Updated on 2024/02/13

写真a

 
YAMAUCHI Toshihiro
 
Organization
Faculty of Environmental, Life, Natural Science and Technology Professor
Position
Professor
External link

Degree

  • Doctor of Engineering ( 2002.9   Kyushu University )

  • Master of Engineering ( 2000.3   Kyushu University )

  • Bachelor of Engineering ( 1998.3   Kyushu University )

Research Interests

  • System security

  • System software

  • Operating system

  • Computer security

Research Areas

  • Informatics / Computer system

  • Informatics / Information security

  • Informatics / Software

  • Informatics / High performance computing

Education

  • Kyushu University   大学院システム情報科学府   情報工学専攻

    2000.4 - 2002.9

      More details

    Country: Japan

    researchmap

  • Kyushu University   大学院システム情報科学研究科   情報工学専攻

    1998.4 - 2000.3

      More details

    Country: Japan

    researchmap

  • Kyushu University   工学部   情報工学科

    1994.4 - 1998.3

      More details

    Country: Japan

    researchmap

Research History

  • Faculty of Environmental, Life, Natural Science and Technology   計算機科学講座(大学院環境生命自然科学研究科 計算機科学コース,工学部工学科 情報・電気・数理データサイエンス系 情報工学コース,工学部情報系学科)   Professor

    2023.4

      More details

  • Okayama University   学術研究院 自然科学学域(大学院自然科学研究科 計算機科学講座,工学部工学科 情報・電気・数理データサイエンス系 情報工学コース,工学部情報系学科)   Professor

    2021.4 - 2023.3

      More details

    Country:Japan

    researchmap

  • Japan Science and Technology Agency

    2019.10 - 2022.3

      More details

    Country:Japan

    researchmap

  • Advanced Telecommunications Research Institute International   適応コミュニケーション研究所

    2018.11

      More details

    Country:Japan

    researchmap

  • Okayama University   Graduate School of Natural Science and Technology   Associate Professor

    2005.4 - 2021.3

      More details

  • Kyushu University   Faculty of Information Science and Electrical Engineering, Department of Computer Science and Communication Engineering   Research Associate

    2002.10 - 2005.3

      More details

  • Japan Society for Promotion of Science   Research Fellow

    2001.4 - 2002.9

      More details

▼display all

Professional Memberships

▼display all

Committee Memberships

  • 電子情報通信学会 情報通信システムセキュリティ(ICSS)研究会   副委員長  

    2023.6   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS)組織委員会   副組織委員長  

    2022.6   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Forefront Computing   Guest Editor-in-Chief  

    2021.9 - 2022.12   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会 コンピュータセキュリティ(CSEC)研究会   顧問  

    2021.4   

      More details

    Committee type:Academic society

    researchmap

  • システムソフトウェアとオペレーティング・システム(OS)研究会   運営委員  

    2021.4   

      More details

    Committee type:Academic society

    researchmap

  • 内閣サイバーセキュリティ戦略本部 研究開発戦略専門調査会 研究・産学官連携戦略ワーキンググループ   委員  

    2020.7 - 2021.3   

      More details

    Committee type:Government

    researchmap

  • 岡山県警察   サイバー犯罪対策テクニカルアドバイザー  

    2019.9   

      More details

  • 情報処理学会 コンピュータセキュリティ(CSEC)研究会   主査  

    2019.4 - 2021.3   

      More details

    Committee type:Academic society

    researchmap

  • 26th International Conference on Information and Communications Security (ICICS 2024)   Program Committee  

    2023.10 - 2024.8   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「サプライチェーンを安全にするコンピュータセキュリティ技術」特集号   編集委員  

    2023.7 - 2024.9   

      More details

    Committee type:Academic society

    researchmap

  • The 7th International Symposium on Mobile Internet Security (MobiSec'23)   Program Committee  

    2023.7 - 2023.12   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS) 2023   副実行委員長  

    2023.6 - 2023.10   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌コンピューティングシステム編集委員会   編集委員  

    2023.3 - 2025.3   

      More details

    Committee type:Academic society

    researchmap

  • 18th International Conference on Information Security Practice and Experience (ISPEC2023)   Program Committee  

    2023.3 - 2023.8   

      More details

    Committee type:Academic society

    researchmap

  • 25th International Conference on Information and Communications Security (ICICS 2023)   Program Committee  

    2023.1 - 2023.11   

      More details

    Committee type:Academic society

    researchmap

  • 17th International Conference on Network and System Security (NSS2023)   Program Committee  

    2023.1 - 2023.8   

      More details

    Committee type:Academic society

    researchmap

  • 5th International Conference on Science of Cyber Security (SciSec 2023)   Program Committee  

    2022.12 - 2023.7   

      More details

    Committee type:Academic society

    researchmap

  • The 6th IEEE Conference on Dependable and Secure Computing (DSC 2023)   Program Committee  

    2022.11 - 2023.11   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「サイバー空間を安全にするコンピュータセキュリティ技術」特集号   編集委員  

    2022.7 - 2023.9   

      More details

    Committee type:Academic society

    researchmap

  • The 6th International Symposium on Mobile Internet Security (MobiSec'22)   Program Committee  

    2022.7 - 2022.12   

      More details

    Committee type:Academic society

    researchmap

  • 17th International Conference on Information Security Practice and Experience (ISPEC2022)   Program Committee  

    2022.7 - 2022.11   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS)2022   副実行委員長  

    2022.6 - 2022.10   

      More details

    Committee type:Academic society

    researchmap

  • The 25th Information Security Conference (ISC 2022)   Program Committee  

    2022.5 - 2022.12   

      More details

    Committee type:Academic society

    researchmap

  • The 16th International Conference on Network and System Security (NSS2022)   Program Committee  

    2022.5 - 2022.12   

      More details

    Committee type:Academic society

    researchmap

  • 25th International Conference on Information Security and Cryptology (ICISC 2022)   Program Committee  

    2022.5 - 2022.9   

      More details

    Committee type:Academic society

    researchmap

  • 日本ネットワークセキュリティ協会(JNSA) サイバーセキュリティ産学連携推進協議会   運営委員  

    2022.4   

      More details

    Committee type:Other

    researchmap

  • The 4th International Conference on Science of Cyber Security (SciSec 2022)   Program Committee  

    2022.4 - 2022.8   

      More details

    Committee type:Academic society

    researchmap

  • The 23rd World Conference on Information Security Applications (WISA 2022)   Program Committee  

    2022.3 - 2022.8   

      More details

    Committee type:Academic society

    researchmap

  • 「『IoT社会に対応したサイバー・フィジカル・セキュリティ』に係るOSSの技術検証のあり方等に関する調査」検討委員会   委員  

    2022.2 - 2022.7   

      More details

  • IEICE Transactions on Information and Systems, Special Section on Next-generation Security Applications and Practice   Guest Associate Editor  

    2021.12 - 2022.11   

      More details

    Committee type:Academic society

    researchmap

  • 2022 IEEE Conference on Dependable and Secure Computing (IEEE DSC)   Program Committee  

    2021.12 - 2022.6   

      More details

    Committee type:Academic society

    researchmap

  • 24th International Conference on Information and Communications Security (ICICS 2022)   Program Committee  

    2021.10 - 2022.10   

      More details

    Committee type:Academic society

    researchmap

  • The 24th International Conference on Network-Based Information Systems (NBiS-2021)   Program Committee  

    2021.8 - 2021.9   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「量子時代をみすえたコンピュータセキュリティ技術」特集号   編集委員  

    2021.7 - 2022.9   

      More details

    Committee type:Academic society

    researchmap

  • 16th International Conference on Information Security Practice and Experience (ISPEC2021)   Program Committee  

    2021.7 - 2021.11   

      More details

    Committee type:Academic society

    researchmap

  • The 15th International Conference on Network and System Security (NSS2021)   Program Committee  

    2021.7 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • 電子情報通信学会 情報通信システムセキュリティ(ICSS)研究会   幹事  

    2021.6 - 2023.6   

      More details

    Committee type:Academic society

    researchmap

  • The 17th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2022)   Workshop Chair  

    2021.5 - 2022.6   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS 2021)   副実行委員長  

    2021.5 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • The 5th International Symposium on Mobile Internet Security (MobiSec'21)   Program Committee  

    2021.5 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • コンピュータセキュリティシンポジウム2021 (CSS2021)   実行委員  

    2021.5 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • The 6th IEEE International Workshop on Big Data and Information Security (IWBIS) 2021   Program Committee  

    2021.4 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • 24th International Conference on Information Security and Cryptology (ICISC 2021)   Program Committee  

    2021.3 - 2021.12   

      More details

    Committee type:Academic society

    researchmap

  • 23rd International Conference on Information and Communications Security (ICICS 2021)   Program Committee  

    2021.3 - 2021.9   

      More details

    Committee type:Academic society

    researchmap

  • The 24th Information Security Conference (ISC 2021)   Program Committee  

    2021.2 - 2021.11   

      More details

    Committee type:Academic society

    researchmap

  • The 22nd World Conference on Information Security Applications (WISA 2021)   Program Committee  

    2021.2 - 2021.8   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Blockchain Systems and Applications   編集委員  

    2020.11 - 2022.2   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Parallel and Distributed Computing and Networking   編集幹事  

    2020.11 - 2021.12   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Next-generation Security Applications and Practice   編集委員  

    2020.11 - 2021.11   

      More details

    Committee type:Academic society

    researchmap

  • Australasian Information Security Conference (AISC 2021)   Program Committee  

    2020.9 - 2021.2   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「Society 5.0を実現するコンピュータセキュリティ技術」特集号   編集委員  

    2020.7 - 2021.9   

      More details

    Committee type:Academic society

    researchmap

  • コンピュータセキュリティシンポジウム2020 (CSS2020)   プログラム委員  

    2020.5 - 2020.10   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS 2020)   実行委員長  

    2020.4 - 2020.10   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Parallel and Distributed Computing and Networking   編集幹事  

    2019.11 - 2020.12   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「実世界を支える暗号・セキュリティ・プライバシ技術」特集号   編集委員  

    2019.7 - 2020.9   

      More details

    Committee type:Academic society

    researchmap

  • 電子情報通信学会 情報通信システムセキュリティ(ICSS)研究会   幹事補佐  

    2019.6 - 2021.6   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Information and Communication System Security   編集委員  

    2019.6 - 2020.7   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS 2019)   実行委員長  

    2019.5 - 2019.10   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Security, Privacy, Anonymity and Trust in Cyberspace Computing and Communications   編集委員  

    2019.1 - 2020.2   

      More details

    Committee type:Academic society

    researchmap

  • The 15th International Workshop on Security (IWSEC 2020)   General Co-Chair  

    2019 - 2020.9   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS)組織委員会   組織委員長  

    2018.12 - 2022.5   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Parallel and Distributed Computing and Networking   編集委員  

    2018.12 - 2019.12   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「デジタルトランスフォーメーションを加速するコンピュータセキュリティ技術」特集号   編集委員  

    2018.7 - 2019.9   

      More details

    Committee type:Academic society

    researchmap

  • The 14th International Workshop on Security (IWSEC 2019)   General Co-Chair  

    2018 - 2019.8   

      More details

    Committee type:Academic society

    researchmap

  • The 4th IEEE Cyber Science and Technology Congress (CyberSciTech 2019)   Program Co-Chair  

    2018 - 2019.8   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「超スマート社会を支えるコンピュータセキュリティ技術」特集号   編集委員  

    2017.7 - 2018.9   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会 システムソフトウェアとオペレーティング・システム(OS)研究会   幹事  

    2017.4 - 2021.3   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会 コンピュータセキュリティ(CSEC)研究会   幹事  

    2017.4 - 2019.3   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会 マルウェア対策研究人材育成ワークショップ2017 (MWS2017)   プログラム委員長  

    2017 - 2017.10   

      More details

    Committee type:Academic society

    researchmap

  • 岡山県警察サイバーセキュリティ研究会   委員  

    2017   

      More details

  • 情報処理学会論文誌 「高度化するサイバー攻撃に対応するコンピュータセキュリティ技術」特集号   編集委員長  

    2016 - 2017.9   

      More details

    Committee type:Academic society

    researchmap

  • 電子情報通信学会   情報通信システムセキュリティ小特集号(英文論文誌D) 編集委員長  

    2015 - 2016.4   

      More details

    Committee type:Academic society

    電子情報通信学会

    researchmap

  • 情報処理学会 コンピュータセキュリティシンポジウム2015 (CSS2015)   プログラム委員長  

    2015 - 2015.10   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会コンピュータセキュリティ(CSEC)研究会   幹事  

    2011.4 - 2015.3   

      More details

    Committee type:Academic society

    情報処理学会

    researchmap

  • Journal of Internet Services and Information Security (JISIS)   Editorial Board member  

    2011.1   

      More details

    Committee type:Academic society

    researchmap

  • The 7th International Workshop on Security (IWSEC 2012)   Program Co-Chair  

    2011 - 2012.9   

      More details

    Committee type:Academic society

    researchmap

  • 内閣官房 情報セキュリティセンター(NISC)委託調査「OSのセキュリティ機能等に関する調査研究」検討委員会   委員  

    2005.4 - 2006.3   

      More details

  • 内閣官房情報セキュリティ対策推進室委託調査「電子政府におけるセキュリティに配慮したOSを活用した情報システムに関する調査研究」検討委員会   委員  

    2004.11 - 2005.3   

      More details

  • 26th International Conference on Information Security and Cryptology (ICISC 2023)   Program Committee  

       

      More details

    Committee type:Academic society

    researchmap

▼display all

 

Papers

  • Seeing is not always believing: Insights on IoT manufacturing from firmware composition analysis and vendor survey Reviewed

    Mitsuaki Akiyama, Shugo Shiraishi, Akifumi Fukumoto, Ryota Yoshimoto, Eitaro Shioji, Toshihiro Yamauchi

    Computers & Security   133   103389 - 103389   2023.10

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    Attacks on Internet of Things (IoT) devices have become increasingly sophisticated. However, there exist few comprehensive security investigations of IoT devices. We conducted a large-scale systematic investigation by assessing IoT firmware and follow-up survey with professionals involved in IoT-device manufacturing to understand the factors that prevent software security of IoT devices. Consequently, we discovered that many IoT devices continue to use old processor architecture and operating systems that are unable to efficiently use existing attack-mitigation features. Furthermore, we demonstrated that software patches are sometimes implicitly applied without changing the software version number (implicit patching); this may generate false positives in existing vulnerability assessments relying on software versions. On the basis of a follow-up survey, we determined technical and contractual constraints to IoT security emanating from the supply chain in the IoT device manufacturing industry. Based on the results, we discuss challenges associated with secure IoT manufacturing in the IoT-device supply chain.

    DOI: 10.1016/j.cose.2023.103389

    Scopus

    researchmap

  • Web access monitoring mechanism via Android WebView for threat analysis Reviewed

    Yuta Imamura, Rintaro Orito, Hiroyuki Uekawa, Kritsana Chaikaew, Pattara Leelaprute, Masaya Sato, Toshihiro Yamauchi

    International Journal of Information Security   20 ( 6 )   833 - 847   2021.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Springer Science and Business Media {LLC}  

    <title>Abstract</title>Many Android apps employ WebView, a component that enables the display of web content in the apps without redirecting users to web browser apps. However, WebView might also be used for cyberattacks. Moreover, to the best of our knowledge, although some countermeasures based on access control have been reported for attacks exploiting WebView, no mechanism for monitoring web access via WebView has been proposed and no analysis results focusing on web access via WebView are available. In consideration of this limitation, we propose a web access monitoring mechanism for Android WebView to analyze web access via WebView and clarify attacks exploiting WebView. In this paper, we present the design and implementation of this mechanism by modifying Chromium WebView without any modifications to the Android framework or Linux kernel. The evaluation results of the performance achieved on introducing the proposed mechanism are also presented here. Moreover, the result of threat analysis of displaying a fake virus alert while browsing websites on Android is discussed to demonstrate the effectiveness of the proposed mechanism.

    DOI: 10.1007/s10207-020-00534-3

    Web of Science

    Scopus

    researchmap

    Other Link: https://link.springer.com/article/10.1007/s10207-020-00534-3/fulltext.html

  • スマートフォン端末におけるセキュリティ上の脅威と対策:権限昇格攻撃と悪性Webサイトへの誘導に焦点を当てて Invited Reviewed

    山内 利宏

    金融研究   40 ( 4 )   25 - 54   2021.10

     More details

    Authorship:Lead author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    researchmap

  • Additional kernel observer: privilege escalation attack prevention mechanism focusing on system call privilege changes Reviewed

    Toshihiro Yamauchi, Yohei Akao, Ryota Yoshitani, Yuichi Nakamura, Masaki Hashimoto

    International Journal of Information Security   20 ( 4 )   461 - 473   2021.8

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Springer Science and Business Media {LLC}  

    © 2020, The Author(s). Cyberattacks, especially attacks that exploit operating system vulnerabilities, have been increasing in recent years. In particular, if administrator privileges are acquired by an attacker through a privilege escalation attack, the attacker can operate the entire system and cause serious damage. In this paper, we propose an additional kernel observer (AKO) that prevents privilege escalation attacks that exploit operating system vulnerabilities. We focus on the fact that a process privilege can be changed only by specific system calls. AKO monitors privilege information changes during system call processing. If AKO detects a privilege change after system call processing, whereby the invoked system call does not originally change the process privilege, AKO regards the change as a privilege escalation attack and applies countermeasures against it. AKO can therefore prevent privilege escalation attacks. Introducing the proposed method in advance can prevent this type of attack by changing any process privilege that was not originally changed in a system call, regardless of the vulnerability type. In this paper, we describe the design and implementation of AKO for Linux x86 64-bit. Moreover, we show that AKO can be expanded to prevent the falsification of various data in the kernel space. Then, we present an expansion example that prevents the invalidation of Security-Enhanced Linux. Finally, our evaluation results show that AKO is effective against privilege escalation attacks, while maintaining low overhead.

    DOI: 10.1007/s10207-020-00514-7

    Web of Science

    Scopus

    researchmap

  • Privilege Escalation Attack Prevention Method Focusing on Privilege Changes in Guest OS on KVM Reviewed

    61 ( 9 )   1507 - 1518   2020.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Privilege escalation attacks can lead to system tampering and information leakage. To address such attacks, we previously proposed a privilege escalation attack prevention method that focus on the modification of privileges by system calls. However, the said method needs to be implemented in the operating system (OS), and its application thus requires alteration of the kernel source code. Additionally, privilege data stored in the kernel space may be forged by attackers. To address these issues, we propose a new method in this paper for preventing privilege escalation attacks by employing KVM, (a virtual machine monitor). The new method hooks the system call invoked in the guest OS and verifies the modification of privileges through system call processing. Application of the new method does not require alteration of the kernel source code. Furthermore, forging of privilege data is deterred by storing privilege data in the memory of the host OS. In this paper, drawbacks of the previously proposed method are discussed, and the new proposed method and its evaluation results are described.

    CiNii Article

    CiNii Books

    researchmap

  • Live Forensic Method Using Process Duplication to Maintain High System Availability Reviewed

    60 ( 2 )   696 - 705   2019.2

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Most conventional digital forensic methods are designed to target hard disk drives, making them ineffective at detecting in-memory malware. In addition, in order to prevent a target system from changing the evidence on hard disk drives, it is necessary to shut down the system or stop its processing, reducing system availability. In this paper, we propose a live forensic method using process duplication to maintain high system availability. The proposed method duplicates the virtual address space of a target process for investigation, and obtains the relevant evidence from the duplicate. By reducing the occurrence of memory copy in the duplication process, it is possible to detect in-memory malware while retaining system availability. We describe the effectiveness of the proposed method, and furthermore, evaluate and report on the delay time when this method is applied to a periodically executing process.

    CiNii Article

    CiNii Books

    researchmap

  • Mitigating use-after-free attacks using memory-reuse-prohibited library Reviewed

    Toshihiro Yamauchi, Yuta Ikegami, Yuya Ban

    IEICE Transactions on Information and Systems   E100D ( 10 )   2295 - 2306   2017.10

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    Copyright © 2017 The Institute of Electronics, Information and Communication Engineers. Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. In particular, large-scale programs such as browsers often include many dangling pointers, and UAF vulnerabilities are frequently exploited by drive-by download attacks. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attackpreventionmethod that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. The first condition for reuse is that the total size of the freed memory area is beyond the designated size. The threshold for the conditions of reuse of the freed memory area can be randomized by HeapRevolver. Furthermore, we add a second condition for reuse in which the freed memory area is merged with an adjacent freed memory area before release. Furthermore, HeapRevolver can be applied without modifying the target programs. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small.

    DOI: 10.1587/transinf.2016INP0020

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet100d.html#YamauchiIB17

  • Security Risk Indicator for Open Source Software to Measure Software Development Status Reviewed

    Hiroki Kuzuno, Tomohiko Yano, Kazuki Omo, Jeroen van der Ham, Toshihiro Yamauchi

    The 24th World Conference on Information Security Applications (WISA 2023)   2024

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1007/978-981-99-8024-6_12

    researchmap

  • Identification of Vulnerable Kernel Code Using Kernel Tracing Mechanism Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Journal of Information Processing(JIP)   31 ( 12 )   788 - 801   2023.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.2197/ipsjjip.31.788

    researchmap

  • netroub: Towards an Emulation Platform for Network Trouble Scenarios Reviewed

    Colin Regal-Mezin, Satoru Kobayashi, Toshihiro Yamauchi

    Proceedings of 19th International Conference on emerging Networking EXperiments and Technologies Student Workshop Student Workshop 2023 (CoNEXT 2023),19th International Conference on emerging Networking EXperiments and Technologies Student Workshop   17 - 18   2023.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1145/3630202.3630222

    researchmap

  • Evaluation of Effectiveness of MAC Systems Based on LSM for Protecting IoT Devices Reviewed

    Masato Miki, Toshihiro Yamauchi, Satoru Kobayashi

    Proceedings of 2023 11th International Symposium on Computing and Networking (CANDAR2023),11th International Symposium on Computing and Networking   161 - 167   2023.11

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1109/CANDAR60563.2023.00029

    researchmap

  • Supporting multiple OS types on estimation of system call hook point by virtual machine monitor Reviewed

    Masaya Sato, Taku Omori, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of 2023 11th International Symposium on Computing and Networking Workshops (CANDARW2023),10th International Workshop on Information and Communication Security (WICS 2023)   267 - 278   2023.11

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1109/CANDARW60564.2023.00051

    researchmap

  • Prevention Method for Stack Buffer Overflow Attack in TA Command Calls in OP-TEE Reviewed

    Kaito Shiba, Hiroki Kuzuno, Toshihiro Yamauchi

    Proceedings of 2023 11th International Symposium on Computing and Networking Workshops (CANDARW2023),10th International Workshop on Information and Communication Security (WICS 2023)   274 - 278   2023.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1109/CANDARW60564.2023.00052

    researchmap

  • Analyzing Post-injection Attacker Activities in IoT Devices: A Comprehensive Log Analysis Approach Reviewed

    Hervet Victor, Satoru Kobayashi, Toshihiro Yamauchi

    Proceedings of 2023 11th International Symposium on Computing and Networking Workshops (CANDARW2023),10th International Workshop on Information and Communication Security (WICS 2023)   292 - 297   2023.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1109/CANDARW60564.2023.00055

    researchmap

  • Protection Mechanism of Kernel Data Using Memory Protection Key Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E106-D ( 9 )   1326 - 1338   2023.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.1587/transinf.2022ICP0013

    researchmap

  • Extracting and Analyzing Cybersecurity Named Entity and its Relationship with Noncontextual IOCs from Unstructured Text of CTI Sources Reviewed

    Shota Fujii, Nobutaka Kawaguchi, Tomohiro Shigemoto, Toshihiro Yamauchi

    Journal of Information Processing   31 ( 9 )   578 - 590   2023.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    DOI: 10.2197/ipsjjip.31.578

    researchmap

  • Policy-based method for applying OAuth 2.0-based security profiles Reviewed

    Takashi Norimatsu, Toshihiro Yamauchi, Yuichi Nakamura

    IEICE Transactions on Information and Systems   E106-D ( 9 )   1364 - 1379   2023.9

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Institute of Electronics, Information and Communications Engineers (IEICE)  

    DOI: 10.1587/transinf.2022ICP0004

    researchmap

  • KDRM: Kernel Data Relocation Mechanism to Mitigate Privilege Escalation Attack Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Lecture Notes in Computer Science (LNCS), 17th International Conference on Network and System Security (NSS 2023)   13983   61 - 76   2023.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    A privilege escalation attack by memory corruption based on kernel vulnerability has been reported as a security threat to operating systems. Kernel address layout randomization (KASLR) randomizes kernel code and data placement on the kernel memory section for attack mitigation. However, a privilege escalation attack will succeed because the kernel data of privilege information is identified during a user process execution in a running kernel. In this paper, we propose a kernel data relocation mechanism (KDRM) that dynamically relocates privilege information in the running kernel to mitigate privilege escalation attacks using memory corruption. The KDRM provides multiple relocation-only pages in the kernel. The KDRM selects one of the relocation-only pages and moves the privilege information to the relocation-only pages when the system call is invoked. This allows the virtual address of the privilege information to change by dynamically relocating for a user process. The evaluation results confirmed that privilege escalation attacks by user processes on Linux could be prevented with KDRM. As a performance evaluation, we showed that the overhead of issuing a system call was up to 149.67%, and the impact on the kernel performance score was 2.50%, indicating that the impact on the running kernel can be negligible.

