uses static analysis to identify these security-sensitive APIs, detects threats at runtime, and notifies the user if threats are detected, thereby preventing attacks from web pages. © 2013 IEEE.

    DOI: 10.1109/HPCC.and.EUC.2013.229

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/hpcc/hpcc2013.html#YuY13

  • Implementation of a Method for Dynamic Control of Application Programs by Extending SEAndroid Reviewed

    Shinya Yagi, Toshihiro Yamauchi

    Journal of Information Processing   54 ( 9 )   2220 - 2231   2013.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    CiNii Article

    CiNii Books

    researchmap

  • RL-001 Kernel Level Rootkits Detection System by Comparing Kernel Stack Reviewed

    Ikegami Yuta, Yamauchi Toshihiro

    12 ( 4 )   1 - 6   2013.8

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (conference, symposium, etc.)   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • Implementation of Distribution Method of OS processing for Hign Throughput

    Takeshi Sakoda, Toshihiro Yamauchi, Hideo Taniguchi

    2013 ( 2013 )   1663 - 1670   2013.7

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • A mechanism for achieving a bound on execution performance of process group to limit CPU abuse

    Toshihiro Yamauchi, Takayuki Hara, Hideo Taniguchi

    Journal of Supercomputing   65 ( 1 )   38 - 60   2013.7

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER  

    The secure OS has been the focus of several studies. However, CPU resources, which are important resources for executing a program, are not the object of access control in secure OS. For preventing the abuse of CPU resources, we had earlier proposed a new type of execution resource that controls the maximum CPU usage (Tabata et al. in Int. J. Smart Home 1(2):109-128, 2007). The previously proposed mechanism can control only one process at a time. Because most services involve multiple processes, the mechanism should control all the processes in each service. In this paper, we propose an improved mechanism that helps to achieve a bound on the execution performance of a process group in order to limit unnecessary processor usage. We report the results of an evaluation of our proposed mechanism. © 2011 Springer Science+Business Media, LLC.

    DOI: 10.1007/s11227-011-0707-0

    Web of Science

    Scopus

    researchmap

  • Proposal and Evaluation of Method to Set High Priority Directories for a Directory Oriented Buffer Cache Mechanism

    TSUCHIYA Akiyoshi, MATSUBARA Takahiro, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems (Japanese edetion)   96 ( 3 )   506 - 518   2013.3

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • External Storage Mechanism for Preserving File Access Log with Virtualization Technology

    54 ( 2 )   585 - 595   2013.2

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    Recently, it is more important to grasp and control the damage of attacks safely, so much research has been done to increase the security of the general-purpose OS by observing the behavior using virtualization technology. In this paper, we propose a mechanism to observe and logging the file access in guest OS from virtual machine monitor using the inter-domain communication by the filter driver. Our mechanism can be applied independently of the implementation of virtual machine monitor. By hooking file accesses in the guest OS, log messages are transferred and stored to the virtual machine monitor, so our approach is effective from the viewpoint of preservation of the log. We show the design and implementation of our mechanism for both Xen and KVM. Furthermore, we report the results of measuring the performance when accessing files as evaluation.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00090264/

  • DroidTrack: Tracking information diffusion and preventing information leakage on android

    Syunya Sakamoto, Kenji Okuda, Ryo Nakatsuka, Toshihiro Yamauchi

    Lecture Notes in Electrical Engineering   240 LNEE   243 - 251   2013

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    An app in Android can collaborate with other apps and control personal information by using the Intent or user's allowing of permission. However, users cannot detect when they communicate. Therefore, users might not be aware information leakage if app is malware. This paper proposes DroidTrack, a method for tracking the diffusion of personal information and preventing its leakage on an Android device. DroidTrack alerts the user of the possibility of information leakage when an app uses APIs to communicate with outside. These alerts are triggered only if the app has already called APIs to collect personal information. Users are given the option to refuse the execution of the API if it is not appropriate. Further, by illustrating how their personal data is diffused, users can have the necessary information to help them decide whether the API use is appropriate. © 2013 Springer Science+Business Media Dordrecht(Outside the USA).

    DOI: 10.1007/978-94-007-6738-6_31

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/mue/mue2013.html#SakamotoONY13

  • Design and evaluation of a diffusion tracing function for classified information among multiple computers

    Nobuto Otsubo, Shinichiro Uemura, Toshihiro Yamauchi, Hideo Taniguchi

    Lecture Notes in Electrical Engineering   240 LNEE   235 - 242   2013

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    In recent years, the opportunity to deal with classified information in a computer has increased, so the cases of classified information leakage have also increased. We have developed a function called "diffusion tracing function for classified information" (tracing function), which has the ability to trace the diffusion of classified information in a computer and to manage which resources might contain classified information. The classified information exchanged among the processes in multiple computers should be traced. This paper proposes a method which traces the diffusion for classified information among multiple computers. Evaluation results show the effectiveness of the proposed methods. © 2013 Springer Science+Business Media Dordrecht(Outside the USA).

    DOI: 10.1007/978-94-007-6738-6_30

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/mue/mue2013.html#OtsuboUYT13

  • Evaluation of load balancing in multicore processor for AnT

    Takeshi Sakoda, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings - 16th International Conference on Network-Based Information Systems, NBiS 2013   360 - 365   2013

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    Operating systems (OSes) that is based on microkernel architecture have high adaptability and toughness. In addition, multicore processors have been developed along with the progress of LSI technology. By running a microkernel OS on a multicore processor and distributing the OS server to multiple cores, it is possible to realize load balancing of the OS processing. In this method, transaction processing, which requires a large amount of OS processing, can be provided effectively in a multicore environment. This paper presents evaluations of distributed OS processing performances for various scenarios for AnT operating system that is based on the microkernel architecture in a multicore environment. In these evaluations, we describe the differences in performance by distribution forms when referring the data in a block. Moreover, we use the PostMark and Bonnie benchmark tools to evaluate the effects of load balancing for the distribution forms. © 2013 IEEE.

    DOI: 10.1109/NBiS.2013.57

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nbis/nbis2013.html#SakodaYT13

  • Implementation of Mechanism to Support Tracing Diffusion of Classified Information by Visualization and Filtering Function

    53 ( 9 )   2171 - 2181   2012.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    The number of incidents leaking of classified information has increased. To prevent leakage of information, it is important for users to understand the usage of classified information. To understand the usage of classified information, an method has implemented that monitors operations on the classified information and logs those operations. However, because an analysis of logs is necessary for understanding the usage of classified information, it is difficult to prevent leakage of classified information. We proposed the function to trace the classified information diffusion and detect a leakage of classified information. However, to understand the usage of classified information from the function by users, it is necessary to analyze the log in text format. Therefore, it takes long time to investigate the cause of the leakage of information. This paper proposes a function to visualize diffusion path of classified information. The function enables us to visualize the diffusion path of designated files that contain classified information. In addition, the function can visualize the diffusion paths focusing on the designated period of file operations. This paper also describes the implementation of the proposed function by extending the existing tracing function of classified information.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00083925/

  • VMM-based log-tampering and loss detection scheme Reviewed

    Masaya Sato, Toshihiro Yamauchi

    Journal of Internet Technology   13 ( 4 )   655 - 666   2012.7

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:NATL ILAN UNIV, JIT  

    Logging information about the activities that placed in a computer is essential for understanding its behavior. In Homeland Security, the reliability of the computers used in their activities is of paramount importance. However, attackers can delete logs to hide evidence of their activities. Additionally, various problems may result in logs being lost. These problems decrease the dependability of Homeland Security. To address these problems, we previously proposed a secure logging scheme using a virtual machine monitor (VMM). The scheme collects logs and isolates them from the monitored OS. However, the scheme cannot store them automatically. Thus, logs in memory are lost when the computer is shutdown. Further, if the logs are not stored, it is impossible to detect incidents of tampering by comparing the logs of the monitored OS with those of the logging OS. To address these additional problems, this paper proposes a log-storing module and a tamper detection scheme. The log-storing module automatically stores logs collected by the logging module, and tamper detection is realized by comparing these stored log files with those of the monitored OS. We implemented the log-storing module and realized the tamper detection scheme. Evaluations reveal the effectiveness of the tamper detection scheme.

    Web of Science

    Scopus

    researchmap

  • Implementation and Evaluation of a Method for CMP-Oriented Thread Scheduling Based on Continuation Model

    MORIYAMA Hideaki, YAMAUCHI Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    The IEICE transactions on information and systems (Japanese edetion)   95 ( 3 )   400 - 411   2012.3

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • SELinuxの不要なセキュリティポリシ削減の自動化手法の提案 Reviewed

    矢儀 真也,中村 雄一,山内 利宏

    情報処理学会論文誌 コンピューティングシステム(ACS)   5 ( 2 )   63 - 73   2012.3

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    researchmap

  • Logging System to Prevent Tampering and Loss with Virtual Machine Monitor

    53 ( 2 )   847 - 856   2012.2

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    Logging information is necessary in order to understand a computer's behavior. However, there is a possibility that attackers will delete logs to hide the evidence of their attacking and cheating. Moreover, various problems might cause the loss of logging information. To address these issues, we propose a system to prevent tampering and loss of logging information using a virtual machine monitor (VMM). In this system, logging information generated by the operating system (OS) and application program (AP) working on the target virtual machine (VM) is gathered by the VMM without any modification of the kernel source codes. The security of the logging information is ensured by its isolation from the VM. In addition, the isolation and multiple copying of logs can help in the detection of tampering.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00080698/

  • Novel control method for preventing missed deadlines in periodic scheduling

    Yuuki Furukawa, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of the 2012 15th International Conference on Network-Based Information Systems, NBIS 2012   459 - 464   2012

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE Computer Society  

    Processing that is executed periodically must be completed before the next release time. If such processing is not completed before the next release time, the processing that had been scheduled is not executed. This is complicated by the fact that the execution time from release to the end of periodically executed processing is not constant, due to changing I/O processing time and the influence of timer interrupts. To solve this, we propose a system that records the execution time of the processing, judges whether the processing will be finished before the specified deadline, and can execute appropriate processing that can be completed within the remaining time. In this paper, we describe the design and evaluation of our system. © 2012 IEEE.

    DOI: 10.1109/NBiS.2012.79

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nbis/nbis2012.html#FurukawaYT12

  • LSMPMON: Performance evaluation mechanism of LSM-based secure OS

    Toshihiro Yamauchi, Kenji Yamamoto

    International Journal of Security and its Applications   6 ( 2 )   81 - 90   2012

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (scientific journal)  

    Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSs can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSs for Linux have been developed. In these OSs, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON). This paper reports the evaluation results of three secure OSs on Linux 2.6.36 by LSMPMON. The results show the effect of introducing the secure OS.

    Scopus

    researchmap

  • Design of an OS Architecture that Simplifies Understanding of Operating System Behavior

    Toshihiro Yamauchi, Akira Kinoshita, Taisuke Kawahara, Hideo Taniguchi

    Proceedings of 2012 International Conference on Information Technology and Computer Science (ITCS 2012)   51 - 58   2012

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)  

    researchmap

  • Proposal of a Method to Automatically Reduce Redundant Security Policy of SELinux

    5 ( 2011 )   84 - 94   2011.11

     More details

  • Limiting Use of Tokens for Improvement of Bayesian Filter

    52 ( 9 )   2686 - 2696   2011.9

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Using the Bayesian filter is a popular approach to distinguish between spam and legitimate e-mails. Spam senders sometimes modify emails to bypass the Bayesian filter. The tokens included in the e-mail are investigated for improving the accuracy of classification of emails. The results show that tokens found at the first time sometimes degrade the accuracy of the classification. In this paper, we propose an anti-spam method that consider the difference of the property of tokens. The proposed method limits the use of tokens for improvement of Bayesian filter. The evaluations were performed by using some email sets. The results shows that the proposed method can decrease the false negative rate.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00077500/

  • Evaluation of Performance of Secure OS Using Performance Evaluation Mechanism of LSMPMON

    52 ( 9 )   2596 - 2601   2011.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    In some projects, secure OSes for Linux have been developed and different implementations have been adopted. However, there is no report on evaluation of performance of secure OS that after Linux 2.6.19 in detail, and the relationship between the kernel version and the performance is not clear. Therefore, we evaluate change of the performance at the version interval and overhead of three secure OSes (SELinux, TOMOYO Linux, LIDS), by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON) developed for Linux 2.6.30. This paper shows the performance of secure OSes on Linux 2.6.30.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00077491/

  • VMBLS: Virtual machine based logging scheme for prevention of tampering and loss Reviewed

    Masaya Sato, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   6908 LNCS   176 - 190   2011.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    Logging information is necessary in order to understand a computer's behavior. However, there is a possibility that attackers will delete logs to hide the evidence of their attacking and cheating. Moreover, various problems might cause the loss of logging information. In homeland security, the plans for counter terrorism are based on data. The reliability of the data is depends on that of data collector. Because the reliability of the data collector is ensured by logs, the protection of it is important problem. To address these issues, we propose a system to prevent tampering and loss of logging information using a virtual machine monitor (VMM). In this system, logging information generated by the operating system (OS) and application program (AP) working on the target virtual machine (VM) is gathered by the VMM without any modification of the OS. The security of the logging information is ensured by its isolation from the VM. In addition, the isolation and multiple copying of logs can help in the detection of tampering. © 2011 IFIP International Federation for Information Processing.

    DOI: 10.1007/978-3-642-23300-5_14

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/IEEEares/ares2011.html#SatoY11

  • Implementation and Evaluation for Sophisticated Periodic Execution Control in Embedded Systems

    Yuuki Furukawa, Toshihiro Yamauchi, Hideo Taniguchi

    International Journal of Control and Automation   4 ( 2 )   59 - 78   2011

     More details

    Language:English   Publishing type:Research paper (scientific journal)  

    researchmap

  • Control method of multiple services for CMP based on continuation model

    Hideaki Moriyama, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings - 4th International Conference on Interaction Sciences: IT, Human and Digital Content, ICIS 2011   2011 ( 29 )   83 - 89   2011

     More details

    Language:Japanese   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    In a chip multiprocessor based on the continuation concept, the hardware scheduler controls threads and achieves high performance on thread scheduling. However, the priority of threads is not considered during execution because the hardware thread scheduler schedules threads in a FIFO manner. Therefore, when multiple services execute simultaneously, the execution of each service cannot consider the priority of service. In such a case, software support is needed to control the execution of each service. This paper presents a software scheduler for multiple services that supports the hardware scheduler. In addition, this paper also reports the evaluation of the software scheduler, which targets multiple services. © 2011 AICIT.

    Scopus

    CiNii Article

    CiNii Books

    researchmap

    Other Link: https://dblp.uni-trier.de/rec/conf/interaction/2011

  • Evaluation of performance of secure OS using performance evaluation mechanism of LSM-based LSMPMON Reviewed

    Kenji Yamamoto, Toshihiro Yamauchi

    Communications in Computer and Information Science   122 CCIS   57 - 67   2010.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSes can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSes for Linux have been developed. In these OSes, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS, and a characteristic by the difference of the implementation method by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON); the LSMPMON can be used to evaluate three different secure OSes. © 2010 Springer-Verlag.

    DOI: 10.1007/978-3-642-17610-4_7

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/fgit/sectech2010.html#YamamotoY10

  • Implementation and Evaluation of Zero-Copy Communication Processing on Physical Memory Exchange Mechanism

    KADO Naofumi, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems   93 ( 11 )   2380 - 2389   2010.11

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Converting Linux LKM Device Driver into Concrete Process in AnT Operating System

    SHIMAZAKI Yutaka, YAMAUCHI Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    The IEICE transactions on information and systems   93 ( 10 )   1990 - 2000   2010.10

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Proposal of I/O Buffer Cache Mechanism Based on the Frequency of System Call of the File Operation

    3 ( 1 )   50 - 60   2010.3

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    Buffer cache is implemented to improve I/O performance with data in disks. As buffer cache management, there are many mechanisms, but still many operating systems deploy LRU (Least Recently Used) algorithm. On the other hand, to reflect process contents of application programs to buffer cache, management scheme based on the system calls which application programs requested is better. Then, we propose I/O buffer cache mechanism based on the frequency of system call of the file operation. Our proposed mechanism calculates file importance from information of file operation. In addition in buffer cache blocks are replaced based on this file importance. In this paper, we describe our mechanism improves I/O performance by evaluation of application programs.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00068428/

  • A mechanism that bounds execution performance for process group for mitigating CPU abuse

    Toshihiro Yamauchi, Takayuki Hara, Hideo Taniguchi

    Communications in Computer and Information Science   122 CCIS   84 - 93   2010

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    Secure OS has been the focus of several studies. However, CPU resources, which are important resources for executing a program, are not the object of access control. For preventing the abuse of CPU resources, we had earlier proposed a new type of execution resource that controls the maximum CPU usage [5,6] The previously proposed mechanism can control only one process at a time. Because most services involve multiple processes, the mechanism should control all the processes in each service. In this paper, we propose an improved mechanism that helps to achieve a bound on the execution performance of a process group, in order to limit unnecessary processor usage. We report the results of an evaluation of our proposed mechanism. © 2010 Springer-Verlag.

    DOI: 10.1007/978-3-642-17610-4_10

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/fgit/sectech2010.html#YamauchiHT10

  • SELinux security policy configuration system with higher level language

    Yuichi Nakamura, Yoshiki Sameshima, Toshihiro Yamauchi

    Journal of Information Processing   18   201 - 212   2010

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2010 Information Processing Society of Japan. Creating security policy for SELinux is difficult because access rules often exceed 10,000 and elements in rules such as permissions and types are understandable only for SELinux experts. The most popular way to facilitate creating security policy is refpolicy which is composed of macros and sample configurations. However, describing and verifying refpolicy based configurations is difficult because complexities of configuration elements still exist, using macros requires expertise and there are more than 100,000 configuration lines. The memory footprint of refpolicy which is around 5MB by default, is also a problem for resource constrained devices. We propose a system called SEEdit which facilitates creating security policy by a higher level language called SPDL and SPDL tools. SPDL reduces the number of permissions by integrated permissions and removes type configurations. SPDL tools generate security policy configurations from access logs and tool user’s knowledge about applications. Experimental results on an embedded system and a PC system show that practical security policies are created by SEEdit, i.e., describing configurations is semi-automated, created security policies are composed of less than 500 lines of configurations, 100 configuration elements, and the memory footprint in the embedded system is less than 500 KB.

    DOI: 10.2197/ipsjjip.18.201

    Scopus

    researchmap

  • ISIPC: Instant synchronous interprocess communication

    Toshihiro Yamauchi, Kazuhiro Fukutomi, Hideo Taniguchi

    Journal of Next Generation Information Technology   1 ( 3 )   75 - 83   2010

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (scientific journal)  

    Interprocess communication (IPC) is often used to exchange data between cooperative processes, and the performance of IPC largely determines the processing time of application programs. Moreover, it is used for most of the kernel calls in a microkernel-based operating system (OS). Therefore, the performance of IPC affects the performance of the OS. In addition, the completion of the message-passing mechanism has to be indicated by executing a receive operation in order to maintain synchronization. Thus, two operations are required in this mechanism to complete the communication. On the other hand, no receive operation is required to indicate the completion of the communication in the case of asynchronous communication; however, in this case, no proof of the data being received is provided to the sender process. In this paper, we propose an instant synchronous interprocess communication (ISIPC) mechanism that can achieve both instantaneous communication and data synchronization. ISIPC has two functions: push function and sack function. We describe the design of the ISIPC mechanism and also its implementation on the Tender operating system. In addition, we present the evaluation results for the ISIPC mechanism.

    DOI: 10.4156/jnit.vol1.issue3.9

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/jnit/jnit1.html#YamauchiFT10

  • Proposal for sophisticated periodic execution control in embedded systems

    Yuuki Furukawa, Toshihiro Yamauchi, Hideo Taniguchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   6485 LNCS   549 - 563   2010

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    In embedded systems, the types of processings to be executed are limited, and many processes are executed periodically. In such systems, we need to reduce the overhead of periodic execution control and the dispersion of the processing time. ART-Linux has been proposed as a conventional real-time operating system that can be used for this purpose in various devices such as robots. In this paper, we discuss the periodic execution control of ART-Linux and clarify several problems. Next, we propose a design for sophisticated periodic execution control in order to solve these problems. Finally, we discuss the realization of periodic execution control, the effect of this control, and the result of the evaluation. © 2010 Springer-Verlag Berlin Heidelberg.

    DOI: 10.1007/978-3-642-17569-5_54

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/fgit/fgit2010.html#FurukawaYT10

  • Proposal of I/O Buffer Cache Mechanism Based on the Frequency of System Call of the File Operation

    片上達也, 田端利宏, 谷口秀夫

    情報処理学会論文誌トランザクション(CD-ROM)   2009 ( 2 )   2010

  • Evaluation of Dynamic OS Server Replacement Mechanism fo AnT

    2009 ( 9 )   261 - 266   2009.9

     More details

  • Tracing Classified Information Diffusion for Protecting Information Leakage

    Toshihiro Tabata, Satoshi Hakomori, Kei Ohashi, Shinichiro Uemura, Kazutoshi Yokoyama, Hideo Taniguchi

    50 ( 9 )   2088 - 2102   2009.9

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    In personal computer environment, it is important to protect the information leakage. In this paper, a mechanism of protecting information leakage is proposed. This mechanism has two functions. One function is the function of tracing classified information. The other function is the function of controlling the write function. The tracing function is deployed by hook the call of file operations, interprocess communication, and process creation. This paper describes a method that improve the accuracy of tracing classified information and reduce the labor of configuration. This paper shows the proposed mechanism can trace all files and improve the the accuracy of tracing classified information by using the user judgement.

    CiNii Article

    CiNii Books

    researchmap

  • Tracing Classified Information Diffusion for Protecting Information Leakage

    田端利宏, 箱守聰, 大橋慶, 植村晋一郎, 横山和俊, 谷口秀夫

    情報処理学会論文誌ジャーナル(CD-ROM)   50 ( 9 )   2088 - 2102   2009.9

     More details

  • Design and Implementation of Performance Evaluation Function of Secure OS Based on LSM

    MATSUDA Naoto, SATO Kazuya, TABATA Toshihiro, MUNETOH Seiji

    The IEICE transactions on information and systems   92 ( 7 )   963 - 974   2009.7

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Implementation and Evaluation of Heterogeneous Virtual Storage (HVS) on Tender Operating System

    TABATA Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems   92 ( 1 )   12 - 24   2009.1

     More details

    Authorship:Lead author   Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • ファイル操作のシステムコール発行頻度に基づくバッファキャッシュ制御法の提案

    Tatsuya Katakami, Toshihiro Tabata, Hideo Taniguchi

    2009 ( 13 )   111 - 118   2009

     More details

    Language:Japanese  

    J-GLOBAL

    researchmap

  • SEEdit: SELinux security policy configuration system with higher level language

    Yuichi Nakamura, Yoshiki Sameshima, Toshihiro Tabata

    Proceedings of the 23rd Large Installation System Administration Conference, LISA 2009   107 - 117   2009

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:USENIX Association  

    © LISA 2009. Security policy for SELinux is usually created by customizing a sample policy called refpolicy. However, describing and verifying security policy configurations is difficult because in refpolicy, there are more than 100,000 lines of configurations, thousands of elements such as permissions, macros and labels. The memory footprint of refpolicy which is around 5MB, is also a problem for resource constrained devices. We propose a security policy configuration system SEEdit which facilitates creating security policy by a higher level language called SPDL and SPDL tools. SPDL reduces the number of permissions by integrated permissions and removes label configurations. SPDL tools generate security policy configurations from access logs and tool user's knowledge about applications. Experimental results on an embedded system and a PC system show that practical security policies are created by SEEdit, i.e., describing configurations is semiautomated, created security policies are composed of less than 500 lines of configurations, 100 configuration elements, and the memory footprint in the embedded system is less than 500KB.

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/conf/lisa/2009

  • Dynamic OS Server Replacement Scheme for AnT

    藤原康行, 岡本幸大, 田端利宏, 乃村能成, 谷口秀夫

    情報処理学会シンポジウム論文集   2008 ( 14 )   201 - 206   2008.12

     More details

  • Realization and Evaluation of High Speed Fork & Exec System-Call by Recycling Resource on Tender

    SAEKI Kenji, TABATA Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems   91 ( 12 )   2892 - 2903   2008.12

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Bayesian-filter-based Image Spam Filtering Method

    49 ( 9 )   3093 - 3103   2008.9

     More details

    Language:Japanese  

    In recent years, with the spread of the Internet, the increase in the number of spam has become one of the most serious problems. A recent report reveals that 91% of all e-mail exchanged in 2006 was spam. Using the Bayesian filter is a popular approach to distinguish between spam and legitimate e-mails. It applies the Bayes theory to identify spam. This filter proffers high filtering precision and is capable of detecting spam as per personal preferences. However, the number of image spam, which contains the spam message as an image, has been increasing rapidly. The Bayesian filter is not capable of distinguishing between image spam and legitimate e-mails since it learns from and examines only text data. Therefore, in this study, we propose an anti-image spam technique that uses image information such as file size. This technique can be easily implemented on the existing Bayesian filter. In addition, we report the results of the evaluations of this technique.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00009442/

  • Implementation and Evaluation of a Directory Oriented Buffer Cache Mechanism

    TABATA Toshihiro, KOTOGE Miyuki, NOMURA Yoshinari, TANIGUCHI Hideo

    The IEICE transactions on information and systems   91 ( 2 )   435 - 448   2008.2

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design and evaluation of a Bayesian-filter-based image spam filtering method

    Masahiro Uemura, Toshihiro Tabata

    Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008   49 ( 9 )   46 - 51   2008

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    In recent years, with the spread of the Internet, the number of spam e-mail has become one of the most serious problems. A recent report reveals that 91% of all e-mail exchanged in 2006 was spam. Using the Bayesian filter is a popular approach to distinguish between spam and legitimate e-mails. It applies the Bayes theory to identify spam. This filter proffers high filtering precision and is capable of detecting spam as per personal preferences. However, the number of image spam, which contains the spam message as an image, has been increasing rapidly. The Bayesian filter is not capable of distinguishing between image spam and legitimate e-mails since it learns from and examines only text data. Therefore, in this study, we propose an anti-image spam technique that uses image information such as file size. This technique can be easily implemented on the existing Bayesian filter. In addition, we report the results of the evaluations of this technique. © 2008 IEEE.

    DOI: 10.1109/ISA.2008.84

    Web of Science

    Scopus

    J-GLOBAL

    researchmap

  • 機密情報の拡散追跡機能を利用した書き出し制御手法

    植村 晋一郎, 田端 利宏, 谷口 秀夫, 横山 和俊, 箱守 聰

    マルチメディア,分散,協調とモバイル(DICOMO2008)シンポジウム論文集   768 - 775   2008

     More details

  • Proposal of instant synchronous interprocess communication

    Toshihiro Tabata, Kazuhiro Fukutomi, Hideo Taniguchi

    Proceedings - 3rd International Conference on Convergence and Hybrid Information Technology, ICCIT 2008   2   146 - 149   2008

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    Interprocess communication (IPC) is often applied to cooperative processes and IPC performance largely determine the processing time. Here, we propose an instant synchronous IPC mechanism for preferential processing of high-priority data. In addition, we present that the results of an evaluation using an application program by using an imprecise computational model. © 2008 IEEE.

    DOI: 10.1109/ICCIT.2008.106

    Web of Science

    Scopus

    researchmap

  • I/O buffer cache mechanism based on the frequency of file usage

    Tatsuya Katakami, Toshihiro Tabata, Hideo Taniguchi

    Proceedings - 3rd International Conference on Convergence and Hybrid Information Technology, ICCIT 2008   2   76 - 82   2008

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    Most operating systems manage buffer caches for buffering I/O blocks, because I/O processing is slower than CPU processing. Application programs request I/O processing from files. In order to improve the performance of I/O processing, a buffer cache should be managed with regard to both blocks and files. This paper proposes an I/O buffer cache mechanism based on the frequency of file usage. This mechanism calculates the importance of each file. Then, blocks of important files are stored in a protected space. The blocks stored in the protected space are given priority for caching. We evaluated the proposed mechanism by kernel make processing. The results show that the proposed mechanism improves the processing time by 18 s (5.7%) as compared to the LRU algorithm. © 2008 IEEE.