    DOI: 10.1007/978-3-031-39828-5_4

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nss/nss2023.html#KuzunoY23

  • Memory Analysis Based Estimation of Hook Point by Virtual Machine Monitor Reviewed

    Masaya Sato, Taku Omori, Toshihiro Yamauchi, Hideo Taniguchi

    International Journal of Networking and Computing   13 ( 2 )   273 - 286   2023.7

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:IJNC Editorial Committee  

    DOI: 10.15803/ijnc.13.2_273

    researchmap

  • Non real-time data transmission performance analysis of PROFINET for assuring data transmission quality Reviewed

    Takashi Norimatsu, Toshihiro Yamauchi

    Proceedings of 2023 5th International Conference on Computer Communication and the Internet (ICCCI)   236 - 244   2023.6

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    The industrial Ethernet PROFINET supports three different data transmission modes: isochronous real-time (IRT), real-time (RT), and non real-time (NRT) transmitting data requiring hard, soft, and no real-time performances, respectively. The data transmission latency in the NRT increased with the amount of data transmission in the IRT, RT, and NRT. Therefore, the quality of data transmission in NRT may degrade as the amount of data transmission in IRT, RT, and NRT increases. In this study, we derived the average data transmission latency in an NRT with data transmission in IRT and RT by applying stochastic processes. This allowed us to maintain the quality of data transmission in the NRT by adjusting the number of devices connected to the network and the number of applications transmitting data in the NRT so that the average latency of data in the NRT does not exceed a certain value.

    DOI: 10.1109/ICCCI59363.2023.10210171

    Scopus

    researchmap

  • Proposal and Evaluation of a Log Collection and Visualization Method for Malicious Website Access in Android Reviewed

    Shuichi Ichioka, Chiaki Kawashima, Masaya Sato, Toshihiro Yamauchi

    Transactions of Information Processing Society of Japan   64 ( 4 )   892 - 903   2023.4

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    researchmap

  • vkTracer: Vulnerable Kernel Code Tracing to Generate Profile of Kernel Vulnerability Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Lecture Notes in Computer Science (LNCS),The 23rd World Conference on Information Security Applications (WISA 2022)   13720   222 - 234   2023.1

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    Vulnerable kernel codes are a threat to an operating system kernel. An adversary’s user process can forcefully invoke a vulnerable kernel code to cause privilege escalation or denial of service (DoS). Although service providers or security operators have to determine the effect of kernel vulnerabilities on their environment to decide the kernel updating, the list of vulnerable kernel codes are not provided from the common vulnerabilities and exposures (CVE) report. It is difficult to identify the vulnerable kernel codes from the exploitation result of the kernel which indicates the account information or the kernel suspension. To identify the details of kernel vulnerabilities, this study proposes a vulnerable kernel code tracer (vkTracer), which employs an alternative viewpoint using proof-of-concept (PoC) code to create a profile of kernel vulnerability. vkTracer traces the user process of the PoC code and the running kernel to hook the invocation of the vulnerable kernel codes. Moreover, vkTracer extracts the whole kernel component’s information using the running and static kernel image and debug section. The evaluation results indicated that vkTracer could trace PoC code executions (e.g., privilege escalation and DoS), identify vulnerable kernel codes, and generate kernel vulnerability profiles. Furthermore, the implementation of vkTracer revealed that the identification overhead ranged from 5.2683 s to 5.2728 s on the PoC codes and the acceptable system call latency was 3.7197 μ s.

    DOI: 10.1007/978-3-031-25659-2_16

    Scopus

    researchmap

  • Mitigating Foreshadow Side-channel Attack Using Dedicated Kernel Memory Mechanism Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Journal of Information Processing   30   796 - 806   2022.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    DOI: 10.2197/ipsjjip.30.796

    researchmap

  • Foreward.

    Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E105-D ( 12 )   1998 - 1998   2022.12

     More details

    Publishing type:Research paper (scientific journal)  

    DOI: 10.1587/transinf.2022PAF0001

    researchmap

  • Survey and Analysis on ATT&CK Mapping Function of Online Sandbox for Understanding and Efficient Using Reviewed

    Shota Fujii, Rei Yamagishi, Toshihiro Yamauchi

    Journal of Information Processing   30   807 - 821   2022.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    DOI: 10.2197/ipsjjip.30.807

    researchmap

  • Hook Point Estimation of Monitoring Address for System Call Detection by Virtual Machine Monitor Reviewed

    Masaya Sato, Taku Omori, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of 2022 Tenth International Symposium on Computing and Networking Workshops   358 - 362   2022.11

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    DOI: 10.1109/CANDARW57323.2022.00069

    researchmap

  • Implementation and Evaluation of Function for Tracing Diffusion of Classified Information to Support Multiple Cores and VMs on KVM Reviewed

    大谷航平, 岡崎俊樹, 山内利宏, 森山英明, 佐藤将也, 谷口秀夫

    63 ( 9 )   1398 - 1409   2022.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    DOI: 10.20729/00220078

    researchmap

  • Prevention of Kernel Memory Corruption Using Kernel Page Restriction Mechanism. Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Journal of Information Processing   30   563 - 576   2022.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.2197/ipsjjip.30.563

    researchmap

  • Analysis of Android Applications Shared on Twitter Focusing on Accessibility Services. Reviewed

    Shuichi Ichioka, Estelle Pouget, Takao Mimura, Jun Nakajima, Toshihiro Yamauchi

    Journal of Information Processing   30   601 - 612   2022.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.2197/ipsjjip.30.601

    researchmap

  • KDPM: Kernel Data Protection Mechanism Using a Memory Protection Key. Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    17th International Workshop on Security (IWSEC 2022) Lecture Notes in Computer Science (LNCS)   13504   66 - 84   2022.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    The kernel data of an operating system kernel can be modified through memory corruption by exploiting kernel vulnerabilities. Memory corruption allows privilege escalation and defeats security mechanisms. The kernel control flow integrity verifies and guarantees the order of invoking kernel codes. The kernel address space layout randomization randomizes the virtual address layout of the kernel code and data. The additional kernel observer focuses on the unintended privilege modifications to restore the original privileges. However, these existing security mechanisms do not prevent writing to the kernel data. Therefore, kernel data can be overwritten by exploiting kernel vulnerabilities. Additionally, privilege escalation and the defeat of security mechanisms are possible. We propose a kernel data protection mechanism (KDPM), which is a novel security design that restricts the writing of specific kernel data. This mechanism protects privileged information and the security mechanism to overcome the limitations of existing approaches. The KDPM adopts a memory protection key (MPK) to control the write restriction of kernel data. The KDPM with the MPK ensures that the writing of privileged information for user processes is dynamically restricted during the invocation of specific system calls. To prevent the security mechanisms from being defeated, the KDPM dynamically restricts the writing of kernel data related to the mandatory access control during the execution of specific kernel codes. Further, the KDPM is implemented on the latest Linux with an MPK emulator. We also evaluated the possibility of preventing the writing of privileged information. The KDPM showed an acceptable performance cost, measured by the overhead, which was from 2.96% to 9.01% of system call invocations, whereas the performance load on the MPK operations was 22.1 ns to 1347.9 ns.

    DOI: 10.1007/978-3-031-15255-9_4

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2022.html#KuzunoY22

  • CyNER: Information Extraction from Unstructured Text of CTI Sources with Noncontextual IOCs. Reviewed

    Shota Fujii, Nobutaka Kawaguchi, Tomohiro Shigemoto, Toshihiro Yamauchi

    17th International Workshop on Security (IWSEC 2022) Lecture Notes in Computer Science (LNCS)   13504   85 - 104   2022.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1007/978-3-031-15255-9_5

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2022.html#FujiiKSY22

  • Design and Implementation of System for URL Signature Construction and Impact Assessment Reviewed

    Shota Fujii, Nobutaka Kawaguchi, Shoya Kojima, Tomoya Suzuki, Toshihiro Yamauchi

    Proceedings of 2022 11th International Congress on Advanced Applied Informatics (IIAI-AAI 2022)   95 - 100   2022.7

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1109/IIAIAAI55812.2022.00028

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iiaiaai/iiaiaai2022.html#FujiiKKSY22

  • Improving Transparency of Hardware Breakpoints with Virtual Machine Introspection. Reviewed

    Masaya Sato, Ryosuke Nakamura, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of 2022 11th International Congress on Advanced Applied Informatics (IIAI-AAI 2022)   113 - 117   2022.7

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1109/IIAIAAI55812.2022.00031

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iiaiaai/iiaiaai2022.html#SatoNYT22

  • Flexible Method for Supporting OAuth 2.0 Based Security Profiles in Keycloak. Reviewed

    Takashi Norimatsu, Yuichi Nakamura, Toshihiro Yamauchi

    Lecture Notes in Informatics (LNI)   P-325   87 - 98   2022.6

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    Keycloak is identity and access control open-source software. When used for open banking, where many OAuth 2.0 clients need to be managed and a different OAuth 2.0-based security profile needs to be applied to each type of API, the problem of increasing managerial costs by the Keycloak administrator occurs because Keycloak's security profile logic depends on the client settings, and the logic cannot be changed for each client's request. This paper proposes its solution by separating the security profile logic from the client settings, and by changing the security profile for each client's request based on the content of the request, and actual security profiles Financial-grade API (FAPI) are implemented to Keycloak. The paper calculates managerial costs in both the existing and proposed methods in scenarios managing FAPI, and compares the results. The comparison shows that using the proposed method reduces costs. Our implementations are contributed to Keycloak.

    DOI: 10.18420/OID2022_07

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/openidentity/openidentity2022.html#NorimatsuNY22

  • Malware Classification by Deep Learning Using Characteristics of Hash Functions Reviewed

    Takahiro Baba, Kensuke Baba, Toshihiro Yamauchi

    Proceedings of the 36th International Conference on Advanced Information Networking and Applications (AINA-2022)   2   480 - 481   2022.3

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    DOI: 10.1007/978-3-030-99587-4_40

    researchmap

  • Improvement and Evaluation of a Function for Tracing the Diffusion of Classified Information on KVM. Reviewed

    Hideaki Moriyama, Toshihiro Yamauchi, Masaya Sato, Hideo Taniguchi

    Journal of Internet Services and Information Security (JISIS)   12 ( 1 )   26 - 43   2022.2

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (scientific journal)  

    The leakage of computerized classified information can cause serious losses for companies and individuals. In a prior work, we addressed this by providing a function for tracing the diffusion of classified information in a guest operating system (OS). However, that method was vulnerable to attack and was tightly coupled to the OS. Hence, in another previous work, we applied the tracing function using a virtual machine monitor that hooks into system calls that handle classified information, allowing us to understand the diffusion path in a more robust and OS-agnostic fashion. However, as the overhead of the tracing function increases, so does the performance degradation of each system call. Hence, in the current research, the processing performance of the tracing function is further analyzed in depth by identifying the processes that cause the large overhead. We find that the performance overhead generated by outputting the diffusion path log is too burdensome. Therefore, improvements are implemented, and the effectiveness of the upgraded performance is described. Ultimately, the log-output overhead problem is improved.

    DOI: 10.22667/JISIS.2022.02.28.026

    Scopus

    researchmap

  • Function for Tracing Diffusion of Classified Information to Support Multiple VMs with KVM Reviewed

    Kohei Otani, Toshiki Okazaki, Toshihiro Yamauchi, Hideaki Moriyama, Masaya Sato, Hideo Taniguchi

    Proceedings of 2021 nineth International Symposium on Computing and Networking Workshops, 8th International Workshop on Information and Communication Security (WICS 2021)   352 - 358   2021.11

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    DOI: 10.1109/CANDARW53999.2021.00066

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2021w.html#OtaniOYMST21

  • Proposal of Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites and Analysis Using Demonstration Experiment Data Reviewed

    石原聖, 佐藤将也, 佐藤将也, 山内利宏

    情報処理学会論文誌ジャーナル(Web)   62 ( 9 )   1536 - 1548   2021.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    One of the methods to attack mobile devices is redirecting a user to unwanted websites. To the best of our knowledge, there is no method to generate a blacklist that focuses on such attacks. Therefore, we propose a method to generate a blacklist for mobile devices by searching malicious websites. To detect new malicious websites, this method collects HTML files from the webspace using a crawler and searches for HTML files highly likely to be malicious using keywords extracted from known malicious websites. In the evaluation, we performed detection experiments with the blacklist generated by the proposed method using the demonstration experiment data. The evaluation results showed that the generated blacklist detects malicious websites used in attacks of redirecting a user to unwanted websites with few false positives. In addition, new malicious websites were discovered using the generated blacklist; furthermore, we describe an analysis of attacks of redirecting a user to unwanted websites.

    DOI: 10.20729/00212759

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • (Short Paper) Evidence Collection and Preservation System with Virtual Machine Monitoring Reviewed

    Toru Nakamura, Hiroshi Ito, Shinsaku Kiyomoto, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   12835 LNCS   64 - 73   2021.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer International Publishing  

    In a system audit and verification, it is important to securely collect and preserve evidence of execution environments, execution processes, and program execution results. Evidence-based verification of program processes ensures their authenticity; for example, the processes include no altered/infected program library. This paper proposes a solution for collection of evidence on program libraries based on Virtual Machine Monitor (VMM). The solution can solve semantic gap by obtaining library file path names. This paper also shows a way to obtain hash values of library files from a guest OS. Furthermore, this paper provides examples of evidence on program execution and the overhead of the solution.

    DOI: 10.1007/978-3-030-85987-9_4

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2021.html#NakamuraIKY21

  • KPRM: Kernel Page Restriction Mechanism to Prevent Kernel Memory Corruption Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   12835 LNCS   45 - 63   2021.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer International Publishing  

    An operating system (OS) comprises a mechanism for sharing the kernel address space with each user process. An adversary’s user process compromises the OS kernel through memory corruption, exploiting the kernel vulnerability. It overwrites the kernel code related to security features or the kernel data containing privilege information. Process-local memory and system call isolation divide one kernel address space into multiple kernel address spaces. While user processes create their own kernel address space, these methods leave the kernel code vulnerable. Further, an adversary’s user process can involve malicious code that elevates from user mode to kernel mode. Herein, we propose the kernel page restriction mechanism (KPRM), which is a novel security design that prohibits vulnerable kernel code execution and prevents writing to the kernel data from an adversary’s user process. The KPRM dynamically unmaps the kernel page of vulnerable kernel code and attack target kernel data from the kernel address space. This removes the reference of the unmapped kernel page from the kernel page table at the system call invocation. The KPRM achieves that an adversary’s user process can not employ the reference of unmapped kernel page to exploit the kernel through vulnerable kernel code on the running kernel. We implemented KPRM on the latest Linux kernel and showed that it successfully thwarts actual proof-of-concept kernel vulnerability attacks that may cause kernel memory corruption. In addition, the KPRM performance results indicated limited kernel processing overhead in software benchmarks and a low impact on user applications.

    DOI: 10.1007/978-3-030-85987-9_3

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2021.html#KuzunoY21

  • Physical Memory Management with Two Page Sizes in Tender OS. Reviewed

    Koki Kusunoki, Toshihiro Yamauchi, Hideo Taniguchi

    Lecture Notes in Networks and Systems   313   238 - 248   2021.9

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    Physical memory capacity has increased owing to large-scale integration. In addition, memory footprints have increased in size, as multiple programs are executed on a single computer. Many operating systems manage physical memory by paging a 4 KB page. Therefore, the number of entries in the virtual address translation table for virtual to physical increases along with the size of the memory footprints. This cause a decrease in the translation lookaside buffer (TLB) hit ratio, resulting in the performance degradation of the application. To address this problem, we propose the implementation of physical memory management with two page sizes: 4 KB and 4 MB. This allows us to expand range of addresses to be translated by a single TLB entry, thereby improving the TLB hit rate. This paper describes the design and implementation of the physical memory management mechanism that manages physical memory using two page sizes on The ENduring operating system for Distributed EnviRonment (OS). Our results showed that when the page size is 4 MB, the processing time of the memory allocation can be reduced by as much as approximately 99.7%, and the processing time for process creation can be reduced by as much as approximately 51%, and the processing time of the memory operation could be reduced by as much as 91.9%.

    DOI: 10.1007/978-3-030-84913-9_22

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nbis/nbis2021.html#KusunokiYT21

  • Mitigation of Kernel Memory Corruption Using Multiple Kernel Memory Mechanism. Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    IEEE Access   9   111651 - 111665   2021.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Institute of Electrical and Electronics Engineers ({IEEE})  

    Operating systems adopt kernel protection methods (e.g., mandatory access control, kernel address space layout randomization, control flow integrity, and kernel page table isolation) as essential countermeasures to reduce the likelihood of kernel vulnerability attacks. However, kernel memory corruption can still occur via the execution of malicious kernel code at the kernel layer. This is because the vulnerable kernel code and the attack target kernel code or kernel data are located in the same kernel address space. To gain complete control of a host, adversaries focus on kernel code invocations, such as function pointers that rely on the starting points of the kernel protection methods. To mitigate such subversion attacks, this paper presents multiple kernel memory (MKM), which employs an alternative design for kernel address space separation. The MKM mechanism focuses on the isolation granularity of the kernel address space during each execution of the kernel code. MKM provides two kernel address spaces, namely, i) the trampoline kernel address space, which acts as the gateway feature between user and kernel modes and ii) the security kernel address space, which utilizes the localization of the kernel protection methods (i.e., kernel observation). Additionally, MKM achieves the encapsulation of the vulnerable kernel code to prevent access to the kernel code invocations of the separated kernel address space. The evaluation results demonstrated that MKM can protect the kernel code and kernel data from a proof-of-concept kernel vulnerability that could lead to kernel memory corruption. In addition, the performance results of MKM indicate that the system call overhead latency ranges from 0.020 μs to 0.5445 μs , while the web application benchmark ranges from 196.27 μs to 6, 685.73 μs for each download access of 100,000 Hypertext Transfer Protocol sessions. MKM attained a 97.65% system benchmark score and a 99.76% kernel compilation time.

    DOI: 10.1109/ACCESS.2021.3101452

    Web of Science

    Scopus

    researchmap

  • Analysis of commands of Telnet logs illegally connected to IoT devices Reviewed

    Toshihiro Yamauchi, Ryota Yoshimoto, Takahiro Baba, Katsunari Yoshioka

    Proceedings of 2021 10th International Congress on Advanced Applied Informatics (IIAI-AAI 2021)   913 - 915   2021.7

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    researchmap

  • Implementation and Evaluation of Resource Pooling Function for High-speed Process Creation Reviewed

    谷口秀夫, 山内利宏, 田村大

    情報処理学会論文誌ジャーナル(Web)   62 ( 2 )   443 - 454   2021.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    In the recent cloud computing environment, many short-lived processes are created, a method of realizing a service by mutual cooperation of these processes has been attracting attention. Therefore, speeding up the process creation is very important. Tender OS, thus, proposes a mechanism for fast process creation and deletion. The proposed mechanism involves the recycling of process resources. However, the proposed mechanism cannot recycle process resources during process creation if the stored process resources are not adequate. Stored process resources may increase monotonically if they are not recycled for process creation, which in turn can cause memory starvation. This paper, therefore, proposes a resource pooling function for addressing the these problems. In addition to the function for resource recycling, the resource pooling function incorporates the resource creation function and the resource reduction function. Furthermore, this paper reports the effectiveness of the resource pooling function in terms of processing time efficiency and memory usage.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Improvement and Evaluation of a Function for Tracing the Diffusion of Classified Information on KVM Reviewed

    Moriyama, H., Yamauchi, T., Sato, M., Taniguchi, H.

    Advances in Intelligent Systems and Computing   1264 AISC   338 - 349   2021.1

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Advances in Intelligent Systems and Computing  

    © 2021, Springer Nature Switzerland AG. The increasing amount of classified information currently being managed by personal computers has resulted in the leakage of such information to external computers, which is a major problem. To prevent such leakage, we previously proposed a function for tracing the diffusion of classified information in a guest operating system (OS) using a virtual machine monitor (VMM). The tracing function hooks a system call in the guest OS from the VMM, and acquiring the information. By analyzing the information on the VMM side, the tracing function makes it possible to notify the user of the diffusion of classified information. However, this function has a problem in that the administrator of the computer platform cannot grasp the transition of the diffusion of classified processes or file information. In this paper, we present the solution to this problem and report on its evaluation.

    DOI: 10.1007/978-3-030-57811-4_32

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nbis/nbis2020.html#MoriyamaYST20

  • Accessibility service utilization rates in android applications shared on Twitter Reviewed

    Ichioka, S., Pouget, E., Mimura, T., Nakajima, J., Yamauchi, T.

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   12583 LNCS   101 - 111   2020.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

    © Springer Nature Switzerland AG 2020. The number of malware detected has been increasing annually, and 4.12% of malware reported in 2018 attacked Android phones. Therefore, preventing attacks by Android malware is critically important. Several previous studies have investigated the percentage of apps that utilize accessibility services and are distributed from Google Play, that have been reportedly used by Android malware. However, the Social Networking Services (SNSs) that are used to spread malware have distributed apps not only from Google Play but also from other sources. Therefore, apps distributed from within and outside of Google Play must be investigated to capture malware trends. In this study, we collected apps shared on Twitter in 2018, which is a representative SNS, and created a Twitter shared apps dataset. The dataset consists of 32,068 apps downloaded from the websites of URLs collected on Twitter. We clarified the proportion of apps that contained malware and proportion of apps utilizing accessibility services. We found that both, the percentage of malware and percentage of total apps using accessibility services have been increasing. Notably, the percentages of malware and un-suspicious apps using accessibility services were quite similar. Therefore, this problem cannot be solved by automatically blocking all apps that use accessibility services. Hence, specific countermeasures against malware using accessibility services will be increasingly important for online security in the future.

    DOI: 10.1007/978-3-030-65299-9_8

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/wisa/wisa2020.html#IchiokaPMNY20

  • Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites. Reviewed

    Takashi Ishihara, Masaya Sato, Toshihiro Yamauchi

    Proceedings - 2020 8th International Symposium on Computing and Networking Workshops, CANDARW 2020   328 - 333   2020.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2020 IEEE. As mobile devices have become more popular, mal-ware and attacks directed at them have significantly increased. One of the methods to attack mobile devices is redirecting a user to unwanted websites by unwanted page transition. One of the countermeasures against such attacks is to generate a blacklist of URLs and hostnames, which can prevent access to malicious websites. To generate a blacklist, first, malicious websites are collected in the web space. Then, URLs and hostnames of the malicious websites are added to the blacklist. However, URLs of the malicious websites are typically changed frequently; thus, it is necessary to keep track of the malicious websites and update the blacklist in a timely manner. In this study, we proposed a method to generate blacklists for mobile devices by searching malicious websites. The method collects many HTML files from the web space using a crawler and searches for HTML files that are highly likely to be malicious using keywords extracted from the known malicious websites to discover the new ones. Thus, new malicious websites can be added to the blacklist in a timely manner. Using the proposed method, we discovered malicious websites that were not detected by Google Safe Browsing. Moreover, the blacklist generated using the method had a high detection rate for certain malicious websites. This paper reports the design process and the results of the evaluation of the new method.

    DOI: 10.1109/CANDARW51189.2020.00070

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2020w.html#IshiharaSY20

  • Privilege Escalation Attack Prevention Method by Focusing on Privilege Changes on 64-bit ARM Reviewed

    61 ( 9 )   1531 - 1541   2020.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Privilege escalation attacks that exploit operating system vulnerabilities can cause significant damage to the associated systems. We previously proposed an additional kernel observer (AKO), a prevention method that focuses on modifying process privileges by system calls. AKO verifies the modification in process privilege data and monitors the modification in privilege data by storing them in the kernel stack before processing the system call. However, if an attacker identifies the storage location of privilege data in the kernel stack and alters both process privilege data and privilege data in the kernel stack while the system call is being processed, AKO can be bypassed. Hence, in this paper, we propose a new method for preventing privilege escalation attacks in the 64-bit ARM environment as well as AKO for protecting mobile devices and IoT devices. To address the issues of AKO, the new method protects the stored privilege data employing the ARM TrustZone technology. In this paper, the new method's design, implementation, and evaluation results are described. In the evaluation, we performed a privilege escalation attack detection experiment using an exploit code and measured performance of system calls and applications. The evaluation results showed that protection by attack detection was successful and the performance degradation due to this method was limited.

    CiNii Article

    CiNii Books

    researchmap

  • Method to Reduce Redundant Security Policy Using SELinux CIL Reviewed

    61 ( 9 )   1519 - 1530   2020.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Application of SELinux involves incorporating a general security policy that permits redundant privileges for individual systems. Hence, we previously proposed a method that eliminates redundant policies from the general policy. However, the said method cannot be applied when there is no policy source file or policies include an attribute that is not supported. During eliminating policies period, the log of access permitted by a particular policy is continually produced as an output, and the associated overhead is large. Furthermore, redundant policies in the base module cannot be eliminated. To address these issues, we propose a new method that extends the previously proposed method. The new method involves the processing of files written in SELinux CIL (an intermediate language) for eliminating redundant policies. Additionally, the new method considers attributes and eliminates policies with fine granularity. The overhead is reduced by eliminating the auditallow statement associated with the policy once converted to the policy format from the policy. Furthermore, by replacing the typeattributeset statement, redundant policies can be eliminated without modifying the base module. In this study, the effectiveness of our method is demonstrated through evaluation of policy elimination and through an attack prevention experiment by incorporating the vulnerabilities in Apache Struts2.

    CiNii Article

    CiNii Books

    researchmap

  • MKM: Multiple Kernel Memory for Protecting Page Table Switching Mechanism Against Memory Corruption. Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   12231 LNCS   97 - 116   2020.9

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    © Springer Nature Switzerland AG 2020. Countermeasures against kernel vulnerability attacks on an operating system (OS) are highly important kernel features. Some kernels adopt several kernel protection methods such as mandatory access control, kernel address space layout randomization, control flow integrity, and kernel page table isolation; however, kernel vulnerabilities can still be exploited to execute attack codes and corrupt kernel memory. To accomplish this, adversaries subvert kernel protection methods and invoke these kernel codes to avoid administrator privileges restrictions and gain complete control of the target host. To prevent such subversion, we present Multiple Kernel Memory (MKM), which offers a novel security mechanism using an alternative design for kernel memory separation that was developed to reduce the kernel attack surface and mitigate the effects of illegal data manipulation in the kernel memory. The proposed MKM is capable of isolating kernel memory and dedicates the trampoline page table for a gateway of page table switching and the security page table for kernel protection methods. The MKM encloses the vulnerable kernel code in the kernel page table. The MKM mechanism achieves complete separation of the kernel code execution range of the virtual address space on each page table. It ensures that vulnerable kernel code does not interact with different page tables. Thus, the page table switching of the trampoline and the kernel protection methods of the security page tables are protected from vulnerable kernel code in other page tables. An evaluation of MKM indicates that it protects the kernel code and data on the trampoline and security page tables from an actual kernel vulnerabilities that lead to kernel memory corruption. In addition, the performance results show that the overhead is 0.020 $$\mu $$s to 0.5445 $$\mu $$s, in terms of the system call latency and the application overhead average is 196.27 $$\mu $$s to 6,685.73 $$\mu $$s, for each download access of 100,000 Hypertext Transfer Protocol sessions.

    DOI: 10.1007/978-3-030-58208-1_6

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2020.html#KuzunoY20

  • Identification of kernel memory corruption using kernel memory secret observation mechanism Reviewed

    Kuzuno, H., Yamauchi, T.

    IEICE Transactions on Information and Systems   E103D ( 7 )   1462 - 1475   2020.7

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    Copyright © 2020 The Institute of Electronics, Information and Communication Engineers. Countermeasures against attacks targeting an operating system are highly effective in preventing security compromises caused by kernel vulnerability. An adversary uses such attacks to overwrite credential information, thereby overcoming security features through arbitrary program execution. CPU features such as Supervisor Mode Access Prevention, Supervisor Mode Execution Prevention and the No eXecute bit facilitate access permission control and data execution in virtual memory. Additionally, Linux reduces actual attacks through kernel vulnerability affects via several protection methods including Kernel Address Space Layout Randomization, Control Flow Integrity, and Kernel Page Table Isolation. Although the combination of these methods can mitigate attacks as kernel vulnerability relies on the interaction between the user and the kernel modes, kernel virtual memory corruption can still occur (e.g., the eBPF vulnerability allows malicious memory overwriting only in the kernel mode). We present the Kernel Memory Observer (KMO), which has a secret observation mechanism to monitor kernel virtual memory. KMO is an alternative design for virtual memory can detect illegal data manipulation/writing in the kernel virtual memory. KMO determines kernel virtual memory corruption, inspects system call arguments, and forcibly unmaps the direct mapping area. An evaluation of KMO reveals that it can detect kernel virtual memory corruption that contains the defeating security feature through actual kernel vulnerabilities. In addition, the results indicate that the system call overhead latency ranges from 0.002 μs to 8.246 μs, and the web application benchmark ranges from 39.70 μs to 390.52 μs for each HTTP access, whereas KMO reduces these overheads by using tag-based Translation Lookaside Buffers.

    DOI: 10.1587/transinf.2019ICP0011

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicetd/ieicetd103.html#KuzunoY20

  • Support System for Assessing Anti-analysis JavaScript Code by Using Proxy Objects Reviewed

    61 ( 6 )   1134 - 1145   2020.6

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    JavaScript code used by web-based attacks is usually protected by some anti-analysis techniques such as obfuscation or cloaking in order to hide its intent or avoid detection. Analyzing such code becomes an urgent task to counter cyber attacks. Therefore, we propose an analysis support system for anti-analysis JavaScript code. The proposed system comprehensively monitors browser API operations and outputs API operation logs for helping analyst's understanding the behavior of code. By using Proxy objects to capture API operations, the proposed system successfuly monitors API operations that could not be captured completely by existing methods. In addition, by replacing variable references, it is able to comprementally monitor API operations for non-replaceable APIs. In this paper, we describe the concept of the proposed system and the implementation of analysis method. We also report the result of analyzing anti-analysis JavaScript codes as an evaluation.

    CiNii Article

    CiNii Books

    researchmap

  • 第3編―情報技術の発展と展望 [CSEC]コンピュータセキュリティ研究会

    山内 利宏

    情報処理学会60年のあゆみ   2020

     More details

    Authorship:Lead author, Corresponding author   Language:Japanese  

    researchmap

  • Method for Delegating I/O Functions to Linux in AnT Operating System Reviewed

    60 ( 12 )   2279 - 2290   2019.12

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    A specialized operating system (OS) can provide some order-made service efficiently. However, development of the specialized OS takes a large amount of cost (e.g., device driver, file management functions). Thus, it is important to reduce the cost. In this paper, we describe a method for introducing the specialized OS and Linux run independently in multicore processors, and the specialized OS uses Linux file I/O functions. This paper describes the design and the implementation of the proposed method for AnT operating system as the specialized OS, and reports the evaluation results of the proposed method.

    CiNii Article

    CiNii Books

    researchmap

  • KMO: Kernel Memory Observer to Identify Memory Corruption by Secret Inspection Mechanism Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   11879 LNCS   75 - 94   2019.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    © Springer Nature Switzerland AG, 2019. Kernel vulnerability attacks may allow attackers to execute arbitrary program code and achieve privilege escalation through credential overwriting, thereby avoiding security features. Major Linux protection methods include Kernel Address Space Layout Randomization, Control Flow Integrity, and Kernel Page Table Isolation. All of these mitigate kernel vulnerability affects and actual attacks. In addition, the No eXecute bit, Supervisor Mode Access Prevention, and Supervisor Mode Execution Prevention are CPU features for managing access permission and data execution in virtual memory. Although combinations of these methods can reduce the attack availability of kernel vulnerability based on the interaction between the user and kernel modes, kernel virtual memory corruption is still possible (e.g., the eBPF vulnerability executes the attack code only in the kernel mode). To monitor kernel virtual memory, we present the Kernel Memory Observer (KMO), which has a secret inspection mechanism and offers an alternative design for virtual memory. It allows the detection of illegal data manipulation/writing in the kernel virtual memory. KMO identifies the kernel virtual memory corruption, monitors system call arguments, and enables unmapping from the direct mapping area. An evaluation of our method indicates that it can detect the actual kernel vulnerabilities leading to kernel virtual memory corruption. In addition, the results show that the overhead is 0.038 &#x0024;&#x0024;\upmu &#x0024;&#x0024; s to 2.505 &#x0024;&#x0024;\upmu &#x0024;&#x0024; s in terms of system call latency, and the application benchmark is 371.0 &#x0024;&#x0024;\upmu &#x0024;&#x0024; s to 1,990.0 &#x0024;&#x0024;\upmu &#x0024;&#x0024; s for 100,000 HTTP accesses.

    DOI: 10.1007/978-3-030-34339-2_5

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ispec/ispec2019.html#KuzunoY19

  • Threat Analysis of Fake Virus Alerts Using WebView Monitor Reviewed

    Yuta Imamura, Rintaro Orito, Kritsana Chaikaew, Celia Manardo, Pattara Leelaprute, Masaya Sato, Toshihiro Yamauchi

    Proceedings - 2019 7th International Symposium on Computing and Networking, CANDAR 2019   28 - 36   2019.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2019 IEEE. As mobile devices have become more popular, mobile web browsing has surpassed desktop browser use and the number of mobile malware cases has increased. The methods of infiltrating Android devices with malware include malvertising and scams. Android users can access websites via web browsers and Android apps using WebView, which displays web content inside an app without redirecting users to web browsers. However, WebView is vulnerable to cyberattacks and the security mechanisms are not sufficient to prevent all attacks. In this study, to analyze web access threats via WebView, we investigated web access to malicious websites against Android mobile devices. In particular, we focused on fake virus alerts. To monitor web access for threat analysis, we improved the WebView Monitor [1] to capture all web access via Android WebView. In particular, we analyzed the mechanism of displaying a fake virus alert while browsing websites on Android.

    DOI: 10.1109/CANDAR.2019.00012

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2019.html#ImamuraOCMLSY19

  • 仮想計算機を利用した性能プロファイリングシステムの分散化とデータ収集停止時間の短縮 Reviewed

    山本 昌生,中島 耕太,山内 利宏,名古屋 彰,谷口 秀夫

    電子情報通信学会論文誌D   J102-D ( 10 )   674 - 684   2019.10

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    DOI: 10.14923/transinfj.2018JDP7035

    researchmap

  • (Short Paper) method for preventing suspicious web access in android WebView Reviewed

    Masaya Sato, Yuta Imamura, Rintaro Orito, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   11689 LNCS   241 - 250   2019.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    © 2019, Springer Nature Switzerland AG. WebView is commonly used by applications on the Android OS. Given that WebView is used as a browsing component on applications, they can be attacked via the web. Existing security mechanisms mainly focus on web browsers; hence, securing WebView is an important challenge. We proposed and implemented a method for preventing suspicious web access in Android WebView. Attackers distribute their malicious content including malicious applications, potentially unwanted programs, and coin miners, by inserting contents into a web page. Because loading malicious content involves HTTP communication, our proposed method monitors HTTP communication by WebView and blocks suspicious web accesses. To apply the proposed method to widely used applications, we implemented our method inside WebView. We also evaluated the proposed method with some popular applications and confirmed that the method can block designated web content without impeding the functionality of applications.

    DOI: 10.1007/978-3-030-26834-3_14

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2019.html#SatoIOY19

  • Design and implementation of hiding method for file manipulation of essential services by system call proxy using virtual machine monitor. Reviewed

    Masaya Sato, Hideo Taniguchi, Toshihiro Yamauchi

    Int. J. Space Based Situated Comput.   9 ( 1 )   1 - 10   2019.5

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:INDERSCIENCE ENTERPRISES LTD  

    Security or system management software is essential for keeping systems secure. To deter attacks on essential services, hiding information related to essential services is helpful. This paper describes the design, the implementation, and the evaluation of a method to make files invisible to all services except their corresponding essential services and provides access methods to those files in a virtual machine (VM). In the proposed method, the virtual machine monitor (VMM) monitors the system call, which invoked by an essential process to access essential files, and requests proxy execution to the proxy process on another VM. The VMM returns the result and skips the execution of the original system call on the protection target VM. Thus, access to essential files by the essential service is skipped on the protection target VM, but the essential service can access the file content.

    DOI: 10.1504/IJSSC.2019.100007

    Web of Science

    researchmap

  • Hiding File Manipulation of Essential Services by System Call Proxy Reviewed

    Masaya Sato, Hideo Taniguchi, Toshihiro Yamauchi

    Lecture Notes on Data Engineering and Communications Technologies   22   853 - 863   2019.3

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Part of collection (book)   Publisher:Springer  

    © 2019, Springer Nature Switzerland AG. Security software or logging programs are frequently attacked because they are an obstruction to attackers. Protecting these essential services from attack is crucial to preventing and mitigating damage. Hiding information related to essential services, such as that of the files and processes, can help to deter attacks on these services. This paper proposes a method of hiding file manipulation for essential services. The method makes the files invisible to all services except their corresponding essential services and provides access methods to those files in a virtual machine (VM) environment. In the proposed method, system calls to those files are executed by a proxy process on the other VM. The original system call is not executed in the operating system of the original VM, however, the result of file access is returned to the original process. Thus, the files of essential services are placed on the other VM and other processes on the original VM cannot access to them. Therefore, the proposed method can prevent or deter identification of essential services based on file information monitoring.

    DOI: 10.1007/978-3-319-98530-5_76

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nbis/nbis2018.html#SatoTY18

  • Implementation and Evaluation of Batch Processing Request for Leveraging Distributed Execution of OS Processing Reviewed

    60 ( 2 )   430 - 439   2019.2

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    In microkernel operating systems (OSes), some parts of OS functions are implemented as processes, which called OS server. For this reason, OS functions can be distributed by placing OS servers to multiple processors. However, it is difficult to reduce the response time of a processing request from an application program (AP) to an OS server. This is due to invocation of multiple inter server communication for processing requests. In addition, an interface of processing requests from AP to OS servers is blocking in most cases. Hence, a processing request is forced to be done successively even though multiple processing are concurrently executable and related OS servers are independent. In this paper, we propose a batch process request function with blocking interface to request multiple processing to OS servers at one time. We also present evaluation results of basic performance, and distributed processing by the proposed function can reduce the response time for a service consists of multiple processing.

    CiNii Article

    CiNii Books

    researchmap

  • Additional Kernel Observer to Prevent Privilege Escalation Attacks by Focusing on System Call Privilege Changes Reviewed

    Toshihiro Yamauchi, Yohei Akao, Ryota Yoshitani, Yuichi Nakamura, Masaki Hashimoto

    DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing   1 - 8   2019.1

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2018 IEEE. In recent years, there has been an increase in attacks that exploit operating system vulnerabilities. In particular, if an administrator's privilege is acquired by an attacker through a privilege escalation attack, the attacker can operate the entire system and the system can suffer serious damage. In this paper, an additional kernel observer (AKO) method is proposed. It prevents privilege escalation attacks that exploit operating system vulnerabilities. We focus on the fact that a process privilege can be changed only by specific system calls. AKO monitors privilege information changes during system call processing. If AKO detects a privilege change after system call processing, whereby the invoked system call does not originally change the process privilege, AKO regards the change as a privilege escalation attack and applies countermeasures against it. In this paper, we describe the design and implementation of AKO for Linux x86, 64 bit. Moreover, AKO can be expanded to prevent the falsification of various data in the kernel space. We present an expansion example that prevents the invalidation of Security-Enhanced Linux. Evaluation results show that AKO is effective against privilege escalation attacks, while maintaining low overhead.

    DOI: 10.1109/DESEC.2018.8625137

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/desec/desec2018.html#YamauchiAYNH18

  • Acceleration of analysis processing on decentralized performance profiling system using virtual machines Reviewed

    Masao Yamamoto, Kohta Nakashima, Toshihiro Yamauchi, Akira Nagoya, Hideo Taniguchi

    Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   152 - 158   2018.12

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE Computer Society  

    © 2018 IEEE. To detect the performance anomaly of a computer, as a structure for continuous performance profiling, decentralization of the performance profiling system using virtual machines has been proposed. Moreover, there have already been evaluation results reported regarding overhead, including data storing, and data sampling stall time. On the other hand, for continuous performance profiling, the continuous processing of performance profiling is needed, including not only data sampling and data storing but also analysis processing. Therefore, first, this paper describes a relationship condition among data sampling time, data storing time, and analysis processing time as the necessary condition for continuous performance profiling on a decentralized performance profiling system. Second, in order to satisfy the relationship condition, we propose a concurrent operation technique as the acceleration method of analysis processing for a decentralized performance profiling system. Finally, this paper presents quantitative evaluations of the proposed method, including the case of a multi-VMM environment.

    DOI: 10.1109/CANDARW.2018.00035

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2018w.html#YamamotoNYNT18

  • Mitigating use-after-free attack using library considering size and number of freed memory Reviewed

    Yuya Ban, Toshihiro Yamauchi

    Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   398 - 404   2018.12

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE Computer Society  

    © 2018 IEEE. Use-after-free (UAF) vulnerabilities, are abused by exploiting a dangling pointer that refers to a freed memory, location and then executing arbitrary code. Vulnerabilities are caused by bugs in software programs, particularly large scale programs such as browsers. We had previously proposed HeapRevolver, which prohibits freed memory area from being reused for a certain period. HeapRevolver on Windows uses the number of freed memory areas that are prohibited for reuse as a trigger to release the freed memory area. Alternatively, HeapRevolver uses the number of the freed memory areas as a threshold for releasing freed memory. However, when the size of individual freed memory area is large, HeapRevolver on Windows increases the memory overhead. In this paper, we propose an improved HeapRevolver for Windows considering the size and number of the freed memory areas. The improved HeapRevolver prohibits the reuse of a certain number of freed memory areas at a given time by considering the size and number of freed memory areas as thresholds. Evaluation results demonstrate that the improved HeapRevolver can prevent attacks that exploit UAF vulnerabilities. Particularly, when the size of individual freed memory area is small in a program, HeapRevolver is effective in decreasing the attack success rate.

    DOI: 10.1109/CANDARW.2018.00080

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2018w.html#BanY18

  • Performance Improvement and Evaluation of Function for Tracing Diffusion of Classified Information on KVM

    Hideaki Moriyama, Toshihiro Yamauchi, Masaya Sato, Hideo Taniguchi

    Proceedings - 2017 5th International Symposium on Computing and Networking, CANDAR 2017   2018-January   463 - 468   2018.4

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE Computer Society  

    © 2017 IEEE. As a result of the increasing amounts of classified information being managed by personal computers, leakage of this information to external computers has become a serious problem. To prevent such leakage, we previously proposed a function for tracing the diffusion of classified information in a guest operating system (OS) using a virtual machine monitor (VMM). This function allows determination of the classified information location and information leakage detection without modification of the guest OS source code. In addition, it is more difficult for attacks to target this function, because the VMM is isolated from the guest OS. The tracing function hooks a system call in the guest OS from the VMM and judges whether the hooked system call is related to the diffusion of classified information. However, if the tracing function induces processing of large overheads, introduction of this function may degrade performance. In this paper, we analyze the processing performance of the tracing function in detail, identifying processing involving large overheads. Hence, we determine that the recording overheads for files or processes having the potential to diffuse classified information are especially large. To reduce the influence of the tracing function introduction, it is necessary to reduce these overheads. Therefore, we present a policy for efficient management. Further, we propose an improved tracing function and report on its evaluation.

    DOI: 10.1109/CANDAR.2017.91

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2017.html#MoriyamaYST17

  • Web access monitoring mechanism for Android WebView Reviewed

    Yuta Imamura, Hiroyuki Uekawa, Yasuhiro Ishihara, Masaya Sato, Toshihiro Yamauchi

    ACM International Conference Proceeding Series   1 - 8   2018.1

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:ACM  

    © 2018 Association for Computing Machinery. In addition to conventional web browsers, WebView is used to display web content on Android. WebView is a component that enables the display of web content in mobile applications, and is extensively used. As WebView displays web content without having to redirect the user to web browsers, there is the possibility that unauthorized web access may be performed secretly via Web-View, and information in Android may be stolen or tampered with. Therefore, it is necessary to monitor and analyze web access via WebView, particularly because attacks exploiting WebView have been reported. However, there is no mechanism for monitoring web access viaWebView. In this work, the goals are to monitor web access via WebView and to analyze mobile applications using Web-View. To achieve these goals, we propose a web access monitoring mechanism for Android WebView. In this paper, the design and implementation of a mechanism that does not require any modifications to the Android Framework and Linux kernel are presented for the Chromium Android System WebView app. In addition, this paper presents evaluation results for the proposed mechanism.

    DOI: 10.1145/3167918.3167942

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/acsw/acsw2018.html#ImamuraUISY18

  • Access control mechanism to mitigate cordova plugin attacks in hybrid applications Reviewed

    Naoki Kudo, Toshihiro Yamauchi, Thomas H. Austin

    Journal of Information Processing   26   396 - 405   2018.1

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2018 Information Processing Society of Japan. Hybrid application frameworks such as Cordova are more and more popular to create platform-independent applications (apps) because they provide special APIs to access device resources in a platform-agonistic way. By using these APIs, hybrid apps can access device resources through JavaScript. In this paper, we present a novel apprepackaging attack that repackages hybrid apps with malicious code; this code can exploit Cordova’s plugin interface to steal and tamper with device resources. We address this attack and cross-site scripting attacks against hybrid apps. Since these attacks need to use plugins to access device resources, we refer to both of these attacks as Cordova plugin attacks. We further demonstrate a defense against Cordova plugin attacks through the use of a novel runtime access control mechanism that restricts access based on the mobile user’s judgement. Our mechanism is easy to introduce to existing Cordova apps, and allows developers to produce apps that are resistant to Cordova plugin attacks. Moreover, we evaluate the effectiveness and performance of our mechanism.