    DOI: 10.1109/ICCIT.2008.107

    Web of Science

    Scopus

    researchmap

  • An Improved Recyclable Resource Management Method for Fast Process Creation and Reduced Memory Consumption

    Toshihiro Tabata, Hideo Taniguchi

    International Journal of Hybrid Information Technology (IJHIT)   1 ( 1 )   31 - 44   2008

     More details

  • Integrated access permission: Secure and simple policy description by integration of file access vector permission

    Takuto Yamaguchi, Toshihiro Tabata, Yuichi Nakamura

    Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008   40 - 45   2008

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    In pervasive computing, embedded systems have a possibility to be attacked by crackers, including 0-day attack, as well as enterprise systems. In particular, in a case where a cracker gets a root privilege, damages are significant. To resolve this problem, Security-Enhanced Linux (SELinux) is useful. However, SELinux has a problem that is significant complexity for configuration because of too fine-grained access control. As a method for resolving this problem, SELinux Policy Editor (SEEdit) has been developed; this is a tool that simplifies the SELinux configuration. SEEdit uses the Simplified Policy Description Language (SPDL) as a policy description language. In the SPDL, we define new access permissions that integrate Access Vector Permissions (AVPs) employed in SELinux to provide access permissions in a security policy. Thus, we propose a set of access permissions named Integrated Access Permissions (IAPs), which enables the achievement of a good balance between reducing the workload of the configurations and guaranteeing security in SELinux. In addition, we evaluate our IAPs and show them almost secure. © 2008 IEEE.

    DOI: 10.1109/ISA.2008.21

    Web of Science

    Scopus

    researchmap

  • Mechanism of regulating execution performance for process group by execution resource on tender operating system

    Toshihiro Tabata, Yoshinari Nomura, Hideo Taniguchi

    Systems and Computers in Japan   38 ( 14 )   63 - 78   2007.12

     More details

    Language:English   Publishing type:Research paper (scientific journal)  

    With increases in the performance of computers, it has become possible to provide a large number of services on a single computer. However, since the required execution performance can vary from service to service, it is necessary to guarantee execution performance for each service individually. In addition, it is common for a single service to be composed of multiple processes. Consequently, the ability to regulate execution performance for units consisting of multiple processes is desirable. Therefore, in this paper we propose a mechanism for regulating the execution performance of process groups using execution resources that encapsulate the assignable processor units designed for the Tender operating system. Specifically, executions are managed in a tree-structure and we then regulate execution performance by associating processes with these executions. In addition, we show via an implementation and evaluations that the proposed method is able to regulate the execution performance of process groups well and present an evaluation that makes use of a Web server. © 2007 Wiley Periodicals, Inc.

    DOI: 10.1002/scj.20403

    Scopus

    J-GLOBAL

    researchmap

  • Write Control Method by Using Diffusion Tracing Function of Classified Information

    大橋慶, 箱守聰, 箱守聰, 田端利宏, 横山和俊, 谷口秀夫

    情報処理学会シンポジウムシリーズ(CD-ROM)   2007 ( 1 )   690 - 697   2007

  • A recyclable resource management method for fast process creation and reduced memory consumption

    Toshihiro Tabata, Hideo Taniguchi

    Proceedings The 2007 International Conference on Intelligent Pervasive Computing, IPC 2007   194 - 199   2007

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    The costs involved in process creation and termination make this procedure expensive. This procedure expensive, thus degrading the performance of program execution. To solve this problem, a fast process creation and termination mechanism is proposed. This mechanism is implemented by recycling process resources. In order to improve the efficiency of recycling, the management of preserved process resources for recycling is an important factor. In this paper, we propose an improved resource management method for recycling process resources and an adaptive control mechanism. In the method, only one process resource with a program image is preserved for each program that occurs with high frequency of program execution. The proposed method can reduce the amount of memory consumption for preserved process resources in a concurrent execution environment. We also describe the implementation of the proposed method on the Tender operating system and report the results of our experiments. © 2007 IEEE.

    DOI: 10.1109/IPC.2007.83

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ipc/ipc2007.html#TabataT07

  • Evaluation for guarantee of service processing by regulating program execution resource

    箱守聰, 箱守聰, 田端利宏, 横山和俊, 谷口秀夫

    情報処理学会シンポジウム論文集   2007 ( 14 )   183 - 190   2007

  • A CPU usage control mechanism for processes with execution resource for mitigating CPU DoS attack

    Toshihiro Tabata, Satoshi Hakomori, Kazutoshi Yokoyama, Hideo Taniguchi

    International Journal of Smart Home   1 ( 2 )   109 - 128   2007

     More details

    Publishing type:Research paper (scientific journal)  

    In a ubiquitous environment, the hardware resources are limited; thus, an appropriate resource management mechanism is required for guaranteeing its processing activity. However, most operating systems (OSs) lack an access control mechanism for CPU resources to guarantee satisfactory processing and to safeguard the system from malicious attacks that affect the CPU resources, resulting in denial of service (DoS). Access control is not intended for CPU resources, which are important for the execution of a program. As a result, OSs cannot control the usage ratio of CPU resources. In this paper, we propose an access control model for CPU resources based on an execution resource. The proposed model can control the usage ratio of CPU resources appropriately for each user and each program domain. This execution resource can be applied to mitigate DoS attacks. In order to evaluate the effectiveness of the proposed method, we describe the results of a basic performance experiment and a DoS simulation experiment employing the Apache web server. From the results, we show that the proposed method can mitigate DoS attacks and does not have bad effects upon the performance of a target service.

    Scopus

    researchmap

  • An intrusion detection system which can restore altered data

    Fumiaki Nagano, Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    Fourth International Conference on Information Technology and Applications, ICITA 2007   29 - 34   2007

     More details

    Publishing type:Research paper (international conference proceedings)  

    We propose an intrusion detection system. Our system can detect the alteration of data in memory and also can restore altered data. This type of intrusion detection system has been proposed variously so far. But many of them can detect only a part of attacks. And as far as we know, few of them can restore altered data. Our system can detect attacks which can not be detected by existing systems and also can restore altered data. Our system protects data in the kernel area using hash functions. The overhead of accessing the kernel area and using a hash function is high. But our system reduces the frequency of accessing the kernel area and using a hash function in safety.

    Scopus

    J-GLOBAL

    researchmap

  • Controlling CPU usage for processes with execution resource for mitigating CPU DoS attack

    Toshihiro Tabata, Satoshi Hakomori, Kazutoshi Yokoyama, Hideo Taniguchi

    Proceedings - 2007 International Conference on Multimedia and Ubiquitous Engineering, MUE 2007   141 - 146   2007

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    In a ubiquitous environment, the hardware resources are limited; thus, an appropriate resource management mechanism is required for guaranteeing its processing activity. However, most operating systems (OSs) lack an access control mechanism for CPU resources to guarantee satisfactory processing and to safeguard the system from malicious attacks that affect the CPU resources, resulting in denial of service (DoS). Access control is not intended for general OSs and CPU resources, which are important for the execution of a program. As a result, OSs cannot control the usage ratio of CPU resources. In this paper, we propose an access control model for CPU resources based on an execution resource. The proposed model can control the usage ratio of CPU resources appropriately for each program domain. This execution resource can be applied to mitigate DoS attacks. © 2007 IEEE.

    DOI: 10.1109/MUE.2007.111

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/mue/mue2007.html#TabataHYT07

  • Directory Oriented Buffer Cache Mechanism

    田端利宏, 小峠みゆき, 齊藤圭, 乃村能成, 谷口秀夫

    情報処理学会シンポジウム論文集   2006 ( 14 )   2006

  • Usage Control Model and Architecture for Data Confidentiality in a Database Service Provider

    SYALIM Amril, TABATA Toshihiro, SAKURAI Kouichi

    情報処理学会論文誌   47 ( 2 )   2006

  • An intrusion detection system using alteration of data

    Fumiaki Nagano, Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    Proceedings - International Conference on Advanced Information Networking and Applications, AINA   1   243 - 248   2006

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    Attacks against data in memory are one of the most serious threats these days. Although many detection systems have been proposed so far, most of them can detect only part of alteration. Some detection systems use canaries to detect alteration. However, if an execution code has bugs that enable attackers to read data in memory, the system could be bypassed by attackers who can guess canaries. To overcome the problems, we propose a system using alteration of data. Our proposed system detects illegal alteration with verifier for vulnerable data. Verifier is made before vulnerable data could be altered by attackers, and verifier is checked when the program uses the vulnerable data. Part of Verifier is stored in kernel area to prevent attackers from reading data in user memory. Our approach can detect illegal alteration of arbitrary data in user memory. Our proposed system, moreover, does not have the problem systems using canaries have. © 2006 IEEE.

    DOI: 10.1109/AINA.2006.94

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/aina/aina2006.html#NaganoTST06

  • Active Modification Method of Program Control Flow for Efficient Anomaly Detection

    Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    GESTS International Transactions on Computer Science and Engineering   2006

     More details

  • Proposal of File Access Permission which has both Security and Simplified Configuration

    Takuto Yamaguchi, Yuichi Nakamura, Toshihiro TABATA

    PreProceedings of the 7th International Workshop on Information Security Applications (WISA2006)   2006

     More details

  • Actively modifying control flow of program for efficient anormaly detection

    Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   4252 LNAI - II   737 - 744   2006

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer's attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives. © Springer-Verlag Berlin Heidelberg 2006.

    DOI: 10.1007/11893004_94

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/kes/kes2006-2.html#TataraTS06

  • Proposal and Evaluation for Improvement of Corpus Separation in Bayesian Spam Filtering on Multi-lingual Environment

    IWANAGA MANABU, TABATA TOSHIHIRO, SAKURAI KOUICHI

    IPSJ journal   46 ( 8 )   1959 - 1966   2005.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Statistical filtering using Bayes theory, called Bayesian filtering, is studied for years, and after Graham published an essay "A plan for spam", many implementations of Bayesian filtering have developed. In multi-lingual email environment, which more than one language is used in incoming email, corpus for statistical filtering is usually separated into ones specified to each language. In this paper, we propose a new method in which a corpus is chosen for each token, and then we show the efficiency of our proposed method by experiments in comparison to traditional methods.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010556/

  • A Software Fingerprinting Scheme for Java Using Class Structure Transformation

    FUKUSHIMA KAZUHIDE, TABATA TOSHIHIRO, TANAKA TOSHIAKI, SAKURAI KOUICHI

    IPSJ journal   46 ( 8 )   2042 - 2052   2005.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Embedding personal identifiers as watermarks to software is effective in order to protect copyright of them. Monden et al. proposed program watermarking scheme for embedding arbiter character sequence to target Java class files. But their scheme can be used to embed only the same watermarking to all the programs. Thus, if we apply their scheme to embed users' personal identifiers, the watermark can be specified by comparing two or more users' program. This paper improve the problem by using a class structure transformation.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010564/

  • The Design and Evaluation of Anomaly Detection System Based on System Call

    TATARA KOHEI, TABATA TOSHIHIRO, SAKURAI KOUICHI

    IPSJ journal   46 ( 8 )   1967 - 1975   2005.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    In order to prevent attacks exploiting buffer overflow vulnerabilities, there are many researches of checking programs for abnormal behaviors based on history of system calls emitted by them. In this paper, the authors take into account control flow of the programs, and prove an efficiency of a method for modeling history of system calls in a Bayesian Network. We also consider a method for appropriate anomaly detection without false positives.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010557/

  • On the Security of Integration of SELinux Access Permissions

    TABATA TOSHIHIRO, SUEYASU KATSUYA, SAKURAI KOUICHI

    IPSJ journal   46 ( 4 )   1070 - 1073   2005.4

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    SELinux Policy Editor is a configuration tool for SELinux. As a part of its support of configuration, this tool simplifies the configuration of SELinux by integrating configuration items. However, the integration of configuration items may harm the fine-grained access control of SELinux. In this paper, we examine the effects of the simplification on access control policy and report the evaluation of the security about Apache web server.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010661/

  • A probabilistic method for detecting anomalous program behavior

    Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    Lecture Notes in Computer Science   3325   87 - 98   2005

     More details

    Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    In this paper, we, as well as Eskin, Lee, Stolfo propose a method of prediction model. In their method, the program was characterized with both the order and the kind of system calls. We focus on a non-sequential feature of system calls given from a program. We apply a Bayesian network to predicting the N-th system call from the sequence of system calls of the length N - 1. In addition, we show that a correlation between several kinds of system calls can be expressed by using our method, and can characterize a program behavior. © Springer-Verlag Berlin Heidelberg 2004.

    DOI: 10.1007/978-3-540-31815-6_8

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/wisa/wisa2004.html#TataraTS04

  • An Abuse Prevention Technique of CPU Time by Using Execution Resource

    Toshihiro TABATA, Satoshi Hakomori, Hideo Taniguchi

    PreProc. of the 6th International Workshop on Information Security Applications (WISA2005)   2005

     More details

  • Program obfuscation scheme using random numbers to complicate control flow

    Tatsuya Toyofuku, Toshihiro Tabata, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   3823 LNCS   916 - 925   2005

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    For the security technology that has been achieved with software in the computer system and the protection of the intellectual property right of software, software protection technology is necessary. One of those techniques is called obfuscation, which converts program to make analysis difficult while preserving its function. In this paper, we examine the applicability of our program obfuscation scheme to complicate control flow and study the tolerance against program analysis. © IFIP International Federation for Information Processing 2005.

    DOI: 10.1007/11596042_94

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/euc/eucw2005.html#ToyofukuTS05

  • Some fitting of naive Bayesian spam filtering for Japanese environment

    Manabu Iwanaga, Toshihiro Tabata, Kouichi Sakurai

    Lecture Notes in Computer Science   3325   135 - 143   2005

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    Bayesian filtering is one of the most famous anti-spam measures. However, there is no standard implementation for treatment of Japanese emails by Bayesian filtering. In this paper, we compare several conceivable ways to treat Japanese emails about tokenizing and corpus separation. In addition, we give experimental results and some knowledge obtained by the experiments. © Springer-Verlag Berlin Heidelberg 2004.

    DOI: 10.1007/978-3-540-31815-6_12

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/wisa/wisa2004.html#IwanagaTS04

  • Usage Control Model and Architecture for Data Confidentiality in Database Service Provider

    Amril Syalim, Toshihiro Tabata, Kouichi Sakurai

    Proc. of Indonesia Cryptology and Information Security Conference (INA-CISC) 2005   2005

  • A Software Fingerprinting Scheme for Java Using Class Structure Transformation

    福島和英, 田端利宏, 田中俊昭, 桜井幸一

    情報処理学会論文誌   46 ( 8 )   2005

  • The Design and Evaluation of Anomaly Detection System Based on System Call

    たたら講平, 田端利宏, 桜井幸一

    情報処理学会論文誌   46 ( 8 )   2005

  • Proposal and Evaluation for Improvement of Corpus Separation in Bayesian Spam Filtering on Multi-lingual Environment

    岩永学, 田端利宏, 桜井幸一

    情報処理学会論文誌   46 ( 8 )   2005

  • On the Security of Integration of SELinux Access Permissions

    田端利宏, 末安克也, 桜井幸一

    情報処理学会論文誌   46 ( 4 )   2005

  • A Mechanism of Regulating Execution Performance for Process Group by Execution Resource on Tender Operating System

    TABATA Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    The IEICE transactions on information systems Pt. 1   87 ( 11 )   961 - 974   2004.11

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Proposal of Anti-spam Scheme Combining Challenge-response and Bayesian Filtering

    IWANAGA MANABU, TABATA TOSHIHIRO, SAKURAI KOUICHI

    IPSJ journal   45 ( 8 )   1939 - 1947   2004.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Some anti-spam schemes are based on challenge-response, a principle that a recipient reads only messages from senders who are registered by the recipient. In these schemes, request for setup is sent to senders who are not registered. Since bounce messages are legitimate but MTA cannot reply to request, we should have some exception to receive for them. However, spammers can abuse this exception to send spam to users, disguising their spam with bounce messages. In this paper, we propose an improved scheme, combining challenge-response and Bayesian filtering, then perform some tests on the effect of our scheme to avoid those spam.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010841/

  • Evaluation of detection of bounce-disguised spam by combining challenge-response and Bayeaian filtering

    Iwanaga Manabu, Tabata Toshihiro, Sakurai Kouichi

    Annual report of Computing and Communications Center, Kyushu University   4 ( 4 )   41 - 47   2004.3

     More details

    Language:Japanese   Publisher:Kyushu University  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design of Intrusion Detection System at User Level with System-Call Interposing.

    Toshihiro Tabata, Kouichi Sakurai

    ICETE 2004, 1st International Conference on E-Business and Telecommunication Networks   263 - 268   2004

     More details

    Publishing type:Research paper (international conference proceedings)   Publisher:INSTICC Press  

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/icete/icete2004.html#TabataS04

  • A resource management method for improving recycling ratio in recycling process elements

    T Tabata, H Taniguchi

    8TH WORLD MULTI-CONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL V, PROCEEDINGS   203 - 208   2004

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:INT INST INFORMATICS & SYSTEMICS  

    A process is a program in execution. Processes can be executed concurrently in operating Systems (OS) and they may be created and be deleted dynamically. Process creation and termination are required for program execution. They axe an important processing, but the cost of them is expensive. The cost of them affects the execution performance of programs. We proposed a fast process creation and termination mechanism by recycling process elements. The management of preserved process elements is an important problem for recycling. We also proposed an efficient resource management for recycling process elements. The proposed method can reduce the amount of memory consumption of preserved resources. It focused on frequency of program execution, but it is insufficient to reduce the cost.
    In this paper, we propose an improved resource management method for recycling process elements. In the method, only one process element with program image is preserved for each program with high frequency in program execution. The method can reduce the amount of memory consumption of preserved process elements. We also describe the implementation of proposal method on Tender operating system and report the contents of experiments and the result of them.

    Web of Science

    researchmap

  • End-User Security Management with Mobile Agents

    Yuki KOTEGAWA, Toshihiro TABATA, Kouichi SAKURAI

    Proc. of the Third International Conference on Information (Info'2004), International Workshop on Information Assurance and Security   2004

     More details

  • Proposal and implementation of heterogeneous virtual storage coexisted of single virtual storage and multiple virtual storage

    T Tabata, H Taniguchi

    International Conference on Computing, Communications and Control Technologies, Vol 1, Proceedings   415 - 420   2004

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:INT INST INFORMATICS & SYSTEMICS  

    Most of Operating Systems (OSs) provide processes with virtual memory. One advantage of this technique is that programs can be larger than physical memory. In addition, this technique abstracts main memory into large address space and frees programmers from the limitation of main memory. Single Virtual Storage (SVS) or Multiple Virtual Storage (MVS) are implemented in current OSs, but SVS and MVS do not coexist in existing OSs. If they coexist in an operating system, users can make use of each advantage. In this paper, we propose Heterogeneous Virtual Storage (HVS). Because SVS and MVS can coexist in HVS, HVS can provide both of the advantages of SVS and MVS to users. We also describe about implementation of HVS on The EN-during operating system for Distributed Environment (Tender). After that, we explain contents of experiments and report that result.

    Web of Science

    researchmap

  • Proposal of Anti-spam Scheme Combining Challenge-response and Bayesian Filtering

    岩永学, 田端利宏, 桜井幸一

    情報処理学会論文誌   45 ( 8 )   2004

  • Proposal of Efficient Resource Management for Recycling Process Elements

    TABATA TOSHIHIRO, TANIGUCHI HIDEO

    44 ( 10 )   48 - 61   2003.7

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan (IPSJ)  

    Operating system controls a process to execute a program. A process is created for executing a program. Then the process is deleted when the program terminated. Processing of process creation needs creation of virtual address space and a read of program. The load of the processing is heavy. Therefore there are many researches for fast process creation. We proposed fast process creation mechanism by recycling process elements. Fast process creation and fast process deletion are realized by recycling process elements. However, reserved process elements consume memory resources. Therefore efficient resource management is necessary. This paper proposes efficient resource management for recycling process elements.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00018559/

  • Process Schedule Mechanism for Regulating Processing Time of Multiple Services

    TABATA Toshihiro, TANIGUCHI Hideo

    The Transactions of the Institute of Electronics,Information and Communication Engineers.   86 ( 7 )   458 - 468   2003.7

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Proposal and Evaluation of Process Restart Function by Initializing Data Segments

    TABATA Toshihiro, TANIGUCHI Hideo

    Transactions of Information Processing Society of Japan   44 ( 6 )   1538 - 1547   2003.6

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan (IPSJ)  

    An operating system controls many processes to execute programs. The processing of process creation and process termination has a heavy load in an operating system. Therefore there are many techniques that can speed up process creation ; for example, sticky bit and the vfork system call are realized in UNIX. Furthermore, demand paging and copy-on-write are realized. Generally, specific programs are often executed repeatedly. For example, in the "make" command of UNIX, process creation and process termination are repeated, because a compiler is executed many times. We propose the function for restarting a process. The function is effective where specific programs are executed repeatedly, because the function can reduce the overhead of process creation and process termination. This paper describes the structure of a process and the function for restarting a process. This paper also reports the performance of the function.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00011209/

  • Evaluation of communication bandwidth control mechanism by regulating program execution speed

    Toshihiro Tabata, Yoshinari Nomura, Hideo Taniguchi

    Proceedings of the IASTED International Conference on Internet and Multimedia Systems and Applications   7   14 - 19   2003

     More details

    Publishing type:Research paper (international conference proceedings)  

    With the spread of the Internet, services that communicate to other services are increasing. Multimedia applications such as video on demand also ask for network Quality of Service (QoS). Thus, operating systems have to guarantee the allocation of computer resources to services. The computer resources are CPU, disk, network devices and so on. We suppose that the communications have to be controlled well, because services using network are increasing. This paper proposes the communication bandwidth control mechanism by regulating program execution speed. Our proposed mechanism is based on the process schedule method for regulating program execution speed. In the process schedule method, the operating system reserves the amount of CPU time of target processes and guarantees the allocation of CPU time on a sending host. Our proposed mechanism can guarantee a required data rate of target processes by allocating enough CPU time for communications. Because operating systems manage computer resources, they guarantee the allocation of CPU time if the process schedule method is implemented. The allocation of CPU time is not almost affected by non-target processes. This paper introduces the process schedule method and the implementation of it. This paper also shows how to control the communication bandwidth of target processes. Then this paper describes about an evaluation of our proposed mechanism.

    Scopus

    J-GLOBAL

    researchmap

  • Evaluation of Obfuscation Scheme for Java Focusing on Accessing Relationships of Fields and Methods between Classes

    Kazuhide FUKUSHIMA, Toshihiro TABATA, Kouichi SAKURAI

    Proc. of IASTED International Conference on Communication, Network, and Information Security (CNIS 2003)   2003

     More details

  • On the security of SELinux with a simplified policy

    Katsuya Sueyasu, Toshihiro Tabata, Kouichi Sakurai

    Proceedings of the IASTED International Conference on Communication, Network, and Information Security   79 - 84   2003

     More details

    Publishing type:Research paper (international conference proceedings)  

    Security-Enhanced Linux (SELinux) is a secure operating system. SELinux implements some features in order to perform strong access control. However, the configuration of SELinux access control becomes very complex. Such complexity may cause misconfiguration which can harm the strong access control. SELinux Policy Editor is a configuration tool for SELinux. It is developed in order to reduce the complexity and the risk of misconfiguration. As a part of its support of configuration, this tool simplifies the configuration of SELinux by integrating configuration items for complicated access control policy of SELinux. Although we can originally define and use macros which integrate permissions in SELinux access control policy, the integrated permissions of SELinux Policy Editor and the macros differ fundamentally in whether the use of them is mandatory or discretionary. In this paper, we examine effects of the simplification by SELinux Policy Editor on an example access control policy and evaluate the security of the access control based on the simplified policy about Apache, a web server software.

    Scopus

    J-GLOBAL

    researchmap

  • Route Detecting System using Multi-Agent for Mobile Agents

    Yuki KOTEGAWA, Toshihiro TABATA, Kouichi SAKURAI

    2003

     More details

  • Preventing Spam Disguised as Error Mail

    Manabu IWANAGA, Toshihiro TABATA, Kouichi SAKURAI

    Proc. of International Symposium on Information Science and Electrical Engineering 2003 (ISEE 2003)   2003

     More details

  • Evaluation of anti-spam method combining Bayesian filtering and strong challenge and response

    Manabu Iwanaga, Toshihiro Tabata, Kouichi Sakurai

    Proceedings of the IASTED International Conference on Communication, Network, and Information Security   214 - 219   2003

     More details

    Publishing type:Research paper (international conference proceedings)  

    Recently, various schemes against spam are proposed because of rapid increasing of spam. Some schemes are based on sender whitelisting with auto registration, a principle that a recipient reads only messages from senders who are registered by the recipient, and a sender have to perform some procedure to be registered (challenge-response.) In these schemes, some exceptions are required to show error mail to a sender of an original message. However, spammers can abuse this exception to send spam to users. We have proposed improved scheme in [1], combining challenge-response and Bayesian filtering. In this paper, we make tests on our scheme and a scheme using only Bayesian filtering to show efficiency of our scheme.

    Scopus

    J-GLOBAL

    researchmap

  • Evaluation of obfuscation scheme focusing on calling relationships of fields and methods in methods

    Kazuhide Fukushima, Toshihiro Tabata, Kouichi Sakurai

    Proceedings of the IASTED International Conference on Communication, Network, and Information Security   108 - 113   2003

     More details

    Publishing type:Research paper (international conference proceedings)  

    Recently, Java has been spread widely. However, Java has a problem that an attacker can reconstruct Java source codes from Java classfiles. Therefore many techniques for protecting Java software have been proposed, but, quantitive security evaluations are not fully given. This paper proposes an obfuscation scheme for Java source codes by destructing the encapsulation. In addition, we propose an evaluation scheme on the number of accesses to the fields and the methods of the other classes. We try to realize tamper-resistant software with the certain quantitive basis of security using our evaluation.

    Scopus

    J-GLOBAL

    researchmap

  • Proposal and Evaluation of Process Restart Function by Initializing Data Segments

    田端利宏, 谷口秀夫

    情報処理学会論文誌   44 ( 6 )   2003

  • Proposal of Efficient Resource Management for Recycling Process Elements

    田端利宏, 谷口秀夫

    情報処理学会論文誌   44 ( SIG10(ACS2) )   2003

  • Guarantee of Service Processing Time of Process Group for Multimedia Application

    Toshihiro TABATA, Yoshinari NOMURA, Hideo TANIGUCHI

    Proc. of Pan-Yellow-Sea International Workshop on Information Technologies for Network Era (PYIWIT'02)   2002

     More details

  • Efficient Resource Management for Recycling Process Elements.

    田端利宏, 谷口秀夫

    情報処理学会シンポジウム論文集   2002 ( 18 )   2002

  • New Directions in System Software. Guarantee of Service Processing Time by Execution on Tender Operating System.

    田端利宏, 谷口秀夫

    情報処理学会論文誌   41 ( 6 )   2000

  • Tender Operating System Based on Mechanism of Resource Independence.

    谷口秀夫, 青木義則, 後藤真孝, 村上大介, 田端利宏

    情報処理学会論文誌   41 ( 12 )   2000

  • Implementation and Evaluation of Speed Control Mechanism of Program Execution on Resource Execution on Tender.