    DOI: 10.2197/ipsjjip.26.396

    Scopus

    researchmap

  • ディレクトリ優先方式における未参照バッファ数に着目した入出力バッファ分割法 Reviewed

    横山和俊, 土谷彰義, 山本光一, 河辺誠弥, 山内利宏, 乃村能成, 谷口秀夫

    電子情報通信学会論文誌D   J101-D ( 1 )   46 - 56   2018

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    DOI: 10.14923/transinfj.2017SKP0012

    J-GLOBAL

    researchmap

  • マルチコア環境におけるスケジューラ連携による優先度逆転抑制法 Reviewed

    鴨生悠冬, 山内利宏, 谷口秀夫

    電子情報通信学会論文誌D   J101-D ( 6 )   998 - 1008   2018

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    DOI: 10.14923/transinfj.2017JDP7061

    researchmap

  • Kernel rootkits detection method by monitoring branches using hardware features Reviewed

    Toshihiro Yamauchi, Yohei Akao

    IEICE Transactions on Information and Systems   E100D ( 10 )   2377 - 2381   2017.10

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    Copyright © 2017 The Institute of Electronics, Information and Communication Engineers. An operating system is an essential piece of software that manages hardware and software resources. Thus, attacks on an operating system kernel using kernel rootkits pose a particularly serious threat. Detecting an attack is difficult when the operating system kernel is infected with a kernel rootkit. For this reason, handling an attack will be delayed causing an increase in the amount of damage done to a computer system. In this paper, we propose Kernel Rootkits Guard (KRGuard), which is a new method to detect kernel rootkits that monitors branch records in the kernel space. Since many kernel rootkits make branches that differ from the usual branches in the kernel space, KRGuard can detect these differences by using the hardware features of commodity processors. Our evaluation shows that KRGuard can detect kernel rootkits that involve new branches in the system call handler processing with small overhead.

    DOI: 10.1587/transinf.2016INL0003

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet100d.html#YamauchiA17

  • Access control for plugins in cordova-based hybrid applications

    Naoki Kudo, Toshihiro Yamauchi, Thomas H. Austin

    Proceedings - International Conference on Advanced Information Networking and Applications, AINA   1063 - 1069   2017.5

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2017 IEEE. Hybrid application frameworks such as Cordovaallow mobile application (app) developers to create platformindependent apps. The code is written in JavaScript, with special APIs to access device resources in a platform-agnostic way. In this paper, we present a novel app-repackaging attack that repackages hybrid apps with malicious code, this code can exploit Cordova's plugin interface to tamper with device resources. We further demonstrate a defense against this attack through the use of a novel runtime access control mechanism that restricts access based on the mobile user's judgement. Our mechanism is easy to introduce to existing Cordova apps, and allows developers to produce apps that are resistant to app-repackaging attacks.

    DOI: 10.1109/AINA.2017.61

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/aina/aina2017.html#KudoYA17

  • KRGuard: Kernel Rootkits Detection Method by Monitoring Branches Using Hardware Features Reviewed

    Yohei Akao, Toshihiro Yamauchi

    ICISS 2016 - 2016 International Conference on Information Science and Security   100-D ( 10 )   22 - 26   2017.3

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    © 2016 IEEE. Attacks on an operating system kernel using kernel rootkits pose a particularly serious threat. Detecting an attack is difficult when the operating system kernel is infected with a kernel rootkit. For this reason, handling an attack will be delayed causing an increase in the amount of damage done to a computer system. In this paper, we discuss KRGuard (Kernel Rootkits Guard), which is a new method to detect kernel rootkits that monitors branch records in the kernel space. Since many kernel rootkits make branches that differ from the usual branches in the kernel space, KRGuard can detect these differences by using hardware features of commodity processors. Our evaluation shows that KRGuard can detect kernel rootkits with small overhead.

    DOI: 10.1109/ICISSEC.2016.7885860

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet100d.html#YamauchiA17

  • Memory access monitoring and disguising of process information to Avoid Attacks to essential services

    Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016   635 - 641   2017.1

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2016 IEEE. To prevent attacks on essential software and to mitigate damage, an attack avoiding method that complicates process identification from attackers is proposed. This method complicates the identification of essential services by replacing process information with dummy information. However, this method allows attackers to identify essential processes by detecting changes in process information. To address this problems and provide more complexity to process identification, this paper proposes a memory access monitoring by using a virtual machine monitor. By manipulating the page access permission, a virtual machine monitor detects page access, which includes process information, and replaces it with dummy information. This paper presents the design, implementation, and evaluation of the proposed method.

    DOI: 10.1109/CANDAR.2016.89

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2016.html#SatoYT16

  • Rule-based sensor data aggregation system for M2M gateways

    Yuichi Nakamura, Akira Moriguchi, Masanori Irie, Taizo Kinoshita, Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E99D ( 12 )   2943 - 2955   2016.12

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    © Copyright 2016 The Institute of Electronics, Information and Communication Engineers. To reduce the server load and communication costs of machine-to-machine (M2M) systems, sensor data are aggregated in M2M gateways. Aggregation logic is typically programmed in the C language and embedded into the firmware. However, developing aggregation programs is difficult for M2M service providers because it requires gatewayspecific knowledge and consideration of resource issues, especially RAM usage. In addition, modification of aggregation logic requires the application of firmware updates, which are risky. We propose a rule-based sensor data aggregation system, called the complex sensor data aggregator (CSDA), for M2M gateways. The functions comprising the data aggregation process are subdivided into the categories of filtering, statistical calculation, and concatenation. The proposed CSDA supports this aggregation process in three steps: the input, periodic data processing, and output steps. The behaviors of these steps are configured by an XML-based rule. The rule is stored in the data area of flash ROM and is updatable through the Internet without the need for a firmware update. In addition, in order to keep within the memory limit specified by the M2M gateway's manufacturer, the number of threads and the size of the working memory are static after startup, and the size of the working memory can be adjusted by configuring the sampling setting of a buffer for sensor data input. The proposed system is evaluated in an M2M gateway experimental environment. Results show that developing CSDA configurations is much easier than using C because the configuration decreases by 10%. In addition, the performance evaluation demonstrates the proposed system's ability to operate on M2M gateways.

    DOI: 10.1587/transinf.2016PAP0020

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet99d.html#NakamuraMIKY16

  • Heaprevolver: Delaying and randomizing timing of release of freed memory area to prevent use-after-free attacks Reviewed

    Toshihiro Yamauchi, Yuta Ikegami

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   9955 LNCS   219 - 234   2016.9

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER INT PUBLISHING AG  

    © Springer International Publishing AG 2016. Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attack-prevention method that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small.

    DOI: 10.1007/978-3-319-46298-1_15

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nss/nss2016.html#YamauchiI16

  • Implementation and Evaluation of Partitioning Method of I/O Buffer Based on Cache Hit Ratio

    57 ( 6 )   1539 - 1553   2016.6

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    In order to improve file access performance of the processing that users would like to execute at high priority, it is effective to improve cache hit ratio of I/O buffer. Thus, a directory oriented buffer cache mechanism was proposed. This mechanism divides I/O buffer into two areas, and gives higher caching priority to files in specified directories. However, this mechanism monotonically expands the area used for caching files given higher priority. Therefore, this mechanism declines the performance of the whole computer due to deterioration of cache hit ratio of files not given higher priority. Thus, this paper proposes the dynamic partitioning method based on cache hit ratio. The proposed method divides I/O buffer to maintain high cache hit ratio of files given higher priority and prevent cache hit ratio of the other files from degradation. Additionally, this paper describes the evaluation of effectivity of the proposed method.

    CiNii Article

    CiNii Books

    researchmap

  • Evaluation and design of function for tracing diffusion of classified information for file operations with KVM

    Shota Fujii, Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Journal of Supercomputing   72 ( 5 )   1841 - 1861   2016.5

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:SPRINGER  

    © 2016, Springer Science+Business Media New York. Cases of classified information leakage have become increasingly common. To address this problem, we have proposed a function for tracing the diffusion of classified information within an operating system. However, this function suffers from the following two problems: first, in order to introduce the function, the operating system’s source code must be modified. Second, there is a risk that the function will be disabled when the operating system is attacked. Thus, we have designed a function for tracing the diffusion of classified information in a guest operating system by using a virtual machine monitor. By using a virtual machine monitor, we can introduce the proposed function in various environments without modifying the operating system’s source code. In addition, attacks aimed at the proposed function are made more difficult, because the virtual machine monitor is isolated from the operating system. In this paper, we describe the implementation of the proposed function for file operations and child process creation in the guest operating system with a kernel-based virtual machine. Further, we demonstrate the traceability of diffusing classified information by file operations and child process creation. We also report the logical lines of code required to introduce the proposed function and performance overheads.

    DOI: 10.1007/s11227-016-1671-5

    Web of Science

    Scopus

    researchmap

  • Plate: Persistent memory management for nonvolatile main memory Reviewed

    Toshihiro Yamauchi, Yuta Yamamoto, Kengo Nagai, Tsukasa Matono, Shinji Inamoto, Masaya Ichikawa, Masataka Goto, Hideo Taniguchi

    Proceedings of the ACM Symposium on Applied Computing   04-08-April-2016   1885 - 1892   2016.4

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:ACM  

    © 2016 ACM. Over the past few years, nonvolatile memory has actively been researched and developed. Therefore, studying operating system (OS) designs predicated on the main memory in the form of a nonvolatile memory and studying methods to manage persistent data in a virtual memory are crucial to encourage the widespread use of nonvolatile memory in the future. However, the main memory in most computers today is volatile, and replacing highcapacity main memory with nonvolatile memory is extremely cost-prohibitive. This paper proposes an OS structure for nonvolatile main memory. The proposed OS structure consists of three functions to study and develop OSs for nonvolatile main memory computers. First, a structure, which is called plate, is proposed whereby persistent data are managed assuming that nonvolatile main memory is present in a computer. Second, we propose a persistent-data mechanism to make a volatile memory function as nonvolatile main memory, which serves as a basis for the development of OSs for computers with nonvolatile main memory. Third, we propose a continuous operation control using the persistent-data mechanism and plates. This paper describes the design and implementation of the OS structure based on the three functions on The ENduring operating system for Distributed EnviRonment and describes the evaluation results of the proposed functions.

    DOI: 10.1145/2851613.2851744

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/sac/sac2016.html#YamauchiYNMIIGT16

  • Special Section on Information and Communication System Security FOREWORD

    Toshihiro Yamauchi

    IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS   E99D ( 4 )   785 - 786   2016.4

     More details

    Language:English   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    DOI: 10.1587/transinf.2015ICF0001

    Web of Science

    researchmap

  • Attacker Investigation System Triggered by Information Leakage Reviewed

    Yuta Ikegami, Toshihiro Yamauchi

    Proceedings - 2015 IIAI 4th International Congress on Advanced Applied Informatics, IIAI-AAI 2015   24 - 27   2016.1

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2015 IEEE. While a considerable amount of research has been devoted to preventing leakage of classified information, little attention has been paid to identifying attackers who steal information. If attackers can be identified, more precise countermeasures can be taken. In this paper, we propose an attacker investigation system that focuses on information leakage. The system traces classified information in a computer and substitutes it with dummy data, which is then sent to the outside. Moreover, a program embedded in the dummy data transmits information back from the attacker's computer to a pre-specified system for investigation. Information about the attacker can be obtained by an attacker executing the program.

    DOI: 10.1109/IIAI-AAI.2015.247

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iiaiaai/iiaiaai2015.html#IkegamiY15

  • Proposal of Kernel Rootkits Detection Method by Monitoring Branches Using Hardware Features Reviewed

    Yohei Akao, Toshihiro Yamauchi

    Proceedings - 2015 IIAI 4th International Congress on Advanced Applied Informatics, IIAI-AAI 2015   721 - 722   2016.1

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2015 IEEE. Attacks on computer systems have become more frequent in recent years. Attacks using kernel root kits pose a particularly serious threat. When a computer system is infected with a kernel root kit, attack detection is difficult. Because of this, handling the attack will be delayed causing an increase in the amount of damage done to the computer system. This paper proposes a new method to detect kernel root kits by monitoring the branch records in kernel space using hardware features of commodity processors. Our method utilizes the fact that many kernel root kits make branches that differ from the usual branches. By introducing our method, it is possible to detect kernel root kits immediately and, thereby, reduce damages to a minimum.

    DOI: 10.1109/IIAI-AAI.2015.243

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iiaiaai/iiaiaai2015.html#AkaoY15

  • Design of function for tracing diffusion of classified information for IPC on KVM

    Shota Fujii, Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Journal of Information Processing   24 ( 5 )   781 - 792   2016

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2016 Information Processing Society of Japan. The leaking of information has increased in recent years. To address this problem, we previously proposed a function for tracing the diffusion of classified information in a guest OS using a virtual machine monitor (VMM). This function makes it possible to grasp the location of classified information and detect information leakage without modifying the source codes of the guest OS. The diffusion of classified information is caused by a file operation, child process creation, and inter-process communication (IPC). In a previous study, we implemented the proposed function for a file operation and child process creation excluding IPC using a kernel-based virtual machine (KVM). In this paper, we describe the design of the proposed function for IPC on a KVM without modifying the guest OS. The proposed function traces the local and remote IPCs inside the guest OS from the outside so as to trace the information diffusion. Because IPC with an outside computer might cause information leakage, tracing the IPCs enables the detection of such a leakage. We also report the evaluation results including the traceability and performance of the proposed function.

    DOI: 10.2197/ipsjjip.24.781

    Scopus

    researchmap

  • プロセス間通信を抑制しデータ共有するマイクロカーネル構造OS向けファイル操作機能の実現と評価

    江原寛人, 枡田圭祐, 山内利宏, 谷口秀夫

    電子情報通信学会論文誌D   J99-D ( 10 )   1069 - 1079   2016

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    researchmap

  • Foreword.

    Toshihiro Yamauchi

    IEICE Trans. Inf. Syst.   99-D ( 4 )   785 - 786   2016

     More details

  • Fast control method of software-managed TLB for reducing zero-copy communication overhead

    Toshihiro Yamauchi, Masahiro Tsuruya, Hideo Taniguchi

    IEICE Transactions on Information and Systems   E98D ( 12 )   2187 - 2191   2015.12

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    © Copyright 2015 The Institute of Electronics, Information and Communication Engineers. Microkernel operating systems (OSes) use zero-copy communication to reduce the overhead of copying transfer data, because the communication between OS servers occurs frequently in the case of microkernel OSes. However, when a memory management unit manages the translation lookaside buffer (TLB) using software, TLB misses tend to increase the overhead of interprocess communication (IPC) between OS servers running on a microkernel OS. Thus, improving the control method of a software-managed TLB is important for microkernel OSes. This paper proposes a fast control method of software-managed TLB that manages page attachment in the area used for IPC by using TLB entries, instead of page tables. Consequently, TLB misses can be avoided in the area, and the performance of IPC improves. Thus, taking the SH-4 processor as an example of a processor having a software-managed TLB, this paper describes the design and the implementation of the proposed method for AnT operating system, and reports the evaluation results of the proposed method.

    DOI: 10.1587/transinf.2015PAL0003

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet98d.html#YamauchiTT15

  • マルチコア向けAnTオペレーティングシステムのファイル操作における分散効果の評価

    河上 裕太, 山内 利宏, 谷口 秀夫

    マルチマディア通信と分散処理ワークショップ2015論文集   2015 ( 5 )   100 - 106   2015.10

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    CiNii Article

    researchmap

  • Process hiding by virtual machine monitor for attack avoidance

    Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Journal of Information Processing   23 ( 5 )   673 - 682   2015.9

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2015 Information Processing Society of Japan. As attacks to computers increase, protective software is developed. However, that software is still open to attacks by adversaries that disable its functionality. If that software is stopped or disabled, the risk of damage to the computer increases. Protections of that software are proposed however existing approaches are insufficient or cannot use those software without modification. To decrease the risk and to address these problems, this paper presents an attack avoidance method that hides process from adversaries who intend to terminate essential services. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems is unnecessary.

    DOI: 10.2197/ipsjjip.23.673

    Scopus

    researchmap

  • Dynamic Control Method for Sending User Information Using TaintDroid

    56 ( 9 )   1857 - 1867   2015.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    In recent years, Android malware has been increasing, and countermeasures against them have become an issue. In particular, the leakage of user information by malware has become an important issue. In order to address this problem, we design and implement a method that uses TaintDroid to prevent the leakage of user information from Android device. This method tracks the diffusion of user information in a device and dynamically controls the action of application program (AP) when the leakage of user information is detected. As a result, this method prevents the leakage of user information from the device. In addition, this method obtains the AP name involved in the leakage of user information and understands the diffusion path of user information when APs communicate user information with each other. Therefore, a user can deal with each AP of leakage factors. Furthermore, this method replaces user information that is leaked from a device with a dummy data. As a result, this method prevents the leakage of user information from the device without interfering the process of AP.

    CiNii Article

    CiNii Books

    researchmap

  • Reducing resource consumption of SELinux for embedded systems with contributions to open-source ecosystems

    Yuichi Nakamura, Yoshiki Sameshima, Toshihiro Yamauchi

    Journal of Information Processing   23 ( 5 )   664 - 672   2015.9

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2015 Information Processing Society of Japan. Security-Enhanced Linux (SELinux) is a useful countermeasure for resisting security threats to embedded systems, because of its effectiveness against zero-day attacks. Furthermore, it can generally mitigate attacks without the application of security patches. However, the combined resource requirements of the SELinux kernel, userland, and the security policy reduce the performance of resource-constrained embedded systems. SELinux requires tuning, and modified code should be provided to the open-source software (OSS) community to receive value from its ecosystem. In this paper, we propose an embedded SELinux with reduced resource requirements, using code modifications that are acceptable to the OSS community. Resource usage is reduced by employing three techniques. First, the Linux kernel is tuned to reduce CPU overhead and memory usage. Second, unnecessary code is removed from userland libraries and commands. Third, security policy size is reduced with a policy-writing tool. To facilitate acceptance by the OSS community, build flags can be used to bypass modified code, such that it will not affect existing features; moreover, side effects of the modified code are carefully measured. Embedded SELinux is evaluated using an evaluation board targeted for M2M gateway, and benchmark results show that its read/write overhead is almost negligible. SELinux's file space requirements are approximately 200 Kbytes, and memory usage is approximately 500 Kbytes; these account for approximately 1% of the evaluation board's respective flash ROM and RAM capacity . Moreover, the modifications did not result in any adverse side effects. The modified code was submitted to the OSS community along with the evaluation results, and was successfully merged into the community code.

    DOI: 10.2197/ipsjjip.23.664

    Scopus

    researchmap

  • Setting Method of Opportunity of Updating File Importance on FFU

    56 ( 6 )   1451 - 1462   2015.6

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Buffer cache is implemented to improve I/O performance with data in disks. As buffer cache management, there are many mechanisms based on access pattern of block. On the other hand, we proposed I/O buffer cache mechanism based on the frequency of file usage (FFU). Our previous proposed mechanism calculates file importance from the information of system-call of the file operation. Then, it controls two level buffer cache based on the file importance. In this paper, we propose a setting method of opportunity of updating file importance on FFU. The proposed method focuses on whether the file state is access intensive or not. This paper also describes a setting method of parameters of the proposed method based on access information of a target system. Finally, this paper reports the evaluation results of the proposed method by using typical access pattern data and real access patterns.

    CiNii Article

    CiNii Books

    researchmap

  • Access control to prevent malicious javascript code exploiting vulnerabilities of webview in android OS Reviewed

    Jing Yu, Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E98D ( 4 )   807 - 811   2015.4

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    Copyright © 2015 The Institute of Electronics, Information and Communication Engineers. Android applications that using WebView can load and display web pages. Interaction with web pages allows JavaScript code within the web pages to access resources on the Android device by using the Java object, which is registered into WebView. If this WebView feature were exploited by an attacker, JavaScript code could be used to launch attacks, such as stealing from or tampering personal information in the device. To address these threats, we propose an access control on the security-sensitive APIs at the Java object level. The proposed access control uses static analysis to identify these security-sensitive APIs, detects threats at runtime, and notifies the user if threats are detected, thereby preventing attacks from web pages.

    DOI: 10.1587/transinf.2014ICL0001

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet98d.html#YuY15

  • CSDA: Rule-based complex sensor data aggregation system for M2M gateway

    Yuichi Nakamura, Akira Moriguchi, Toshihiro Yamauchi

    2015 8th International Conference on Mobile Computing and Ubiquitous Networking, ICMU 2015   108 - 113   2015.3

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    © 2015 IPSJ. To reduce the server load and communication cost of machine-to-machine (M2M) systems, sensor data are aggregated in M2M gateways. The C language is typically used for programming the aggregation logic, and the program is embedded into the firmware. However, developing aggregation programs is difficult for M2M service providers because it requires gateway-specific knowledge, and consideration must be given to CPU and memory resources. In addition, modifying aggregation logic requires firmware updates, which are risky. We propose a rule-based sensor data aggregation system, called the complex sensor data aggregator (CSDA) for M2M gateways. Data aggregation is categorized into filtering, statistical calculation, and concatenation. The proposed CSDA supports this aggregation process in three steps: the input, data processing, and output steps. The behaviors of these steps are configured by an XML based rule. The CSDA also supports update modules, which download and overwrite aggregation rules from the server when the modification of data aggregation logic is required. In this case, firmware updates are not necessary. The proposed system is evaluated in an M2M gateway experimental environment. Results show that developing CSDA configurations is much easier than using C because the configuration amount decreases by 10%. In addition, the performance evaluation demonstrates the proposed system's ability to operate on M2M gateways. CPU usage was less than 10%, even with a heavy load, and memory consumption was 128 Kbytes.

    DOI: 10.1109/ICMU.2015.7061051

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/icmu/icmu2015.html#NakamuraMY15

  • Malware detection method focusing on anti-debugging functions

    Kota Yoshizaki, Toshihiro Yamauchi

    Proceedings - 2014 2nd International Symposium on Computing and Networking, CANDAR 2014   563 - 566   2015.2

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2014 IEEE. Malware has received much attention in recent years. Antivirus software is widely used as a countermeasure against malware. However, some kinds of malware can evade detection by antivirus software, hence, a new detection method is required. In this paper, we propose a malware detection method that focuses on Anti-Debugging functions. An Anti-Debugging function is a method that prevents malware analysts from analyzing an application program (AP). The function can form part of benign as well as malicious APs. Our method focuses on a behavioral difference between benign and malicious APs and detects malware by comparing the two behavioral patterns. Evaluation results with malware confirmed our method to be capable of successfully detecting malware.

    DOI: 10.1109/CANDAR.2014.36

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2014.html#YoshizakiY14

  • Design of a Function for Tracing the Diffusion of Classified Information for File Operations with a KVM

    Shota Fujii, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of the 2015 International Symposium on Advances in Computing, Communications, Security, and Applications (ACSA 2015)   77   2015

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    researchmap

  • Secure and fast log transfer mechanism for virtual machine Reviewed

    Masaya Sato, Toshihiro Yamauchi

    Journal of Information Processing   22 ( 4 )   597 - 608   2014.10

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2014 Information Processing Society of Japan. Ensuring the integrity of logs is essential to reliably detect and counteract attacks because adversaries tamper with logs to hide their activities on a computer. Even though some studies proposed various protections of log files, adversaries can tamper with logs in kernel space with kernel-level malicious software (malware) because file access and inter-process communication are provided by an OS kernel. Virtual machine introspection (VMI) can collect logs from virtual machines (VMs) without interposition of a kernel. It is difficult for malware to hinder that log collection, because a VM and VM monitor (VMM) are strongly separated. However, complexity and unnecessary performance overhead arise because VMI is not specialized for log collection. This paper proposes a secure and fast log transfer method using library replacement for VMs. In the proposed method, a process on a VM requests a log transfer to a VMM using the modified library, which contains a trigger for a log transfer. The VMM collects logs from the VM and isolate them to another VM. The proposed method provides VM-level log isolation and security for the mechanism itself with low performance overhead.