    田端利宏, 谷口秀夫

    情報処理学会論文誌   40 ( 6 )   1999

▼display all

Books

  • Advances in Information and Computer Security - IWSEC 2012

    Springer-Verlag  2012 

     More details

MISC

  • Proposal of Attack Prevention Method by Access Control Focusing on Infection Process of IoT Malware

    Toshihiro Yamauchi, Ryota Yoshimoto, Katsunari Yoshioka

    2022   160 - 167   2022.10

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Developing the Flexible Conformance Test Run Environment for Keycloak

    2022   879 - 886   2022.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Evaluation on controlling precision of I/O performance of multiple processes using I/O with performance on Tender

    1   223 - 224   2022.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • ソフトウェア差分に着目したIoT機器サプライチェーンセキュリティ上の課題発見と大規模実態調査

    白石周碁, 吉元亮太, 塩治榮太朗, 秋山満昭, 山内利宏, 山内利宏

    電子情報通信学会技術研究報告(Web)   121 ( 410(ICSS2021 58-83) )   2022.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Machine Learning-Based Cyber Threat Intelligence Construction and Crossover Analysis

    2021   906 - 913   2021.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • 攻撃ユーザプロセスの利用するカーネルコードの追跡と特定手法の提案と評価

    葛野弘樹, 山内利宏

    情報科学技術フォーラム講演論文集   4   21 - 28   2021.8

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Linuxにおけるシグナル受信処理の早期実行開始手法

    大野 裕美子, 山内 利宏, 谷口 秀夫

    情報処理学会 コンピュータシステム・シンポジウム(ComSys2024)論文集   2024   74 - 81   2024.11

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Investigation towards Detecting Springboard Websites for Fake Shopping Websites

    2024   1095 - 1101   2024.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Verification and Evaluation of a Startup Program Identification Method for IoT Devices

    2024   1194 - 1201   2024.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Resilience Evaluation against Code Reuse Attacks by Function Address Randomization

    2024   8 - 15   2024.10

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 個別型Tenderのコア間遠隔呼出制御の依頼多重化の実現と評価

    神保啓幸, 山内利宏, 谷口秀夫

    2024年度(第75回)電気・情報関連学会中国支部連合大会   2024.10

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Investigation of Software Patch for Open Source Software

    2024   1226 - 1233   2024.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Detection of indirect function call relationships and system-calls of 32-bit Arm binary

    2024   1505 - 1512   2024.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • カーネルデータ監視による特権昇格攻撃検出手法の提案と評価

    葛野弘樹, 山内利宏

    第23回情報科学技術フォーラム(FIT2024)   4   1 - 8   2024.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 機密情報の拡散追跡機能におけるprocfsを用いた管理対象の動的追加・削除機構の提案

    森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    電気・情報関係学会九州支部第77回連合大会   2024   63 - 64   2024.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • バイナリファジングによるトロイ化IoT機器におけるトリガーベースの振る舞い検出手法

    中嶋彩乃, 戎 恒司, 高田雄太, 齋藤宏太郎, 熊谷裕志, 神薗雅紀, 山内利宏

    電子情報通信学会 第67回情報通信システムセキュリティ研究会 (ICSS)/インターネットアーキテクチャ研究会(IA)合同研究会,電子情報通信学会技術研究報告   124 ( 83(ICSS2024-7) )   36 - 41   2024.6

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 読書き制限カーネルページを用いたカーネルデータ保護機構の提案

    葛野弘樹, 山内利宏

    電子情報通信学会第66回情報通信システムセキュリティ研究会 (ICSS),電子情報通信学会技術研究報告   123 ( 448(ICSS2023-84) )   108 - 115   2024.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • OpenWrtベースのIoT機器起動時に実行されるファイルの調査を自動化する手法の提案

    島本裕大, 吉元亮太, 秋山満昭, 山内利宏

    電子情報通信学会第66回情報通信システムセキュリティ研究会 (ICSS),電子情報通信学会技術研究報告   123 ( 448(ICSS2023-74) )   36 - 42   2024.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • シグナル受信処理の即時実行開始手法

    大野 裕美子, 山内 利宏, 小林 諭, 谷口秀夫

    情報処理学会第86回全国大会,情報処理学会第86回全国大会講演論文集   55 - 56   2024.3

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    計算機上では,様々な用途でシグナルが利用されている.シグナル通信の問題点として,多数のプロセスが存在する環境では応答性が低下する可能性があることが挙げられる.これは,シグナル送信後,シグナル受信プロセスが実行されないとシグナル受信処理が開始されず,シグナル送信処理と受信処理の間に待ち時間が発生するためである.他プロセスの実行中は受信プロセスが実行されないため,多数のプロセスが存在する環境では特に待ち時間が長大化しやすい.本稿では,待ち時間の長大化を抑制してシグナル受信処理を即時に実行開始させるために,シグナル通信時に受信プロセスのスケジューリングの優先度を一時的に上げる手法を提案する.

    CiNii Books

    researchmap

  • ネットワークログの対話的因果解析の検討

    IEICE technical report   2024.3

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • ネットワークログ解析におけるイベント間因果情報可視化の検討

    Proceedings of the 2024 IEICE general conference   2024.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 仮想計算機モニタによる複数OSに対応したシステムコール検知箇所推定手法の評価

    佐藤将也, 大森卓, 山内利宏, 谷口秀夫

    第162回システムソフトウェアとオペレーティング・システム研究会,情報処理学会研究報告   2024-OS-162 ( 11 )   1 - 7   2024.2

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • HPCにおけるGang Schedulingの切替間隔動的変更手法

    西本伊織, 山内利宏, 小林諭, 加藤純, 三輪真弘, 谷口秀夫

    第162回システムソフトウェアとオペレーティング・システム研究会,情報処理学会研究報告   2024-OS-162 ( 15 )   1 - 7   2024.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Protocol Fuzzing for Detecting Trigger-based Behavior in Trojanized IoT Devices

    Koji Ebisu, Ayano Nakashima, Yuta Takata, Hiroshi Kumagai, Masaki Kamizono, Toshihiro Yamauchi

    Proceedings of the 2024 symposium on cryptography and information security   2024.1

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • WarpDriveのモバイルセンサエンジンに搭載されている岡山大学が研究開発した機能の紹介

    山内利宏

    WarpDrive Workshop 2023   2023.12

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Lecture material (seminar, tutorial, course, lecture, etc.)  

    researchmap

  • Improving Code Reuse Attack Resistance based on Function Address Randomization in Executable Files

    Kazuma Saji, Toshihiro Yamauchi, Satoru Kobayashi, Hideo Taniguchi

    Proceedings of Computer Security Symposium (CSS)   2023   1357 - 1364   2023.10

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Extension of OS Types That Can Estimate System Call Hook Point by Virtual Machine Monitor

    Taku Omori, Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of Computer Security Symposium (CSS)   2023   139 - 146   2023.10

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Investigation of Software Patch for Linux Kernel Vulnerability

    Hiroki Kuzuno, Tomohiko Yano, Kazuki Omo, Toshihiro Yamauchi

    Proceedings of Computer Security Symposium (CSS)   2023   308 - 315   2023.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Consideration of Method to Grasp Managed Targets Using procfs in Function for Tracing Diffusion of Classified

    2023   357 - 358   2023.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • カーネルメモリ解析を用いた特権昇格攻撃検出手法の提案と評価

    葛野 弘樹, 西村 拓也, 白石 善明, 山内 利宏

    第22回情報科学技術フォーラム (FIT 2023)講演論文集   4   25 - 30   2023.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Tenderにおける他プロセスの入出力要求を考慮した入出力性能調整法の評価

    大野 謙介, 山内 利宏, 谷口 秀夫

    第160回システムソフトウェアとオペレーティング・システム研究会,情報処理学会研究報告   2023-OS-160 ( 6 )   1 - 8   2023.8

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • ファームウェア解析に基づいたIoT機器上で自動実行されるプログラムの実態調査

    原田 真ノ介, 吉元 亮太, 塩治 榮太朗, 秋山 満昭, 山内 利宏

    電子情報通信学会 第62回情報通信システムセキュリティ研究会 (ICSS),電子情報通信学会技術研究報告   122 ( 422(ICSS2022-59) )   67 - 72   2023.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Design of Resource Addition Function in Sharing Multi-core Tender

    Gaku Inoue, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of the 2023 IEICE general conference   45   2023.3

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 脆弱性管理の調査を通じたソフトウェアサプライチェーンセキュリティの検討と考察

    葛野 弘樹, 矢野 智彦, 面 和毅, 山内 利宏

    第50回情報セキュリティ心理学とトラスト研究発表会,情報処理学会研究報告   2023-SPT-50 ( 1 )   199 - 206   2023.3

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Implementation of Function for Tracing Diffusion of Classified Information to Support Inter-VM Communication on KVM

    Kohei Otani, Satoru Kobayashi, Toshihiro Yamauchi, Hideo Taniguchi

    IPSJ SIG Technical Report   2023-CSEC-100 ( 62 )   1 - 8   2023.3

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Tenderにおけるプロセス間通信データ域を利用したコア間遠隔手続呼出制御の高速化

    菰田 志城, 山内 利宏, 谷口 秀夫

    第158回システムソフトウェアとオペレーティング・システム研究会,情報処理学会研究報告   2023-OS-158 ( 27 )   1 - 8   2023.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • HPCクラウドにおける割り込み処理によるOSノイズの影響の評価

    西本 伊織, 小林 諭, 山内 利宏, 加藤 純, 佐藤 充, 谷口 秀夫

    第158回システムソフトウェアとオペレーティング・システム研究会,情報処理学会研究報告   2023-OS-158 ( 28 )   1 - 7   2023.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Tenderにおける他プロセスの入出力要求を考慮した入出力性能調整法の実現

    大野 謙介, 山内 利宏, 谷口 秀夫

    第158回システムソフトウェアとオペレーティング・システム研究会,情報処理学会研究報告   2023-OS-158 ( 26 )   1 - 8   2023.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Design and Implementation of Prevention Method against Attacks Using Buffer Overflows in TAs in OP-TEE

    Kaito Shiba, Hiroki Kuzuno, Toshihiro Yamauchi

    Proceedings of the 2023 symposium on cryptography and information security   2023.1

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Improvement and Evaluation of Seccomp Filter Generation Method for System Call Access Control using LKM

    Takafumi Yunoki, Ryota Yoshimoto, Toshihiro Yamauchi

    Proceedings of the 2023 symposium on cryptography and information security   2023.1

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Foreward. Invited

    Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E105-D ( 12 )   1998 - 1998   2022.12

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Article, review, commentary, editorial, etc. (scientific journal)  

    DOI: 10.1587/transinf.2022PAF0001

    researchmap

  • Design of Prevention Method against Attacks Using Buffer Overflows in TAs in OP-TEE

    2022   872 - 878   2022.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • A Method for Reducing False Positives of Redirection to Unwanted Websites in Android

    2022   1186 - 1193   2022.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Design on LSM-based MAC System by Machine Learning in IoT Devices

    2022   546 - 553   2022.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Design and Evaluation of Security Risk Indication for Open Source Software

    2022   784 - 791   2022.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 権限情報の動的な再配置による特権昇格攻撃防止手法の提案と評価

    葛野 弘樹, 山内 利宏

    第21回情報科学技術フォーラム講演論文集   4   25 - 32   2022.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Analysis of Communication Processing Performance in 10GbE Environment

    4   215 - 216   2022.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Estimation of System Call Detection Point by Virtual Machine Monitor

    4   153 - 154   2022.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • IoT機器におけるセキュアOSの適用可否と保護機能の評価

    三木 雅登, 山内 利宏

    第21回情報科学技術フォーラム講演論文集   4   147 - 150   2022.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Towards (Re)constructing Attack Flow from Threat Report

    Shota Fujii, Nobutaka Kawaguchi, Tomohiro Shigemoto, Toshihiro Yamauchi

    31st USENIX Security Symposium Poster Session (USENIX Security '22 Posters),Poster   2022.8

     More details

    Authorship:Last author, Corresponding author  

    researchmap

  • Visualization Result of String-based CPU Architecture Independent IoT Malware Clustering

    Yutaro Osako, Toshihiro Yamauchi, Katsunari Yoshioka, Takuya Fujihashi, Takashi Watanabe, Shunsuke Saruwatari

    Network and Distributed System Security Symposium (NDSS 2022),Poster   2022.4

     More details

    Authorship:Corresponding author  

    researchmap

  • Design and Implementation of System for URL Signature Construction and for Impact Assessment

    藤井翔太, 藤井翔太, 川口信隆, 小島将耶, 鈴木智也, 山内利宏

    電子情報通信学会大会講演論文集(CD-ROM)   2022   2022.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iiaiaai/iiaiaai2022.html#FujiiKKSY22

  • カーネルにおけるMemory Protection Keyを用いたカーネルデータ保護機構の拡張性検討と性能評価

    葛野弘樹, 山内利宏

    情報処理学会研究報告(Web)   2022 ( DPS-190 )   2022.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Comparative Evaluation of Method for Hiding the Use of Debug Registers in Monitoring Program from Application Program

    仲村亮祐, 山内利宏, 佐藤将也, 谷口秀夫

    電子情報通信学会大会講演論文集(CD-ROM)   2022   2022.3

     More details

    Authorship:Corresponding author   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Estimation of OFF2F Performance Focusing on Differences of Memory Access Latency Between Volatile and Non-Volatile Memory

    2022 ( 1 )   121 - 122   2022.1

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Books

    researchmap

  • Extension of Target Information and Improvement of Tamper Resistance for VMM-Based Evidence Collection Function of Program Execution

    2022.1

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Survey on Mapping Function for Malware Behaviors to MITRE ATT&CK of Online Malware Sandbox

    2022.1

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Evaluation of Control Usage of Resource Pooling Function on Tender

    2022 ( 1 )   117 - 118   2022.1

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Books

    researchmap

  • Performance Evaluation Focusing on Control Transitions between VMM and OS on VM

    2022 ( 1 )   119 - 120   2022.1

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Books

    researchmap

  • Analysis by Clustering Focusing on Telnet Connection Log Commands to IoT Devices

    2021   692 - 696   2021.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • カーネルにおけるMemory Protection Keyを用いた権限情報保護機構の提案

    葛野 弘樹, 山内 利宏

    コンピュータセキュリティシンポジウム 2021 (CSS2021) 論文集   2021   647 - 654   2021.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Tenderにおけるプロセス間通信データ域を利用したコンテナボックス通信の性能分析

    菰田 志城, 山内 利宏, 谷口 秀夫

    2021年度電気・情報関連学会中国支部第72回連合大会   2021.10

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • N/A

    2021   697 - 704   2021.10

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Investigation of Threats in the Secure World of OP-TEE

    2021   661 - 667   2021.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Evaluation of Function for Tracing Diffusion of Classified Information to Support VMs Running on Multiple Cores on KVM

    2021   403 - 410   2021.10

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Large-scale Survey on Secure Development of IoT Devices by Software Analysis and Vendor Interview Invited

    Shugo Shiraishi, Akifumi Fukumoto, Ryota Yoshimoto, Eitaro Shioji, Mitsuaki Akiyama, Toshihiro Yamauchi

    The 16th International Workshop on Security (IWSEC 2021), Invited session   2021.9

     More details

    Authorship:Corresponding author  

    researchmap

  • Selective Usage Method of Resource Pooling Function on Tender

    林里咲, 山内利宏, 谷口秀夫

    情報科学技術フォーラム講演論文集   4   171 - 172   2021.8

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Malware Classification by Deep Learning Using the Characteristics of Hash Functions

    馬場隆寛, 馬場謙介, 山内利宏

    情報科学技術フォーラム講演論文集   4   43 - 46   2021.8

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publisher:Springer  

    As the Internet develops, the number of Internet of Things (IoT) devices increases. Simultaneously, the risk of IoT devices being infected with malware also increases. Thus, malware detection has become an important issue. Dynamic analysis logs are effective at detecting malware, but it takes time to collect a large amount of data because the malware must be executed at least once before the logs can be collected. Moreover, dynamic analysis logs are affected by external factors such as the execution environment. A malware detection method that uses a static property analysis log could solve these problems. In this study, deep learning (DL) was used as a machine learning method because DL is effective for large-scale data and can automatically extract features. Research has been conducted on malware detection using static properties of portable executable (PE) files, establishing that such detection is possible. However, research on malware detection using hash functions such as Fuzzy hash and peHash is lacking. Therefore, we investigated the characteristics of hash values in malware classification. Moreover, when the surface analysis log is viewed in chronological order, that the data are considered have concept drift characteristics. Therefore, we compared malware detection performance using data with the concept drift property. We found that the hash function could be used to prevent performance degradation even with concept drift data. In an experiment combining PE surface information and hash values, concept drift showed the highest performance for certain data.

    DOI: 10.1007/978-3-030-99587-4_40

    Scopus

    J-GLOBAL

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/aina/aina2022-2.html#BabaBY22

  • Evaluation of Memory Access Performance in NUMA Architecture

    島谷隼生, 山内利宏, 谷口秀夫, 佐藤将也

    情報科学技術フォーラム講演論文集   4   169 - 170   2021.8

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Evaluation of OFF2F Program Using Pseudo Non-Volatile Memory

    額田哲彰, 佐藤将也, 山内利宏, 谷口秀夫

    情報科学技術フォーラム講演論文集   4   173 - 174   2021.8

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Twitterで収集されたAndroidアプリのアクセシビリティサービスの利用率とAPI Levelの分析

    市岡秀一, 三村隆夫, 中嶋淳, 山内利宏

    電子情報通信学会技術研究報告(電子情報通信学会 第56回情報通信システムセキュリティ研究会 (ICSS))   121 ( 122 )   141 - 146   2021.7

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • LKMを介したSeccompフィルタの適用によるアクセス制御手法の提案と評価

    山内利宏, 吉元亮太

    情報処理学会研究報告(第93回CSEC・第53回IOT合同研究発表会)   2021-CSEC-93 ( 12 )   1 - 6   2021.5

     More details

    Authorship:Lead author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • カーネル仮想記憶空間における排他的ページ参照機構の実現方式と性能評価

    葛野弘樹, 山内利宏

    電子情報通信学会技術研究報告(第54回情報通信システムセキュリティ研究会(ICSS))   120 ( 384 )   138 - 143   2021.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Analysis of HTTP Response between Landing Website and Malicious Website in Android

    川島千明, 市岡秀一, 山内利宏

    2021-CSEC-92 ( 44 )   1 - 8   2021.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Analysis focusing on commands of telnet logs on IoT devices

    3   393 - 394   2021.3

     More details

    Authorship:Lead author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Proposal of Method to Support Analysis by Structuring Cyber Threat Intelligence

    藤井翔太, 藤井翔太, 川口信隆, 重本倫宏, 山内利宏

    情報処理学会研究報告(Web)   2021-CSEC-92 ( 47 )   1 - 8   2021.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Tenderにおける2種類の管理単位を持つ資源「実メモリ」の設計と実現

    楠恒輝, 山内利宏, 谷口秀夫

    情報処理学会研究報告(第151回システムソフトウェアとオペレーティング・システム研究会)   2021-OS-151 ( 12 )   1 - 8   2021.3

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • 計算機状態の高速な保存と復元を可能にする不揮発性メモリ向けTenderのプレート機能の実現

    田中雅大, 山内利宏, 谷口秀夫

    情報処理学会研究報告(第151回システムソフトウェアとオペレーティング・システム研究会)   2021-OS-151 ( 12 )   1 - 8   2021.3

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • 実証実験データを用いたモバイル向けブラックリスト構築手法の評価と未知の悪性サイト探索

    石原 聖, 佐藤 将也, 山内 利宏

    2021年暗号と情報セキュリティシンポジウム(SCIS2021)論文集   2021.1

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • VMMによるプログラム実行時のライブラリ情報取得機能の設計

    伊藤 寛史, 中村 徹, 清本 晋作, 山内 利宏

    2021年暗号と情報セキュリティシンポジウム(SCIS2021)論文集   2021.1

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Improvement for Detection Method of Transition to Unwanted Website Focusing on URL Bar Switching Interval and Evaluation Using Data of Demonstration Experiment

    9 - 16   2020.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Large-Scale Survey on Secure Development of IoT Devices by Software Analysis and Vendor Interview

    875 - 882   2020.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Design and Implementation of Kernel Address Isolation for Container

    859 - 866   2020.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Proposal of Method of Page Transition Visualization and Survey of Page Transitions in Android

    551 - 558   2020.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Evaluation of Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites Using Demonstration Experiment Data

    21 - 28   2020.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Implementation of Resource “Physical Memory” Extension in Tender

    楠恒輝, 山内利宏, 谷口秀夫

    電気・情報関連学会中国支部連合大会講演論文集(CD-ROM)   71st   2020.10

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Evaluation of Exclusive Page Reference Mechanism Capability for Kernel Data

    葛野弘樹, 山内利宏

    情報科学技術フォーラム講演論文集   19th   1 - 6   2020.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites

    Takashi Ishihara, Masaya Sato, Toshihiro Yamauchi

    The 21st World Conference on Information Security Applications (WISA2020), poster   2020.8

     More details

    Authorship:Last author, Corresponding author  

    researchmap

  • Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites

    Takashi Ishihara, Masaya Sato, Toshihiro Yamauchi

    The 21st World Conference on Information Security Applications (WISA2020), poster   2020.8

     More details

    Authorship:Corresponding author  

    researchmap

  • Tender における資源「入出力」のスループット向上手法

    利穂 虹希, 山内 利宏, 谷口 秀夫

    2020年電子情報通信学会総合大会 情報・システム講演論文集1   48 - 48   2020.3

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • ファームウェアに着目したIoT機器のセキュリティ機能の調査

    白石 周碁, 福本 淳文, 塩治 榮太朗, 秋山 満昭, 山内 利宏

    電子情報通信学会 第50回情報通信システムセキュリティ研究会(ICSS),電子情報通信学会技術研究報告   119 ( 437 )   37 - 42   2020.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 仮想計算機モニタによるプログラム実行の証拠保全システムの設計

    伊藤 寛史, 中村 徹, 橋本 真幸, 山内 利宏

    2020年電子情報通信学会総合大会 情報・システム講演論文集2   119 - 119   2020.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Seccompを利用したIoT機器のセキュリティ機能の向上手法の一検討

    松下 瑛佑, 山内 利宏

    2020年電子情報通信学会総合大会 情報・システム講演論文集2   118 - 118   2020.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Android WebViewにおける利用者の意図しない悪性WebサイトへのWebアクセス可視化手法

    市岡 秀一, 佐藤 将也, 山内 利宏

    2020年電子情報通信学会総合大会 情報・システム講演論文集2   117 - 117   2020.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 悪性Webサイトの探索によるモバイル向けブラックリスト構築手法の評価

    石原 聖, 佐藤 将也, 山内 利宏

    第82回全国大会講演論文集   2020 ( 1 )   441 - 442   2020.2

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    モバイル端末において,利用者の意図しないWebサイトへ誘導する攻撃が存在する.この攻撃への対策の1つとして,URLやホスト名のブラックリストを構築し,悪性Webサイトへのアクセスを未然に防止する手段がある.そこで,我々は,悪性Webサイトを探索し,モバイル向けのブラックリストを構築する手法を提案した.また,構築したブラックリストについて,悪性Webサイト検知率の評価を行った.しかし,悪性Webサイトの探索期間が短く,十分な評価が行われていない.本稿では,より長い期間の探索により構築したブラックリストを用いて,悪性Webサイト検知率の評価を行った結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • Tenderの資源プール機能における資源量の可視化機能

    林 里咲, 山内 利宏, 谷口 秀夫

    第82回全国大会講演論文集   2020 ( 1 )   39 - 40   2020.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    オペレーティングシステムにおいて,プロセス生成処理は,空間の生成やプログラム読み込みといった処理を行うため,負荷が大きい.そこで,分散指向永続オペレーティングシステムTenderでは,プロセス削除時にプロセスを構成する資源を削除せずに保持し,プロセス生成時に再利用することで,プロセスの生成処理と削除処理を高速化する資源プール機能を実現している.資源プール機能をより効率的に使用するためには,資源プール内に保持している資源について,計算機管理者が正確に把握する必要がある.本稿では,資源プール内の資源量と,資源プール機能に対して行われる資源の生成要求と削除要求を取得する機能を実現する手法を述べる.

    CiNii Article

    CiNii Books

    researchmap

  • Tenderにおける資源「実メモリ」の機能拡張

    楠 恒輝, 山内 利宏, 谷口 秀夫

    第82回全国大会講演論文集   2020 ( 1 )   51 - 52   2020.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    一つの計算機において,プログラムを実行するコアの数を増加させるうえで,NUMA構成が有効である.Tenderでは,UMA構成を意識した実メモリ管理を行っているため,NUMA構成のノード毎に分割された実メモリを有効に扱えない.このため,Tenderの実メモリ管理のNUMA構成への対応が課題である.Tenderでは,実メモリを資源「実メモリ」として管理しており,現在の資源管理で管理できる実メモリは256MBまでである.しかし,現在のNUMA構成の計算機は,少ないもので64GB程度の実メモリを搭載している.本稿では,Tenderの実メモリ管理機能の拡張ついて述べる.

    CiNii Article

    CiNii Books

    researchmap

  • マルチコアTenderにおけるコア間遠隔手続呼出制御処理の高速化と機能拡充

    藤戸宏洋, 山内利宏, 谷口秀夫

    情報処理学会研究報告(Web)   2020 ( OS-148 )   2020.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • AndroidにおけるURLバーの切り替わり間隔に着目した利用者の意図しないWebサイトへの遷移の検知手法の評価

    折戸 凜太郎, 石原 聖, 佐藤 将也, 梅本 俊, 中嶋 淳, 山内 利宏

    2020年暗号と情報セキュリティシンポジウム(SCIS2020)論文集   2020.1

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • スマートフォンにおけるWeb媒介型サイバー攻撃の観測機構:設計と実装

    山田 明, 佐野 絢音, 窪田 歩, 嶌田 一郎, 中嶋 淳, 吉岡 克成, 瀬尾 浩二郎, 満保 雅浩, 佐藤 将也, 松村 礼央, 田辺 瑠偉, 小澤 誠一, 田中 翔真, 梅本 俊, 松田 壮, 山内 利宏, 澤谷 雪子

    2020年暗号と情報セキュリティシンポジウム(SCIS2020)論文集   2020.1

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Method of Generating Blacklist by Searching Malicious Mobile Websites

    ( 2019 )   1025 - 1032   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Expanding Detectable Privilege Escalation Attacks and Reducing Overhead by Guest OS Monitoring Using Single Hook Point

    ( 2019 )   144 - 151   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Protection of Privileges Using ARM TrustZone in Privilege Escalation Attack Prevention Method

    ( 2019 )   581 - 588   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Design and Implementation of Exclusive Page Reference Mechanism Mitigates Kernel Vulnerability Attack

    ( 2019 )   660 - 667   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Proposal on Fine-Grained Reduction Method of Redundant Security Policy by Replacing typeattributeset Statement

    ( 2019 )   668 - 675   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Unwanted Web Site Classification for Android

    ( 2019 )   1011 - 1016   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Detection Method of Transition to Unwanted Website Focusing on URL Bar Switching Interval in Android

    ( 2019 )   1017 - 1024   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Implementation of Display Function for Tracing Diffusion of Classified Information on KVM

    Record of Joint Conference of Electrical and Electronics Engineers in Kyushu   2019 ( 0 )   132 - 132   2019.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)   Publisher:Committee of Joint Conference of Electrical, Electronics and Information Engineers in Kyushu  

    DOI: 10.11527/jceeek.2019.0_132

    CiNii Article

    researchmap

  • KVM上のゲストOSにおける権限の変更に着目した権限昇格攻撃防止手法の評価

    福本淳文, 山内利宏

    情報科学技術フォーラム講演論文集   18th   187 - 188   2019.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • 64-bit ARM環境における権限の変更に着目した権限昇格攻撃防止手法の評価

    吉谷亮汰, 山内利宏

    情報科学技術フォーラム講演論文集   18th   189 - 190   2019.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • カーネル脆弱性を利用した攻撃に対する仮想記憶空間の切替え処理の保護と改ざん検出

    葛野弘樹, 山内利宏

    情報科学技術フォーラム講演論文集   18th   9 - 16   2019.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • マルチコアTenderのコア間遠隔手続呼出における代行プロセス処理の高速化

    藤戸宏洋, 山内利宏, 谷口秀夫

    情報科学技術フォーラム講演論文集   18th   153 - 154   2019.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Android向けセキュリティアプリにおける悪性Webサイト検知率の調査

    折戸凛太郎, 佐藤将也, 山内利宏

    情報科学技術フォーラム講演論文集   18th   181 - 182   2019.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • SELinux CILを利用した不要なポリシの削減効果の評価

    齋藤凌也, 山内利宏

    情報科学技術フォーラム講演論文集   18th   205 - 206   2019.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 不揮発性メモリを利用したTenderにおける動作継続制御の基本評価

    田中 雅大, 山内 利宏, 谷口 秀夫

    情報科学技術フォーラム講演論文集   18th   159 - 160   2019.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Kernel Memory Inspection Capability for Malicious Kernel Module Detection Invited

    Hiroki Kuzuno, Toshihiro Yamauchi

    The 14th International Workshop on Security (IWSEC 2019), Invited session   2019.8

     More details

    Authorship:Last author, Corresponding author  

    researchmap

  • Threat Analysis of Fake Virus Alerts by Using Web Access Monitoring Mechanism for Android WebView

    Rintaro Orito, Koki Riho, Yuta Imamura, Masaya Sato, Toshihiro Yamauchi

    The 14th International Workshop on Security (IWSEC 2019), poster   2019.8

     More details

    Authorship:Last author, Corresponding author  

    researchmap

  • 不揮発性メモリを利用したTenderにおける動作継続制御の実現

    田中雅大, 山内利宏, 谷口秀夫

    情報処理学会研究報告 (2019年並列/分散/協調処理に関する『北見』サマー・ワークショップ (SWoPP2019))   2019-OS-147 ( 16 )   1 - 8   2019.7

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • カーネルに対する攻撃における独自の仮想記憶空間の切替え手法の検出能力と防御手法

    葛野弘樹, 葛野弘樹, 山内利宏

    情報処理学会研究報告(Web)   2019 ( CSEC-84 )   2019.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • KVM上のゲストOSにおける権限の変更に着目した権限昇格攻撃防止手法の実現

    福本淳文, 山内利宏

    情報処理学会研究報告(Web)   2019 ( CSEC-84 )   2019.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • 難読化JavaScriptコード解析支援システムの自動化の実現

    上原渓一郎, 山内利宏

    情報処理学会研究報告(Web)   2019 ( CSEC-84 )   2019.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Consideration of Visualization Mechanism to Support Diffusion Tracing Function of Classified Information on KVM

    Takumi Honda, Hideaki Moriyama, Toshihiro Yamauchi

    2019 ( 1 )   431 - 432   2019.2

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    CiNii Books

    researchmap

  • Method of Timely Detecting for Tracing Diffusion of Classified Information

    Hideaki Moriyama, Toshihiro Yamauchi, Masaya Sato, Hideo Taniguchi

    2019 ( 1 )   25 - 26   2019.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    CiNii Books

    researchmap

  • KVMを利用した機密情報の拡散追跡機能におけるファイルパス取得処理削減の評価

    荒木 涼, 森山 英明, 山内 利宏

    第81回全国大会講演論文集   2019 ( 1 )   433 - 434   2019.2

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    計算機内で管理されている機密情報は,外部に漏えいすることで,企業や個人にとって大きな損失となる.機密情報を保有するファイルの外部への拡散を検知するために,仮想計算機モニタ(VMM)を利用した機密情報の拡散追跡機能を提案し,実現している.この機能では,機密情報を保有するファイルを操作するシステムコールをフックして情報を取得することで,検知及び拡散経路の通知を可能としている.一方,フックによるシステム応答が問題となっており,いくつかの高速化手法を提案されている. 本稿では,KVMを用いた機密情報の拡散追跡機能について,拡散情報の一つであるファイルパス取得処理削減による高速化を適用した際の評価結果について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • KVMにおける機密情報の拡散追跡機能を用いた複数VM監視手法の評価

    岡崎 俊樹, 森山 英明, 山内 利宏, 佐藤 将也, 谷口 秀夫

    第81回全国大会講演論文集   2019 ( 1 )   429 - 430   2019.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    機密情報を計算機上で扱う機会の増加により,計算機外部に機密情報が漏えいする事例が増加している.そこで,計算機内部における機密情報の拡散状況を把握する機能として,仮想計算機モニタであるKVMを利用した機密情報の拡散追跡機能を提案した.また,KVMにおける機密情報の拡散追跡機能を拡張し,複数の監視対象 VMにおける機密情報拡散をVMM上で一元的に追跡する機構(以降,複数VM監視機構)を提案した.本稿では,複数VM監視機構に関する評価として,複数のVMを同時に操作する状況を想定し,提案手法を評価した結果について報告する.