    DOI: 10.2197/ipsjjip.22.597

    Scopus

    researchmap

  • Proposal of Kernel Rootkits Detection Method by Comparing Kernel Stack Reviewed

    55 ( 9 )   2047 - 2060   2014.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    CiNii Article

    CiNii Books

    researchmap

  • Implementation of Multi-core Tender with Mutual Exclusion Localization Based on Mechanism of Resource Independence

    7 ( 3 )   25 - 36   2014.8

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    CiNii Article

    CiNii Books

    researchmap

  • Complicating process identification by replacing process information for attack avoidance Reviewed

    Masaya Sato, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   8639 LNCS   33 - 47   2014.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer Verlag  

    Security-critical software is open to attacks by adversaries that disable its functionality. To decrease the risk, we propose an attack avoidance method for complicating process identification. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems and application programs are unnecessary. © 2014 Springer International Publishing.

    DOI: 10.1007/978-3-319-09843-2_3

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2014.html#SatoY14

  • A new OS structure for simplifying understanding of operating system behavior

    Toshihiro Yamauchi, Akira Kinoshita, Taisuke Kawahara, Hideo Taniguchi

    Information (Japan)   17 ( 5 )   1945 - 1950   2014.5

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (scientific journal)  

    It is difficult to understand the processing flow of complicated software such as operating systems (OSs). Thus, a mechanism that can collect and analyze behavioral information in order to comprehend the behavior of OS is necessary. Although several collection mechanisms have been developed, their OS structures were not designed to collect OS behavior. In this paper, we describe an OS structure that simplifies comprehension of OS behavior and the implementation of it on Tender OS. We also describe a mechanism for the visualization of OS behavior. Finally, we investigate the cost of introducing our proposed comprehension mechanism and the overhead and efficiency of the proposed mechanism. © 2014 International Information Institute.

    Scopus

    researchmap

  • Implementation and Evaluation of Software Control Method for TLB on Microkernel OS

    TSURUYA Masahiro, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems (Japanese edition)   97 ( 1 )   216 - 225   2014.1

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • DroidTrack: Tracking and Visualizing Information Diffusion for Preventing Information Leakage on Android.

    Shunya Sakamoto, Kenji Okuda, Ryo Nakatsuka, Toshihiro Yamauchi

    Journal of Internet Services and Information Security   4 ( 2 )   55 - 69   2014

     More details

    Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.22667/JISIS.2014.05.31.055

    researchmap

  • KRGuard: Kernel Rootkits Detection Method by Monitoring Branches Using Hardware Features

    Yohei Akao, Toshihiro Yamauchi

    2016 INTERNATIONAL CONFERENCE ON INFORMATION SCIENCE AND SECURITY (ICISS)   22 - 26   2014

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    Attacks on an operating system kernel using kernel rootkits pose a particularly serious threat. Detecting an attack is difficult when the operating system kernel is infected with a kernel rootkit. For this reason, handling an attack will be delayed causing an increase in the amount of damage done to a computer system. In this paper, we discuss KRGuard (Kernel Rootkits Guard), which is a new method to detect kernel rootkits that monitors branch records in the kernel space. Since many kernel rootkits make branches that differ from the usual branches in the kernel space, KRGuard can detect these differences by using hardware features of commodity processors. Our evaluation shows that KRGuard can detect kernel rootkits with small overhead.

    Web of Science

    researchmap

  • Implementation of the Localized Exclusive Control for Multi-core Tender

    Takahiro Yamamoto, Toshihiro Yamauchi, Hideo Taniguchi

    2013 ( 2013 )   14 - 23   2013.11

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Secure log transfer by replacing a library in a virtual machine Reviewed

    Masaya Sato, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   8231 LNCS   1 - 18   2013.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    Ensuring the integrity of logs is essential to reliably detect and counteract attacks, because adversaries tamper with logs to hide their activities on a computer. Even though some research studies proposed different ways to protect log files, adversaries can tamper with logs in kernel space with kernel-level malicious software (malware). In an environment where Virtual Machines (VM) are utilized, VM Introspection (VMI) is capable of collecting logs from VMs. However, VMI is not optimized for log protection and unnecessary overhead is incurred, because VMI does not specialize in log collection. To transfer logs out of a VM securely, we propose a secure log transfer method of replacing a library. In our proposed method, a process on a VM requests a log transfer by using the modified library, which contains a trigger for a log transfer. When a VM Monitor (VMM) detects the trigger, it collects logs from the VM and sends them to another VM. The proposed method provides VM-level log isolation and security for the mechanism itself. This paper describes design, implementation, and evaluation of the proposed method. © 2013 Springer-Verlag.

    DOI: 10.1007/978-3-642-41383-4_1

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2013.html#SatoY13

  • Access control to prevent attacks exploiting vulnerabilities of WebView in android OS Reviewed

    Jing Yu, Toshihiro Yamauchi

    Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013   1628 - 1633   2013.11

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    Android applications that using WebView can load and display web pages. Furthermore, by using the APIs provided in WebView, Android applications can interact with web pages. The interaction allows JavaScript code within the web pages to access resources on the Android device by using the Java object, which is registered into WebView. If this WebView feature were exploited by an attacker, JavaScript code could be used to launch attacks, such as stealing from or tampering personal information in the device. To address these threats, we propose a method that performs access control on the security-sensitive APIs at the Java object level. The proposed method uses static analysis to identify these security-sensitive APIs, detects threats at runtime, and notifies the user if threats are detected, thereby preventing attacks from web pages. © 2013 IEEE.

    DOI: 10.1109/HPCC.and.EUC.2013.229

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/hpcc/hpcc2013.html#YuY13

  • Implementation of a Method for Dynamic Control of Application Programs by Extending SEAndroid Reviewed

    Shinya Yagi, Toshihiro Yamauchi

    Journal of Information Processing   54 ( 9 )   2220 - 2231   2013.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    CiNii Article

    CiNii Books

    researchmap

  • RL-001 Kernel Level Rootkits Detection System by Comparing Kernel Stack Reviewed

    Ikegami Yuta, Yamauchi Toshihiro

    12 ( 4 )   1 - 6   2013.8

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper (conference, symposium, etc.)   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • Implementation of Distribution Method of OS processing for Hign Throughput

    Takeshi Sakoda, Toshihiro Yamauchi, Hideo Taniguchi

    2013 ( 2013 )   1663 - 1670   2013.7

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • A mechanism for achieving a bound on execution performance of process group to limit CPU abuse

    Toshihiro Yamauchi, Takayuki Hara, Hideo Taniguchi

    Journal of Supercomputing   65 ( 1 )   38 - 60   2013.7

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER  

    The secure OS has been the focus of several studies. However, CPU resources, which are important resources for executing a program, are not the object of access control in secure OS. For preventing the abuse of CPU resources, we had earlier proposed a new type of execution resource that controls the maximum CPU usage (Tabata et al. in Int. J. Smart Home 1(2):109-128, 2007). The previously proposed mechanism can control only one process at a time. Because most services involve multiple processes, the mechanism should control all the processes in each service. In this paper, we propose an improved mechanism that helps to achieve a bound on the execution performance of a process group in order to limit unnecessary processor usage. We report the results of an evaluation of our proposed mechanism. © 2011 Springer Science+Business Media, LLC.

    DOI: 10.1007/s11227-011-0707-0

    Web of Science

    Scopus

    researchmap

  • Proposal and Evaluation of Method to Set High Priority Directories for a Directory Oriented Buffer Cache Mechanism

    TSUCHIYA Akiyoshi, MATSUBARA Takahiro, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems (Japanese edetion)   96 ( 3 )   506 - 518   2013.3

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • External Storage Mechanism for Preserving File Access Log with Virtualization Technology

    54 ( 2 )   585 - 595   2013.2

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    Recently, it is more important to grasp and control the damage of attacks safely, so much research has been done to increase the security of the general-purpose OS by observing the behavior using virtualization technology. In this paper, we propose a mechanism to observe and logging the file access in guest OS from virtual machine monitor using the inter-domain communication by the filter driver. Our mechanism can be applied independently of the implementation of virtual machine monitor. By hooking file accesses in the guest OS, log messages are transferred and stored to the virtual machine monitor, so our approach is effective from the viewpoint of preservation of the log. We show the design and implementation of our mechanism for both Xen and KVM. Furthermore, we report the results of measuring the performance when accessing files as evaluation.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00090264/

  • Design and evaluation of a diffusion tracing function for classified information among multiple computers

    Nobuto Otsubo, Shinichiro Uemura, Toshihiro Yamauchi, Hideo Taniguchi

    Lecture Notes in Electrical Engineering   240 LNEE   235 - 242   2013

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    In recent years, the opportunity to deal with classified information in a computer has increased, so the cases of classified information leakage have also increased. We have developed a function called "diffusion tracing function for classified information" (tracing function), which has the ability to trace the diffusion of classified information in a computer and to manage which resources might contain classified information. The classified information exchanged among the processes in multiple computers should be traced. This paper proposes a method which traces the diffusion for classified information among multiple computers. Evaluation results show the effectiveness of the proposed methods. © 2013 Springer Science+Business Media Dordrecht(Outside the USA).

    DOI: 10.1007/978-94-007-6738-6_30

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/mue/mue2013.html#OtsuboUYT13

  • Evaluation of load balancing in multicore processor for AnT

    Takeshi Sakoda, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings - 16th International Conference on Network-Based Information Systems, NBiS 2013   360 - 365   2013

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    Operating systems (OSes) that is based on microkernel architecture have high adaptability and toughness. In addition, multicore processors have been developed along with the progress of LSI technology. By running a microkernel OS on a multicore processor and distributing the OS server to multiple cores, it is possible to realize load balancing of the OS processing. In this method, transaction processing, which requires a large amount of OS processing, can be provided effectively in a multicore environment. This paper presents evaluations of distributed OS processing performances for various scenarios for AnT operating system that is based on the microkernel architecture in a multicore environment. In these evaluations, we describe the differences in performance by distribution forms when referring the data in a block. Moreover, we use the PostMark and Bonnie benchmark tools to evaluate the effects of load balancing for the distribution forms. © 2013 IEEE.

    DOI: 10.1109/NBiS.2013.57

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nbis/nbis2013.html#SakodaYT13

  • DroidTrack: Tracking information diffusion and preventing information leakage on android

    Syunya Sakamoto, Kenji Okuda, Ryo Nakatsuka, Toshihiro Yamauchi

    Lecture Notes in Electrical Engineering   240 LNEE   243 - 251   2013

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    An app in Android can collaborate with other apps and control personal information by using the Intent or user's allowing of permission. However, users cannot detect when they communicate. Therefore, users might not be aware information leakage if app is malware. This paper proposes DroidTrack, a method for tracking the diffusion of personal information and preventing its leakage on an Android device. DroidTrack alerts the user of the possibility of information leakage when an app uses APIs to communicate with outside. These alerts are triggered only if the app has already called APIs to collect personal information. Users are given the option to refuse the execution of the API if it is not appropriate. Further, by illustrating how their personal data is diffused, users can have the necessary information to help them decide whether the API use is appropriate. © 2013 Springer Science+Business Media Dordrecht(Outside the USA).

    DOI: 10.1007/978-94-007-6738-6_31

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/mue/mue2013.html#SakamotoONY13

  • Implementation of Mechanism to Support Tracing Diffusion of Classified Information by Visualization and Filtering Function

    53 ( 9 )   2171 - 2181   2012.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    The number of incidents leaking of classified information has increased. To prevent leakage of information, it is important for users to understand the usage of classified information. To understand the usage of classified information, an method has implemented that monitors operations on the classified information and logs those operations. However, because an analysis of logs is necessary for understanding the usage of classified information, it is difficult to prevent leakage of classified information. We proposed the function to trace the classified information diffusion and detect a leakage of classified information. However, to understand the usage of classified information from the function by users, it is necessary to analyze the log in text format. Therefore, it takes long time to investigate the cause of the leakage of information. This paper proposes a function to visualize diffusion path of classified information. The function enables us to visualize the diffusion path of designated files that contain classified information. In addition, the function can visualize the diffusion paths focusing on the designated period of file operations. This paper also describes the implementation of the proposed function by extending the existing tracing function of classified information.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00083925/

  • VMM-based log-tampering and loss detection scheme Reviewed

    Masaya Sato, Toshihiro Yamauchi

    Journal of Internet Technology   13 ( 4 )   655 - 666   2012.7

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:NATL ILAN UNIV, JIT  

    Logging information about the activities that placed in a computer is essential for understanding its behavior. In Homeland Security, the reliability of the computers used in their activities is of paramount importance. However, attackers can delete logs to hide evidence of their activities. Additionally, various problems may result in logs being lost. These problems decrease the dependability of Homeland Security. To address these problems, we previously proposed a secure logging scheme using a virtual machine monitor (VMM). The scheme collects logs and isolates them from the monitored OS. However, the scheme cannot store them automatically. Thus, logs in memory are lost when the computer is shutdown. Further, if the logs are not stored, it is impossible to detect incidents of tampering by comparing the logs of the monitored OS with those of the logging OS. To address these additional problems, this paper proposes a log-storing module and a tamper detection scheme. The log-storing module automatically stores logs collected by the logging module, and tamper detection is realized by comparing these stored log files with those of the monitored OS. We implemented the log-storing module and realized the tamper detection scheme. Evaluations reveal the effectiveness of the tamper detection scheme.

    Web of Science

    Scopus

    researchmap

  • Implementation and Evaluation of a Method for CMP-Oriented Thread Scheduling Based on Continuation Model

    MORIYAMA Hideaki, YAMAUCHI Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    The IEICE transactions on information and systems (Japanese edetion)   95 ( 3 )   400 - 411   2012.3

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • SELinuxの不要なセキュリティポリシ削減の自動化手法の提案 Reviewed

    矢儀 真也,中村 雄一,山内 利宏

    情報処理学会論文誌 コンピューティングシステム(ACS)   5 ( 2 )   63 - 73   2012.3

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    researchmap

  • Logging System to Prevent Tampering and Loss with Virtual Machine Monitor

    53 ( 2 )   847 - 856   2012.2

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    Logging information is necessary in order to understand a computer's behavior. However, there is a possibility that attackers will delete logs to hide the evidence of their attacking and cheating. Moreover, various problems might cause the loss of logging information. To address these issues, we propose a system to prevent tampering and loss of logging information using a virtual machine monitor (VMM). In this system, logging information generated by the operating system (OS) and application program (AP) working on the target virtual machine (VM) is gathered by the VMM without any modification of the kernel source codes. The security of the logging information is ensured by its isolation from the VM. In addition, the isolation and multiple copying of logs can help in the detection of tampering.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00080698/

  • LSMPMON: Performance evaluation mechanism of LSM-based secure OS

    Toshihiro Yamauchi, Kenji Yamamoto

    International Journal of Security and its Applications   6 ( 2 )   81 - 90   2012

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (scientific journal)  

    Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSs can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSs for Linux have been developed. In these OSs, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON). This paper reports the evaluation results of three secure OSs on Linux 2.6.36 by LSMPMON. The results show the effect of introducing the secure OS.

    Scopus

    researchmap

  • Design of an OS Architecture that Simplifies Understanding of Operating System Behavior

    Toshihiro Yamauchi, Akira Kinoshita, Taisuke Kawahara, Hideo Taniguchi

    Proceedings of 2012 International Conference on Information Technology and Computer Science (ITCS 2012)   51 - 58   2012

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)  

    researchmap

  • Novel control method for preventing missed deadlines in periodic scheduling

    Yuuki Furukawa, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of the 2012 15th International Conference on Network-Based Information Systems, NBIS 2012   459 - 464   2012

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE Computer Society  

    Processing that is executed periodically must be completed before the next release time. If such processing is not completed before the next release time, the processing that had been scheduled is not executed. This is complicated by the fact that the execution time from release to the end of periodically executed processing is not constant, due to changing I/O processing time and the influence of timer interrupts. To solve this, we propose a system that records the execution time of the processing, judges whether the processing will be finished before the specified deadline, and can execute appropriate processing that can be completed within the remaining time. In this paper, we describe the design and evaluation of our system. © 2012 IEEE.

    DOI: 10.1109/NBiS.2012.79

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nbis/nbis2012.html#FurukawaYT12

  • Proposal of a Method to Automatically Reduce Redundant Security Policy of SELinux

    5 ( 2011 )   84 - 94   2011.11

     More details

  • Limiting Use of Tokens for Improvement of Bayesian Filter

    52 ( 9 )   2686 - 2696   2011.9

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Using the Bayesian filter is a popular approach to distinguish between spam and legitimate e-mails. Spam senders sometimes modify emails to bypass the Bayesian filter. The tokens included in the e-mail are investigated for improving the accuracy of classification of emails. The results show that tokens found at the first time sometimes degrade the accuracy of the classification. In this paper, we propose an anti-spam method that consider the difference of the property of tokens. The proposed method limits the use of tokens for improvement of Bayesian filter. The evaluations were performed by using some email sets. The results shows that the proposed method can decrease the false negative rate.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00077500/

  • Evaluation of Performance of Secure OS Using Performance Evaluation Mechanism of LSMPMON

    52 ( 9 )   2596 - 2601   2011.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    In some projects, secure OSes for Linux have been developed and different implementations have been adopted. However, there is no report on evaluation of performance of secure OS that after Linux 2.6.19 in detail, and the relationship between the kernel version and the performance is not clear. Therefore, we evaluate change of the performance at the version interval and overhead of three secure OSes (SELinux, TOMOYO Linux, LIDS), by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON) developed for Linux 2.6.30. This paper shows the performance of secure OSes on Linux 2.6.30.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00077491/

  • VMBLS: Virtual machine based logging scheme for prevention of tampering and loss Reviewed

    Masaya Sato, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   6908 LNCS   176 - 190   2011.8

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    Logging information is necessary in order to understand a computer's behavior. However, there is a possibility that attackers will delete logs to hide the evidence of their attacking and cheating. Moreover, various problems might cause the loss of logging information. In homeland security, the plans for counter terrorism are based on data. The reliability of the data is depends on that of data collector. Because the reliability of the data collector is ensured by logs, the protection of it is important problem. To address these issues, we propose a system to prevent tampering and loss of logging information using a virtual machine monitor (VMM). In this system, logging information generated by the operating system (OS) and application program (AP) working on the target virtual machine (VM) is gathered by the VMM without any modification of the OS. The security of the logging information is ensured by its isolation from the VM. In addition, the isolation and multiple copying of logs can help in the detection of tampering. © 2011 IFIP International Federation for Information Processing.

    DOI: 10.1007/978-3-642-23300-5_14

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/IEEEares/ares2011.html#SatoY11

  • Control method of multiple services for CMP based on continuation model

    Hideaki Moriyama, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings - 4th International Conference on Interaction Sciences: IT, Human and Digital Content, ICIS 2011   2011 ( 29 )   83 - 89   2011

     More details

    Language:Japanese   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    In a chip multiprocessor based on the continuation concept, the hardware scheduler controls threads and achieves high performance on thread scheduling. However, the priority of threads is not considered during execution because the hardware thread scheduler schedules threads in a FIFO manner. Therefore, when multiple services execute simultaneously, the execution of each service cannot consider the priority of service. In such a case, software support is needed to control the execution of each service. This paper presents a software scheduler for multiple services that supports the hardware scheduler. In addition, this paper also reports the evaluation of the software scheduler, which targets multiple services. © 2011 AICIT.

    Scopus

    CiNii Article

    CiNii Books

    researchmap

    Other Link: https://dblp.uni-trier.de/rec/conf/interaction/2011

  • Implementation and Evaluation for Sophisticated Periodic Execution Control in Embedded Systems

    Yuuki Furukawa, Toshihiro Yamauchi, Hideo Taniguchi

    International Journal of Control and Automation   4 ( 2 )   59 - 78   2011

     More details

    Language:English   Publishing type:Research paper (scientific journal)  

    researchmap

  • Evaluation of performance of secure OS using performance evaluation mechanism of LSM-based LSMPMON Reviewed

    Kenji Yamamoto, Toshihiro Yamauchi

    Communications in Computer and Information Science   122 CCIS   57 - 67   2010.12

     More details

    Authorship:Last author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSes can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSes for Linux have been developed. In these OSes, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS, and a characteristic by the difference of the implementation method by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON); the LSMPMON can be used to evaluate three different secure OSes. © 2010 Springer-Verlag.

    DOI: 10.1007/978-3-642-17610-4_7

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/fgit/sectech2010.html#YamamotoY10

  • Implementation and Evaluation of Zero-Copy Communication Processing on Physical Memory Exchange Mechanism

    KADO Naofumi, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems   93 ( 11 )   2380 - 2389   2010.11

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Converting Linux LKM Device Driver into Concrete Process in AnT Operating System

    SHIMAZAKI Yutaka, YAMAUCHI Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    The IEICE transactions on information and systems   93 ( 10 )   1990 - 2000   2010.10

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Proposal of I/O Buffer Cache Mechanism Based on the Frequency of System Call of the File Operation

    3 ( 1 )   50 - 60   2010.3

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    Buffer cache is implemented to improve I/O performance with data in disks. As buffer cache management, there are many mechanisms, but still many operating systems deploy LRU (Least Recently Used) algorithm. On the other hand, to reflect process contents of application programs to buffer cache, management scheme based on the system calls which application programs requested is better. Then, we propose I/O buffer cache mechanism based on the frequency of system call of the file operation. Our proposed mechanism calculates file importance from information of file operation. In addition in buffer cache blocks are replaced based on this file importance. In this paper, we describe our mechanism improves I/O performance by evaluation of application programs.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00068428/

  • A mechanism that bounds execution performance for process group for mitigating CPU abuse

    Toshihiro Yamauchi, Takayuki Hara, Hideo Taniguchi

    Communications in Computer and Information Science   122 CCIS   84 - 93   2010

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    Secure OS has been the focus of several studies. However, CPU resources, which are important resources for executing a program, are not the object of access control. For preventing the abuse of CPU resources, we had earlier proposed a new type of execution resource that controls the maximum CPU usage [5,6] The previously proposed mechanism can control only one process at a time. Because most services involve multiple processes, the mechanism should control all the processes in each service. In this paper, we propose an improved mechanism that helps to achieve a bound on the execution performance of a process group, in order to limit unnecessary processor usage. We report the results of an evaluation of our proposed mechanism. © 2010 Springer-Verlag.

    DOI: 10.1007/978-3-642-17610-4_10

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/fgit/sectech2010.html#YamauchiHT10

  • SELinux security policy configuration system with higher level language

    Yuichi Nakamura, Yoshiki Sameshima, Toshihiro Yamauchi

    Journal of Information Processing   18   201 - 212   2010

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2010 Information Processing Society of Japan. Creating security policy for SELinux is difficult because access rules often exceed 10,000 and elements in rules such as permissions and types are understandable only for SELinux experts. The most popular way to facilitate creating security policy is refpolicy which is composed of macros and sample configurations. However, describing and verifying refpolicy based configurations is difficult because complexities of configuration elements still exist, using macros requires expertise and there are more than 100,000 configuration lines. The memory footprint of refpolicy which is around 5MB by default, is also a problem for resource constrained devices. We propose a system called SEEdit which facilitates creating security policy by a higher level language called SPDL and SPDL tools. SPDL reduces the number of permissions by integrated permissions and removes type configurations. SPDL tools generate security policy configurations from access logs and tool user’s knowledge about applications. Experimental results on an embedded system and a PC system show that practical security policies are created by SEEdit, i.e., describing configurations is semi-automated, created security policies are composed of less than 500 lines of configurations, 100 configuration elements, and the memory footprint in the embedded system is less than 500 KB.