    CiNii Article

    CiNii Books

    researchmap

  • マルチコアTenderにおけるメモリを介した遠隔手続呼出制御方式

    藤戸宏洋, 山内利宏, 谷口 秀夫

    情報処理学会研究報告(第145回システムソフトウェアとオペレーティング・システム研究発表会)   2019-OS-145 ( 1 )   1 - 8   2019.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 過去のNIC負荷とプロセスのデータ送信量を考慮した複数NIC間での負荷分散法 Reviewed

    谷口 秀夫, 吉田 泰三, 山内 利宏, 佐藤 将也

    第26回マルチメディア通信と分散処理ワークショップ論文集   68 - 73   2018.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • KVMを利用した機密情報の拡散追跡機能におけるファイルアクセス性能の評価

    森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報科学技術フォーラム講演論文集   17th   147‐148   2018.9

     More details

    Language:Japanese  

    J-GLOBAL

    researchmap

  • 権限の変更に着目した権限昇格攻撃防止手法のARMへの拡張 (情報セキュリティ)

    吉谷 亮汰, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   118 ( 151 )   177 - 183   2018.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    J-GLOBAL

    researchmap

  • SELinux CILを利用した不要なポリシ削減手法の提案 (情報セキュリティ)

    齋藤 凌也, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   118 ( 151 )   185 - 192   2018.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • KVMを利用した機密情報の拡散追跡機能における高速化の評価

    森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報処理学会全国大会講演論文集   2018 ( 1 )   1 - 2   2018.3

     More details

  • AnT の要求箱通信機能を利用した処理の多重化

    本田 紘貴, 佐藤 将也, 山内 利宏, 谷口 秀夫

    第80回全国大会講演論文集   2018 ( 1 )   127 - 128   2018.3

     More details

    Language:Japanese  

    AnT は,マイクロカーネル構造OSである.マイクロカーネル構造OSでは,OS機能の大半をOSサーバとして実現する.このため,OSサーバ間でのサーバプログラム間通信が必要となる.AnT におけるサーバプログラム間通信機構には,要求箱通信方式がある.要求箱通信方式では,要求箱とよばれる領域を作成する.依頼プロセスはこの領域に依頼を登録することで,OSサーバを定めることなく通信できる.この要求箱通信方式とバックグラウンドで処理を行う影OSサーバを用いることで,依頼プロセスが意識せず同じ処理を多重に実行することができる.そこで,本稿では,AnT の要求箱通信機能を利用した処理の多重化を提案する.

    CiNii Article

    CiNii Books

    researchmap

  • 独自のカーネル用仮想記憶空間を用いたカーネルモジュール監視手法

    葛野弘樹, 葛野弘樹, 山内利宏

    情報処理学会シンポジウムシリーズ(CD-ROM)   2018 ( 2 )   2018

  • マルチコアTenderにおけるメモリを介した遠隔手続呼出制御の方式の設計

    藤戸宏洋, 山内利宏, 谷口秀夫

    情報処理学会研究報告(Web)   2018 ( OS-144 )   2018

  • 権限昇格攻撃防止手法における権限の格納位置のランダム化

    吉谷亮汰, 山内利宏

    情報処理学会シンポジウムシリーズ(CD-ROM)   2018 ( 2 )   2018

  • AndroidにおけるWebViewのWebアクセス観測機構を利用した悪性Webサイトの脅威分析と対策の提案

    今村祐太, 折戸凜太郎, CHAIKAEW Kritsana, CHAIKAEW Kritsana, MANARDO Celia, MANARDO Celia, LEELAPRUTE Pattara, 佐藤将也, 山内利宏

    情報処理学会シンポジウムシリーズ(CD-ROM)   2018 ( 2 )   2018

  • スタック領域へのガードページ挿入による戻りアドレス書き換え防止手法

    溝内剛, 上川先之, 山内利宏

    情報処理学会研究報告(Web)   2018 ( CSEC-80 )   2018

  • AndroidにおけるWebViewのWebアクセス観測機構

    今村 祐太, 上川 先之, 石原 靖弘, 佐藤 将也, 山内 利宏

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • WindowsにおけるUse-After-Free脆弱性攻撃防止手法

    伴 侑弥, 山内 利宏

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

  • 仮想計算機を用いた重要ファイル保護手法

    佐藤 将也, 山内 利宏, 谷口 秀夫

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

  • KVM上の複数VMの動作に対応した機密情報の拡散追跡機能

    岡崎俊樹, 森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報処理学会シンポジウムシリーズ(CD-ROM)   2017 ( 2 )   ROMBUNNO.3D3‐1   2017.10

     More details

  • プロセスの複製による可用性を考慮したライブフォレンジック手法のマルチコア対応と評価

    時松 勇介, 山内 利宏, 谷口 秀夫

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • API操作ログ取得による難読化JavaScriptコード解析支援システム

    上川 先之, 山内 利宏

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • KVMにおける機密情報の拡散追跡機能の高速化

    森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報科学技術フォーラム講演論文集   16th   191‐192   2017.9

     More details

    Language:Japanese  

    J-GLOBAL

    researchmap

  • Editor’s message to special issue of computer security technologies against sophisticated cyber attacks

    Toshihiro Yamauchi

    Journal of Information Processing   25 ( 0 )   852 - 853   2017.9

     More details

    Language:English   Publisher:Information Processing Society of Japan  

    DOI: 10.2197/ipsjjip.25.852

    Scopus

    researchmap

  • Use-After-Free脆弱性攻撃防止手法におけるメモリ解放契機の評価 (情報セキュリティ)

    伴 侑弥, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 125 )   149 - 155   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    J-GLOBAL

    researchmap

  • プロセス管理表へのアクセス制御機能の評価 (マルチメディア情報ハイディング・エンリッチメント)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 128 )   157 - 163   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • Use-After-Free脆弱性攻撃防止手法におけるメモリ解放契機の評価 (マルチメディア情報ハイディング・エンリッチメント)

    伴 侑弥, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 128 )   149 - 155   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • プロセス管理表へのアクセス制御機能の評価 (情報セキュリティ)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 125 )   157 - 163   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    J-GLOBAL

    researchmap

  • プロセス管理表へのアクセス制御機能の評価 (技術と社会・倫理)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 126 )   157 - 163   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • OS資源をノード毎に管理するTenderの構成

    須頭 滉平, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   165 - 166   2017.3

     More details

    Language:Japanese  

    複数のマルチコアプロセッサを搭載するNUMA構成計算機は,サーバなどの高い性能が要求される分野において利用されている. NUMA環境では,コアとメモリの関係を意識したメモリ管理が重要となる.ここで, Tenderオペレーティングシステムでは,マルチコアプロセッサ対応方式として,OS資源を一元的に排他制御し管理する共有型方式とOS資源をコア毎に管理する個別型方式が提案されている.NUMA環境において,共有型方式では,異なるノード間でのメモリアクセス,個別型方式では,コア間の連携がオーバヘッドとなり,性能低下の原因となる.そこで,本稿では,NUMA環境に適した,OS資源をノード毎に管理するTenderオペレーティングシステムの構成について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • Tenderの再利用機能における未使用資源の削除機能

    田村 大, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   167 - 168   2017.3

     More details

    Language:Japanese  

    Tenderオペレーティングシステムでは,オペレーティングシステムが制御し管理する対象である資源を分離し独立化して管理している.このため,Tenderオペレーティングシステムにおけるプロセスは複数の資源から構成され,個々の資源は独立して存在できる.そこで,プロセスを構成する資源が必要になる前に事前生成したり再利用するために削除せずにメモリ上に未使用資源として保持し,プロセス生成時に使用することで,プロセス生成処理を高速化している.しかし,事前生成と再利用によりメモリ上に保持する資源は,使用されなければメモリ上に保持され続ける問題がある.そこで,本稿では,使用されない資源の削除機能について提案する.

    CiNii Article

    CiNii Books

    researchmap

  • プロセッサの違いに着目した走行モード変更機構の評価

    福居 誠二, 佐藤 将也, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   169 - 170   2017.3

     More details

    Language:Japanese  

    システムコールの発行は,プロセスの走行モードの変更を伴うため,多くのシステムコールの発行を伴う処理において走行モードの変更は大きなオーバヘッドとなる.このオーバヘッドを削減する手法として,プロセスを任意の時点でスーパバイザモードに変更可能にする走行モード変更機構を提案した.また,OS空間を保護するために,仮想空間切り替え方式とセグメント切り替え方式を提案した.ここで,走行モードの変更に伴うオーバヘッドはプロセッサの性能による影響が大きい.本稿では,プロセッサの性能の異なる計算機としてPentium 4とCore i7を搭載した計算機を用い,プロセッサの違いに着目した走行モード変更機構の評価を行う.

    CiNii Article

    CiNii Books

    researchmap

  • 未参照バッファ数に着目した入出力バッファ分割法におけるWebサーバ応答時間の評価

    河辺 誠弥, 山内 利宏, 乃村 能成, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   171 - 172   2017.3

     More details

    Language:Japanese  

    利用者が優先したい処理の実行処理時間を短縮する方式として,ディレクトリ優先方式を提案した.ディレクトリ優先方式は,入出力バッファを優先領域とその他の領域に分割し,指定したディレクトリ下のファイルを優先的にキャッシュする.しかし,優先的にキャッシュするファイルが入出力バッファを圧迫し,それらのファイル以外のファイルのキャッシュヒット率が低下することにより,計算機全体の性能低下を招いてしまう問題がある.そこで,一定期間内に参照されていないバッファ数に着目し,入出力バッファを分割する方式を提案した.提案方式では,優先的にキャッシュされたファイルをキャッシュする領域の下限と減少量を設定することで,優先ファイルのキャッシュヒット率を低下しすぎないようにする.本稿では,提案方式について,Webサーバを使用した評価結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • AndroidにおけるWebViewのWebアクセス観測機構の提案

    今村 祐太, 上川 先之, 工藤 直樹, 佐藤 将也, 山内 利宏

    第79回全国大会講演論文集   2017 ( 1 )   551 - 552   2017.3

     More details

    Language:Japanese  

    Androidを標的とする悪性なWebコンテンツを利用した攻撃が存在する.攻撃を防止するためには,Webアクセスを観測し,攻撃の特性を調査する必要がある.ここで,AndroidにおけるWebアクセスには,Webブラウザによるもの以外に,WebViewを利用するAndroidアプリケーションによるものが存在する.WebブラウザによるWebアクセスはプラグインを用いて観測可能である.一方,WebViewを利用したWebアクセスを観測する機構は存在しない.そこで,本稿では,AndroidにおけるWebViewのWebアクセス観測機構を提案する.提案手法は,WebViewの改変により,WebViewを利用する全てのAndroidアプリケーションのWebアクセスを観測可能にする.

    CiNii Article

    CiNii Books

    researchmap

  • KVMにおける機密情報の拡散追跡機能における性能改善策

    森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報処理学会全国大会講演論文集   2017 ( 1 )   13 - 14   2017.3

     More details

  • マルチコアAnTのスケジュール機構における優先度逆転抑制効果

    鴨生 悠冬, 佐藤 将也, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   157 - 158   2017.3

     More details

    Language:Japanese  

    オペレーティングシステムは,サービスの要望に即したプロセスのスケジュールが求められるため,優先度逆転を抑制する必要がある.特にマイクロカーネル構造OSでは,OSサーバ間通信において優先度逆転が発生する可能性がある.また,コア毎に独立したスケジューラは,マイクロカーネル構造OSの性能を左右するプロセス切替のオーバヘッドが小さい特徴を持つ.一方,他コア上のプロセス情報を操作できないため,コア間通信を必要とする.そこで,コア毎に独立したスケジューラを有するマイクロカーネル構造OSのAnTにおいて,OSサーバ間通信における優先度逆転を抑制し,かつコア間通信回数を削減するスケジュール機構を提案した.本稿では,このスケジュール機構の優先度逆転抑制効果を計算サーバにより評価した結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • マイクロカーネルOSにおけるNICドライバプロセスの入替え性能の比較

    澤田 淳, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   161 - 162   2017.3

     More details

    Language:Japanese  

    マイクロカーネル構造を有するAnT オペレーティングシステムにおいて,APプロセスが利用中である場合のNICドライバプロセスの入替え時間とデータ送信時間が分析されている.本稿では,NICドライバプロセスの入替え時間とデータ送信時間を分析することで,MINIX3とAnT のOSサーバ入替え性能を比較する.

    CiNii Article

    CiNii Books

    researchmap

  • サーバの並列処理を促進するAnTの一括依頼並列処理機能

    村岡 勇希, 佐藤 将也, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   163 - 164   2017.3

     More details

    Language:Japanese  

    マイクロカーネルOSであるAnTでは,OSサーバへ依頼する処理の依頼情報を制御用ICAに格納し,シーケンシャルに処理する.そこで,本稿では,複数個の制御用ICAを一括して処理依頼することで複数の依頼情報の処理を並列処理する一括依頼並列処理機能について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • Tenderにおけるプロセス構成資源の事前生成による高速プロセス生成機能の評価

    田村 大, 佐藤 将也, 山内 利宏, 谷口 秀夫

    コンピュータシステム・シンポジウム論文集   ( 2016 )   94 - 101   2016.11

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Tenderにおける資源「入出力」の評価

    佐野 弘尚, 山内 利宏, 谷口 秀夫

    コンピュータシステム・シンポジウム論文集   ( 2016 )   20 - 27   2016.11

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Cordovaを利用したハイブリッドアプリケーションにおけるプラグインのアクセス制御方式

    工藤 直樹, 山内 利宏

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   450 - 457   2016.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • システムコール処理による権限の変化に着目した権限昇格攻撃の防止手法

    赤尾 洋平, 山内 利宏

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   542 - 549   2016.10

     More details

  • CPUエミュレータを利用した実行コード解析システムの提案

    上川 先之, 山内 利宏

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   668 - 675   2016.10

     More details

  • 制御システムの可用性を考慮したプロセスの複製によるライブフォレンジック手法の提案

    時松 勇介, 山内 利宏

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   84 - 91   2016.10

     More details

  • 攻撃回避のためのファイル不可視化手法の提案

    佐藤 将也, 山内 利宏, 谷口 秀夫

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   224 - 228   2016.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • プロセス情報不可視化のための仮想計算機モニタによるメモリアクセス制御機能の評価 (情報セキュリティ)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   116 ( 129 )   153 - 159   2016.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • Special section on information and communication system security

    Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E99D ( 4 )   785 - 786   2016.4

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    DOI: 10.1587/transinf.2015ICF0001

    Web of Science

    Scopus

    researchmap

  • D-6-24 Evaluation of Time Stamp Counter on Multi-core Processor

    Sano Hironao, Fujii Shota, Horii Motoshi, Teraoka Akihiko, Yamauchi Toshihiro, Matsuoka Takeshi, Etoh Fumiharu, Fukui Hidemichi, Iwasaki Shuji

    Proceedings of the IEICE General Conference   2016 ( 1 )   78 - 78   2016.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • D-6-23 Performance Evaluation of Inter-core Communication on Multi-core Processor

    Fujii Shota, Horii Motoshi, Sano Hironao, Teraoka Akihiko, Yamauchi Toshihiro, Matsuoka Takeshi, Etoh Fumiharu, Fukui Hidemichi, Iwasaki Shuji

    Proceedings of the IEICE General Conference   2016 ( 1 )   77 - 77   2016.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Design of Function for Tracing Diffusion of Classified Information for IPC on KVM

    2015 ( 3 )   191 - 198   2015.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Memory Access Control Using Virtual Machine Monitor for Process Information Hiding

    2015 ( 3 )   855 - 860   2015.10

     More details

  • B-021 Evaluation of CPU resources allocation control in KVM

    Moriyama Hideaki, Kinoshita Ryoji, Suganuma Akira, Yamauchi Toshihiro, Taniguchi Hideo

    情報科学技術フォーラム講演論文集   14 ( 1 )   217 - 218   2015.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • B-018 Delay Method of Updating File Importance on I/O Buffer Cache Mechanism Based on Frequency of System Call

    Teraoka Akihiko, Yamauchi Toshihiro, Taniguchi Hideo

    14 ( 1 )   209 - 210   2015.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • B-022 Evaluation of OS Server Replacement Mechanism of AnT Using Communication Control Server

    Sawada Jun, Yamauchi Toshihiro, Taniguchi Hideo

    14 ( 1 )   219 - 220   2015.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • B-023 Evaluation of Reduction Method for Priority Inversion of OS server for AnT in File Reading

    Kamou Yuuto, Yamauchi Toshihiro, Taniguchi Hideo

    14 ( 1 )   221 - 222   2015.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • プロセス特定困難化のためのプロセス情報の置換手法の評価 (情報セキュリティ)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   115 ( 119 )   159 - 165   2015.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • メモリ再利用禁止によるUse-After-Free脆弱性攻撃防止手法の実現と評価 (情報通信マネジメント)

    山内 利宏, 池上 祐太

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   115 ( 45 )   141 - 148   2015.5

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • 分岐トレース支援機能を用いたカーネルルートキット検知手法の提案 (情報通信マネジメント)

    赤尾 洋平, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   115 ( 45 )   9 - 16   2015.5

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • D-6-13 Comparative Evaluation of Interrupt Control Method in OS for Multi-core Processor

    Tamura Jun, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2015 ( 1 )   77 - 77   2015.2

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • AnTオペレーティングシステムにおける効率的なサーバ間通信機構

    河上 裕太, 山内 利宏, 谷口 秀夫

    情報処理学会研究報告. [システムソフトウェアとオペレーティング・システム]   2015 ( 12 )   1 - 7   2015.2

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    マルチコアプロセッサ上で動作するマイクロカーネル構造 OS では,OS サーバを各コアに分散することで OS 処理を分散できる.一方,マイクロカーネル構造 OS は,OS サーバ間の連携に多くの通信を必要とする.このため,OS サーバ間での通信を効率化するととは重要である.AnT オペレーティングシステムは,マイクロカーネル構造 OS であり,OS サーバを各コアに分散できる.そこで,プロセスの分散形態を制限することでマルチコア環境での排他制御オーバヘッドを抑制し,高速なサーバ間通信を実現している.しかし,分散形態の制限下において効率的な負荷分散を実現することは困難である.本稿では,AnT における分散形態の制限を撤廃し,効率的な負荷分散を実現するサーバ開通信機構について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • ファイル操作に着目したOS処理分散法

    江原 寛人, 河上 裕太, 山内 利宏, 谷口 秀夫

    情報処理学会研究報告. [システムソフトウェアとオペレーティング・システム]   2015 ( 7 )   1 - 7   2015.2

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    ファイル操作処理は,OS 処理として実現される.また,マイクロカーネル構造 OS は,ファイル管理処理やディスクドライバ処理といった OS 処理を OS サーバとして実現する.したがって,マルチコアプロセッサ環境において,OS サーバをコア毎に分散することで,OS 処理をコア毎に分散できる.本稿では,マルチコア向け AnT において,ファイル操作処理に関する OS サーバを複数同時起動し,これら OS サーバをコア毎に分散できることを述べる.また,複数の外部記憶装置からの独立したファイル操作処理について,評価結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • LinuxとAnTオペレーティングシステムの連携機構の評価

    福島 有輝, 山内 利宏, 乃村 能成, 谷口 秀夫

    情報処理学会研究報告. [システムソフトウェアとオペレーティング・システム]   2015 ( 11 )   1 - 7   2015.2

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    特定のサービスに適した独自 OS を利用し,さらにマルチコアプロセッサを活かして独自 OS からの既存 OS プログラム利用による独自 OS の利便性向上を目指した Linux と AnT オペレーティングシステムの混載システムを提案した.Linux は,多種の入出力機器の利用を可能とし,かつ既存 OS として普及しており,多くのサービスを実現している.一方,AnT は,マイクロカーネル構造を有し,適応性と堅牢性を特徴とする独自 OS である.この両者の特徴を生かしたサービス提供のために,両 OS の連携機構を設計した.この連携機構は,AnT から Linux にシステムコール代行実行を処理依頼する.本稿では,AnT からの Linux システムコール代行実行の評価について報告する.具体的には,連携機構実現における工数と Linux システムコール代行実行の性能について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • 2014年度喜安記念業績賞紹介,セキュアOSの普及に向けた取り組み

    中村雄一, 海外浩平, 原田季栄, 半田哲夫, 山内利宏

    情報処理   56 ( 8 )   798 - 799   2015

     More details

  • LinuxとAnTの連携機構における代行実行処理の多重化の評価

    福島有輝, 山内利宏, 乃村能成, 谷口秀夫

    情報処理学会研究報告(Web)   2015 ( OS-134 )   2015

  • Evaluation of Tracing Classified Information Diffusion for File Operations on KVM

    2014 ( 2 )   751 - 758   2014.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Implementation and Evaluation of Dynamic Control Method for Sending User Information Using TaintDroid

    2014 ( 2 )   789 - 796   2014.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • A Report on International Conference ASIACCS2014

    2014 ( 2 )   1327 - 1334   2014.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Use-After-Free Prevention Method Using Memory Reuse Prohibited Library

    2014 ( 2 )   567 - 574   2014.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • 未参照バッファ数に着目した入出力バッファ分割法

    山本光一, 土谷彰義, 山内利宏, 谷口秀夫

    研究報告システムソフトウェアとオペレーティング・システム(OS)   2014 ( 5 )   1 - 8   2014.7

     More details

    Language:Japanese  

    利用者が優先して実行したい処理 (優先処理) の実行処理時間を短縮する方式として,ディレクトリ優先方式を提案した.この方式は,入出力バッファを二つの領域に分割し,指定したディレクトリ直下のファイル (優先ファイル) を優先的にキャッシュする.これにより,優先処理が頻繁にアクセスするファイルを優先ファイルとすることで,優先処理の実行処理時間を短縮できる.しかし,ディレクトリ優先方式は,優先ファイル以外のファイル (非優先ファイル) のキャッシュヒット率を著しく低下させ,悪影響を生じさせることがある.そこで,本稿では,領域のサイズを更新するまでの期間内に参照されてないバッファ数に着目し,このバッファがない方の領域のサイズを増加させる方式を提案する.提案方式は,優先ファイルをキャッシュする領域の下限を設定するパラメータを用いることで,優先ファイルをキャッシュする領域のキャッシュヒット率が低下しすぎないようにしている.また,カーネル make 処理と Web サーバ処理において提案方式を評価した結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • Tenderにおけるプロセス間通信データ域に特化したプロセス間通信の設計

    川野直樹, 山内利宏, 谷口秀夫

    研究報告システムソフトウェアとオペレーティング・システム(OS)   2014 ( 22 )   1 - 8   2014.7

     More details

    Language:Japanese  

    協調処理では,プロセス間通信の性能が処理性能に大きな影響を与える.このため,プロセス間通信の高速化が必要である.本稿では,Tender オペレーティングシステムにおいて,プロセス間通信に特化した領域 (プロセス間通信データ域) を実現し,この領域を利用したプロセス間通信の設計と実現方式について述べる.プロセス間通信データ域とは,プロセス間の複写レスでのデータ授受機能を支援する領域である.プロセスは,この領域を利用して通信することにより,複写レスなデータ授受と仮想アドレスから実アドレスへの変換の高速化を実現し,プロセス間通信を高速化できる.また,評価では,Tender オペレーティングシステムの既存のプロセス間通信との処理時間の比較結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • KVMにおける機密情報の拡散追跡機能の設計 (マルチメディア情報ハイディング・エンリッチメント)

    藤井 翔太, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   114 ( 118 )   187 - 193   2014.7

     More details

    Language:Japanese   Publisher:一般社団法人電子情報通信学会  

    計算機内の機密情報が拡散する状況を追跡し,機密情報を有する資源を把握する機能として機密情報の拡散追跡機能をOS内に実現した.しかし,機密情報の拡散追跡機能には,導入の際に対象のOSのソースコードを修正する必要があること,およびOS自体を攻撃されると,機密情報の拡散追跡機能が無効化される危険性が存在する問題がある.そこで,KVMにおける機密情報の拡散追跡機能を設計した.機密情報の拡散追跡機能をKVM内に実現することにより,導入対象OSのソースコードを修正する必要がなくなり,より多くの環境に導入可能になる.また,機密情報の拡散追跡機能をOSから隔離できるため,機密情報の拡散追跡機能への攻撃をより困難にできる.

    CiNii Article

    CiNii Books

    researchmap

  • Attack Avoiding Method Obscuring Process Identification by Making Process Information Invisible

    2013 ( 4 )   1042 - 1049   2013.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Proposal of Attacker Investigation System Triggered Information Leakage

    2013 ( 4 )   17 - 24   2013.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • B-008 Efficient Page Out Rule in Tender

    Hamaguchi Tomoyuki, Yamauchi Toshihiro, Taniguchi Hideo

    12 ( 1 )   231 - 232   2013.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • L-011 Malware Detection Method Focusing on Anti-Debugging

    Yoshizaki Kota, Yamauchi Toshihiro

    12 ( 4 )   219 - 220   2013.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • L-001 Performance Evaluation with APs for Secure Log Transfer Method Using Library Replacement

    Sato Masaya, Yamauchi Toshihiro

    12 ( 4 )   185 - 186   2013.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • マルチコアTenderにおける排他制御の細粒度化による並列性向上手法

    山本貴大, 山内利宏, 谷口秀夫

    情報処理学会研究報告. [システムソフトウェアとオペレーティング・システム]   2013 ( 16 )   1 - 8   2013.7

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    近年,マルチコアプロセッサの普及に伴い,オペレーティングシステム (以降,OS) のマルチコア対応が必要となっている.OS のマルチコア対応における課題として処理の並列性の向上がある.Tender オペレーティングシステム (以降,Tender) では,Tender 特有の OS 構造である資源インタフェース制御において一元的に排他制御することで修正工数を抑制し,マルチコア対応を実現した.このとき,資源インタフェース制御において資源の種類ごとに排他制御することで異なる種類の資源の並列処理を実現した.しかし,本手法では,同じ種類の資源を並列に処理することができない.本稿では,マルチコア向け Tender (以降,マルチコア Tender) において一元的な排他制御構造を維持しつつ,排他制御を細粒度化する手法について述べる.これにより,同じ種類の資源の並列処理を実現し,処理の並列性を向上させる.このとき,修正に要した工数について評価する.また,マイクロベンチマークを使用し,Linux,および FreeBSD と比較することでマルチコア Tender の性能を評価する.

    CiNii Article

    CiNii Books

    researchmap

  • 細粒度の情報追跡による機密情報送信の動的制御手法 (マルチメディア情報ハイディング・エンリッチメント)

    小倉 禎幸, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   113 ( 138 )   135 - 141   2013.7

     More details

    Language:Japanese   Publisher:一般社団法人電子情報通信学会  

    近年,Android端末の普及に伴い,Androidを標的とするマルウェアが増加し,マルウェアへの対策が重要視されている.特に,マルウェアによる端末外部への機密情報の漏洩が問題となっている.この問題に対処するために,機密情報の伝搬を追跡し,機密情報が外部に漏洩する際に利用者の判断に従ってAPの動作を動的に制御する手法を提案する.具体的には,提案手法は,TaintDroidを利用し,機密情報の伝搬を変数レベルで細粒度に追跡する.端末外部に機密情報が漏洩する場合,利用者の判断に従ってAPの動作を制御する.これにより,端末外部への機密情報の漏洩を防止する.また,端末外部に送信される機密情報をダミーデータに置換し,機密情報の漏洩を防止する.これにより,APの正常な動作をできるだけ妨げることなく機密情報の漏洩を防止できる.さらに,AP間で機密情報のやり取りがあった場合,機密情報の漏洩に関わったAP名を取得し,機密情報の伝搬経路を把握する.これにより,利用者は機密情報の漏洩の伝搬経路とその漏洩に関わったAPを正確に把握し,漏洩要因の各APに対処できる.

    CiNii Article

    CiNii Books

    researchmap

  • ライブラリの置き換えによるVM外部への安全なログ転送方式の評価 (マルチメディア情報ハイディング・エンリッチメント)

    佐藤 将也, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   113 ( 138 )   121 - 128   2013.7

     More details

    Language:Japanese   Publisher:一般社団法人電子情報通信学会  

    ログは,計算機の動作を把握するための重要な情報である.しかし,攻撃や問題の発生により,ログの改ざんや消失が起こる可能性がある.この問題への既存の対処の多くは,対処する以前にログを改ざんされる恐れがある.また,VM上のOSの種類に応じた対処や性能低下が問題となる.これらの問題への対処として,ライブラリの置き換えによるVM外部への安全なログ転送方式を提案した.提案方式では,ログ発行時にVMMにログの転送を依頼するように,VM上のライブラリを置き換える.VMMはVMからログを取得し,ログの取得元とは異なるVMで保存する.これにより,多種のOSへ容易に適用でき,性能低下の小さい方式を実現した.本稿では,提案方式の評価について述べる.提案方式の有効性を示すために,ログの改ざんを防止できるか検証した.また,多種のOSへの適用の容易さを評価した.性能評価では,APの性能への影響と複数台のVMを走行させた場合の性能の変化を評価した.

    CiNii Article

    CiNii Books

    researchmap

  • The 2012 IPSJ Best Paper Award: Application of Virtualization Technology for Computer Security

    54 ( 8 )   815 - 815   2013.7

     More details

  • AnTオペレーティングシステムにおける低機能MMUの制御法

    鶴谷昌弘, 山内利宏, 谷口秀夫

    研究報告システムソフトウェアとオペレーティング・システム(OS)   2013 ( 11 )   1 - 7   2013.2

     More details

    Language:Japanese  

    計算機の多様な利用を支える高い適応性と堅牢性を実現できるOSが必要となっており,これを実現するOSプログラム構造としてマイクロカーネル構造がある.マイクロカーネルOSは,OS機能の大半をOSサーバとして実現するため,OSサーバ間でプログラム間通信が頻発し,モノリシックカーネルOSに比べ性能が低下する.このため,データ複写レスによる通信により,OSサーバ間での授受データの複写オーバヘッドを低減している.しかし,低機能MMUでは,データ複写レスであっても通信時に発生するTLBミスに伴う処理オーバヘッドが大きい.そこで,マイクロカーネルOSにおける低機能MMU制御法を提案する.提案制御法は,サーバプログラム間通信で利用する領域についてはページテーブルを利用することなく,TLBエントリでページの割り当てを管理し,TLBミスを発生させないことによりサーバプログラム間通信を高速化する.SH-4を例として,提案制御法をAnTオペレーティングシステムに実現する方式を示し,性能評価の結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • External Storage Mechanism for Preserving File Access Log with Virtualization Technology

    安藤類央, 橋本正樹, 山内利宏

    情報処理学会論文誌ジャーナル(CD-ROM)   54 ( 2 )   2013

  • ライブラリの置き換えによるVM外部への安全なログ転送方式の提案

    佐藤将也, 山内利宏

    研究報告コンピュータセキュリティ(CSEC)   2012 ( 6 )   1 - 8   2012.12

     More details

    Language:Japanese  

    ログは,計算機の動作を把握するための重要な情報である.しかし,攻撃や問題の発生により,ログの改ざんや消失が起こる可能性がある.この問題へ対処するために,ログを保護する手法が提案されている.しかし,手法の多くは AP や OS で実現されており,カーネルレベルで動作するマルウェアからログを保護するのは難しい.そこで,我々は, VMM を用いたログの保護方式を提案した.しかし,この方式では,複数の VM において多種の OS が利用される場合,それぞれの OS に対応するように VMM を修正する必要があり,その工数が大きい.そこで,複数 VM 上の多種の OS に最小限のプログラムの修正により対応可能な, AP の出力するログの保護方式を提案する.提案方式は,ログ発行時に特定の命令を実行するように, VM 上のライブラリをあらかじめ置き換える. VMM は,この命令を契機にログを保護する.このため,提案方式は OS の種類に依存しない.

    CiNii Article

    CiNii Books

    researchmap

  • Proposal of a Method for Dynamic Control of Application Programs by Extending the SEAndroid

    2012 ( 3 )   130 - 137   2012.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Dynamic Driver Process Replacement Mechanism for AnT

    2012 ( 4 )   202 - 209   2012.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Evaluation of Load Balancing in Multi-core for AnT

    Takeshi Sakoda, Keisuke Masuda, Noriaki Hasuoka, Toshihiro Yamauchi, Hideo Taniguchi

    IPSJ SIG Notes   2012 ( 31 )   1 - 7   2012.9

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Operating system based on microkernel architecture has high adaptability and toughness. Otherwise, multi-core processor appeared by progress of LSI technology. If it is made to run OS based on microkernel architecture and OS server can be distributed to each core on the multi-core processor, load balancing of OS processing will become possible. For the above reasons, the load balancing of OS processing can offer large transaction processing effectively on the multi-core environment. This paper shows the result of evaluations for performance of distributing OS processing in the AnT operating system based on microkernel architecture works on the multi-core environment. To put it concretely, this paper shows the difference in the performance by distributed forms at the time of data reference in a block unit. Moreover, this paper shows the distribution effect by distributed forms using PostMark and Bonnie.

    CiNii Article

    CiNii Books

    researchmap

  • Development of Multicore Tender Operating System

    2012 ( 4 )   1 - 8   2012.7

     More details

  • Evaluation for Fast Method of Inter Server Program Communication on AnT for SH-4

    2012 ( 7 )   1 - 7   2012.4

     More details

  • Evaluation of Regulating I/O performance on Tender Operating System

    2012 ( 6 )   1 - 8   2012.4

     More details

  • Proposal of a Method for Tracing Diffusion of Information and Preventing Information Leakage on Android

    OKUDA Kenji, NAKATSUKA Ryo, YAMAUCHI Toshihiro

    IEICE technical report. Information and communication system security   111 ( 495 )   5 - 10   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Application program (AP) can collaborate with other APs and control personal information with Intent or user's allowing of permission. However, users cannot detect those behaviors. Therefore, users might not be able to be aware of an AP as a malware. This paper proposes a method for tracing diffusion of personal information and preventing its leakage on Android. Our method alerts information leakage when an AP uses APIs to communicate with outside. These alerts are caused only if the AP has already called APIs to collect personal information. Users can refuse execution of the API if it was not appropriate. Further, we visualize the diffusion path of personal information to support users to decide the API is appropriate or not.

    CiNii Article

    CiNii Books

    researchmap

  • D-6-16 Fast Method of Inter Server Program Communication on AnT for SH-4

    TSURUYA Masahiro, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   77 - 77   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-18 Evaluation for Sophisticated Periodic Execution Control on SH-4 Processor

    Furukawa Yuuki, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   79 - 79   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-19-6 Solution of the Diffusion Tracing Function of Classified Information for Distributed Environment

    Otsubo Nobuto, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2012 ( 2 )   213 - 213   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • D-6-13 Tender Operating System for multicore processor

    Nagai Kengo, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   74 - 74   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-14 Implementation of Resources "Periodic Timer" in Multicore Tender

    Yamamoto Takahiro, Nagai Kengo, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   75 - 75   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-15 Dynamic NIC Driver Process Replacement Mechanism for AnT

    HASUOKA Noriaki, TSURUYA Masahiro, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   76 - 76   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Method to Set Effective Directories for a Directory Oriented Buffer Cache Mechanism

    2012 ( 9 )   1 - 8   2012.2

     More details

  • The relation between program description and high performance mechanism of processor

    57 - 64   2012.1

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Preface

    Goichiro Hanaoka, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   7631 LNCS   2012

     More details

  • Automatic Method of Partitioning I/O Buffer Based on Cache Hit Ratio

    ( 2011 )   62 - 72   2011.11

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Proposal of Function to Visualize Diffusion Path of Classified Information

    2011 ( 3 )   367 - 372   2011.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • A profiling method of malware's behavior using integratedvirtualized system monitor

    2009 ( 2009 )   1 - 6   2011.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Implementation and Evaluation of I/O Resource on Tender Operating System

    2011 ( 19 )   1 - 8   2011.7

     More details

  • Evaluation of Inter Server Program Communication for AnT operating system on SH-4

    2011 ( 12 )   1 - 8   2011.7

     More details

  • Interprocess communication function using the physical memory exchange function on Tender Operating System

    2011 ( 13 )   1 - 7   2011.7

     More details

  • I/O Buffer Partitioning Method Based on Cache Hit Ratio

    2011 ( 18 )   1 - 9   2011.7

     More details

  • Implementation and Evaluation of Virtual Machine Based Kernel Log Collector

    2011 ( 28 )   1 - 8   2011.7

     More details

  • Design and Evaluation of a Method to Reduce Redundant Security Policy of SELinux

    YAGI SHINYA, NAKAMURA YUICHI, YAMAUCHI TOSHIHIRO

    IEICE technical report   111 ( 30 )   71 - 76   2011.5

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    In many cases, general security policy is used because of the difficulty of creating security policy. However, this security policy is possible to allow excessive rights in system. In addition, it is difficult to use this security policy in embeded systems because of the memory footprint. To deal with these problems, we propose a method system automatically detects redundant security policies by using log SELinux outputs and deletes them. The proposed system also suggests system administrator and improves security of the system and reduces the memory footprint. This paper shows the problems of security policy and dealing with them. This paper also shows design and evaluation.

    CiNii Article

    CiNii Books

    researchmap

  • Design and Evaluation of a Method to Reduce Redundant Security Policy of SELinux

    2011 ( 13 )   1 - 6   2011.5

     More details

  • 周期実行制御における周期超過防止法の周期処理分割に関する評価

    古川友樹, 山内利宏, 谷口秀夫

    第73回全国大会講演論文集   2011 ( 1 )   39 - 40   2011.3

     More details

    Language:Japanese  

    ロボットのモータ制御やセンサ制御における処理は周期的に実行される.周期的に実行される処理は次の周期までに処理を終了する必要があり,次の周期までに処理が終了しない場合,予定されていた処理の実行が行われず,問題となる.一方,周期実行される処理の開始から終了までの時間は,実入出力処理時間の変動やタイマ割り込み処理の影響により一定でない.そこで,処理の実行状況を記録し,次の周期までに処理が終了できるか否か判定し,超過すると判定した場合,終了時刻までに終了できる適切な処理を起動できる方法を提案した.ここでは,提案手法の周期処理分割に関する評価について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • Proposal of I/O Resource on Tender Operating System

    2010 ( 5 )   1 - 7   2011.2

     More details

  • Design and Evaluation of Control Method to Deal with Deadline Miss for Periodic Scheduling

    FURUKAWA Yuuki, YAMAUCHI Toshihiro, TANIGUCH Hideo

    IEICE technical report   110 ( 278 )   23 - 28   2010.11

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    The processing executed periodically must be finished before the next release time. If such a processing is not finished before a deadline, the scheduled processing is not executed in the next period. On the other hand, the execution time of the processing executed periodically from the release to the end is not constant by changing of I/O processing time and influencing the timer interrupt. Therefore, our proposed system records the execution time of the processing, judges whether the processing will be finished before the deadline and can execute the appropriate processing for the remaining time. In this paper, we describe the design and evaluation of our system.

    CiNii Article

    CiNii Books

    researchmap

  • Evaluation of Dynamic Communication Control Server Replacement Processing for AnT

    2010 ( 11 )   99 - 104   2010.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Linux Security Features : Tackling the Difficulty of Seculity Policy Configuration

    NAKAMURA Yuichi, YAMAUCHI Toshihiro

    IPSJ Magazine   51 ( 10 )   1268 - 1275   2010.10

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00070553/

  • L-033 Tracing and Visualization Function of Information Propagation by File Manipulation

    Nakatsuka Ryo, Yamauchi Toshihiro, Taniguchi Hideo

    9 ( 4 )   251 - 252   2010.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • B-038 Implementation of control method to deal with deadline miss for periodic scheduling

    Furukawa Yuuki, Yamauchi Toshihiro, Taniguchi Hideo

    9 ( 1 )   367 - 368   2010.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • Control method to detect and deal with deadline miss for periodic scheduling

    FURUKAWA YUUKI, YAMAUCHI TOSHIHIRO, TANIGUCHI HIDEO

    115   W1 - W6   2010.8

     More details

  • Realization and Evaluation of the Generation Management Function on Tender Operating System

    NAGAI KENGO, YAMAMOTO YUTA, YAMAUCHI TOSHIHIRO, TANIGUCHI HIDEO

    115   B1 - B8   2010.8

     More details

  • Implementation of the TCP/IP communication function in the AnT operating system

    INOUE YOSHIHIRO, TANIGUCHI HIDEO, YAMAUCHI TOSHIHIRO

    115   J1 - J8   2010.8

     More details

  • Design of Converting Linux LKM Device Driver into Concrete Process in AnT Operating System

    SHIMAZAKI Yutaka, TABATA Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    IEICE technical report   109 ( 475 )   517 - 522   2010.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Recent OS has a large number of device drivers. It is important to reduce cost for developing new device drivers in OS development. When we port an existing device driver into the OS which realizing device driver process to reduce the development cost, we need to not only port but also form it into process. In this paper, we show a method for converting an existing Linux LKM device driver into process in AnT operating system. Furthermore, we evaluated the proposal method using drivers such as the FD, Intel 1GbE, and Realtek 1GbE driver.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design of Sophisticated Periodic Execution Control for Embedded Systems

    FURUKAWA Yuuki, TABATA Toshihiro, TANIGUCHI Hideo

    IEICE technical report   109 ( 475 )   523 - 528   2010.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    In embedded systems, a kind of the processing to be executed is limited, and a lot of processing are executed periodically. In such systems, we need to reduce the overhead of periodic execution control and the dispersion of its time. ART-Linux is proposed as one of the conventional real-time operating system that is used such as robot. In this paper, we show a periodic execution control of ART-Linux and clarify several problems. Next, we design a sophisticated periodic execution control to solve these problems of ART-Linux. Finally, we show the realization of the periodic execution control and the effect of it.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • I/O Buffer Partition Method to Improve Execution Time of Priority Processing

    TSUCHIYA Akiyoshi, TABATA Toshihiro, TANIGUCHI Hideo

    72 ( 0 )   99 - 100   2010.3

     More details

  • A proposal of physical memory exchange function to enable Zero-copy communication processing

    KADO NAOFUMI, TABATA TOSHIHIRO, TANIGUCHI HIDEO

    113 ( 8 )   H1 - H8   2010.1

     More details

  • Evaluation of Uniformity of Processing in Mechanism for Regulating Program Execution Speed in Library

    SAKAI KOICHI, TABATA TOSHIHIRO, TANIGUCHI HIDEO, HAKOMORI SATOSHI

    113 ( 14 )   N1 - N8   2010.1

     More details

  • A proposal of physical memory exchange function to enable Zero-copy communication processing

    門直史, 田端利宏, 谷口秀夫

    情報処理学会研究報告(CD-ROM)   2009 ( 5 )   2010

  • Evaluation of Uniformity of Processing in Mechanism for Regulating Program Execution Speed in Library

    境講一, 田端利宏, 谷口秀夫, 箱守聰

    情報処理学会研究報告(CD-ROM)   2009 ( 5 )   2010

  • Design of Upper Limit Function of Protected Area and Buffer Migration Function for a Directory Oriented Buffer Cache Mechanism

    TABATA Toshihiro, TSUCHIYA Akiyoshi, YAMADA Katsuyasu, TANIGUCHI Hideo

    IEICE technical report   109 ( 296 )   43 - 48   2009.11

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Noticing that application programs handle files as a unit of input and output, we proposed a Directory Oriented Buffer Cache Mechanism. The proposed mechanism gives a high priority to important directories, which are associated with important jobs. Files in the important directories are given a high priority, and its blocks files are cached with the high priority. The proposed mechanism makes processing of important jobs frequently faster. However, the proposed mechanism degrades the performance of the processing in some cases due to three problems of it. This paper describes the three problems of the proposed mechanism. Then, this paper describes upper limit function of protected area and buffer migration function that solve the three problems.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Anti-spam e-mail method based on characteristic token ratio accounting for all tokens

    UEMURA Masahiro, TABATA Toshihiro

    IEICE technical report   109 ( 33 )   27 - 32   2009.5

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    J-GLOBAL

    researchmap

  • Evaluation for a Mechanism of Regulating Execution Speed that Considered the Run Mode of Program

    SAKAI KOICHI, TABATA TOSHIHIRO, TANIGUCHI HIDEO, HAKOMORI SATOSHI

    111 ( 26 )   Y1 - Y8   2009.4

     More details

  • D-6-24 Implementation of Display Part of Visualization Considering Process Running Mode

    Kinoshita Akira, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2009 ( 1 )   74 - 74   2009.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-17 Design of Visual Function on Diffusion Tracing Function of Classified Information

    Fukushima Kenta, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2009 ( 1 )   67 - 67   2009.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-23 Design of a Mechanism of Bounding Execution Performance for Process Group by Execution Resource on Tender

    Hara Takayuki, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2009 ( 1 )   73 - 73   2009.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-20 Proposal of Function for Regulating I/O Performance based on I/O Slot

    Nagao Takashi, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2009 ( 1 )   70 - 70   2009.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-19 プログラム実行速度調整法におけるフィードバックを利用した高精度な制御法の提案(D-6. コンピュータシステムC(ソフトウェア),一般セッション)

    境 講一, 田端 利宏, 谷口 秀夫, 箱守 聰

    電子情報通信学会総合大会講演論文集   2009 ( 1 )   69 - 69   2009.3

     More details

    Language:Japanese   Publisher:一般社団法人電子情報通信学会  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design of Network-Transparent InterProcess Communication on Tender

    SAEKI Kenji, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   138 ( 20 )   55 - 60   2009.2

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    The Tender operating system has original InterProcess Communications. We realize Network-Transparent InterProcess Communication which can use in distributed system. In this paper, We describe Network-Transparent original InterProcess Communication with "container", "container box" and "event" on Tender. Furthermore, We describe method of send and receive container, and shared container which used distributed shared memory.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Mechanism of Regulating Execution Speed that Considered the Run Mode of Program

    SAKAI Koichi, TABATA Toshihiro, TANIGUCHI Hideo, HAKOMORI Satoshi

    IPSJ SIG Notes   110 ( 6(OS-110) )   99 - 106   2009.1

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    If execution speed of software is regulated without concerning by performance of the computer hardware, Convenience of the service better. In addition, regulating execution speed inhibits influence of DoS attack, and help restoration from DoS attack. On the other hand, program runs in user mode and supervisor mode. Therefore, considering run mode of program enables high accuracy regulating execution speed. We propose a mechanism of regulating execution speed in consideration of the run mode of program. Specifically, our method can regulate the execution speed of program in user mode, supervisor mode, and both modes. This paper describes a method of stopping process and a method of setting regulated performance. Furthermore, we implement and evaluate the proposed mechanism in library to clarify the characteristic and the effectiveness of it.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Evaluation for a Mechanism of Regulating Execution Speed that Considered the Run Mode of Program

    境講一, 田端利宏, 谷口秀夫, 箱守聰

    情報処理学会研究報告(CD-ROM)   2009 ( 1 )   2009

  • 統合仮想化システムモニタを用いたマルウェアのプロファイリング

    安藤類央, 高橋一志, 田端利宏, 須崎有康

    情報処理学会シンポジウム論文集   2009 ( 11 )   2009

  • Evauluation of I/O Buffer Cache Mechanism Based on the Frequency of File Usage

    KATAKAMI TATSUYA, TABATA TOSHIHIRO, TANIGUCHI HIDEO

    情報処理学会研究報告   27 ( 119(EVA-27) )   13 - 18   2008.11

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    We proposed an I/O buffer cache mechanism based on the frequency of file usage. This paper describes an evaluation of the proposed mechanism and effectiveness of the proposed mechanism from evaluation results. In particular, we evaluated two examples to decrease a cache hit rate by LRU algorithm. The results show that the proposed mechanism improves the performance as compared to the LRU algorithm. And we evaluated the proposed mechanism by kernel make processing, and the proposed mechanism improves the processing time by 22.4s (7.1%) as compared to the LRU algorithm.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • High-speed page data transfer mechanism on Tender

    KADO Naofumi, TABATA Toshihiro, TANIGUCHI Hideo

    IEICE technical report   108 ( 273 )   1 - 6   2008.10

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Distributed shared memory on Tender operating system transfers data per 1 page unit. In data transferring processing, the data copy between user space and kernel space is the high overhead. Thus performance improvement in data transfer processing is expected by reducing data copy. In this paper, we propose a mechanism of data transferring which exchanges "physical memory" resources between two "virtual region" resources.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • B-032 A Method of Executing Linux FD Driver as a Process for AnT Operating System

    Shimazaki Yutaka, Taniguchi Hideo, Tabata Toshihiro, Nomura Yoshinari

    7 ( 1 )   179 - 180   2008.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • B-031 Design of Sophisticated Periodic Execution for AnT Operating System

    Furukawa Yuuki, Taniguchi Hideo, Tabata Toshihiro

    7 ( 1 )   177 - 178   2008.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Control of Processor Usage by Regulating Intervals between System Calls

    SAKAI Koichi, TABATA Toshihiro, TANIGUCHI Hideo, HAKOMORI Satoshi

    IPSJ SIG Notes   109 ( 77(OS-109) )   101 - 108   2008.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Improvement of hardware performance reduces the processing time of software and various processing can be executed on computers. On the other hand, processing performance of software depends on hardware performance significantly. Therefore, it is necessary to establish mechanism that regulating a program execution speed within hardware performance. This paper proposes a mechanism of library which regulates program execution speed by controlling a time of processor usage. Specifically, this paper describes the basic method of a library which controls a time of processor usage based on intervals between system-calls. This paper describes a method of stopping process and a method of assigning processor performance. Furthermore, we implement and evaluate the proposed mechanism to clarify the characteristic and the effectiveness of it.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • I/O Device Management of Persistent Mechanism on Tender

    YAMAMOTO YUTA, TABATA TOSHIHIRO, TANIGUCHI HIDEO

    IPSJ SIG Notes   109 ( 77(OS-109) )   61 - 68   2008.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Data on main memory is no longer available when a computer is turned off, because volatile memory is used for main memory. Therefore, if a computer shutdowns unexpectedly, a computer cannot continue processing before the shutdown. Thus, we propose persistent mechanism for computer processing using "plate" function. Plate manages a persistent data on virtual memory space. However, this persistent mechanism ignores status of I/O devices. If plate persists data during I/O, a computer cannot continue processing after plate restore data. In this paper, we explain I/O device management method on persistent mechanism.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • I/O Buffer Cache Mechanism Based on Use Frequency of File

    KATAKAMI TATSUYA, TABATA TOSHIHIRO, TANIGUCHI HIDEO, WATANABE HIROSHI, NOMURA YOSHINARI

    IPSJ SIG Notes   108 ( 35(OS-108) )   115 - 122   2008.4

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Most operating systems manage a buffer cache for I/O processing by a block unit. On the other hand, application programs handle a data from a viewpoint of files. I/O buffer cache mechanism considered this difference is effective to execute I/O processing efficiently because I/O processing is slower than CPU processing. In this paper, we describe I/O buffer cache mechanism that decides blocks protected based on use frequency of file of application programs.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Method for Control of Driver Program Invocation based on Device Operation History on AnT Operating System

    TAKIGUCHI Shinichi, NOMURA Yoshinari, TABATA Toshihiro, TANIGUCHI Hideo

    情報処理学会研究報告   134 ( 32 )   43 - 48   2008.3

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Recently, operating systems have become increasingly multi-functional by the providing of various devices. Its functions are provided as driver programs. Even though average users do not use all functions, they do not customize and shrink their operating systems because of its job difficulty. Accordingly, they usually use wasteful and fat operating systems: much memory, slow down bootup time. In this paper, we propose an effective method for controlling invocation timing of device driver programs. As a strategy for the control, we use operation history on device drivers. And we present this design on AnT operating system.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Method for Control of Driver Program Invocation based on Device Operation History on AnT Operation System

    TAKIGUCHI Shinichi, NOMURA Yoshinari, TABATA Toshihiro, TANIGUCHI Hideo

    IEICE technical report   107 ( 559 )   43 - 48   2008.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Recently, operating systems have become increasingly multi-functional by the providing of various devices. Its functions are provided as driver programs. Even though average users do not use all functions, they do not customize and shrink their operating systems because of its job difficulty. Accordingly, they usually use wasteful and fat operating systems: much memory, slow down bootup time. In this paper, we propose an effective method for controlling invocation timing of device driver programs. As a strategy for the control, we use operation history on device drivers. And we present this design on AnT operating system.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A library program for controlling the execution speed of a program by regulating amount of processor use

    SAKAI Koichi, TABATA Toshihiro, HOKOMORI Satoshi, TANIGUCHI Hideo

    70 ( 0 )   29 - 30   2008.3

     More details

  • Proposal of Buffer Cache Management Based on Use Frequency of File

    KATAKAMI Tatsuya, TABATA Toshihiro, TANIGUCHI Hideo

    70 ( 0 )   35 - 36   2008.3

     More details

  • Improvement Method of the Detection Accuracy of the Information Leakage in Diffusion Tracing Function of Classified Information

    OHASHI Kei, TABATA Toshihiro, TANIGUCHI Hideo, YOKOYAMA Kazutoshi, HAKOMORI Satoshi

    IPSJ SIG Notes   134 ( 21 )   97 - 102   2008.3

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Recently, a leak of classified information has become a serious problem. To prevent the leak, various methods are proposed. We proposed the method to trace the classified information diffusion and to detect an information leak of classified information. As a matter, this method identify non classified file as classified file. In this paper, we propose a method to improve accuracy at the time of the information leakage detection. Specifically, we prevent classified information diffusion to config file and history file. In addition, our proposal function enable user easily to read and edit classified file table. We implement the proposal method on the Linux kernel and evaluate it and show that accuracy of the information leakage detection is improved.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design of a Function to Store and Restore Process State including InterProcess Communication on Tender

    NANBA Hiroki, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   107 ( 9(OS-107) )   87 - 94   2008.1

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    System failure makes process restart from initial state. Function to store and restore process state are effective mechanism that prevents a process from restarting from the initial state when a system failure occurs. In this paper, we describe a function to store and restore processes state including InterProcess Communication(IPC). In addition, we report the implementation and evaluation results on Tender operating system.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-21 Design of Ethernet Communication Using Resource "Input and Output" on Tender

    Kado Naofumi, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2008   94 - 94   2008

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Proposal of a Method to Cut Redundant Security Policy of SELinux

    YAMAGUCHI TAKUTO, NAKAMURA YUICHI, TABATA TOSHIHIRO

    IPSJ SIG Notes   2008 ( 21(DPS-134 CSEC-40) )   37 - 42   2008

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    In installing SELinux, in many cases, general security policy is adapted. This has possibility to authorize excessive rights. In addition, if such rights are permitted from a: denied log file, it is difficult for SELinux to detect them. To solve this problem, we propose a method to detect automatically such rights and to cut redundant security policy of SELinux. Our method collects used policies and gains difference between enforcing policies and those of them. In this paper, we clarify problems of security policy of SELinux and take measures against them. We also show the design of this system.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Application of the Diffusion Tracing Function of Classified Information to Socket Communication

    植村晋一郎, 田端利宏, 谷口秀夫, 横山和俊, 箱守聰

    情報処理学会シンポジウムシリーズ(CD-ROM)   2008 ( 1 )   2008

  • Evaluation for Guarantee of Service Processing by Regulating Processor Use in Library

    境講一, 田端利宏, 谷口秀夫, 箱守聰

    情報処理学会シンポジウム論文集   2008 ( 8 )   2008

  • Analysis of Malware Activities Based on Download Hosts

    石井宏樹, 佐藤和哉, 田端利宏

    情報処理学会シンポジウム論文集   2008 ( 8 )   2008

  • B-013 Implementation and Evaluation of Analyzer of Visualization Information for Understanding Operating System Behaviors in Tender

    Kawae Junpei, Tabata Toshihiro, Taniguchi Hideo

    6 ( 1 )   105 - 106   2007.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Evaluation of a Buffer Cache Mechanism for Homepage Contents

    KOTOGE Miyuki, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   106 ( 83(OS-106) )   95 - 102   2007.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Web site contains various contents. It also has an entrance page of the web site. Many internet users tend to browse the various contents from the entrance page. Therefore, it is important to shorten the access response time of the entrance page for web service. To meet this requirement, we proposed a buffer cache control method that stores files of specific directories in buffer cache on a web server. We focused attention on that the web server stores similar types of files for a same directory. In this paper, we describe the buffer cache control method, and evaluate access response time at each entrance page of department of Okayama University with our method. From the result of this e valuation, we show effectiveness of our method.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Design and Evaluation of Filtering Method of Image Spam in Bayesian Filter

    UEMURA MASAHIRO, TABATA TOSHIHIRO

    IPSJ SIG Notes   38 ( 71 )   311 - 318   2007.7

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    In late years, with the spread of Internet, increase of an unwanted e-mail becomes a problem. In 2006, there is a finding that spam-mail is occupied 91% of the whole E-mail. A Bayesian filter filtering statistically with Bayes theory as an anti-unwanted e-mail measure is used widely. The filter has high precision of filtering and is able to match with the trend of an unwanted e-mail and personal preference as the characteristic. However, the image spam that does imaging of contents of an unwanted e-mail increases rapidly as the end run. Baysian filter is not able to do an appropriate learning and judgement for binary data such as images since Bayesian filter learns and judges for only text data. Therefore, in this paper, we pay attention to information, such as file size of an attached image and suggest a technique of filtering with adding these information to a corpus of existing Bayesian filter as an anti-image spam measure. In addition, we report the evaluation result.