    DOI: 10.2197/ipsjjip.18.201

    Scopus

    researchmap

  • ISIPC: Instant synchronous interprocess communication

    Toshihiro Yamauchi, Kazuhiro Fukutomi, Hideo Taniguchi

    Journal of Next Generation Information Technology   1 ( 3 )   75 - 83   2010

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (scientific journal)  

    Interprocess communication (IPC) is often used to exchange data between cooperative processes, and the performance of IPC largely determines the processing time of application programs. Moreover, it is used for most of the kernel calls in a microkernel-based operating system (OS). Therefore, the performance of IPC affects the performance of the OS. In addition, the completion of the message-passing mechanism has to be indicated by executing a receive operation in order to maintain synchronization. Thus, two operations are required in this mechanism to complete the communication. On the other hand, no receive operation is required to indicate the completion of the communication in the case of asynchronous communication; however, in this case, no proof of the data being received is provided to the sender process. In this paper, we propose an instant synchronous interprocess communication (ISIPC) mechanism that can achieve both instantaneous communication and data synchronization. ISIPC has two functions: push function and sack function. We describe the design of the ISIPC mechanism and also its implementation on the Tender operating system. In addition, we present the evaluation results for the ISIPC mechanism.

    DOI: 10.4156/jnit.vol1.issue3.9

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/jnit/jnit1.html#YamauchiFT10

  • Proposal for sophisticated periodic execution control in embedded systems

    Yuuki Furukawa, Toshihiro Yamauchi, Hideo Taniguchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   6485 LNCS   549 - 563   2010

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    In embedded systems, the types of processings to be executed are limited, and many processes are executed periodically. In such systems, we need to reduce the overhead of periodic execution control and the dispersion of the processing time. ART-Linux has been proposed as a conventional real-time operating system that can be used for this purpose in various devices such as robots. In this paper, we discuss the periodic execution control of ART-Linux and clarify several problems. Next, we propose a design for sophisticated periodic execution control in order to solve these problems. Finally, we discuss the realization of periodic execution control, the effect of this control, and the result of the evaluation. © 2010 Springer-Verlag Berlin Heidelberg.

    DOI: 10.1007/978-3-642-17569-5_54

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/fgit/fgit2010.html#FurukawaYT10

  • Proposal of I/O Buffer Cache Mechanism Based on the Frequency of System Call of the File Operation

    片上達也, 田端利宏, 谷口秀夫

    情報処理学会論文誌トランザクション(CD-ROM)   2009 ( 2 )   2010

  • Evaluation of Dynamic OS Server Replacement Mechanism fo AnT

    2009 ( 9 )   261 - 266   2009.9

     More details

  • Tracing Classified Information Diffusion for Protecting Information Leakage

    Toshihiro Tabata, Satoshi Hakomori, Kei Ohashi, Shinichiro Uemura, Kazutoshi Yokoyama, Hideo Taniguchi

    50 ( 9 )   2088 - 2102   2009.9

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    In personal computer environment, it is important to protect the information leakage. In this paper, a mechanism of protecting information leakage is proposed. This mechanism has two functions. One function is the function of tracing classified information. The other function is the function of controlling the write function. The tracing function is deployed by hook the call of file operations, interprocess communication, and process creation. This paper describes a method that improve the accuracy of tracing classified information and reduce the labor of configuration. This paper shows the proposed mechanism can trace all files and improve the the accuracy of tracing classified information by using the user judgement.

    CiNii Article

    CiNii Books

    researchmap

  • Tracing Classified Information Diffusion for Protecting Information Leakage

    田端利宏, 箱守聰, 大橋慶, 植村晋一郎, 横山和俊, 谷口秀夫

    情報処理学会論文誌ジャーナル(CD-ROM)   50 ( 9 )   2088 - 2102   2009.9

     More details

  • Design and Implementation of Performance Evaluation Function of Secure OS Based on LSM

    MATSUDA Naoto, SATO Kazuya, TABATA Toshihiro, MUNETOH Seiji

    The IEICE transactions on information and systems   92 ( 7 )   963 - 974   2009.7

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Implementation and Evaluation of Heterogeneous Virtual Storage (HVS) on Tender Operating System

    TABATA Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems   92 ( 1 )   12 - 24   2009.1

     More details

    Authorship:Lead author   Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • ファイル操作のシステムコール発行頻度に基づくバッファキャッシュ制御法の提案

    Tatsuya Katakami, Toshihiro Tabata, Hideo Taniguchi

    2009 ( 13 )   111 - 118   2009

     More details

    Language:Japanese  

    J-GLOBAL

    researchmap

  • SEEdit: SELinux security policy configuration system with higher level language

    Yuichi Nakamura, Yoshiki Sameshima, Toshihiro Tabata

    Proceedings of the 23rd Large Installation System Administration Conference, LISA 2009   107 - 117   2009

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:USENIX Association  

    © LISA 2009. Security policy for SELinux is usually created by customizing a sample policy called refpolicy. However, describing and verifying security policy configurations is difficult because in refpolicy, there are more than 100,000 lines of configurations, thousands of elements such as permissions, macros and labels. The memory footprint of refpolicy which is around 5MB, is also a problem for resource constrained devices. We propose a security policy configuration system SEEdit which facilitates creating security policy by a higher level language called SPDL and SPDL tools. SPDL reduces the number of permissions by integrated permissions and removes label configurations. SPDL tools generate security policy configurations from access logs and tool user's knowledge about applications. Experimental results on an embedded system and a PC system show that practical security policies are created by SEEdit, i.e., describing configurations is semiautomated, created security policies are composed of less than 500 lines of configurations, 100 configuration elements, and the memory footprint in the embedded system is less than 500KB.

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/conf/lisa/2009

  • Dynamic OS Server Replacement Scheme for AnT

    藤原康行, 岡本幸大, 田端利宏, 乃村能成, 谷口秀夫

    情報処理学会シンポジウム論文集   2008 ( 14 )   201 - 206   2008.12

     More details

  • Realization and Evaluation of High Speed Fork & Exec System-Call by Recycling Resource on Tender

    SAEKI Kenji, TABATA Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems   91 ( 12 )   2892 - 2903   2008.12

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Bayesian-filter-based Image Spam Filtering Method

    49 ( 9 )   3093 - 3103   2008.9

     More details

    Language:Japanese  

    In recent years, with the spread of the Internet, the increase in the number of spam has become one of the most serious problems. A recent report reveals that 91% of all e-mail exchanged in 2006 was spam. Using the Bayesian filter is a popular approach to distinguish between spam and legitimate e-mails. It applies the Bayes theory to identify spam. This filter proffers high filtering precision and is capable of detecting spam as per personal preferences. However, the number of image spam, which contains the spam message as an image, has been increasing rapidly. The Bayesian filter is not capable of distinguishing between image spam and legitimate e-mails since it learns from and examines only text data. Therefore, in this study, we propose an anti-image spam technique that uses image information such as file size. This technique can be easily implemented on the existing Bayesian filter. In addition, we report the results of the evaluations of this technique.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00009442/

  • Implementation and Evaluation of a Directory Oriented Buffer Cache Mechanism

    TABATA Toshihiro, KOTOGE Miyuki, NOMURA Yoshinari, TANIGUCHI Hideo

    The IEICE transactions on information and systems   91 ( 2 )   435 - 448   2008.2

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design and evaluation of a Bayesian-filter-based image spam filtering method

    Masahiro Uemura, Toshihiro Tabata

    Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008   49 ( 9 )   46 - 51   2008

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    In recent years, with the spread of the Internet, the number of spam e-mail has become one of the most serious problems. A recent report reveals that 91% of all e-mail exchanged in 2006 was spam. Using the Bayesian filter is a popular approach to distinguish between spam and legitimate e-mails. It applies the Bayes theory to identify spam. This filter proffers high filtering precision and is capable of detecting spam as per personal preferences. However, the number of image spam, which contains the spam message as an image, has been increasing rapidly. The Bayesian filter is not capable of distinguishing between image spam and legitimate e-mails since it learns from and examines only text data. Therefore, in this study, we propose an anti-image spam technique that uses image information such as file size. This technique can be easily implemented on the existing Bayesian filter. In addition, we report the results of the evaluations of this technique. © 2008 IEEE.

    DOI: 10.1109/ISA.2008.84

    Web of Science

    Scopus

    J-GLOBAL

    researchmap

  • 機密情報の拡散追跡機能を利用した書き出し制御手法

    植村 晋一郎, 田端 利宏, 谷口 秀夫, 横山 和俊, 箱守 聰

    マルチメディア,分散,協調とモバイル(DICOMO2008)シンポジウム論文集   768 - 775   2008

     More details

  • Proposal of instant synchronous interprocess communication

    Toshihiro Tabata, Kazuhiro Fukutomi, Hideo Taniguchi

    Proceedings - 3rd International Conference on Convergence and Hybrid Information Technology, ICCIT 2008   2   146 - 149   2008

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    Interprocess communication (IPC) is often applied to cooperative processes and IPC performance largely determine the processing time. Here, we propose an instant synchronous IPC mechanism for preferential processing of high-priority data. In addition, we present that the results of an evaluation using an application program by using an imprecise computational model. © 2008 IEEE.

    DOI: 10.1109/ICCIT.2008.106

    Web of Science

    Scopus

    researchmap

  • I/O buffer cache mechanism based on the frequency of file usage

    Tatsuya Katakami, Toshihiro Tabata, Hideo Taniguchi

    Proceedings - 3rd International Conference on Convergence and Hybrid Information Technology, ICCIT 2008   2   76 - 82   2008

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    Most operating systems manage buffer caches for buffering I/O blocks, because I/O processing is slower than CPU processing. Application programs request I/O processing from files. In order to improve the performance of I/O processing, a buffer cache should be managed with regard to both blocks and files. This paper proposes an I/O buffer cache mechanism based on the frequency of file usage. This mechanism calculates the importance of each file. Then, blocks of important files are stored in a protected space. The blocks stored in the protected space are given priority for caching. We evaluated the proposed mechanism by kernel make processing. The results show that the proposed mechanism improves the processing time by 18 s (5.7%) as compared to the LRU algorithm. © 2008 IEEE.

    DOI: 10.1109/ICCIT.2008.107

    Web of Science

    Scopus

    researchmap

  • An Improved Recyclable Resource Management Method for Fast Process Creation and Reduced Memory Consumption

    Toshihiro Tabata, Hideo Taniguchi

    International Journal of Hybrid Information Technology (IJHIT)   1 ( 1 )   31 - 44   2008

     More details

  • Integrated access permission: Secure and simple policy description by integration of file access vector permission

    Takuto Yamaguchi, Toshihiro Tabata, Yuichi Nakamura

    Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008   40 - 45   2008

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    In pervasive computing, embedded systems have a possibility to be attacked by crackers, including 0-day attack, as well as enterprise systems. In particular, in a case where a cracker gets a root privilege, damages are significant. To resolve this problem, Security-Enhanced Linux (SELinux) is useful. However, SELinux has a problem that is significant complexity for configuration because of too fine-grained access control. As a method for resolving this problem, SELinux Policy Editor (SEEdit) has been developed; this is a tool that simplifies the SELinux configuration. SEEdit uses the Simplified Policy Description Language (SPDL) as a policy description language. In the SPDL, we define new access permissions that integrate Access Vector Permissions (AVPs) employed in SELinux to provide access permissions in a security policy. Thus, we propose a set of access permissions named Integrated Access Permissions (IAPs), which enables the achievement of a good balance between reducing the workload of the configurations and guaranteeing security in SELinux. In addition, we evaluate our IAPs and show them almost secure. © 2008 IEEE.

    DOI: 10.1109/ISA.2008.21

    Web of Science

    Scopus

    researchmap

  • Mechanism of regulating execution performance for process group by execution resource on tender operating system

    Toshihiro Tabata, Yoshinari Nomura, Hideo Taniguchi

    Systems and Computers in Japan   38 ( 14 )   63 - 78   2007.12

     More details

    Language:English   Publishing type:Research paper (scientific journal)  

    With increases in the performance of computers, it has become possible to provide a large number of services on a single computer. However, since the required execution performance can vary from service to service, it is necessary to guarantee execution performance for each service individually. In addition, it is common for a single service to be composed of multiple processes. Consequently, the ability to regulate execution performance for units consisting of multiple processes is desirable. Therefore, in this paper we propose a mechanism for regulating the execution performance of process groups using execution resources that encapsulate the assignable processor units designed for the Tender operating system. Specifically, executions are managed in a tree-structure and we then regulate execution performance by associating processes with these executions. In addition, we show via an implementation and evaluations that the proposed method is able to regulate the execution performance of process groups well and present an evaluation that makes use of a Web server. © 2007 Wiley Periodicals, Inc.

    DOI: 10.1002/scj.20403

    Scopus

    J-GLOBAL

    researchmap

  • Write Control Method by Using Diffusion Tracing Function of Classified Information

    大橋慶, 箱守聰, 箱守聰, 田端利宏, 横山和俊, 谷口秀夫

    情報処理学会シンポジウムシリーズ(CD-ROM)   2007 ( 1 )   690 - 697   2007

  • An intrusion detection system which can restore altered data

    Fumiaki Nagano, Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    Fourth International Conference on Information Technology and Applications, ICITA 2007   29 - 34   2007

     More details

    Publishing type:Research paper (international conference proceedings)  

    We propose an intrusion detection system. Our system can detect the alteration of data in memory and also can restore altered data. This type of intrusion detection system has been proposed variously so far. But many of them can detect only a part of attacks. And as far as we know, few of them can restore altered data. Our system can detect attacks which can not be detected by existing systems and also can restore altered data. Our system protects data in the kernel area using hash functions. The overhead of accessing the kernel area and using a hash function is high. But our system reduces the frequency of accessing the kernel area and using a hash function in safety.

    Scopus

    J-GLOBAL

    researchmap

  • Controlling CPU usage for processes with execution resource for mitigating CPU DoS attack

    Toshihiro Tabata, Satoshi Hakomori, Kazutoshi Yokoyama, Hideo Taniguchi

    Proceedings - 2007 International Conference on Multimedia and Ubiquitous Engineering, MUE 2007   141 - 146   2007

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    In a ubiquitous environment, the hardware resources are limited; thus, an appropriate resource management mechanism is required for guaranteeing its processing activity. However, most operating systems (OSs) lack an access control mechanism for CPU resources to guarantee satisfactory processing and to safeguard the system from malicious attacks that affect the CPU resources, resulting in denial of service (DoS). Access control is not intended for general OSs and CPU resources, which are important for the execution of a program. As a result, OSs cannot control the usage ratio of CPU resources. In this paper, we propose an access control model for CPU resources based on an execution resource. The proposed model can control the usage ratio of CPU resources appropriately for each program domain. This execution resource can be applied to mitigate DoS attacks. © 2007 IEEE.

    DOI: 10.1109/MUE.2007.111

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/mue/mue2007.html#TabataHYT07

  • A CPU usage control mechanism for processes with execution resource for mitigating CPU DoS attack

    Toshihiro Tabata, Satoshi Hakomori, Kazutoshi Yokoyama, Hideo Taniguchi

    International Journal of Smart Home   1 ( 2 )   109 - 128   2007

     More details

    Publishing type:Research paper (scientific journal)  

    In a ubiquitous environment, the hardware resources are limited; thus, an appropriate resource management mechanism is required for guaranteeing its processing activity. However, most operating systems (OSs) lack an access control mechanism for CPU resources to guarantee satisfactory processing and to safeguard the system from malicious attacks that affect the CPU resources, resulting in denial of service (DoS). Access control is not intended for CPU resources, which are important for the execution of a program. As a result, OSs cannot control the usage ratio of CPU resources. In this paper, we propose an access control model for CPU resources based on an execution resource. The proposed model can control the usage ratio of CPU resources appropriately for each user and each program domain. This execution resource can be applied to mitigate DoS attacks. In order to evaluate the effectiveness of the proposed method, we describe the results of a basic performance experiment and a DoS simulation experiment employing the Apache web server. From the results, we show that the proposed method can mitigate DoS attacks and does not have bad effects upon the performance of a target service.

    Scopus

    researchmap

  • A recyclable resource management method for fast process creation and reduced memory consumption

    Toshihiro Tabata, Hideo Taniguchi

    Proceedings The 2007 International Conference on Intelligent Pervasive Computing, IPC 2007   194 - 199   2007

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    The costs involved in process creation and termination make this procedure expensive. This procedure expensive, thus degrading the performance of program execution. To solve this problem, a fast process creation and termination mechanism is proposed. This mechanism is implemented by recycling process resources. In order to improve the efficiency of recycling, the management of preserved process resources for recycling is an important factor. In this paper, we propose an improved resource management method for recycling process resources and an adaptive control mechanism. In the method, only one process resource with a program image is preserved for each program that occurs with high frequency of program execution. The proposed method can reduce the amount of memory consumption for preserved process resources in a concurrent execution environment. We also describe the implementation of the proposed method on the Tender operating system and report the results of our experiments. © 2007 IEEE.

    DOI: 10.1109/IPC.2007.83

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ipc/ipc2007.html#TabataT07

  • Evaluation for guarantee of service processing by regulating program execution resource

    箱守聰, 箱守聰, 田端利宏, 横山和俊, 谷口秀夫

    情報処理学会シンポジウム論文集   2007 ( 14 )   183 - 190   2007

  • Directory Oriented Buffer Cache Mechanism

    田端利宏, 小峠みゆき, 齊藤圭, 乃村能成, 谷口秀夫

    情報処理学会シンポジウム論文集   2006 ( 14 )   2006

  • Usage Control Model and Architecture for Data Confidentiality in a Database Service Provider

    SYALIM Amril, TABATA Toshihiro, SAKURAI Kouichi

    情報処理学会論文誌   47 ( 2 )   2006

  • An intrusion detection system using alteration of data

    Fumiaki Nagano, Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    Proceedings - International Conference on Advanced Information Networking and Applications, AINA   1   243 - 248   2006

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    Attacks against data in memory are one of the most serious threats these days. Although many detection systems have been proposed so far, most of them can detect only part of alteration. Some detection systems use canaries to detect alteration. However, if an execution code has bugs that enable attackers to read data in memory, the system could be bypassed by attackers who can guess canaries. To overcome the problems, we propose a system using alteration of data. Our proposed system detects illegal alteration with verifier for vulnerable data. Verifier is made before vulnerable data could be altered by attackers, and verifier is checked when the program uses the vulnerable data. Part of Verifier is stored in kernel area to prevent attackers from reading data in user memory. Our approach can detect illegal alteration of arbitrary data in user memory. Our proposed system, moreover, does not have the problem systems using canaries have. © 2006 IEEE.

    DOI: 10.1109/AINA.2006.94

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/aina/aina2006.html#NaganoTST06

  • Active Modification Method of Program Control Flow for Efficient Anomaly Detection

    Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    GESTS International Transactions on Computer Science and Engineering   2006

     More details

  • Proposal of File Access Permission which has both Security and Simplified Configuration

    Takuto Yamaguchi, Yuichi Nakamura, Toshihiro TABATA

    PreProceedings of the 7th International Workshop on Information Security Applications (WISA2006)   2006

     More details

  • Actively modifying control flow of program for efficient anormaly detection

    Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   4252 LNAI - II   737 - 744   2006

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer's attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives. © Springer-Verlag Berlin Heidelberg 2006.

    DOI: 10.1007/11893004_94

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/kes/kes2006-2.html#TataraTS06

  • Proposal and Evaluation for Improvement of Corpus Separation in Bayesian Spam Filtering on Multi-lingual Environment

    IWANAGA MANABU, TABATA TOSHIHIRO, SAKURAI KOUICHI

    IPSJ journal   46 ( 8 )   1959 - 1966   2005.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Statistical filtering using Bayes theory, called Bayesian filtering, is studied for years, and after Graham published an essay "A plan for spam", many implementations of Bayesian filtering have developed. In multi-lingual email environment, which more than one language is used in incoming email, corpus for statistical filtering is usually separated into ones specified to each language. In this paper, we propose a new method in which a corpus is chosen for each token, and then we show the efficiency of our proposed method by experiments in comparison to traditional methods.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010556/

  • A Software Fingerprinting Scheme for Java Using Class Structure Transformation

    FUKUSHIMA KAZUHIDE, TABATA TOSHIHIRO, TANAKA TOSHIAKI, SAKURAI KOUICHI

    IPSJ journal   46 ( 8 )   2042 - 2052   2005.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Embedding personal identifiers as watermarks to software is effective in order to protect copyright of them. Monden et al. proposed program watermarking scheme for embedding arbiter character sequence to target Java class files. But their scheme can be used to embed only the same watermarking to all the programs. Thus, if we apply their scheme to embed users' personal identifiers, the watermark can be specified by comparing two or more users' program. This paper improve the problem by using a class structure transformation.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010564/

  • The Design and Evaluation of Anomaly Detection System Based on System Call

    TATARA KOHEI, TABATA TOSHIHIRO, SAKURAI KOUICHI

    IPSJ journal   46 ( 8 )   1967 - 1975   2005.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    In order to prevent attacks exploiting buffer overflow vulnerabilities, there are many researches of checking programs for abnormal behaviors based on history of system calls emitted by them. In this paper, the authors take into account control flow of the programs, and prove an efficiency of a method for modeling history of system calls in a Bayesian Network. We also consider a method for appropriate anomaly detection without false positives.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010557/

  • On the Security of Integration of SELinux Access Permissions

    TABATA TOSHIHIRO, SUEYASU KATSUYA, SAKURAI KOUICHI

    IPSJ journal   46 ( 4 )   1070 - 1073   2005.4

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    SELinux Policy Editor is a configuration tool for SELinux. As a part of its support of configuration, this tool simplifies the configuration of SELinux by integrating configuration items. However, the integration of configuration items may harm the fine-grained access control of SELinux. In this paper, we examine the effects of the simplification on access control policy and report the evaluation of the security about Apache web server.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010661/

  • A probabilistic method for detecting anomalous program behavior

    Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    Lecture Notes in Computer Science   3325   87 - 98   2005

     More details

    Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    In this paper, we, as well as Eskin, Lee, Stolfo propose a method of prediction model. In their method, the program was characterized with both the order and the kind of system calls. We focus on a non-sequential feature of system calls given from a program. We apply a Bayesian network to predicting the N-th system call from the sequence of system calls of the length N - 1. In addition, we show that a correlation between several kinds of system calls can be expressed by using our method, and can characterize a program behavior. © Springer-Verlag Berlin Heidelberg 2004.

    DOI: 10.1007/978-3-540-31815-6_8

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/wisa/wisa2004.html#TataraTS04

  • An Abuse Prevention Technique of CPU Time by Using Execution Resource

    Toshihiro TABATA, Satoshi Hakomori, Hideo Taniguchi

    PreProc. of the 6th International Workshop on Information Security Applications (WISA2005)   2005

     More details

  • Program obfuscation scheme using random numbers to complicate control flow

    Tatsuya Toyofuku, Toshihiro Tabata, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   3823 LNCS   916 - 925   2005

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    For the security technology that has been achieved with software in the computer system and the protection of the intellectual property right of software, software protection technology is necessary. One of those techniques is called obfuscation, which converts program to make analysis difficult while preserving its function. In this paper, we examine the applicability of our program obfuscation scheme to complicate control flow and study the tolerance against program analysis. © IFIP International Federation for Information Processing 2005.