    CiNii Article

    CiNii Books

    researchmap

  • A Design and Evaluation of Filtering Method of Image Spam in Bayesian Filter

    UEMURA MASAHIRO, TABATA TOSHIHIRO

    IEICE technical report   107 ( 141 )   103 - 110   2007.7

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    In late years, with the spread of Internet, increase of an unwanted e-mail becomes a problem. In 2006, there is a finding that spam-mail is occupied 91% of the whole E-mail. A Bayesian filter filtering statistically with Bayes theory as an anti-unwanted e-mail measure is used widely. The filter has high precision of filtering and is able to match with the trend of an unwanted e-mail and personal preference as the characteristic. However, the image spam that does imaging of contents of an unwanted e-mail increases rapidly as the end run. Baysian filter is not able to do an appropriate learning and judgement for binary data such as images since Bayesian filter learns and judges for only text data. Therefore, in this paper, we pay attention to information, such as file size of an attached image and suggest a technique of filtering with adding these information to a corpus of existing Bayesian filter as an anti-image spam measure. In addition, we report the evaluation result.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Mechanism of Information Gathering and Display for Visualization of Operating System Behavior in Tender

    KINOSHITA Akira, KAWAHARA Taisuke, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   105 ( 36(OS-105) )   31 - 38   2007.4

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    It is difficult to grasp the behavior situation of software, because a scale of software grows. In addition, it is hard work to understand the flow of complicated software such as OSs. Although the visualization of OS behavior has been developed, it is difficult to grasp the flow of internal processing of OS including interrupts and exceptions. In this paper, we describe the mechanism of the visualization of OS behavior including interrupts in Tender. In Tender, the information of the flow of internal processing of OS can be gathered by adopting the program structure, and the mechanism of visualization can be achieved at OS level by considering the processing type of interrupt and so on. Employing this mechanism, the information of the visualization of OS behavior can be used for studying OSs and for supporting program developments. We describe the mechanism of display and the visualization of the process scheduling as an example of OS behavior to study.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Speed-up of fork & exec System-call by Recycling Resource on Tender

    SAEKI Kenji, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   105 ( 36(OS-105) )   23 - 30   2007.4

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    The cost of process creation is high in the processing of OS. The costs degrade the performance of program execution. To solve this problem, we have implemented fast process creation and disappearance by recycling process resource in Tender. Tender has BSD/OS interface for program execution of the BSD/OS. In this paper, we describe the method of speed-up of fork and exec system-call by recycling resource in Tender, and evaluate fork and exec system-call by recycling each resource. Moreover, we report the effect of recycling resource by using Apache web server.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Process creation mechanism for AnT

    NISHINA Tadato, NOMURA Yusuke, TABATA Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    IPSJ SIG Notes   105 ( 36(OS-105) )   7 - 14   2007.4

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    AnT is an operating system based on micro-kernel architecture. Filesystem, device driver and other operating system modules run as a process named external-core. AnT can adapt various kind of computer environment by changing set of external-core. In this paper, we present process creation mechanism for AnT to make AnT adapt computer environment and create process need by AnT. And we present efficient mechanism of process control.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-3-7 Startup of Device Driver Process by I/O Request for AnT

    Nishina Tadato, Nomura Yusuke, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2007 ( 1 )   22 - 22   2007.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Tender上のWebサーバにおける資源再利用機能の効果

    佐伯 顕治, 田端 利宏, 谷口 秀夫

    第69回全国大会講演論文集   2007 ( 1 )   35 - 36   2007.3

     More details

  • ドライバプログラムの効率的な構成制御法

    滝口 真一, 田端 利宏, 乃村 能成, 谷口 秀夫

    第69回全国大会講演論文集   2007 ( 1 )   27 - 28   2007.3

     More details

  • AnT におけるNICドライバプロセスの実現

    岡本 幸大, 乃村 能成, 田端 利宏, 谷口 秀夫

    第69回全国大会講演論文集   2007 ( 1 )   29 - 30   2007.3

     More details

  • Proposal of a Persistent Mechanism for Computer Processing by Non-volatilizing Data on Virtual Memory Space

    OHMOTO TAKUMI, TABATA TOSHIHIRO, TANIGUCHI HIDEO

    IPSJ SIG Notes   104 ( 10(OS-104) )   25 - 32   2007.1

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Data on main memory is no longer available when a computer is turned off, because volatile memory is used for main memory. Therefore, a computer cannot continue processing before the shutdown. In order to solve this problem, users use a file function or hibernation function. However, users have to specify I/O operations between main memory and external storage. As the result, these functions cannot deal with an urgent stop of a computer. Thus, we propose a persistent data management on virtual memory space. We call this mechanism "plate" function. In this paper, we explain persistent mechanism for computer processing using plate. This mechanism regularly stores data which are managed by plate. Thus, using this mechanism, the loss of processing can be reduced.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design and Implementation of Memory Management for AnT Operating System

    UMEMOTO MASANORI, TABATA TOSHIHIRO, NOMURA YOSHINARI, TANIGUCHI HIDEO

    IPSJ SIG Notes   104 ( 10(OS-104) )   33 - 40   2007.1

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    AnT is an operating system based on micro-kernel architecture. Therefore, AnT can provide various kinds of service. However, there is a problem about a data transferring overhead caused by a lot of inter-process communications. Therefore, we need to examine memory management so that AnT can transfer data with low overhead. In this paper, we present design, implementation and evaluation of memory management. Resulting from the design and the implementation, AnT can realize memory protection from each program, high speed inter-process communication and high speed rebooting. We evaluate data transferring and rebooting.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Evaluation of File Access Permissions that Integrate Access Vector Permissions

    山口拓人, 中村雄一, 田端利宏

    情報処理学会シンポジウム論文集   2007 ( 10 )   2007

  • An Evaluation of Performance of Security Focused OS by Measuring the Overhead of LSM

    松田直人, 田端利宏, 宗藤誠治

    情報処理学会シンポジウム論文集   2007 ( 10 )   2007

  • B_036 Evaluation of Directory Oriented Buffer Cache Mechanism

    Kotoge Miyuki, Saitou Kei, Tabata Toshiihro, Nomura Yoshinari, Taniguchi Hideo

    5 ( 1 )   147 - 148   2006.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • B_038 Proposal of Fast Cryptographic File System by Using Delayed Write

    Matsuda Naoto, Tabata Toshiihro

    5 ( 1 )   151 - 152   2006.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • B_028 Basic Function of Save and Restore a Process Context on Tender

    Nanba Hiroki, Tabata Toshihiro, Taniguchi Hideo

    5 ( 1 )   131 - 132   2006.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • B_030 Realization of High Speed Inter-process Communication for AnT

    Umemoto Masanori, Tabata Toshihiro, Nomura Yoshinari, Taniguchi Hideo

    5 ( 1 )   135 - 136   2006.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design for AnT Operating System

    TANIGUCHI Hideo, NOMURA Yoshinari, TABATA Toshihiro, ADACHI Toshimitsu, NOMURA Yusuke, UMEMOTO Masanori, NISINA Tadato

    IPSJ SIG Notes   103 ( 86(OS-103) )   71 - 78   2006.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    There is a remarkable thing for progress of a microprocessor and input-output hardware. Furthermore, improvement of transmission speed of a channel is remarkable, too. In addition, a computer is necessary in various scenes, and service classification to offer increases drastically. It is demanded that base software can use a function and performance of these hardware effectively. Therefore it was started development the AnT operating system (An operating system with adaptability and toughness) to have both adaptability and solidity. This article explains a design policy of the AnT operating system and a characteristic function.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Evaluation of Heterogeneous Virtual Storage (HVS)

    TABATA TOSHIHIRO, TANIGUCHI HIDEO

    IPSJ SIG Notes   102 ( 44(OS-102) )   29 - 36   2006.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    We have proposed Heterogeneous Virtual Storage (HVS) that is integrated both single virtual storage and multiple virtual storage. HVS has multiple virtual storage spaces. The number of processes on a virtual storage space is more than zero. Besides, a process can migrate between virtual storage spaces. Therefore, HVS has both single virtual storage's advantages and multiple virtual storage's advantages. In this paper, we report the evaluation of basic functions in OS in order to make clear the application of HVS functions. In addition, we implemented some functions in Apache Web server in order to use the functions of HVS, and describe the performance of Apache.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • AnTオペレーティングシステムの設計

    谷口 秀夫, 乃村 能成, 田端 利宏

    第68回全国大会講演論文集   2006 ( 1 )   41 - 42   2006.3

     More details

  • AnTオペレーティングシステムのメモリ領域管理

    田端 利宏, 梅本 昌典, 安達 俊光, 谷口 秀夫

    第68回全国大会講演論文集   2006 ( 1 )   45 - 46   2006.3

     More details

  • SPAM mail filtering : commentary of Bayesian filter(<Special feature>Information filtering)

    TABATA Toshihiro

    The Journal of Information Science and Technology Association   56 ( 10 )   464 - 468   2006

     More details

    Language:Japanese   Publisher:Information Science and Technology Association, Japan  

    SPAM mail has being increased with the spread of e-mail. The increase of SPAM mails becomes a serious problem for email users. Email filtering that can filter out SPAM mail, has been received much attention. Bayesian filter is one application of Bayes' Theorem. The filter program creates a database from received emails and calculates the SPAM probability of an email based on the database. This article explains the method of learning and calculation of SPAM probability of Bayesian filtering.

    DOI: 10.18919/jkg.56.10_464

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Information Leak Detection by Tracing Classified Information Diffusion

    田端利宏, 箱守聰, 箱守聰, 横山和俊, 乃村能成, 谷口秀夫

    情報処理学会シンポジウム論文集   2006

  • Proposal of Fast Cryptographic File System with Cache System

    松田直人, 田端利宏

    情報処理学会シンポジウム論文集   2006

  • アクセスベクタパーミッションと脅威の関係に関する調査

    山口拓人, 田端利宏

    電気・情報関連学会中国支部連合大会講演論文集(CD-ROM)   57th   2006

  • ファイルの格納ディレクトリを考慮したバッファキャッシュ制御法の評価

    小峠みゆき, 田端利宏, 谷口秀夫

    電気・情報関連学会中国支部連合大会講演論文集(CD-ROM)   57th   2006

  • Tenderにおける動作継続制御切り替え機能の実現

    大本拓実, 田端利宏, 谷口秀夫

    電気・情報関連学会中国支部連合大会講演論文集(CD-ROM)   57th   2006

  • AnTにおけるプラグアンドプレイ機能の実現方式

    安達俊光, 田端利宏, 乃村能成, 谷口秀夫

    電気・情報関連学会中国支部連合大会講演論文集(CD-ROM)   57th   2006

  • Information Leak Detection by Tracing Classified Information Diffusion

    田端利宏, 箱守聰, 箱守聰, 横山和俊, 乃村能成, 谷口秀夫

    情報処理学会シンポジウム論文集   2006 ( 11 )   2006

  • Proposal of Fast Cryptographic File System with Cache System

    松田直人, 田端利宏

    情報処理学会シンポジウム論文集   2006 ( 11 )   2006

  • B-019 Proposal of Advance Creation Mechanism of Process Resources

    Tabata Toshihiro, Taniguchi Hideo

    4 ( 1 )   135 - 136   2005.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Note on Application of the Program Obfuscation Scheme using Random Numbers to Complicate Control Flow

    TOYOFUKU Tatsuya, TABATA Toshihiro, SAKURAI Kouichi

    IPSJ SIG Notes   30 ( 70 )   213 - 220   2005.7

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    For the security technology that has been achieved with software in the computer system and the protection of the intellectual property right of software, software protection technology is necessary. One of that technique is called obfuscation, which converts program to make analysis difficult while preserving its function. In this thesis, we examine the applicablity of our program obfuscation scheme to complicate control flow and study the torelance against program analysis.

    CiNii Article

    CiNii Books

    researchmap

  • A Note of Intrusion Detection using Alteration of Data

    NAGANO Fumiaki, TATARA Kohei, TABATA Toshihiro, SAKURAI Kouichi

    IPSJ SIG Notes   30 ( 70 )   37 - 44   2005.7

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    These days, Attacks which alter data in memory illegally are one of the most serious security threats. Although a lot of detection systems have been proposed so far, most of the systems have the problem that only a part of the alteration of data in memory can be detected. And, some detection systems use secret data. But, if an execution code has a bug like format string bug which enable attackers to read data in memory, data in memory might be altered illegally because the secrete data might be guessed by the attackers. Then, we propose a system which detects the alteration of arbitrary data in memory by attackers. Moreover, this system doesn't have the vulnerability that exist the systems which use secret data.

    CiNii Article

    CiNii Books

    researchmap

  • A Note of Intrusion Detection using Alteration of Data

    NAGANO Fumiaki, TATARA Kohei, TABATA Toshihiro, SAKURAI Kouichi

    IEICE technical report. Social Implications of Technology and Information Ethics   105 ( 192 )   37 - 44   2005.7

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    These days, Attacks which alter data in memory illegally are one of the most serious security threats. Although a lot of detection systems have been proposed so far, most of the systems have the problem that only a part of the alteration of data in memory can be detected. And, some detection systems use secret data. But, if an execution code has a bug like format string bug which enable attackers to read data in memory, data in memory might be altered illegally because the secrete data might be guessed by the attackers. Then, we propose a system which detects the alteration of arbitrary data in memory by attackers. Moreover, this system doesn't have the vulnerability that exist the systems which use secret data.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Note on Application of the Program Obfuscation Scheme using Random Numbers to Complicate Control Flow

    TOYOFUKU Tatsuya, TABATA Toshihiro, SAKURAI Kouichi

    IEICE technical report. Social Implications of Technology and Information Ethics   105 ( 192 )   213 - 220   2005.7

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    For the security technology that has been achieved with software in the computer system and the protection of the intellectual property right of software, software protection technology is necessary. One of that technique is called obfuscation, which converts program to make analysis difficult while preserving its function. In this thesis, we examine the applicablity of our program obfuscation scheme to complicate control flow and study the torelance against program analysis.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Active Modifier of Control Flow for Detecting Anomalous Program Behavior

    Tatara Kohei, Tabata Toshihiro, Sakurai Kouichi

    IPSJ SIG Notes   2005 ( 33 )   75 - 80   2005.3

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    In order to prevent malicious use of the computer using buffer overflow vulnerabilities, a corrective action by not only calling a programmer's attention but expansion of compiler or OS is important. On the other hand, introduction and employment of an intrusion detection system must be easy for the user by whom the knowledge about a computer is restricted. In this paper, we can detect an anomly program behavior by actively modifying some control flows of a program. Our method satisfies these requirements and gives no false positives.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Proposal of a System for Detecting Buffer Overflow with Detecting Alteration of Data

    NAGANO Fumiaki, TATARA Kohei, TABATA Toshihiro, SAKURAI Kouichi

    IPSJ SIG Notes   2005 ( 33 )   81 - 86   2005.3

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Numerous security technologies which detect buffer overflow have already proposed. Almost these technologies detect if buffer overflows happen or not, but don't detect alteration of variable integrity. But there are attacks which are not be able to be defenced unless the technology detect alteration of variable integrity. So in this paper, we propose a system which detect alteration of variable integrity. Some exinting technologies could be bypassed if the attacker can see the user memory, but our proposed system can't be bypassed even if the attacker can see the user memory. And our proposed system can restore data which is altered by attackers using buffer overflow.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Tenderにおける資源「プレート」のサイズ変更機能

    大本 拓実, 田端 利宏, 乃村 能成, 谷口 秀夫

    第67回全国大会講演論文集   2005 ( 1 )   43 - 44   2005.3

     More details

  • スタックの改ざん検知による侵入検知システムの一考察

    長野 文昭, 鑪 講平, 田端 利宏, 櫻井 幸一

    第67回全国大会講演論文集   2005 ( 1 )   577 - 578   2005.3

     More details

  • A Proposal of Intrusion Detection System that can Restore Altered Data

    長野文昭, たたら講平, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2005 ( 13,Vol.2 )   2005

  • Proposal of Access Control Technique of CPU Resource by Using Execution Resource

    田端利宏, 箱守聡, 箱守聡, 横山和俊, 横山和俊, 谷口秀夫

    情報処理学会シンポジウム論文集   2005 ( 13,Vol.2 )   2005

  • The effect by recycling of the resources in a process transformation mechanism

    NOMURA Kazutaka, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   96 ( 63(OS-96) )   149 - 156   2004.6

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    A process transformation technique has been implemented in Tender. The purpose of this technique is load distribution in distributed environment. This technique consists of three functions, which are the change of a program, the change of start point of a program and the change of a virtual address space in process execution. In order to utilize this technique efficiently, it is necessary to reduce the cost of the transformation. In this paper, we discuss how a resource recycle mechanism is applied to the process transformation. We also evaluate the process transformation and report the result of the evaluation.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Agent-based IDS for Dynamic Variation of Network Composition

    KOTEGAWA Yuki, TABATA Toshihiro, SAKURAI Kouichi

    IPSJ SIG Notes   117 ( 22(DPS-117 CSEC-24) )   109 - 114   2004.3

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Compared with IDS installed on a network, IDS installed on a host can use more information for intrusion detection. However, IDS installed on a host can detect intrusion into only the host. Therefore, when a host is newly connected to the network, it is necessary to newly install IDS into the connected host. In this paper, Agent-based IDS is proposed. The system can automatically install IDS into the connected host On the proposed system, the mobility of mobile agents can save the time and effort of introduction of IDS. Moreover, by simultaneous distribution of upgraded agents, efficient maintenance management is realized.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Study on Probabilistic Method for Anomaly Detection

    たたら講平, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2004 ( 11(CD-ROM) )   2004

  • A Survey of Network and Distributed System Security Symposium

    小手川祐樹, 田端利宏, 堀良彰, 桜井幸一

    情報処理学会研究報告   2004 ( 54(CSEC-25) )   2004

  • An analysis of word salad attack against statistical filtering

    岩永学, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2004 ( 11(CD-ROM) )   2004

  • Security Management Mechanism for End-Host using Mobile Agents

    小手川祐樹, 田端利宏, 堀良彰, 桜井幸一

    情報処理学会シンポジウム論文集   2004 ( 11(CD-ROM) )   2004

  • A Survey of IEEE Symposium on Security and Privacy

    田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2004 ( 11(CD-ROM) )   2004

  • Program Birthmark Scheme with Tolerance to Equivalent Conversion of Java Classfiles

    FUKUSHIMA Kazuhide, TABATA Toshihiro, SAKURAI Kouichi

    IPSJ SIG Notes   23 ( 126(CSEC-23) )   81 - 86   2003.12

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    This paper examines program birthmark scheme for Java in order to detect illegal thefts of Java classfile. Tamada et al. proposed birthmark scheme based on initial value assignments, the sequence of method call, and the inheritance structure. We show that the birthmarks based on initial value assignments and the inheritance structure can be modified easily. In addition, we propose a birthmark scheme using automata.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Implementation and Evaluation of Instant Synchronization InterProcess Communication on Tender

    FUKUTOMI Kazuhiro, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   93 ( 42(OS-93) )   25 - 32   2003.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    InterProcess Communication (IPC) is used in many application programs. IPC is important and used in various ways. Especially exchanging data, a common form of IPC is message passing. However, in the message passing, since communication is completed in the combination of the send and receive operation, IPC cannot contain two elements simultaneously - the instant communication operation and the synchronization of data transfer. In this paper, we propose the mechanism of Instant Synchronization InterProcess Communication. We describe the implementation of this mechanism on Tender operating system. Also, we show the basic performance of this mechanism and evaluate this mechanism using an application program.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design of Resource Enduring Mechanism Using Plate on Tender

    MATONO Tsukasa, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   93 ( 42(OS-93) )   147 - 154   2003.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    To provide various functions such as process management and memory management, an operating system (OS) builds various kinds of management information on volatile memory. Data on volatile memory, however, is no longer available when a computer is turned off. This unreliability of volatile memory causes serious problem - if computer crashes, a computer cannot continue previous processing. One way to solve this problem is to make OS management information persistent. On Tender operating system, which we are developing, we define a resource as an object controlled and managed by the OS. Therefore, as long as we can make resources persistent on Tender, we can make OS management information persistent. In this paper, we propose resource enduring mechanism using plate, which makes data on virtual memory persistent, and explain the design of this mechanism.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • プログラム実行速度調整による通信帯域制御

    田端 利宏, 乃村 能成, 谷口 秀夫

    第65回全国大会講演論文集   2003 ( 1 )   1 - 2   2003.3

     More details

  • Design of User Level Access Control Mechanism Using Dynamic Linker.

    田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2003 ( 15 )   2003

  • On the Security of SELinux Access Control Based on a Simplified Policy.

    末安克也, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2003 ( 15 )   2003

  • Evaluation of Anti-Spam Method Combining Bayesian Filtering and Confirming Sender’s Intention.

    岩永学, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2003 ( 15 )   2003

  • A Method for Detecting Anomalous Program Behavior with Probabilistic Network.

    たたら講平, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2003 ( 15 )   2003

  • Implementation and Evaluation of a Tampering Detection System Using a Verification-Agent for Mobile Agents.

    小手川祐樹, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2003 ( 15 )   2003

  • Proposal of Evaluation Measure of Obfuscation Scheme for Java Source Codes by Partial Destruction of Encapsulation.

    福島和英, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2003 ( 15 )   2003

  • B-46 Resource Enduring Mechanism by Using Plate Function on Tender

    MATONO Tsukasa, TABATA Toshihiro, TANIGUCHI Hideo

    2002 ( 1 )   179 - 180   2002.9

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Evaluation of Execution Resource on Tender by Using Web server : A Mechanism of Regulating Execution Performance for Multi Process

    TABATA Toshihiro, NOGUCHI Naoki, NAKASHIMA Kohta, TANIGUCHI Hideo

    IPSJ SIG Notes   90 ( 60(OS-90) )   33 - 40   2002.6

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Many services can be provided on a computer by improvement of computer performance. Also, each service requests different processing performance. Besides, one service is composed of many processes in many cases. Thus these processes need to be a unit for process scheduling. We proposed a mechanism of regulating execution performance for multi process by execution resource. In this paper, we report a result of an evaluation of our proposed mechanism by using Web server. We describe BSD/OS compatible system-call interface, and a result using the interface and Apache Web server. Also, we show that our proposed mechanism is able to regulate execution performance of multi process.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Evaluation of Execution Resource on Tender by Using Web server : A Mechanism of Regulating Execution Performance for Multi Process

    TABATA Toshihiro, NOGUCHI Naoki, NAKASHIMA Kohta, TANIGUCHI Hideo

    IEICE technical report. Computer systems   102 ( 153 )   33 - 40   2002.6

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Many services can be provided on a computer by improvement of computer performance. Also, each service requests different processing performance. Besides, one service is composed of many processes in many cases. Thus these processes need to be a unit for process scheduling. We proposed a mechanism of regulating execution performance for multi process by execution resource. In this paper, we report a result of an evaluation of our proposed mechanism by using Web server. We describe BSD/OS compatible system-call interface, and a result using the interface and Apache Web server. Also, we show that our proposed mechanism is able to regulate execution performance of multi process.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Tender における異種OS インタフェースの共存手法

    田端 利宏, 野口 直樹, 中島 耕太, 谷口 秀夫

    第64回全国大会講演論文集   2002 ( 1 )   5 - 6   2002.3

     More details

  • プロセッサの実行性能を示す尺度の提案

    田端 利宏, 谷口 秀夫

    第63回全国大会講演論文集   2001 ( 1 )   75 - 76   2001.9

     More details

  • Tender におけるプロセス変身機能の設計

    石井 陽介, 田端 利宏, 谷口 秀夫

    第63回全国大会講演論文集   2001 ( 1 )   83 - 84   2001.9

     More details

  • Execution Speed Control Mechanism of Process Group by Execution on Tender

    TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   88 ( 78(OS-88) )   3 - 10   2001.7

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    The various services, which use a computer, are provided. There are many cases the service, which is provided with a computer, is composed of multi procrsses. For example, in Web server, a child process processes a request from a client. We proposed speed control mechanism of program execution. The mechanism is able to regulate the execution speed of one process. However, execution speed of a service, which is composed of the multi processes, is unable to be regulated. Therefore, we propose the execution speed control mechanism of process group by using"execution"resource. This paper describes overview of Tender operating system, speed control mechanism of program execution and the guarantee mechanism of service processing time. Furthermore, it proposes execution speed control mechanism of process group by execution on Tender.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • 1.プログラムの実行速度を自由に操る : プログラム実行速度の調整制御法

    谷口 秀夫, 田端 利宏

    情報処理   42 ( 2 )   付録48   2001.2

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    CiNii Article

    CiNii Books

    researchmap

  • 複数プロセス制御におけるプログラム実行速度調整法の実現と評価

    田端 利宏, 谷口 秀夫, 牛島 和夫

    第61回全国大会講演論文集   2000 ( 1 )   37 - 38   2000.10

     More details

  • Implementation and evaluation of mechanism of restarting a process by initializing data segments

    Toshihiro Tabata, Hideo Taniguchi

    Research Reports on Information Science and Electrical Engineering of Kyushu University   5 ( 2 )   237 - 242   2000.9

     More details

    Language:Japanese   Publisher:Kyushu University  

    Process creation and disappearance is a large load among processing of operating system. The research that speeds up process creation since before, is being done and sticky bit and vfork system call in the UNIX are materialized. For example, process creation and disappearance break out a repetition, because compiler is run many times in UNIX command of `make'. Because of this, it is important when it speeds up the processing of operating system, to speed up process creation and disappearance. We perceive to the processing that delete a process and create the same process newly. And we propose mechanism of restarting a process by initializing data segments. The mechanism is able to run the process that ran it once from the beginning once again. This paper describes mechanism of restarting process by initializing data segments and reports performance of the mechanism, comparison with established operating system and evaluation by a real application.