    DOI: 10.1007/11596042_94

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/euc/eucw2005.html#ToyofukuTS05

  • Some fitting of naive Bayesian spam filtering for Japanese environment

    Manabu Iwanaga, Toshihiro Tabata, Kouichi Sakurai

    Lecture Notes in Computer Science   3325   135 - 143   2005

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    Bayesian filtering is one of the most famous anti-spam measures. However, there is no standard implementation for treatment of Japanese emails by Bayesian filtering. In this paper, we compare several conceivable ways to treat Japanese emails about tokenizing and corpus separation. In addition, we give experimental results and some knowledge obtained by the experiments. © Springer-Verlag Berlin Heidelberg 2004.

    DOI: 10.1007/978-3-540-31815-6_12

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/wisa/wisa2004.html#IwanagaTS04

  • Usage Control Model and Architecture for Data Confidentiality in Database Service Provider

    Amril Syalim, Toshihiro Tabata, Kouichi Sakurai

    Proc. of Indonesia Cryptology and Information Security Conference (INA-CISC) 2005   2005

  • A Software Fingerprinting Scheme for Java Using Class Structure Transformation

    福島和英, 田端利宏, 田中俊昭, 桜井幸一

    情報処理学会論文誌   46 ( 8 )   2005

  • The Design and Evaluation of Anomaly Detection System Based on System Call

    たたら講平, 田端利宏, 桜井幸一

    情報処理学会論文誌   46 ( 8 )   2005

  • Proposal and Evaluation for Improvement of Corpus Separation in Bayesian Spam Filtering on Multi-lingual Environment

    岩永学, 田端利宏, 桜井幸一

    情報処理学会論文誌   46 ( 8 )   2005

  • On the Security of Integration of SELinux Access Permissions

    田端利宏, 末安克也, 桜井幸一

    情報処理学会論文誌   46 ( 4 )   2005

  • A Mechanism of Regulating Execution Performance for Process Group by Execution Resource on Tender Operating System

    TABATA Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    The IEICE transactions on information systems Pt. 1   87 ( 11 )   961 - 974   2004.11

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Proposal of Anti-spam Scheme Combining Challenge-response and Bayesian Filtering

    IWANAGA MANABU, TABATA TOSHIHIRO, SAKURAI KOUICHI

    IPSJ journal   45 ( 8 )   1939 - 1947   2004.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Some anti-spam schemes are based on challenge-response, a principle that a recipient reads only messages from senders who are registered by the recipient. In these schemes, request for setup is sent to senders who are not registered. Since bounce messages are legitimate but MTA cannot reply to request, we should have some exception to receive for them. However, spammers can abuse this exception to send spam to users, disguising their spam with bounce messages. In this paper, we propose an improved scheme, combining challenge-response and Bayesian filtering, then perform some tests on the effect of our scheme to avoid those spam.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010841/

  • Evaluation of detection of bounce-disguised spam by combining challenge-response and Bayeaian filtering

    Iwanaga Manabu, Tabata Toshihiro, Sakurai Kouichi

    Annual report of Computing and Communications Center, Kyushu University   4 ( 4 )   41 - 47   2004.3

     More details

    Language:Japanese   Publisher:Kyushu University  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design of Intrusion Detection System at User Level with System-Call Interposing.

    Toshihiro Tabata, Kouichi Sakurai

    ICETE 2004, 1st International Conference on E-Business and Telecommunication Networks   263 - 268   2004

     More details

    Publishing type:Research paper (international conference proceedings)   Publisher:INSTICC Press  

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/icete/icete2004.html#TabataS04

  • A resource management method for improving recycling ratio in recycling process elements

    T Tabata, H Taniguchi

    8TH WORLD MULTI-CONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL V, PROCEEDINGS   203 - 208   2004

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:INT INST INFORMATICS & SYSTEMICS  

    A process is a program in execution. Processes can be executed concurrently in operating Systems (OS) and they may be created and be deleted dynamically. Process creation and termination are required for program execution. They axe an important processing, but the cost of them is expensive. The cost of them affects the execution performance of programs. We proposed a fast process creation and termination mechanism by recycling process elements. The management of preserved process elements is an important problem for recycling. We also proposed an efficient resource management for recycling process elements. The proposed method can reduce the amount of memory consumption of preserved resources. It focused on frequency of program execution, but it is insufficient to reduce the cost.
    In this paper, we propose an improved resource management method for recycling process elements. In the method, only one process element with program image is preserved for each program with high frequency in program execution. The method can reduce the amount of memory consumption of preserved process elements. We also describe the implementation of proposal method on Tender operating system and report the contents of experiments and the result of them.

    Web of Science

    researchmap

  • End-User Security Management with Mobile Agents

    Yuki KOTEGAWA, Toshihiro TABATA, Kouichi SAKURAI

    Proc. of the Third International Conference on Information (Info'2004), International Workshop on Information Assurance and Security   2004

     More details

  • Proposal and implementation of heterogeneous virtual storage coexisted of single virtual storage and multiple virtual storage

    T Tabata, H Taniguchi

    International Conference on Computing, Communications and Control Technologies, Vol 1, Proceedings   415 - 420   2004

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:INT INST INFORMATICS & SYSTEMICS  

    Most of Operating Systems (OSs) provide processes with virtual memory. One advantage of this technique is that programs can be larger than physical memory. In addition, this technique abstracts main memory into large address space and frees programmers from the limitation of main memory. Single Virtual Storage (SVS) or Multiple Virtual Storage (MVS) are implemented in current OSs, but SVS and MVS do not coexist in existing OSs. If they coexist in an operating system, users can make use of each advantage. In this paper, we propose Heterogeneous Virtual Storage (HVS). Because SVS and MVS can coexist in HVS, HVS can provide both of the advantages of SVS and MVS to users. We also describe about implementation of HVS on The EN-during operating system for Distributed Environment (Tender). After that, we explain contents of experiments and report that result.

    Web of Science

    researchmap

  • Proposal of Anti-spam Scheme Combining Challenge-response and Bayesian Filtering

    岩永学, 田端利宏, 桜井幸一

    情報処理学会論文誌   45 ( 8 )   2004

  • Proposal of Efficient Resource Management for Recycling Process Elements

    TABATA TOSHIHIRO, TANIGUCHI HIDEO

    44 ( 10 )   48 - 61   2003.7

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan (IPSJ)  

    Operating system controls a process to execute a program. A process is created for executing a program. Then the process is deleted when the program terminated. Processing of process creation needs creation of virtual address space and a read of program. The load of the processing is heavy. Therefore there are many researches for fast process creation. We proposed fast process creation mechanism by recycling process elements. Fast process creation and fast process deletion are realized by recycling process elements. However, reserved process elements consume memory resources. Therefore efficient resource management is necessary. This paper proposes efficient resource management for recycling process elements.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00018559/

  • Process Schedule Mechanism for Regulating Processing Time of Multiple Services

    TABATA Toshihiro, TANIGUCHI Hideo

    The Transactions of the Institute of Electronics,Information and Communication Engineers.   86 ( 7 )   458 - 468   2003.7

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Proposal and Evaluation of Process Restart Function by Initializing Data Segments

    TABATA Toshihiro, TANIGUCHI Hideo

    Transactions of Information Processing Society of Japan   44 ( 6 )   1538 - 1547   2003.6

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan (IPSJ)  

    An operating system controls many processes to execute programs. The processing of process creation and process termination has a heavy load in an operating system. Therefore there are many techniques that can speed up process creation ; for example, sticky bit and the vfork system call are realized in UNIX. Furthermore, demand paging and copy-on-write are realized. Generally, specific programs are often executed repeatedly. For example, in the "make" command of UNIX, process creation and process termination are repeated, because a compiler is executed many times. We propose the function for restarting a process. The function is effective where specific programs are executed repeatedly, because the function can reduce the overhead of process creation and process termination. This paper describes the structure of a process and the function for restarting a process. This paper also reports the performance of the function.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00011209/

  • Evaluation of communication bandwidth control mechanism by regulating program execution speed

    Toshihiro Tabata, Yoshinari Nomura, Hideo Taniguchi

    Proceedings of the IASTED International Conference on Internet and Multimedia Systems and Applications   7   14 - 19   2003

     More details

    Publishing type:Research paper (international conference proceedings)  

    With the spread of the Internet, services that communicate to other services are increasing. Multimedia applications such as video on demand also ask for network Quality of Service (QoS). Thus, operating systems have to guarantee the allocation of computer resources to services. The computer resources are CPU, disk, network devices and so on. We suppose that the communications have to be controlled well, because services using network are increasing. This paper proposes the communication bandwidth control mechanism by regulating program execution speed. Our proposed mechanism is based on the process schedule method for regulating program execution speed. In the process schedule method, the operating system reserves the amount of CPU time of target processes and guarantees the allocation of CPU time on a sending host. Our proposed mechanism can guarantee a required data rate of target processes by allocating enough CPU time for communications. Because operating systems manage computer resources, they guarantee the allocation of CPU time if the process schedule method is implemented. The allocation of CPU time is not almost affected by non-target processes. This paper introduces the process schedule method and the implementation of it. This paper also shows how to control the communication bandwidth of target processes. Then this paper describes about an evaluation of our proposed mechanism.

    Scopus

    J-GLOBAL

    researchmap

  • Evaluation of obfuscation scheme focusing on calling relationships of fields and methods in methods

    Kazuhide Fukushima, Toshihiro Tabata, Kouichi Sakurai

    Proceedings of the IASTED International Conference on Communication, Network, and Information Security   108 - 113   2003

     More details

    Publishing type:Research paper (international conference proceedings)  

    Recently, Java has been spread widely. However, Java has a problem that an attacker can reconstruct Java source codes from Java classfiles. Therefore many techniques for protecting Java software have been proposed, but, quantitive security evaluations are not fully given. This paper proposes an obfuscation scheme for Java source codes by destructing the encapsulation. In addition, we propose an evaluation scheme on the number of accesses to the fields and the methods of the other classes. We try to realize tamper-resistant software with the certain quantitive basis of security using our evaluation.

    Scopus

    J-GLOBAL

    researchmap

  • Evaluation of Obfuscation Scheme for Java Focusing on Accessing Relationships of Fields and Methods between Classes

    Kazuhide FUKUSHIMA, Toshihiro TABATA, Kouichi SAKURAI

    Proc. of IASTED International Conference on Communication, Network, and Information Security (CNIS 2003)   2003

     More details

  • On the security of SELinux with a simplified policy

    Katsuya Sueyasu, Toshihiro Tabata, Kouichi Sakurai

    Proceedings of the IASTED International Conference on Communication, Network, and Information Security   79 - 84   2003

     More details

    Publishing type:Research paper (international conference proceedings)  

    Security-Enhanced Linux (SELinux) is a secure operating system. SELinux implements some features in order to perform strong access control. However, the configuration of SELinux access control becomes very complex. Such complexity may cause misconfiguration which can harm the strong access control. SELinux Policy Editor is a configuration tool for SELinux. It is developed in order to reduce the complexity and the risk of misconfiguration. As a part of its support of configuration, this tool simplifies the configuration of SELinux by integrating configuration items for complicated access control policy of SELinux. Although we can originally define and use macros which integrate permissions in SELinux access control policy, the integrated permissions of SELinux Policy Editor and the macros differ fundamentally in whether the use of them is mandatory or discretionary. In this paper, we examine effects of the simplification by SELinux Policy Editor on an example access control policy and evaluate the security of the access control based on the simplified policy about Apache, a web server software.

    Scopus

    J-GLOBAL

    researchmap

  • Route Detecting System using Multi-Agent for Mobile Agents

    Yuki KOTEGAWA, Toshihiro TABATA, Kouichi SAKURAI

    2003

     More details

  • Preventing Spam Disguised as Error Mail

    Manabu IWANAGA, Toshihiro TABATA, Kouichi SAKURAI

    Proc. of International Symposium on Information Science and Electrical Engineering 2003 (ISEE 2003)   2003

     More details

  • Evaluation of anti-spam method combining Bayesian filtering and strong challenge and response

    Manabu Iwanaga, Toshihiro Tabata, Kouichi Sakurai

    Proceedings of the IASTED International Conference on Communication, Network, and Information Security   214 - 219   2003

     More details

    Publishing type:Research paper (international conference proceedings)  

    Recently, various schemes against spam are proposed because of rapid increasing of spam. Some schemes are based on sender whitelisting with auto registration, a principle that a recipient reads only messages from senders who are registered by the recipient, and a sender have to perform some procedure to be registered (challenge-response.) In these schemes, some exceptions are required to show error mail to a sender of an original message. However, spammers can abuse this exception to send spam to users. We have proposed improved scheme in [1], combining challenge-response and Bayesian filtering. In this paper, we make tests on our scheme and a scheme using only Bayesian filtering to show efficiency of our scheme.

    Scopus

    J-GLOBAL

    researchmap

  • Proposal and Evaluation of Process Restart Function by Initializing Data Segments

    田端利宏, 谷口秀夫

    情報処理学会論文誌   44 ( 6 )   2003

  • Proposal of Efficient Resource Management for Recycling Process Elements

    田端利宏, 谷口秀夫

    情報処理学会論文誌   44 ( SIG10(ACS2) )   2003

  • Guarantee of Service Processing Time of Process Group for Multimedia Application

    Toshihiro TABATA, Yoshinari NOMURA, Hideo TANIGUCHI

    Proc. of Pan-Yellow-Sea International Workshop on Information Technologies for Network Era (PYIWIT'02)   2002

     More details

  • Efficient Resource Management for Recycling Process Elements.

    田端利宏, 谷口秀夫

    情報処理学会シンポジウム論文集   2002 ( 18 )   2002

  • Tender Operating System Based on Mechanism of Resource Independence.

    谷口秀夫, 青木義則, 後藤真孝, 村上大介, 田端利宏

    情報処理学会論文誌   41 ( 12 )   2000

  • New Directions in System Software. Guarantee of Service Processing Time by Execution on Tender Operating System.

    田端利宏, 谷口秀夫

    情報処理学会論文誌   41 ( 6 )   2000

  • Implementation and Evaluation of Speed Control Mechanism of Program Execution on Resource Execution on Tender.

    田端利宏, 谷口秀夫

    情報処理学会論文誌   40 ( 6 )   1999

▼display all

Books

  • Advances in Information and Computer Security - IWSEC 2012

    Springer-Verlag  2012 

     More details

MISC

  • Proposal of Attack Prevention Method by Access Control Focusing on Infection Process of IoT Malware

    2022   160 - 167   2022.10

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Developing the Flexible Conformance Test Run Environment for Keycloak

    2022   879 - 886   2022.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Evaluation on controlling precision of I/O performance of multiple processes using I/O with performance on Tender

    1   223 - 224   2022.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • ソフトウェア差分に着目したIoT機器サプライチェーンセキュリティ上の課題発見と大規模実態調査

    白石周碁, 吉元亮太, 塩治榮太朗, 秋山満昭, 山内利宏, 山内利宏

    電子情報通信学会技術研究報告(Web)   121 ( 410(ICSS2021 58-83) )   2022.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Machine Learning-Based Cyber Threat Intelligence Construction and Crossover Analysis

    2021   906 - 913   2021.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • 攻撃ユーザプロセスの利用するカーネルコードの追跡と特定手法の提案と評価

    葛野弘樹, 山内利宏

    情報科学技術フォーラム講演論文集   4   21 - 28   2021.8

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Improving Code Reuse Attack Resistance based on Function Address Randomization in Executable Files

    Kazuma Saji, Toshihiro Yamauchi, Satoru Kobayashi, Hideo Taniguchi

    Proceedings of Computer Security Symposium (CSS)   2023   1357 - 1364   2023.10

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Extension of OS Types That Can Estimate System Call Hook Point by Virtual Machine Monitor

    Taku Omori, Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of Computer Security Symposium (CSS)   2023   139 - 146   2023.10

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Investigation of Software Patch for Linux Kernel Vulnerability

    Hiroki Kuzuno, Tomohiko Yano, Kazuki Omo, Toshihiro Yamauchi

    Proceedings of Computer Security Symposium (CSS)   2023   308 - 315   2023.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Consideration of Method to Grasp Managed Targets Using procfs in Function for Tracing Diffusion of Classified

    2023   357 - 358   2023.9

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • カーネルメモリ解析を用いた特権昇格攻撃検出手法の提案と評価

    Hiroki Kuzuno, Takuya Nishimura, Yoshiaki Shiraishi, Toshihiro Yamauchi

    Forum on Information Technology 2023 : 2023 FIT   4   25 - 30   2023.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Tenderにおける他プロセスの入出力要求を考慮した入出力性能調整法の評価

    Kensuke Ono, Toshihiro Yamauchi, Hideo Taniguchi

    IPSJ SIG Technical Report   2023-OS-160 ( 6 )   1 - 8   2023.8

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • ファームウェア解析に基づいたIoT機器上で自動実行されるプログラムの実態調査

    原田 真ノ介, 吉元 亮太, 塩治 榮太朗, 秋山 満昭, 山内 利宏

    IEICE technical report   122 ( 422(ICSS2022-59) )   67 - 72   2023.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Design of Resource Addition Function in Sharing Multi-core Tender

    Gaku Inoue, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of the 2023 IEICE general conference   45   2023.3

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 脆弱性管理の調査を通じたソフトウェアサプライチェーンセキュリティの検討と考察

    葛野 弘樹, 矢野 智彦, 面 和毅, 山内 利宏

    IPSJ SIG Technical Report   2023-SPT-50 ( 1 )   199 - 206   2023.3

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Implementation of Function for Tracing Diffusion of Classified Information to Support Inter-VM Communication on KVM

    Kohei Otani, Satoru Kobayashi, Toshihiro Yamauchi, Hideo Taniguchi

    IPSJ SIG Technical Report   2023-CSEC-100 ( 62 )   1 - 8   2023.3

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Tenderにおけるプロセス間通信データ域を利用したコア間遠隔手続呼出制御の高速化

    Motoki Komoda, Toshihiro Yamauchi, Hideo Taniguchi

    IPSJ SIG Technical Report   2023-OS-158 ( 27 )   1 - 8   2023.2

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • HPCクラウドにおける割り込み処理によるOSノイズの影響の評価

    Iori Nishimoto, Satoru Kobayashi, Toshihiro Yamauchi, Jun Kato, Mitsuru Sato, Hideo Taniguchi

    IPSJ SIG Technical Report   2023-OS-158 ( 28 )   1 - 7   2023.2

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Tenderにおける他プロセスの入出力要求を考慮した入出力性能調整法の実現

    Kensuke Ono, Toshihiro Yamauchi, Hideo Taniguchi

    IPSJ SIG Technical Report   2023-OS-158 ( 26 )   1 - 8   2023.2

     More details

    Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Design and Implementation of Prevention Method against Attacks Using Buffer Overflows in TAs in OP-TEE

    Kaito Shiba, Hiroki Kuzuno, Toshihiro Yamauchi

    Proceedings of the 2023 symposium on cryptography and information security   2023.1

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Improvement and Evaluation of Seccomp Filter Generation Method for System Call Access Control using LKM

    Takafumi Yunoki, Ryota Yoshimoto, Toshihiro Yamauchi

    Proceedings of the 2023 symposium on cryptography and information security   2023.1

     More details

    Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Design of Prevention Method against Attacks Using Buffer Overflows in TAs in OP-TEE

    2022   872 - 878   2022.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • A Method for Reducing False Positives of Redirection to Unwanted Websites in Android

    2022   1186 - 1193   2022.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Design on LSM-based MAC System by Machine Learning in IoT Devices

    2022   546 - 553   2022.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Design and Evaluation of Security Risk Indication for Open Source Software

    2022   784 - 791   2022.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 権限情報の動的な再配置による特権昇格攻撃防止手法の提案と評価

    葛野 弘樹, 山内 利宏

    第21回情報科学技術フォーラム講演論文集   4   25 - 32   2022.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Analysis of Communication Processing Performance in 10GbE Environment

    4   215 - 216   2022.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Estimation of System Call Detection Point by Virtual Machine Monitor

    4   153 - 154   2022.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • IoT機器におけるセキュアOSの適用可否と保護機能の評価

    三木 雅登, 山内 利宏

    第21回情報科学技術フォーラム講演論文集   4   147 - 150   2022.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Towards (Re)constructing Attack Flow from Threat Report

    Shota Fujii, Nobutaka Kawaguchi, Tomohiro Shigemoto, Toshihiro Yamauchi

    31st USENIX Security Symposium Poster Session (USENIX Security '22 Posters),Poster   2022.8

     More details

    Authorship:Last author, Corresponding author  

    researchmap

  • Visualization Result of String-based CPU Architecture Independent IoT Malware Clustering

    Yutaro Osako, Toshihiro Yamauchi, Katsunari Yoshioka, Takuya Fujihashi, Takashi Watanabe, Shunsuke Saruwatari

    Network and Distributed System Security Symposium (NDSS 2022),Poster   2022.4

     More details

    Authorship:Corresponding author  

    researchmap

  • Design and Implementation of System for URL Signature Construction and for Impact Assessment

    藤井翔太, 藤井翔太, 川口信隆, 小島将耶, 鈴木智也, 山内利宏

    電子情報通信学会大会講演論文集(CD-ROM)   2022   2022.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese  

    J-GLOBAL

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iiaiaai/iiaiaai2022.html#FujiiKKSY22

  • カーネルにおけるMemory Protection Keyを用いたカーネルデータ保護機構の拡張性検討と性能評価

    葛野弘樹, 山内利宏

    情報処理学会研究報告(Web)   2022 ( DPS-190 )   2022.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Comparative Evaluation of Method for Hiding the Use of Debug Registers in Monitoring Program from Application Program

    仲村亮祐, 山内利宏, 佐藤将也, 谷口秀夫

    電子情報通信学会大会講演論文集(CD-ROM)   2022   2022.3

     More details

    Authorship:Corresponding author  

    J-GLOBAL

    researchmap

  • Estimation of OFF2F Performance Focusing on Differences of Memory Access Latency Between Volatile and Non-Volatile Memory

    2022 ( 1 )   121 - 122   2022.1

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Books

    researchmap

  • Performance Evaluation Focusing on Control Transitions between VMM and OS on VM

    2022 ( 1 )   119 - 120   2022.1

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Books

    researchmap

  • Extension of Target Information and Improvement of Tamper Resistance for VMM-Based Evidence Collection Function of Program Execution

    2022.1

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Survey on Mapping Function for Malware Behaviors to MITRE ATT&CK of Online Malware Sandbox

    2022.1

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Evaluation of Control Usage of Resource Pooling Function on Tender

    2022 ( 1 )   117 - 118   2022.1

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Books

    researchmap

  • Analysis by Clustering Focusing on Telnet Connection Log Commands to IoT Devices

    2021   692 - 696   2021.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • カーネルにおけるMemory Protection Keyを用いた権限情報保護機構の提案

    葛野 弘樹, 山内 利宏

    コンピュータセキュリティシンポジウム 2021 (CSS2021) 論文集   2021   647 - 654   2021.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Tenderにおけるプロセス間通信データ域を利用したコンテナボックス通信の性能分析

    菰田 志城, 山内 利宏, 谷口 秀夫

    2021年度電気・情報関連学会中国支部第72回連合大会   2021.10

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • N/A

    2021   697 - 704   2021.10

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Investigation of Threats in the Secure World of OP-TEE

    2021   661 - 667   2021.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Evaluation of Function for Tracing Diffusion of Classified Information to Support VMs Running on Multiple Cores on KVM

    2021   403 - 410   2021.10

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Large-scale Survey on Secure Development of IoT Devices by Software Analysis and Vendor Interview Invited

    Shugo Shiraishi, Akifumi Fukumoto, Ryota Yoshimoto, Eitaro Shioji, Mitsuaki Akiyama, Toshihiro Yamauchi

    The 16th International Workshop on Security (IWSEC 2021), Invited session   2021.9

     More details

    Authorship:Corresponding author  

    researchmap

  • Selective Usage Method of Resource Pooling Function on Tender

    林里咲, 山内利宏, 谷口秀夫

    情報科学技術フォーラム講演論文集   4   171 - 172   2021.8

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Malware Classification by Deep Learning Using the Characteristics of Hash Functions

    馬場隆寛, 馬場謙介, 山内利宏

    情報科学技術フォーラム講演論文集   4   43 - 46   2021.8

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publisher:Springer  

    As the Internet develops, the number of Internet of Things (IoT) devices increases. Simultaneously, the risk of IoT devices being infected with malware also increases. Thus, malware detection has become an important issue. Dynamic analysis logs are effective at detecting malware, but it takes time to collect a large amount of data because the malware must be executed at least once before the logs can be collected. Moreover, dynamic analysis logs are affected by external factors such as the execution environment. A malware detection method that uses a static property analysis log could solve these problems. In this study, deep learning (DL) was used as a machine learning method because DL is effective for large-scale data and can automatically extract features. Research has been conducted on malware detection using static properties of portable executable (PE) files, establishing that such detection is possible. However, research on malware detection using hash functions such as Fuzzy hash and peHash is lacking. Therefore, we investigated the characteristics of hash values in malware classification. Moreover, when the surface analysis log is viewed in chronological order, that the data are considered have concept drift characteristics. Therefore, we compared malware detection performance using data with the concept drift property. We found that the hash function could be used to prevent performance degradation even with concept drift data. In an experiment combining PE surface information and hash values, concept drift showed the highest performance for certain data.