    DOI: 10.15017/1515706

    Scopus

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

    Other Link: http://hdl.handle.net/2324/1515706

  • Evaluation of Multi Processes Control Mechanism for Regulating Program Execution Speed

    TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   84 ( 43 )   229 - 236   2000.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Computer user control speed of software running by using our mechanism of regulating program execution speed. We described mechanism for regulating process execution speed based by our suggested process schedule. But the mechanism targeted controlling one process. Therefore uniformity of processing is lower when we regulate multi processes execution speed. In this paper, we suggest the mechanism for controlling multi processes. And we report relation about uniformity of processing between evaluation of simulator and experimentation.

    CiNii Article

    CiNii Books

    researchmap

  • Evaluation of Multi Processes Control Mechanism for Regulating Program Execution Speed

    TABATA Toshihiro, TANIGUCHI Hideo

    IEICE technical report. Computer systems   100 ( 87 )   49 - 56   2000.5

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Computer user can control speed of software running by using our mechanism of regulating program execution speed. We described mechanism for regulating process execution speed based by our suggested process schedule. But the mechanism targeted controlling one process. Therefore uniformity of processing is lower when we regulate multi processes execution speed. In this paper, we suggest the mechanism for controlling multi processes. And we report relation about uniformity of processing between evaluation of simulator and experimentation.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • データ部の初期化によるプロセスの再起動機構

    田端 利宏, 谷口 秀夫, 牛島 和夫

    第60回全国大会講演論文集   2000 ( 1 )   5 - 6   2000.3

     More details

  • Proposal and Evaluation of function for Restarting Process.

    田端利宏, 谷口秀夫

    情報処理学会シンポジウム論文集   2000 ( 13 )   2000

  • Method of Improving Uniformity of Processing on Program Speed Control Mechanism

    59 ( 0 )   143 - 144   1999.9

     More details

  • Implementation and Evaluation of Inter Process Communication on Tender

    TABATA Toshihiro, TANIGUCHI Hideo

    IEICE technical report. Computer systems   99 ( 37 )   95 - 100   1999.5

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    We describe inter process communication on Tender operating system. Heterogeneous Virtual Storage(HVS) of Tender is integrated both single virtual storage and multiplc virtual storage. HVS has multiple virtual spaces. And there are over zero processes on a virtual space. And a process can migrate between virtual spaces. So that, processes can cooperat with other processes in processing. We create new resources"container","container box" and "event" to realize efficient inter process communication. This paper describes mechanism of inter process communication and shows evaluation of inter process communication.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Implementation and Evaluation of Inter Process Communication on Tender

    TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   81 ( 32(OS-81) )   95 - 100   1999.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    We describe inter process communication on Tender operating system. Heterogeneous Virtual Storage (HVS) of Tender is integrated both single virtual storage and multiple virtual storage. HVS has multiple virtual spaces. And there are over zero processes on a virtual space. And a process can migrate between virtual spaces. So that, processes can cooperate with other processes in processing. We create new resources "container," "container box" and "event" to realize efficient inter process communication. This paper describes mechanism of inter process communication and shows evaluation of inter process communication.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Inter Process Communication on Tender

    58 ( 0 )   89 - 90   1999.3

     More details

  • Guarantee of Service Processing Time by execution on Tender.

    田端利宏, 谷口秀夫

    情報処理学会シンポジウム論文集   99 ( 16 )   1999

  • Design and Implementation of Speed Control Mechanism of Program Execution on Tender

    田端利宏, 谷口秀夫, 牛島和夫

    情報処理学会全国大会講演論文集   57 ( 0 )   95 - 96   1998.10

     More details

  • Implementation of Heterogeneous Virtual Storage coexisted of Single Virtual Storage and Multiple Virtual Storage

    TANIGUCHI Hideo, NAGASHIMA Naoki, TABATA Toshihiro

    IPSJ SIG Notes   78 ( 39 )   87 - 94   1998.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    We suggest function of Heterogeneous Virtual Storage(HVS) that is fused both single virtual storage and multiple virtual storage. HVS has multiple virtual storage spaces. And there are over zero processes on a space. And a process can migrate between virtual storage spaces. Therefore, HVS has both single virtual storage's advantages and multiple virtual storage's advantages. We implemented and evaluated HVS on Tender operating system. To use existed virtual storage space reduce the time of creating process and deleting process. And the time of process migration is not influence from the size of process, and is about 0.7 millisecond.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Fast Process Creation and Disappearance by Recycling Process Elements

    TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   78 ( 39 )   79 - 86   1998.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    We suggest the mechanism of fast process creation and disappearance by recycling process elements. Process elements of Tender are separated and independent. Therefore process elements are able to exist without process existence. Fast process creation is realized by creating resources beforehand or recycling resources. And fast process disappearance is realized by remaining resources of process. We implemented this mechanism of resource recycling on Tender and evaluated it. As the result, the time of process creation and disappearance is fast more than 15 millisecond.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design and Implementation of Process Control Mechanism on Tender

    田端利宏, 谷口秀夫

    情報処理学会全国大会講演論文集   56 ( 0 )   72 - 73   1998.3

     More details

  • Implementation of Heterogeneous Virtual Storage coexisted of Single Virtual Storage and Multiple Virtual Storage.

    谷口秀夫, 長嶋直希, 田端利宏

    電子情報通信学会技術研究報告   98 ( 39(CPSY98 27-38) )   1998

  • Implementation and Evaluation of Process Execution Mechanism on Tender.

    田端利宏, 谷口秀夫

    情報処理学会シンポジウム論文集   98 ( 15 )   1998

  • Fast Process Creation and Disappearance by Recycling Process Elements.

    田端利宏, 谷口秀夫

    電子情報通信学会技術研究報告   98 ( 39(CPSY98 27-38) )   1998

▼display all

Presentations

  • FIT2021 イベント企画「B-3:IoTが拓く未来:~アフターコロナ社会に向けたIoTの将来像を探る~」パネル

    山内利宏

    FIT2021  2021.8.26 

     More details

    Event date: 2021.8.26

    Language:Japanese   Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • IoTマルウェアの感染処理に着目したアクセス制御手法 Invited

    山内利宏

    情報処理学会第85回全国大会,IoTが拓く未来: 超スマート社会に向けた最新研究と将来像  2023.3.2 

     More details

    Language:Japanese   Presentation type:Oral presentation (invited, special)  

    researchmap

  • IoTセキュリティとOSSの現状 ~ソフトウェアバージョンとセキュリティ機能適用率の調査から~ Invited

    山内利宏

    電子情報技術産業協会(JEITA) デバイス・ハードウェアセキュリティ技術分科会  2022.11.16 

     More details

    Language:Japanese   Presentation type:Oral presentation (invited, special)  

    researchmap

  • 組み込み機器に使われるオープンソースの現状 ~ソフトウェアバージョンとセキュリティ機能適用率の調査から~

    山内利宏

    CCDS IoTセキュリティシンポジウム2022  2022.6.28 

     More details

    Presentation type:Oral presentation (invited, special)  

    researchmap

  • パネル討論「実践的教育の普及、持続、浸透に向けて」

    enPiT第8回シンポジウム  2020.1.23 

     More details

    Language:Japanese   Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • 基盤ソフトウェアにおけるセキュリティ技術

    山内 利宏

    第1回ATR-KDDI総合研究所セキュリティ技術セミナー  2019.6.21 

     More details

    Language:Japanese   Presentation type:Oral presentation (invited, special)  

    researchmap

  • システムソフトウェアによるセキュリティ技術の研究 Invited

    山内利宏

    2018 IEEE SMC Hiroshima Chapter 若手研究会  2018.7.28 

     More details

    Language:Japanese   Presentation type:Oral presentation (keynote)  

    researchmap

  • パネルディスカッション「OSSセキュリティ技術における学術とコミュニティの連携について」

    CSS2017,企画セッション「オープンソースソフトウェア(OSS)のセキュリティ技術について」  2017.10 

     More details

    Language:Japanese   Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • Recent Topics on Smartphone Security Invited

    Workshop on Bigdata and Cybersecurity  2017.9.10 

     More details

    Language:English   Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • Proposal of a Method to Prevent Privilege Escalation Attacks for Linux Kernel

    Yuichi Nakamura, Toshihiro Yamauchi

    2017.9 

     More details

    Language:English   Presentation type:Oral presentation (general)  

    researchmap

  • WarpDriveのモバイルセンサエンジンに搭載されている岡山大学が研究開発した機能の紹介

    山内 利宏

    WarpDrive Workshop 2023  2023.12 

     More details

    Language:Japanese  

    researchmap

  • IoT機器のソフトウェアの現状とIoTマルウェアの感染方法の調査

    山内利宏

    ATRセキュリティ技術セミナー 2022  2022.3.30 

     More details

    Presentation type:Public lecture, seminar, tutorial, course, or other speech  

    researchmap

  • IoT機器のソフトウェアの現状とIoTマルウェアの感染方法と影響について Invited

    山内 利宏

    岡山県情報セキュリティ協議会 令和3年度秋期セミナー  2021.11.30 

     More details

    Language:Japanese   Presentation type:Public lecture, seminar, tutorial, course, or other speech  

    researchmap

  • スマートシティ・スマートハウスセキュリティ ~組み込み機器とクラウドサービスにおける、サービス連携における脆弱性をどう考えていくのか?サービス展開における現状を議論する。~

    荻野 司, 南 裕介, 山内利宏

    ET & IoT 2021,CCDS IoTセキュリティ ホットトピック,パネルディスカッション  2021.11.19 

     More details

    Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • 組み込み機器に使われるオープンソースの現状 ~ソフトウェアバージョンとセキュリティ機能適用率の調査から~

    山内利宏

    ET & IoT 2021,CCDS IoTセキュリティ ホットトピック  2021.11.19 

     More details

    Presentation type:Public lecture, seminar, tutorial, course, or other speech  

    researchmap

  • サイバーセキュリティ研究相談

    秋山 満昭, 高田 雄太,山内 利宏,白石 善明

    マルウェア対策研究人材育成ワークショップ 2021,MWS企画セッション②  2021.10.28 

     More details

    Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • Privilege Escalation Attack Prevention Method Based on System Call Processing

    SCIS & CSS Award Session of the 12th International Workshop on Security (IWSEC 2017)  2017.9 

     More details

    Language:English   Presentation type:Oral presentation (invited, special)  

    researchmap

  • Recent Topics on Use-after-free Exploitation and Mitigation Techniques Invited

    3rd International Workshop on Information and Communication Security (WICS'16)  2016.11 

     More details

    Language:English   Presentation type:Oral presentation (keynote)  

    researchmap

  • Use-After-Free Prevention Method Using Memory Reuse Prohibited Library Invited

    The 10th International Workshop on Security (IWSEC 2015)  2015.8 

     More details

    Language:English   Presentation type:Oral presentation (invited, special)  

    researchmap

  • プログラム記述とプロセッサの高性能化機構の関係

    夏のプログラミング・シンポジウム2011  2011 

     More details

  • 計算機の機密情報の漏洩防止とログの確実な保存を実現する方式の研究

    第16回岡山リサーチパーク研究・展示発表会  2011 

     More details

  • Linuxのセキュリティ機能特集

    山内 利宏ほか

    パネルディスカッション,情報処理学会第51回コンピュータセキュリティ研究発表会  2010.12 

     More details

    Language:Japanese   Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • Design and Evaluation of a Bayesian-filter-based Image Spam Filtering Method

    Japan-Taiwan Joint Research on Cryptography and Information Security towards Next IT-society  2008 

     More details

  • ファイルの使用頻度に基づくバッファキャッシュ制御法の評価

    Joint Symposium for Advanced System Software 2008 (JSASS2008)  2008 

     More details

  • オペレーティングシステムのセキュリティ技術の動向

    田端 利宏

    平成17年度 IT(情報技術)ソリューション研究交流会,中国技術振興センター  2005.11 

     More details

    Language:Japanese   Presentation type:Oral presentation (invited, special)  

    researchmap

  • Outsourced Access Control Model for Outsourced Databases

    2nd Japan/U.S. Workshop on Critical Information Infrastructure Protection  2005 

     More details

  • Access Control Issues in Database Service Provider Model

    電子情報通信学会 2005年総合大会 学生ポスターセッション  2005 

     More details

  • セキュリティ面からのプラットフォームへの期待と課題

    ECOM 情報セキュリティ最新技術セミナー,第1回 セキュリティ面からのOSやDBMSへの期待と課題(パネルデスカッション)  2004 

     More details

  • プログラムの実行速度を自由に制御できるプロセススケジュール法

    情報処理学会九州支部若手の会セミナー2002  2002 

     More details

▼display all

Industrial property rights

  • 検知装置、検知方法および検知プログラム

    秋山 満昭, 塩治 榮太朗, 山内 利宏, 白石 周碁

     More details

    Applicant:日本電信電話株式会社

    Application no:特願2022-024973  Date applied:2022.2.21

    Announcement no:特開2023-121566  Date announced:2023.8.31

    J-GLOBAL

    researchmap

  • 解析方法、解析装置及びプログラム

    中村 徹, 伊藤 寛史, 山内 利宏

     More details

    Applicant:KDDI株式会社

    Application no:特願2021-147771  Date applied:2021.9.10

    Announcement no:特開2023-040659  Date announced:2023.3.23

    J-GLOBAL

    researchmap

  • 計算機、オペレーティングシステム及び方法

    葛野 弘樹, 山内 利宏

     More details

    Applicant:セコム株式会社

    Application no:特願2019-150048  Date applied:2019.8.19

    Announcement no:特開2020-140689  Date announced:2020.9.3

    J-GLOBAL

    researchmap

Awards

  • FIT船井ベストペーパー賞

    2024.11   FIT学術賞選定委員会   カーネルデータ監視による特権昇格攻撃検出手法の提案と評価

    葛野 弘樹, 山内 利宏

     More details

  • CSS2022優秀論文賞(情報処理学会コンピュータセキュリティシンポジウム2022)

    2022.10  

    山内 利宏, 吉元 亮太, 吉岡 克成

     More details

  • OWS2022研究賞(情報処理学会OSSセキュリティ技術ワークショップ2022(OWS2022))

    2022.10  

    乗松 隆志, 中村 雄一, 山内 利宏

     More details

  • ICSS 2021年度研究賞(電子情報通信学会 情報通信システムセキュリティ(ICSS)研究専門委員会 )

    2022.6  

    白石周碁, 吉元亮太, 塩治榮太朗, 秋山満昭, 山内利宏

     More details

  • CSS2021優秀論文賞(情報処理学会コンピュータセキュリティシンポジウム2021)

    2021.10  

    藤井 翔太, 川口 信隆, 重本 倫宏, 山内 利宏

     More details

  • IWSEC Best Paper Award (The 16th International Workshop on Security (IWSEC) 2021)

    2021.9  

    Hiroki Kuzuno, Toshihiro Yamauchi

     More details

  • CSS2020優秀論文賞(情報処理学会コンピュータセキュリティシンポジウム2020)

    2020.10  

    白石周碁, 福本淳文, 吉元亮太, 塩治榮太朗, 秋山満昭, 山内利宏

     More details

  • 情報処理学会中国支部40周年記念論文貢献賞

    2024.9   情報処理学会中国支部  

     More details

  • 令和6年度内山勇三科学技術賞

    2024.7   公益財団法人 岡山工学振興会   IoT機器のソフトウェアサプライチェーンを考慮したセキュリティ対策技術の研究開発

    山内 利宏

     More details

  • CSS2023奨励賞

    2023.10   情報処理学会コンピュータセキュリティ研究会   実行ファイルにおける関数配置順序のランダム化によるコード再利用攻撃への耐性向上手法の提案

    佐治和馬, 山内利宏, 小林諭, 谷口秀夫

     More details

  • FIT論文賞 (第21回情報科学技術フォーラム (FIT2022))

    2022.12  

    葛野弘樹, 山内利宏

     More details

  • 研究功績賞(岡山大学工学部)

    2022.3  

    山内利宏

     More details

  • FIT論文賞 (第20回情報科学技術フォーラム (FIT2021))

    2021.12  

    葛野 弘樹, 山内 利宏

     More details

  • 研究会活動貢献賞 (情報処理学会)

    2021.3  

    山内 利宏

     More details

  • 研究功績賞

    2021.3   (岡山大学工学部)  

    山内 利宏

     More details

  • FIT論文賞 (第19回情報科学技術フォーラム(FIT2020))

    2020.11  

    葛野 弘樹, 山内 利宏

     More details

  • CSS2020学生論文賞(情報処理学会コンピュータセキュリティシンポジウム2020)

    2020.10  

    折戸凜太郎, 佐藤将也, 梅本 俊, 中嶋 淳, 山内利宏

     More details

  • MWS2020学生論文賞(情報処理学会マルウェア対策研究人材育成ワークショップ(MWS)2020)

    2020.10  

    市岡秀一, 川島千明, 佐藤将也, 山内利宏

     More details

  • 特選論文

    2020.9   (情報処理学会)   KVM上のゲストOSにおける権限の変更に着目した権限昇格攻撃防止手法

    福本淳文, 山内 利宏

     More details

  • 特別賞

    2020.3   (岡山大学工学部)  

    おかやまIoT・AI・セキュリティ講座 講師陣

     More details

  • 教育貢献賞

    2020.3   (岡山大学工学部)  

    山内利宏

     More details

  • 特別賞

    2020.3   (岡山大学工学部)  

    岡山大学FIT2019実行委員

     More details

  • FIT論文賞(第18回情報科学技術フォーラム(FIT2019))

    2019.12  

    葛野 弘樹, 山内 利宏

     More details

  • CSS2019優秀論文賞(情報処理学会コンピュータセキュリティシンポジウム2019)

    2019.10  

    福本淳文, 山内 利宏

     More details

  • 情報・システムソサイエティ功労賞

    2019.6   (電子情報通信学会情報・システムソサイエティ)  

    山内 利宏

     More details

  • 特選論文

    2019.2   (情報処理学会)   可用性を考慮したプロセスの複製によるライブフォレンジック手法

    山内利宏, 時松勇介, 谷口秀夫

     More details

  • CSS2018奨励賞(情報処理学会コンピュータセキュリティシンポジウム2018)

    2018.10  

    齋藤 凌也, 山内 利宏

     More details

  • CSS2018優秀論文賞(情報処理学会コンピュータセキュリティシンポジウム2018)

    2018.10  

    葛野 弘樹, 山内 利宏

     More details

  • 特別賞

    2018.3   (岡山大学工学部)  

    enPiT2-Security実施チーム

     More details

  • Best Paper Award (Australasian Information Security Conference (AISC2018))

    2018.1  

    Yuta Imamura, Hiroyuki Uekawa, Yasuhiro Ishihara, Masaya Sato, Toshihiro Yamauchi

     More details

  • MWS2017優秀論文賞(情報処理学会マルウェア対策研究人材育成ワークショップ(MWS)2017)

    2017.10  

    上川 先之, 山内 利宏

     More details

    Country:Japan

    researchmap

  • CSS2017学生論文賞(情報処理学会コンピュータセキュリティシンポジウム2017 )

    2017.10  

    時松 勇介, 山内 利宏, 谷口 秀夫

     More details

    Country:Japan

    researchmap

  • CSS2017学生論文賞(情報処理学会コンピュータセキュリティシンポジウム2017 )

    2017.10  

    伴 侑弥, 山内 利宏

     More details

    Country:Japan

    researchmap

  • 研究功績賞 (岡山大学工学部)

    2017.3  

    山内 利宏

     More details

    Country:Japan

    researchmap

  • 山下記念研究賞

    2017.3   (情報処理学会)  

    山内 利宏

     More details

    Country:Japan

    researchmap

  • CSS2016優秀論文賞(情報処理学会コンピュータセキュリティシンポジウム2016)

    2016.10  

    赤尾 洋平, 山内 利宏

     More details

    Country:Japan

    researchmap

  • Best Paper Award (The 10th International Conference on Network and System Security (NSS 2016))

    2016.9  

    Toshihiro Yamauchi, Yuta Ikegami

     More details

  • CSS2015学生論文賞(情報処理学会コンピュータセキュリティシンポジウム2015)

    2015.10  

    藤井 翔太, 佐藤 将也, 山内 利宏, 谷口 秀夫

     More details

    Country:Japan

    researchmap

  • Specially selected paper of JIP (Journal of Information Processing)

    2015.9  

    Masaya Sato, Toshihiro Yamauchi, HideoTaniguchi

     More details

    Country:Japan

    researchmap

  • 喜安記念業績賞(情報処理学会)

    2015.6  

    中村 雄一, 海外 浩平, 原田 季栄, 半田 哲夫, 山内 利宏

     More details

    Country:Japan

    researchmap

  • 第14回 船井学術賞 (船井情報科学振興財団)

    2015.4  

    山内 利宏

     More details

    Country:Japan

    researchmap

  • 研究功績賞 (岡山大学工学部)

    2015.3  

    山内利宏

     More details

    Country:Japan

    researchmap

  • CSS2014学生論文賞 (情報処理学会コンピュータセキュリティシンポジウム 2014)

    2014.10  

    小倉 禎幸, 山内 利宏

     More details

    Country:Japan

    researchmap

  • MWS2014学生論文賞 (情報処理学会コンピュータセキュリティシンポジウム 2014)

    2014.10  

    池上 祐太, 山内 利宏

     More details

    Country:Japan

    researchmap

  • 情報処理学会中国支部30周年記念論文貢献賞 (情報処理学会中国支部)

    2014.10  

    山内 利宏

     More details

    Country:Japan

    researchmap

  • CSS2014優秀論文賞 (情報処理学会コンピュータセキュリティシンポジウム2014)

    2014.10  

    池上 祐太, 山内 利宏

     More details

  • 論文賞 (情報処理学会)

    2013.6  

    山内利宏

     More details

    Country:Japan

    researchmap

  • 学会活動貢献賞 (情報処理学会)

    2013.6  

    山内利宏

     More details

    Country:Japan

    researchmap

  • 岡山工学振興会科学技術賞 (岡山工学振興会)

    2012.7  

    山内利宏

     More details

    Country:Japan

    researchmap

  • 研究功績賞

    2012.3   (岡山大学工学部)  

    山内利宏

     More details

    Country:Japan

    researchmap

  • Outstanding Paper Award (Journal of Information Processing)

    2011.6  

    Yuichi Nakamura, Yoshiki Sameshima, Toshihiro Yamauchi

     More details

    Country:Japan

    researchmap

  • 教育貢献賞

    2011.3   (岡山大学工学部)  

    山内利宏

     More details

  • Best Paper Award (The Second International Mega-Conference on Future Generation Information Technology(FGIT2010))

    2010.12  

    Toshihiro Yamauchi, Takayuki Hara, Hideo Taniguchi

     More details

  • 第5回船井研究奨励賞 (船井情報科学振興財団)

    2006.4  

    田端 利宏

     More details

    Country:Japan

    researchmap

  • 第64回全国大会 大会奨励賞

    2003.3   (情報処理学会)  

    田端 利宏

     More details

    Country:Japan

    researchmap

▼display all

Research Projects

  • 機器毎のソフトウェア構成変更による攻撃難化と攻撃耐性を持つ基盤ソフトウェアの研究

    Grant number:23K24848  2022.04 - 2026.03

    日本学術振興会  科学研究費助成事業  基盤研究(B)

    山内 利宏, 谷口 秀夫, 森山 英明, 佐藤 将也, 葛野 弘樹, 小林 諭

      More details

    Authorship:Principal investigator 

    Grant amount:\17290000 ( Direct expense: \13300000 、 Indirect expense:\3990000 )

    本年度は,研究計画に基づき,3つの課題について以下の研究を行った.
    (研究1)機器毎のOSやAPのカスタム化による攻撃難化手法の研究については,実行ファイルのオブジェクトファイルをリンクする順番を変更することにより,ROPなどの攻撃を困難にする手法を検討し,基本方式を実現した.この手法により,攻撃困難化が可能な攻撃について検討した.また,オープンソースソフトウェアにおけるセキュリティリスクの評価手法について検討した.
    (研究2)VMMによる機密情報拡散追跡と監査支援の研究については,同一VMM上のVM間の機密情報の拡散追跡と制御について検討した.同一VMM上のVM間での情報を伝搬させる処理について検討し,ソケット通信とNFSで利用するRPCに着目して,機密情報の伝搬を把握する手法を検討し,基本方式を実現した.また,複数のVMを対象とした機密情報の追跡機能において,マルチコアCPUの複数コアを用いて追跡処理を実現する手法を提案し,有効性を示した.さらに,VMMからVMのシステムコールをフックする箇所を自動的に推定する手法を提案し,有効性を示した.
    (研究3)OSの仮想記憶空間の隔離による攻撃耐性の向上手法の研究については,Linuxカーネルの脆弱性を悪用するPoC(Proof of Concept)コードの実行により,実行されるカーネル関数をトレースにより明らかにする手法を検討し,実現した.この機能により,カーネルの脆弱性を緩和するために,どのような処理を制限すれば良いのかを把握することができる.また,Linuxカーネル用の仮想記憶空間を複数用意し,カーネルの脆弱性を悪用するコードの実行により,重要なカーネルデータや保護機能のコードが改ざんされるのを防止する機構を検討し,有効性を示した.また,Linuxカーネルのメモリをページ単位でアクセス制御する手法を提案し,攻撃コードによる改ざんを防止できることを示した.

    researchmap

  • IoT機器の実行環境の隔離を実現するIoT基盤ソフトウェアの構築

    2019.10 - 2022

    科学技術振興機構  戦略的な研究開発の推進 戦略的創造研究推進事業 さきがけ 

    山内 利宏

      More details

    Authorship:Principal investigator 

    本研究では、システムソフトウェアの観点からIoT機器単体のセキュリティを向上させる基盤技術の確立に取り組みます。具体的には、IoT機器のソフトウェア脆弱性が存在しても攻撃や攻撃の影響を無効化する手法、IoT機器の攻撃可能領域を削減するシステムソフトウェア構成法、および個々のIoT機器毎に最適化したセキュリティポリシとアクセス制御機構の実現を目指します。

    researchmap

  • n/a

    Grant number:19H04109  2019.04 - 2023.03

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research Grant-in-Aid for Scientific Research (B)  Grant-in-Aid for Scientific Research (B)

    山内 利宏, 谷口 秀夫, 森山 英明, 佐藤 将也

      More details

    Authorship:Principal investigator 

    Grant amount:\17160000 ( Direct expense: \13200000 、 Indirect expense:\3960000 )

    (研究1)OSカーネルへの脆弱性攻撃の無効化とセキュリティ機構の攻撃耐性向上の研究について,OSカーネルの仮想記憶空間の一部のページを特定のシステムコール発行時にアクセス不可に変更し,カーネル脆弱性を悪用した攻撃を困難化し,攻撃された場合でもセキュリティ機構や他プロセスのメモリの改ざんを防止する方式を提案し,実現方式と評価結果を報告した.さらに,ARMで利用されているTEE環境であるOP-TEEにおけるセキュア実行環境の脅威について調査し,報告した.
    (研究2)VMMによるゲストOSのセキュア化と回避困難化の研究について,ゲストOS内のプログラム実行に関する情報を証跡として残す手法を提案し,実現した.この手法は,ゲストOS内およびVMM内で情報を取得し,ゲストOS内で取得した情報をVMMに安全に取得する手法も実現した.また,VM内の機密情報の伝搬の追跡を,同時に複数のVMを対象に行う手法を実現し,評価結果を報告した.さらに,VMMからVMを監視する手法について,デバッグレジスタを監視する手法をVMから隠蔽する2つの手法を比較評価した.また,デバッグレジスタをVM監視に用いている場合にVM上のゲストOSからデバッグレジスタを利用できなかったが,デバッグレジスタを利用可能にし,デバッグレジスタの利用可否で監視機構の有無の判定を困難にする手法を実現した.
    (研究3)カーネルの仮想記憶空間の分離によるセキュアな実行機構の研究について,Linuxにおけるセキュリティ機構への攻撃困難化方式を実現するために,OSカーネルの仮想記憶空間をプロセス毎に複数用意し,一つのプロセスへのカーネル脆弱性を悪用した攻撃が,他のプロセスに影響しない方式を提案し,実現方式と評価結果を報告した.

    researchmap

  • Research for fundamental software of evidence preservation for virtualization environment and control system

    Grant number:16H02829  2016.04 - 2019.03

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research Grant-in-Aid for Scientific Research (B)  Grant-in-Aid for Scientific Research (B)

    Yamauchi Toshihiro

      More details

    Grant amount:\14430000 ( Direct expense: \11100000 、 Indirect expense:\3330000 )

    In a virtual machine environment where multiple guest OSs can run, we designed a guest OS identification method and overhead reduction method for simultaneously tracing the diffusion of classified information in each guest OS.In addition, in order to analyze malware that leaves no trace information in the file system, we proposed a basic method to preserve data in memory with low overhead.

    researchmap

  • WarpDrive

    2016 - 2021.03

    NICT  高度通信・放送研究開発委託研究 

    Toshihiro Yamauchi, Masaya Sato

      More details

    Authorship:Coinvestigator(s) 

    researchmap

  • Construction of a medical information secure management system using ICT and encryption technology

    Grant number:20K20484  2020.04 - 2024.03

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research  Grant-in-Aid for Challenging Research (Pioneering)

    野上 保之, 日下 卓也, 福島 行信, 横平 徳美, 山内 利宏

      More details

    Authorship:Coinvestigator(s) 

    Grant amount:\25350000 ( Direct expense: \19500000 、 Indirect expense:\5850000 )

    昨年度までに拡散暗号方式を完成させており、これをメールデータの暗号化・ユーザ認証として実装するためにThunderbirdに対して独自実装している。暗号強度を自在に変えることができる乗算アルゴリズムをC言語およびJavaScriptとして実装したため、必ずしも大きな整数での実装が効率よく働かないため、その効率化を行った。具体的には、ベクトル乗算アルゴリズムのあるパラメータの大小に計算効率が大きくかかわるため、このままではその計算処理時間の大小によってパラメータの大小が解析される可能性がある。したがって、当初よりそのパラメータをセッションキーのように用いる通信(メール通信)を考えていたが、そこにサイドチャネル的な攻撃の可能性が残ることとなる。この問題を解消するために、そのパラメータを自在に選べることは確保しつつも、その大小に大きく依存しない計算アルゴリズムを開発し、平均的に効率よくベクトル乗算を行えるものを提案・実装している。これを具体的な医療データの暗号化の方にも実装する準備を進めており、楕円曲線暗号をベースとした公開鍵認証のみでなく、さらなる安全性拡張を実施することを考えている。これは、実際に医療データを考えたとき、例えばゲノム情報など気びな個人情報をより厳格に保護するためである。そのための改ざん耐性やエビデンスの確保のためにブロックチェーン技術との相性について検討を進めるよう展開していく予定である。一方で、そのデータ自身は暗号化して秘匿する必要があるため、準同型暗号などと組み合わせる必要もでてくると考えている。

    researchmap

  • Context-aware Approaches for Securing Appified IoT Devices

    Grant number:19H04111  2019.04 - 2022.03

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research Grant-in-Aid for Scientific Research (B)  Grant-in-Aid for Scientific Research (B)

    Mori Tatsuya

      More details

    Grant amount:\17290000 ( Direct expense: \13300000 、 Indirect expense:\3990000 )

    This research project focused on the security and privacy issues of applications running on IoT platforms, and worked on methods for analyzing and controlling the behavior of applications based on the context in which they are used. Specifically, we conducted (1) a large-scale measurement study of security threats and issues in application-oriented IoT platforms, (2) development of context inspection techniques for IoT application behavior, and (3) development of access control and emergency handling mechanisms for IoT platforms.

    researchmap

  • On the study of high performance operating system on many-core CPU

    Grant number:25730046  2013.04 - 2016.03

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research Grant-in-Aid for Young Scientists (B)  Grant-in-Aid for Young Scientists (B)

    Yamauchi Toshihiro

      More details

    Grant amount:\3640000 ( Direct expense: \2800000 、 Indirect expense:\840000 )

    In Tender operating system that is a monolithic kernel, we designed a method that reduces mutual exclusion. We evaluated the method. The evaluation results show that the performance of the proposed method is equal to or more than that of Linux and FreeBSD. In addition, we designed a method that can boot an operating system on each core. The evaluation results of the proposed method found the problem of the method in a machine with NUMA. Thus, we investigated the performance of the method in a machine with NUMA, then showed the design principle in a machine with NUMA.

    researchmap

  • Development of fundamental software with adaptability and toughness

    Grant number:24300008  2012.04 - 2015.03

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research Grant-in-Aid for Scientific Research (B)  Grant-in-Aid for Scientific Research (B)

    TANIGUCHI HIDEO, NOMURA Yoshinari, YAMAUCHI Toshihiro

      More details

    Grant amount:\7280000 ( Direct expense: \5600000 、 Indirect expense:\1680000 )

    In order to develop fundamental software with adaptability and toughness, we studied some functions of microkernel OS. These functions include OS server replacement function, fast communication function between OS servers, load distribution function of OS server, and coexisting function of different OSes and system-call delegation function. Evaluation results of these functions show that effectiveness of OS server replacement and reduction of processing time by fast communication and load distribution of OS servers.

    researchmap

  • Study of operating system technology for tracing classified information

    Grant number:21700034  2009 - 2011

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research Grant-in-Aid for Young Scientists (B)  Grant-in-Aid for Young Scientists (B)

    YAMAUCHI Toshihiro

      More details

    Grant amount:\4160000 ( Direct expense: \3200000 、 Indirect expense:\960000 )

    We realized a function that visualizes the diffusion path of classified information. We also realized a function that traces diffusion path between remote computers. The visualization function allows us to understand diffusion path easily. We realized a function that gets logs and safely stores the logs in virtual machine monitor. We evaluated the function and showed the effectiveness of it. This function can prevent attackers from altering the logs.

    researchmap

  • Development of kernel for basic software with adaptability and toughness

    Grant number:18300010  2006 - 2008

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research Grant-in-Aid for Scientific Research (B)  Grant-in-Aid for Scientific Research (B)

    TANIGUCHI Hideo, TABATA Toshihiro, NOMURA Yoshinari

      More details

    Grant amount:\11660000 ( Direct expense: \10100000 、 Indirect expense:\1560000 )

    将来の計算機の利用を支える事ができる適応性と頑健性を有する基盤ソフトウェアについて、中核ソフトウェア(カーネル)を研究開発した。具体的には、利用する計算機の環境に合わせ必要なプログラムを自動的に適応動作させる機構を示した。また、低品質ソフトウェアが高品質ソフトウェアに悪影響を与えない頑健なプログラム機構を示した。いずれの機構も試作し、その有効性を確認した

    researchmap

  • Study of Speculative execution mechanism for OS resource creation

    Grant number:18700030  2006 - 2008

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research Grant-in-Aid for Young Scientists (B)  Grant-in-Aid for Young Scientists (B)

    TABATA Toshihiro

      More details

    Grant amount:\3010000 ( Direct expense: \2800000 、 Indirect expense:\210000 )

    資源を再利用することによって,オペレーティングシステムの処理を高速化するための基本方式を確立し,応用プログラムによる効果を明らかにした.具体的には,プロセス生成処理における効果的な資源再利用法を明らかにし,プロセス間通信処理やプロセス移動における仮想空間の再利用効果を明らかにした.また,Webサーバを用いた評価で,資源再利用による高速化の効果が大きいことを示した.さらに,資源の利用状況を把握する可視化機能について基本機構を実現した.

    researchmap

  • 暗号システムに対する実装攻撃の適用と限界に関する計算論的研究

    Grant number:16092221  2004 - 2007

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research Grant-in-Aid for Scientific Research on Priority Areas  Grant-in-Aid for Scientific Research on Priority Areas

    櫻井 幸一, 酒井 康行, 高木 剛

      More details

    Grant amount:\14400000 ( Direct expense: \14400000 )

    断片的に提案されている暗号アルゴリズムへの種々の実装攻撃に対して計算論的な立場からその限界を明らかし、現実性のある脅威かどうかの客観的評価指標を検討した。また、耐タンパ性を有するワードウエアを仮定し、公開鍵暗号を利用せず、非対称原理を実現する暗号システムの設計を行った。研究最終年として、最新研究動向とまとめを行った。暗号システムの実装攻撃への安全性としては、情報理論的な尺度を用いて、安全性の議論がはじまっている。耐タンパ性を有する計算機環境としては、特殊なハードウエアを仮定せずに、OSやVMなどのミドルウエアで、耐タンパ環境を実現する研究がおこなわれることが注目される。今後は、こうした新しい試みに対する計算機科学的・理論的な、モデル化と考察を考えている。

    researchmap

  • 資源の事前生成機構を持つ高性能オペレーティングシステムに関する研究

    Grant number:16700038  2004 - 2005

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research Grant-in-Aid for Young Scientists (B)  Grant-in-Aid for Young Scientists (B)

    田端 利宏

      More details

    Grant amount:\2400000 ( Direct expense: \2400000 )

    資源の事前生成機構について検討し,FIT2005において資源の事前生成機構を提案した.提案機構は,大きく四つの部分(予測部,資源管理部,要求部,事前生成部)からなる.
    1.予測部は,計算機の事前生成対象資源について,将来的に必要となる最大資源量を予測する.
    2.資源管理部は,事前生成した資源を管理する.
    3.要求部は,予測部の予測結果,事前生成した資源量,及び現在のメモリ使用状況から,事前生成すべき資源とその量を分析し,必要に応じて事前生成処理部に対し処理要求を出す.
    4.事前処理部は,要求部の要求に基づき,資源を事前生成または削除する.
    上記の設計を基に提案機能の効果を予備評価した.予備評価では,Apache WebサーバにおいてCGIプログラムを実行する処理を対象とした.CGIプログラムのような外部プログラムを実行する際には,プロセスの生成が必要となる.提案機構を用いて,必要となるプロセスをあらかじめ生成しておけば,CGIプログラムの実行処理が高速化できる.事前生成機構の一部を実装し評価した結果,Apache Webサーバの応答時間を約8%短縮できることがわかった.
    上記に加え,CPUの割当単位である演算資源をうまく利用して,CPU資源の過剰な利用を抑制する機構の研究を行った.演算資源とは,プログラムを実行するために必要な資源で,実行前に生成し,CPU割当の程度を指定する必要がある.演算資源をうまく活用することにより,CPU資源の占有や不公正な利用を防止する機構を提案した.この機構を応用することで,演算資源をあらかじめ生成して,サービスに必要なCPU資源を確保しておくこともできる.

    researchmap

  • An unified approach on security evaluation against sidechannel attacks on cryptographic algorithms

    Grant number:15300004  2003 - 2005

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research Grant-in-Aid for Scientific Research (B)  Grant-in-Aid for Scientific Research (B)

    SAKURAI Kouichi, TABATA Toshihiro, OKEYA Katsuyuki, TAKAGI Tsuyoshi

      More details

    Grant amount:\14000000 ( Direct expense: \14000000 )

    Mobile devices such as smartcards are penetrating in our daily life in order for us to be comfortable. When cryptographic schemes are implemented on computers such as smartcards, side channel attacks are particular menaces to them. Since electric power is provided from the outside of them, the attacker can observe the power consumption while they perform cryptographic operations. In side channel attacks, the attacker utilizes the power consumption for revealing the secret, since the power consumption is usually linked to the operations associated with the secret key.
    The aim of this research to construct efficient countermeasures against side channel attacks. For this purpose, we first attempt to attack the known countermeasures, and study the essence of side channel attacks. Then, we utilizes the essence for constructing efficient countermeasures which are suitable for the mobile devices.
    (1)We propose two novel attacks against known countermeasures. One is a side channel attack against Oswald's countermeasure, and the other is a second-order differential power analysis against M″oller's countermeasure. Oswald proposed a randomized addition-subtraction chains countermeasure, which utilizes a signed digit representation of an integer together with randomization. And we also show the vulnerability of countermeasures with pre-computation table. We also propose two novel countermeasures against side channel attacks. One is a countermeasure using the Montgomery form of elliptic curves, and the other is a countermeasure using the width-w non-adjacent form. Montgomery proposed the Montgomery form of elliptic curves in order to accelerate the elliptic scalar multiplication.
    (2)We discuss a possible attack against "Randomized Binary Signed Digits", and give some attack on this protection. We also study the cryptosystem XRT with comparision to conventional discrete-log cryptosystems.
    (3)Security of Koblitz-curve based cryptosystems is discussed from the view point of sidechannel cryptoanalysis, and proposed two counter measures against known attacks. A future research topic is study on sidechannel attacks and their counter measures.

    researchmap

  • ソフトウエア難読化技術の安全性に関する理論的解析と統一的性能指標の確立

    Grant number:15650002  2003 - 2004

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research Grant-in-Aid for Exploratory Research  Grant-in-Aid for Exploratory Research

    櫻井 幸一, 田端 利宏

      More details

    Grant amount:\3300000 ( Direct expense: \3300000 )

    前年度における検討事項
    (A)Golreichらによる、理想的(絶対安全な)なソフトウエア難読化は存在しない、という定理での一方向性関数や擬似乱数を、鍵(落とし戸)付き一方向性関数に置き換えた場合の解析。
    (B)難読化の安全性がNP困難の理論を用いて証明された、と主張している方式を実装し、特に小さなサイズのプログラムに対してどの程度、安全性が保障できるか、その耐性の理論的・実験的評価。
    (c)既存(市販)の難読化ソフトへの動的な解析の適用。さらに動的に解析を防ぐ新たな難読化手法の設計。
    をうけて、平成16年度は、初年度で検討し、洗い出した問題点の解決策を中心に次を検討する。特に、15年度の結果に基づき、難読化の安全性指標を数値化し、これに基づき、既存の方式・新たな提案方式を評価した。
    今回提案した手法では、プログラム中のmain関数内の制御を複雑にすることでプログラム全体の動作の解析を困難なものにすることをこころみた。この制御構造の複雑化にあたって、静的解析(プログラムを実行することなくソースコードのみを見てプログラムを解析する手法)では予測不可能な乱数を用いた。さらに、この方式の動的解析に対する脆弱性も検討した。

    researchmap

  • 処理内容に合わせ自由にプログラムの実行を制御できるプログラム実行環境に関する研究

    Grant number:01J10232  2001 - 2002

    Japan Society for the Promotion of Science  Grants-in-Aid for Scientific Research Grant-in-Aid for JSPS Fellows  Grant-in-Aid for JSPS Fellows

    田端 利宏

      More details

    Grant amount:\2000000 ( Direct expense: \2000000 )

    1.複数のスケジューリングポリシを共存させ、プログラムの処理内容に合わせて、自由にスケジューリングポリシを共存させる機構に関する研究成果として、複数のプロセスからなるサービスの実行性能を保証する方式を提案した(情報処理学会研究報告)。提案した方式では、サービスの処理内容に合わせて、複数のスケジューリングポリシを適用することを可能にしている。実アプリケーションの例として,現在インターネット上で広く利用されているApache Webサーバを用い,提案方式を用いて評価した.評価の結果,サービス(Webサーバ)を単位として実行速度を調整することができ,さらにWebサーバの実行性能を保証し,Webサーバの応答時間を保証できることを示した.
    2.再利用可能なOS資源を効率的に管理する手法を提案し,実装と評価を行った(情報処理学会コンピュータシステム・シンポジウム).この機構を用いることにより,プログラムの実行の際に必要となるプロセスの生成と消滅処理を高速化することができ,プログラムの実行をより効率よく行うことが可能となる.上記に示したApache Webサーバを用いてその効果を明らかにする予定である.
    3.OSの資源を永続化する基本方式を提案した(FIT2002).この機構を実現することにより,計算機が緊急停止した場合でも,計算機の再起動後に,再起動前のOS資源をそのまま利用することができる.また,計算機の緊急停止によりプログラム処理結果が失われることを防ぐことができる.
    4.プログラムの実行速度を調整する機能を利用して,通信帯域を調整する方式について検討し,評価結果した(情報処理学会 第65回全国大会で発表予定).本研究では,プログラム実行速度調整機能を利用して,通信帯域を調整できることを示した.今後の課題として,調整性能とパケット到着間隔の関係の分析がある.また,この機能を用いることで,プログラムのコンテンツに合わせて通信帯域を調整することが期待できる.したがって,様々なプログラムを用いて提案方式の有効性を確認する予定である.

    researchmap

▼display all

 

Class subject in charge

  • Operating Systems (2024academic year) Third semester  - 火1~2,木3~4

  • Operating Systems (2024academic year) Third semester  - 火1~2,木3~4

  • Operating System Structure (2024academic year) Late  - その他

  • Operating Systems Structure (2024academic year) Late  - その他

  • Software Development Practice (2024academic year) Prophase  - その他

  • Software Development Methodology (Basic) (2024academic year) Prophase  - 月3~8

  • Software Development Methodology (Advanced) (2024academic year) Prophase  - 月3~8

  • Software Development Methodology 1 (2024academic year) Prophase  - 月3~8

  • Software Development Methodology 2 (2024academic year) Prophase  - 月3

  • Data Structures and Algorithms (2024academic year) 1st semester  - 月1~2,木3~4

  • Data Structures and Algorithms (2024academic year) 1st semester  - 月1~2,木3~4

  • Network Systems (2024academic year) Fourth semester  - 月3~4,木3~4

  • Parallel and Distributed Processing (2024academic year) Fourth semester  - 月3~4,木3~4

  • Safety and Security Managements for Engineer (2024academic year) Third semester  - 金5~6

  • Safety and Security Managements for Engineer (2024academic year) Third semester  - 金5~6

  • Information Security (2024academic year) Second semester  - 火5~6,金3~4

  • Information Security (2024academic year) Second semester  - 火5~6,金3~4

  • Information Technology Experiments B (Media Processing) (2024academic year) Third semester  - 火3~7,金3~7

  • Information Technology Experiments C (Computer Software) (2024academic year) Fourth semester  - 火3~7,金3~7

  • Information Technology Experiments B (Media Processing) (2024academic year) Third semester  - 火3~7,金3~7

  • Information Technology Experiments C (Computer Software) (2024academic year) Fourth semester  - 火3~7,金3~7

  • Engineering English (2024academic year) Late  - その他

  • Engineering English (2024academic year) Late  - その他

  • Advanced Study (2024academic year) Other  - その他

  • Technical Writing 1 (2024academic year) Prophase  - その他

  • Technical Writing 2 (2024academic year) Late  - その他

  • Technical Writing (2024academic year) Prophase  - その他

  • Technical Presentation (2024academic year) Late  - その他

  • Advanced Research in Computer Software (2024academic year) Prophase  - その他

  • Seminar in Computer Engineering (2024academic year) Year-round  - その他

  • Seminar in Computer Engineering (2024academic year) Year-round  - その他

  • Specific Research of Electronics and Information Systems Engineering (2024academic year) Year-round  - その他

  • Undergraduate Research Experience 3 (2024academic year) special  - その他

  • Operating Systems (2023academic year) Third semester  - 火1~2,木3~4

  • Operating Systems (2023academic year) Third semester  - 火1~2,木3~4

  • Operating System Structure (2023academic year) Late  - その他

  • Operating Systems Structure (2023academic year) Late  - その他

  • Software Development Practice (2023academic year) Prophase  - その他

  • Software Development Methodology (Basic) (2023academic year) Prophase  - 月3~8

  • Software Development Methodology (Advanced) (2023academic year) Prophase  - 月3~8

  • Software Development Methodology 1 (2023academic year) Prophase  - 月3~8

  • Software Development Methodology 2 (2023academic year) Prophase  - 月3

  • Data Structures and Algorithms (2023academic year) 1st semester  - 月1~2,木3~4

  • Data Structures and Algorithms (2023academic year) 1st semester  - 月1~2,木3~4

  • Network Systems (2023academic year) Fourth semester  - 月3~4,木3~4

  • Parallel and Distributed Processing (2023academic year) Fourth semester  - 月3~4,木3~4

  • Safety and Security Managements for Engineer (2023academic year) Third semester  - 金5~6

  • Safety and Security Managements for Engineer (2023academic year) Third semester  - 金5~6

  • Information Security (2023academic year) Second semester  - 火5~6,金3~4

  • Information Security (2023academic year) Second semester  - 火5~6,金3~4

  • Information Technology Experiments B (Media Processing) (2023academic year) Third semester  - 火3~7,金3~7

  • Information Technology Experiments C (Computer Software) (2023academic year) Fourth semester  - 火3~7,金3~7

  • Information Technology Experiments B (Media Processing) (2023academic year) Third semester  - 火3~7,金3~7

  • Information Technology Experiments C (Computer Software) (2023academic year) Fourth semester  - 火3~7,金3~7

  • Engineering English (2023academic year) Late  - その他

  • Engineering English (2023academic year) Late  - その他

  • Advanced Study (2023academic year) Other  - その他

  • Technical Writing 1 (2023academic year) Prophase  - その他

  • Technical Writing 2 (2023academic year) Late  - その他

  • Technical Writing (2023academic year) Prophase  - その他

  • Technical Presentation (2023academic year) Late  - その他

  • Advanced Research in Computer Software (2023academic year) Prophase  - その他

  • Advanced Research in Computer Software (2023academic year) Prophase  - その他

  • Seminar in Computer Engineering (2023academic year) Year-round  - その他

  • Seminar in Computer Engineering (2023academic year) Year-round  - その他

  • Specific Research of Electronics and Information Systems Engineering (2023academic year) Year-round  - その他

  • Operating Systems (2022academic year) Third semester  - 火1~2,木3~4

  • Operating Systems (2022academic year) Third semester  - 火1~2,木3~4

  • Operating System Structure (2022academic year) Late  - 月3,月4

  • Software Development Methodology 1 (2022academic year) Prophase  - 月3,月4,月5,月6,月7,月8

  • Software Development Methodology 2 (2022academic year) Prophase  - 月3,月4,月5,月6,月7,月8

  • Data Structures and Algorithms (2022academic year) 1st semester  - 月1~2,木3~4

  • Data Structures and Algorithms (2022academic year) 1st semester  - 月1~2,木3~4

  • Network Systems (2022academic year) Fourth semester  - 水3~4,金3~4

  • Safety and Security Managements for Engineer (2022academic year) Third semester  - 金5~6

  • Safety and Security Managements for Engineer (2022academic year) Third semester  - 金5~6

  • Information Security (2022academic year) Second semester  - 火5~6,金3~4

  • Seminar in Information Security (2022academic year) Year-round  - その他

  • Information Technology Experiments B (Media Processing) (2022academic year) Third semester  - 火3~7,木3~7

  • Information Technology Experiments C (Computer Software) (2022academic year) Fourth semester  - 火3~7,木3~7

  • Engineering English (2022academic year) Late  - その他

  • Undergraduate Research Experience 4 (2022academic year) special  - その他

  • Technical Writing (2022academic year) Prophase  - その他

  • Technical Presentation (2022academic year) Late  - その他

  • Advanced Research in Computer Software (2022academic year) Prophase  - その他

  • Seminar in Computer Engineering (2022academic year) Year-round  - その他

  • Specific Research of Electronics and Information Systems Engineering (2022academic year) Year-round  - その他

  • Operating System (2021academic year) Third semester  - 火1,火2,木1,木2

  • Operating Systems (2021academic year) Third semester  - 火1,火2,木1,木2

  • Operating System Structure (2021academic year) Late  - 月3~4,金1~2

  • Computer System II (2021academic year) Fourth semester  - 水1,水2,金3,金4

  • Software Development Methodology 1 (2021academic year) Prophase  - 月3,月4,月5,月6,月7,月8

  • Software Development Methodology 2 (2021academic year) Prophase  - 月3,月4,月5,月6,月7,月8

  • Data Structures and Algorithms (2021academic year) 1st semester  - 月1,月2,木1,木2

  • Data Structures and Algorithms (2021academic year) 1st semester  - 月1,月2,木1,木2

  • Network Systems (2021academic year) Fourth semester  - 水1,水2,金3,金4

  • Safety and Security Managements for Engineer (2021academic year) Third semester  - 金5,金6

  • Safety and Security Managements for Engineer (2021academic year) Third semester  - 金5,金6

  • Safety and Security Managements for Engineer (2021academic year) Third semester  - 金5,金6

  • Information Security (2021academic year) Second semester  - 火5,火6,金3,金4

  • Seminar in Information Security (2021academic year) Year-round  - その他

  • Information Technology Experiments B (Media Processing) (2021academic year) Third semester  - 火3,火4,火5,火6,火7,木3,木4,木5,木6,木7

  • Information Technology Experiments C (Computer Software) (2021academic year) Fourth semester  - 火3,火4,火5,火6,火7,木3,木4,木5,木6,木7

  • Engineering English (2021academic year) Late  - その他

  • Technical Writing (2021academic year) Prophase  - その他

  • Technical Presentation (2021academic year) Late  - その他

  • Advanced Research in Computer Software (2021academic year) Prophase  - その他

  • Seminar in Computer Engineering (2021academic year) Year-round  - その他

  • Specific Research of Electronics and Information Systems Engineering (2021academic year) Year-round  - その他

  • Operating System Structure (2020academic year) Late  - 月,金

  • Exercises on Cross-site Scripting Prevention (2020academic year) Summer concentration  - その他

  • Computer System II (2020academic year) Fourth semester  - 水1,水2,金3,金4

  • Basic of information security E (2020academic year) 3rd and 4th semester  - 水7,水8

  • Software Development Methodology 1 (2020academic year) Prophase  - その他

  • Software Development Methodology 2 (2020academic year) Prophase  - その他

  • Data Structures and Algorithms (2020academic year) 1st semester  - 月1,月2,木1,木2

  • Data Structures and Algorithms (2020academic year) 1st semester  - 月1,月2,木1,木2

  • Network Systems (2020academic year) Fourth semester  - 水1,水2,金3,金4

  • Parallel and Distributed Processing (2020academic year) Prophase  - その他

  • Collision-based Attack on Cryptography for Security Evaluation (2020academic year) Summer concentration  - その他

  • Safety and Security Managements for Engineer (2020academic year) 3rd and 4th semester  - 金5,金6

  • Safety and Security Managements for Engineer (2020academic year) 3rd and 4th semester  - 金5,金6

  • Seminar in Information Security (2020academic year) Year-round  - その他

  • Information Technology Experiments B (Media Processing) (2020academic year) Third semester  - 火3,火4,火5,火6,木3,木4,木5,木6

  • Information Technology Experiments C (Computer Software) (2020academic year) Fourth semester  - 火3,火4,火5,火6,木3,木4,木5,木6

  • Laboratory Work on Information Technology III (2020academic year) Third semester  - 火3,火4,火5,火6

  • Laboratory Work on Information Technology II (2020academic year) Fourth semester  - 火3,火4,火5,火6,木3,木4,木5,木6

  • Laboratory Work on Information Technology IV (2020academic year) Third semester  - 木3,木4,木5,木6

  • Engineering English (2020academic year) Late  - その他

  • Cryptographic Hardware Security (2020academic year) Fourth semester  - その他

  • Technical Writing (2020academic year) Prophase  - その他

  • Technical Presentation (2020academic year) Late  - その他

  • Seminar in Computer Engineering (2020academic year) Year-round  - その他

  • Specific Research of Electronics and Information Systems Engineering (2020academic year) Year-round  - その他

▼display all