    DOI: 10.1007/978-3-030-99587-4_40

    Scopus

    J-GLOBAL

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/aina/aina2022-2.html#BabaBY22

  • Evaluation of Memory Access Performance in NUMA Architecture

    島谷隼生, 山内利宏, 谷口秀夫, 佐藤将也

    情報科学技術フォーラム講演論文集   4   169 - 170   2021.8

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Evaluation of OFF2F Program Using Pseudo Non-Volatile Memory

    額田哲彰, 佐藤将也, 山内利宏, 谷口秀夫

    情報科学技術フォーラム講演論文集   4   173 - 174   2021.8

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Twitterで収集されたAndroidアプリのアクセシビリティサービスの利用率とAPI Levelの分析

    市岡秀一, 三村隆夫, 中嶋淳, 山内利宏

    電子情報通信学会技術研究報告(電子情報通信学会 第56回情報通信システムセキュリティ研究会 (ICSS))   121 ( 122 )   141 - 146   2021.7

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • LKMを介したSeccompフィルタの適用によるアクセス制御手法の提案と評価

    山内利宏, 吉元亮太

    情報処理学会研究報告(第93回CSEC・第53回IOT合同研究発表会)   2021-CSEC-93 ( 12 )   1 - 6   2021.5

     More details

    Authorship:Lead author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Proposal of Method to Support Analysis by Structuring Cyber Threat Intelligence

    藤井翔太, 藤井翔太, 川口信隆, 重本倫宏, 山内利宏

    情報処理学会研究報告(Web)   2021-CSEC-92 ( 47 )   1 - 8   2021.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • カーネル仮想記憶空間における排他的ページ参照機構の実現方式と性能評価

    葛野弘樹, 山内利宏

    電子情報通信学会技術研究報告(第54回情報通信システムセキュリティ研究会(ICSS))   120 ( 384 )   138 - 143   2021.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Analysis of HTTP Response between Landing Website and Malicious Website in Android

    川島千明, 市岡秀一, 山内利宏

    2021-CSEC-92 ( 44 )   1 - 8   2021.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Analysis focusing on commands of telnet logs on IoT devices

    3   393 - 394   2021.3

     More details

    Authorship:Lead author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Tenderにおける2種類の管理単位を持つ資源「実メモリ」の設計と実現

    楠恒輝, 山内利宏, 谷口秀夫

    情報処理学会研究報告(第151回システムソフトウェアとオペレーティング・システム研究会)   2021-OS-151 ( 12 )   1 - 8   2021.3

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • 計算機状態の高速な保存と復元を可能にする不揮発性メモリ向けTenderのプレート機能の実現

    田中雅大, 山内利宏, 谷口秀夫

    情報処理学会研究報告(第151回システムソフトウェアとオペレーティング・システム研究会)   2021-OS-151 ( 12 )   1 - 8   2021.3

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • 実証実験データを用いたモバイル向けブラックリスト構築手法の評価と未知の悪性サイト探索

    石原 聖, 佐藤 将也, 山内 利宏

    2021年暗号と情報セキュリティシンポジウム(SCIS2021)論文集   2021.1

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • VMMによるプログラム実行時のライブラリ情報取得機能の設計

    伊藤 寛史, 中村 徹, 清本 晋作, 山内 利宏

    2021年暗号と情報セキュリティシンポジウム(SCIS2021)論文集   2021.1

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Improvement for Detection Method of Transition to Unwanted Website Focusing on URL Bar Switching Interval and Evaluation Using Data of Demonstration Experiment

    9 - 16   2020.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Large-Scale Survey on Secure Development of IoT Devices by Software Analysis and Vendor Interview

    875 - 882   2020.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Design and Implementation of Kernel Address Isolation for Container

    859 - 866   2020.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Proposal of Method of Page Transition Visualization and Survey of Page Transitions in Android

    551 - 558   2020.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Evaluation of Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites Using Demonstration Experiment Data

    21 - 28   2020.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Implementation of Resource “Physical Memory” Extension in Tender

    楠恒輝, 山内利宏, 谷口秀夫

    電気・情報関連学会中国支部連合大会講演論文集(CD-ROM)   71st   2020.10

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Evaluation of Exclusive Page Reference Mechanism Capability for Kernel Data

    葛野弘樹, 山内利宏

    情報科学技術フォーラム講演論文集   19th   1 - 6   2020.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites

    Takashi Ishihara, Masaya Sato, Toshihiro Yamauchi

    The 21st World Conference on Information Security Applications (WISA2020), poster   2020.8

     More details

    Authorship:Last author, Corresponding author  

    researchmap

  • Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites

    Takashi Ishihara, Masaya Sato, Toshihiro Yamauchi

    The 21st World Conference on Information Security Applications (WISA2020), poster   2020.8

     More details

    Authorship:Corresponding author  

    researchmap

  • 仮想計算機モニタによるプログラム実行の証拠保全システムの設計

    伊藤 寛史, 中村 徹, 橋本 真幸, 山内 利宏

    2020年電子情報通信学会総合大会 情報・システム講演論文集2   119 - 119   2020.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Seccompを利用したIoT機器のセキュリティ機能の向上手法の一検討

    松下 瑛佑, 山内 利宏

    2020年電子情報通信学会総合大会 情報・システム講演論文集2   118 - 118   2020.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Android WebViewにおける利用者の意図しない悪性WebサイトへのWebアクセス可視化手法

    市岡 秀一, 佐藤 将也, 山内 利宏

    2020年電子情報通信学会総合大会 情報・システム講演論文集2   117 - 117   2020.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Tender における資源「入出力」のスループット向上手法

    利穂 虹希, 山内 利宏, 谷口 秀夫

    2020年電子情報通信学会総合大会 情報・システム講演論文集1   48 - 48   2020.3

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • ファームウェアに着目したIoT機器のセキュリティ機能の調査

    白石 周碁, 福本 淳文, 塩治 榮太朗, 秋山 満昭, 山内 利宏

    電子情報通信学会 第50回情報通信システムセキュリティ研究会(ICSS),電子情報通信学会技術研究報告   119 ( 437 )   37 - 42   2020.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 悪性Webサイトの探索によるモバイル向けブラックリスト構築手法の評価

    石原 聖, 佐藤 将也, 山内 利宏

    第82回全国大会講演論文集   2020 ( 1 )   441 - 442   2020.2

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    モバイル端末において,利用者の意図しないWebサイトへ誘導する攻撃が存在する.この攻撃への対策の1つとして,URLやホスト名のブラックリストを構築し,悪性Webサイトへのアクセスを未然に防止する手段がある.そこで,我々は,悪性Webサイトを探索し,モバイル向けのブラックリストを構築する手法を提案した.また,構築したブラックリストについて,悪性Webサイト検知率の評価を行った.しかし,悪性Webサイトの探索期間が短く,十分な評価が行われていない.本稿では,より長い期間の探索により構築したブラックリストを用いて,悪性Webサイト検知率の評価を行った結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • Tenderの資源プール機能における資源量の可視化機能

    林 里咲, 山内 利宏, 谷口 秀夫

    第82回全国大会講演論文集   2020 ( 1 )   39 - 40   2020.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    オペレーティングシステムにおいて,プロセス生成処理は,空間の生成やプログラム読み込みといった処理を行うため,負荷が大きい.そこで,分散指向永続オペレーティングシステムTenderでは,プロセス削除時にプロセスを構成する資源を削除せずに保持し,プロセス生成時に再利用することで,プロセスの生成処理と削除処理を高速化する資源プール機能を実現している.資源プール機能をより効率的に使用するためには,資源プール内に保持している資源について,計算機管理者が正確に把握する必要がある.本稿では,資源プール内の資源量と,資源プール機能に対して行われる資源の生成要求と削除要求を取得する機能を実現する手法を述べる.

    CiNii Article

    CiNii Books

    researchmap

  • Tenderにおける資源「実メモリ」の機能拡張

    楠 恒輝, 山内 利宏, 谷口 秀夫

    第82回全国大会講演論文集   2020 ( 1 )   51 - 52   2020.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    一つの計算機において,プログラムを実行するコアの数を増加させるうえで,NUMA構成が有効である.Tenderでは,UMA構成を意識した実メモリ管理を行っているため,NUMA構成のノード毎に分割された実メモリを有効に扱えない.このため,Tenderの実メモリ管理のNUMA構成への対応が課題である.Tenderでは,実メモリを資源「実メモリ」として管理しており,現在の資源管理で管理できる実メモリは256MBまでである.しかし,現在のNUMA構成の計算機は,少ないもので64GB程度の実メモリを搭載している.本稿では,Tenderの実メモリ管理機能の拡張ついて述べる.

    CiNii Article

    CiNii Books

    researchmap

  • マルチコアTenderにおけるコア間遠隔手続呼出制御処理の高速化と機能拡充

    藤戸宏洋, 山内利宏, 谷口秀夫

    情報処理学会研究報告(Web)   2020 ( OS-148 )   2020.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • AndroidにおけるURLバーの切り替わり間隔に着目した利用者の意図しないWebサイトへの遷移の検知手法の評価

    折戸 凜太郎, 石原 聖, 佐藤 将也, 梅本 俊, 中嶋 淳, 山内 利宏

    2020年暗号と情報セキュリティシンポジウム(SCIS2020)論文集   2020.1

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • スマートフォンにおけるWeb媒介型サイバー攻撃の観測機構:設計と実装

    山田 明, 佐野 絢音, 窪田 歩, 嶌田 一郎, 中嶋 淳, 吉岡 克成, 瀬尾 浩二郎, 満保 雅浩, 佐藤 将也, 松村 礼央, 田辺 瑠偉, 小澤 誠一, 田中 翔真, 梅本 俊, 松田 壮, 山内 利宏, 澤谷 雪子

    2020年暗号と情報セキュリティシンポジウム(SCIS2020)論文集   2020.1

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Method of Generating Blacklist by Searching Malicious Mobile Websites

    ( 2019 )   1025 - 1032   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Expanding Detectable Privilege Escalation Attacks and Reducing Overhead by Guest OS Monitoring Using Single Hook Point

    ( 2019 )   144 - 151   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Protection of Privileges Using ARM TrustZone in Privilege Escalation Attack Prevention Method

    ( 2019 )   581 - 588   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Design and Implementation of Exclusive Page Reference Mechanism Mitigates Kernel Vulnerability Attack

    ( 2019 )   660 - 667   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Proposal on Fine-Grained Reduction Method of Redundant Security Policy by Replacing typeattributeset Statement

    ( 2019 )   668 - 675   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Unwanted Web Site Classification for Android

    ( 2019 )   1011 - 1016   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Detection Method of Transition to Unwanted Website Focusing on URL Bar Switching Interval in Android

    ( 2019 )   1017 - 1024   2019.10

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    researchmap

  • Implementation of Display Function for Tracing Diffusion of Classified Information on KVM

    Record of Joint Conference of Electrical and Electronics Engineers in Kyushu   2019 ( 0 )   132 - 132   2019.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)   Publisher:Committee of Joint Conference of Electrical, Electronics and Information Engineers in Kyushu  

    DOI: 10.11527/jceeek.2019.0_132

    CiNii Article

    researchmap

  • KVM上のゲストOSにおける権限の変更に着目した権限昇格攻撃防止手法の評価

    福本淳文, 山内利宏

    情報科学技術フォーラム講演論文集   18th   187 - 188   2019.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • 64-bit ARM環境における権限の変更に着目した権限昇格攻撃防止手法の評価

    吉谷亮汰, 山内利宏

    情報科学技術フォーラム講演論文集   18th   189 - 190   2019.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • カーネル脆弱性を利用した攻撃に対する仮想記憶空間の切替え処理の保護と改ざん検出

    葛野弘樹, 山内利宏

    情報科学技術フォーラム講演論文集   18th   9 - 16   2019.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Android向けセキュリティアプリにおける悪性Webサイト検知率の調査

    折戸凛太郎, 佐藤将也, 山内利宏

    情報科学技術フォーラム講演論文集   18th   181 - 182   2019.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 不揮発性メモリを利用したTenderにおける動作継続制御の基本評価

    田中 雅大, 山内 利宏, 谷口 秀夫

    情報科学技術フォーラム講演論文集   18th   159 - 160   2019.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • SELinux CILを利用した不要なポリシの削減効果の評価

    齋藤凌也, 山内利宏

    情報科学技術フォーラム講演論文集   18th   205 - 206   2019.9

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • マルチコアTenderのコア間遠隔手続呼出における代行プロセス処理の高速化

    藤戸宏洋, 山内利宏, 谷口秀夫

    情報科学技術フォーラム講演論文集   18th   153 - 154   2019.9

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • Kernel Memory Inspection Capability for Malicious Kernel Module Detection Invited

    Hiroki Kuzuno, Toshihiro Yamauchi

    The 14th International Workshop on Security (IWSEC 2019), Invited session   2019.8

     More details

    Authorship:Last author, Corresponding author  

    researchmap

  • Threat Analysis of Fake Virus Alerts by Using Web Access Monitoring Mechanism for Android WebView

    Rintaro Orito, Koki Riho, Yuta Imamura, Masaya Sato, Toshihiro Yamauchi

    The 14th International Workshop on Security (IWSEC 2019), poster   2019.8

     More details

    Authorship:Last author, Corresponding author  

    researchmap

  • 不揮発性メモリを利用したTenderにおける動作継続制御の実現

    田中雅大, 山内利宏, 谷口秀夫

    情報処理学会研究報告 (2019年並列/分散/協調処理に関する『北見』サマー・ワークショップ (SWoPP2019))   2019-OS-147 ( 16 )   1 - 8   2019.7

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • カーネルに対する攻撃における独自の仮想記憶空間の切替え手法の検出能力と防御手法

    葛野弘樹, 葛野弘樹, 山内利宏

    情報処理学会研究報告(Web)   2019 ( CSEC-84 )   2019.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • KVM上のゲストOSにおける権限の変更に着目した権限昇格攻撃防止手法の実現

    福本淳文, 山内利宏

    情報処理学会研究報告(Web)   2019 ( CSEC-84 )   2019.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • 難読化JavaScriptコード解析支援システムの自動化の実現

    上原渓一郎, 山内利宏

    情報処理学会研究報告(Web)   2019 ( CSEC-84 )   2019.3

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    J-GLOBAL

    researchmap

  • Consideration of Visualization Mechanism to Support Diffusion Tracing Function of Classified Information on KVM

    Takumi Honda, Hideaki Moriyama, Toshihiro Yamauchi

    2019 ( 1 )   431 - 432   2019.2

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    CiNii Books

    researchmap

  • Method of Timely Detecting for Tracing Diffusion of Classified Information

    Hideaki Moriyama, Toshihiro Yamauchi, Masaya Sato, Hideo Taniguchi

    2019 ( 1 )   25 - 26   2019.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    CiNii Books

    researchmap

  • KVMを利用した機密情報の拡散追跡機能におけるファイルパス取得処理削減の評価

    荒木 涼, 森山 英明, 山内 利宏

    第81回全国大会講演論文集   2019 ( 1 )   433 - 434   2019.2

     More details

    Authorship:Last author, Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    計算機内で管理されている機密情報は,外部に漏えいすることで,企業や個人にとって大きな損失となる.機密情報を保有するファイルの外部への拡散を検知するために,仮想計算機モニタ(VMM)を利用した機密情報の拡散追跡機能を提案し,実現している.この機能では,機密情報を保有するファイルを操作するシステムコールをフックして情報を取得することで,検知及び拡散経路の通知を可能としている.一方,フックによるシステム応答が問題となっており,いくつかの高速化手法を提案されている. 本稿では,KVMを用いた機密情報の拡散追跡機能について,拡散情報の一つであるファイルパス取得処理削減による高速化を適用した際の評価結果について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • KVMにおける機密情報の拡散追跡機能を用いた複数VM監視手法の評価

    岡崎 俊樹, 森山 英明, 山内 利宏, 佐藤 将也, 谷口 秀夫

    第81回全国大会講演論文集   2019 ( 1 )   429 - 430   2019.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    機密情報を計算機上で扱う機会の増加により,計算機外部に機密情報が漏えいする事例が増加している.そこで,計算機内部における機密情報の拡散状況を把握する機能として,仮想計算機モニタであるKVMを利用した機密情報の拡散追跡機能を提案した.また,KVMにおける機密情報の拡散追跡機能を拡張し,複数の監視対象 VMにおける機密情報拡散をVMM上で一元的に追跡する機構(以降,複数VM監視機構)を提案した.本稿では,複数VM監視機構に関する評価として,複数のVMを同時に操作する状況を想定し,提案手法を評価した結果について報告する.

    CiNii Article

    CiNii Books

    researchmap

  • マルチコアTenderにおけるメモリを介した遠隔手続呼出制御方式

    藤戸宏洋, 山内利宏, 谷口 秀夫

    情報処理学会研究報告(第145回システムソフトウェアとオペレーティング・システム研究発表会)   2019-OS-145 ( 1 )   1 - 8   2019.2

     More details

    Authorship:Corresponding author   Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    researchmap

  • 過去のNIC負荷とプロセスのデータ送信量を考慮した複数NIC間での負荷分散法 Reviewed

    谷口 秀夫, 吉田 泰三, 山内 利宏, 佐藤 将也

    第26回マルチメディア通信と分散処理ワークショップ論文集   68 - 73   2018.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • KVMを利用した機密情報の拡散追跡機能におけるファイルアクセス性能の評価

    森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報科学技術フォーラム講演論文集   17th   147‐148   2018.9

     More details

    Language:Japanese  

    J-GLOBAL

    researchmap

  • 権限の変更に着目した権限昇格攻撃防止手法のARMへの拡張 (情報セキュリティ)

    吉谷 亮汰, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   118 ( 151 )   177 - 183   2018.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    J-GLOBAL

    researchmap

  • SELinux CILを利用した不要なポリシ削減手法の提案 (情報セキュリティ)

    齋藤 凌也, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   118 ( 151 )   185 - 192   2018.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • KVMを利用した機密情報の拡散追跡機能における高速化の評価

    森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報処理学会全国大会講演論文集   2018 ( 1 )   1 - 2   2018.3

     More details

  • AnT の要求箱通信機能を利用した処理の多重化

    本田 紘貴, 佐藤 将也, 山内 利宏, 谷口 秀夫

    第80回全国大会講演論文集   2018 ( 1 )   127 - 128   2018.3

     More details

    Language:Japanese  

    AnT は,マイクロカーネル構造OSである.マイクロカーネル構造OSでは,OS機能の大半をOSサーバとして実現する.このため,OSサーバ間でのサーバプログラム間通信が必要となる.AnT におけるサーバプログラム間通信機構には,要求箱通信方式がある.要求箱通信方式では,要求箱とよばれる領域を作成する.依頼プロセスはこの領域に依頼を登録することで,OSサーバを定めることなく通信できる.この要求箱通信方式とバックグラウンドで処理を行う影OSサーバを用いることで,依頼プロセスが意識せず同じ処理を多重に実行することができる.そこで,本稿では,AnT の要求箱通信機能を利用した処理の多重化を提案する.

    CiNii Article

    CiNii Books

    researchmap

  • 独自のカーネル用仮想記憶空間を用いたカーネルモジュール監視手法

    葛野弘樹, 葛野弘樹, 山内利宏

    情報処理学会シンポジウムシリーズ(CD-ROM)   2018 ( 2 )   2018

  • マルチコアTenderにおけるメモリを介した遠隔手続呼出制御の方式の設計

    藤戸宏洋, 山内利宏, 谷口秀夫

    情報処理学会研究報告(Web)   2018 ( OS-144 )   2018

  • 権限昇格攻撃防止手法における権限の格納位置のランダム化

    吉谷亮汰, 山内利宏

    情報処理学会シンポジウムシリーズ(CD-ROM)   2018 ( 2 )   2018

  • AndroidにおけるWebViewのWebアクセス観測機構を利用した悪性Webサイトの脅威分析と対策の提案

    今村祐太, 折戸凜太郎, CHAIKAEW Kritsana, CHAIKAEW Kritsana, MANARDO Celia, MANARDO Celia, LEELAPRUTE Pattara, 佐藤将也, 山内利宏

    情報処理学会シンポジウムシリーズ(CD-ROM)   2018 ( 2 )   2018

  • スタック領域へのガードページ挿入による戻りアドレス書き換え防止手法

    溝内剛, 上川先之, 山内利宏

    情報処理学会研究報告(Web)   2018 ( CSEC-80 )   2018

  • AndroidにおけるWebViewのWebアクセス観測機構

    今村 祐太, 上川 先之, 石原 靖弘, 佐藤 将也, 山内 利宏

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • WindowsにおけるUse-After-Free脆弱性攻撃防止手法

    伴 侑弥, 山内 利宏

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

  • 仮想計算機を用いた重要ファイル保護手法

    佐藤 将也, 山内 利宏, 谷口 秀夫

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

  • KVM上の複数VMの動作に対応した機密情報の拡散追跡機能

    岡崎俊樹, 森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報処理学会シンポジウムシリーズ(CD-ROM)   2017 ( 2 )   ROMBUNNO.3D3‐1   2017.10

     More details

  • プロセスの複製による可用性を考慮したライブフォレンジック手法のマルチコア対応と評価

    時松 勇介, 山内 利宏, 谷口 秀夫

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • API操作ログ取得による難読化JavaScriptコード解析支援システム

    上川 先之, 山内 利宏

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • KVMにおける機密情報の拡散追跡機能の高速化

    森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報科学技術フォーラム講演論文集   16th   191‐192   2017.9

     More details

    Language:Japanese  

    J-GLOBAL

    researchmap

  • Editor’s message to special issue of computer security technologies against sophisticated cyber attacks

    Toshihiro Yamauchi

    Journal of Information Processing   25 ( 0 )   852 - 853   2017.9

     More details

    Language:English   Publisher:Information Processing Society of Japan  

    DOI: 10.2197/ipsjjip.25.852

    Scopus

    researchmap

  • Use-After-Free脆弱性攻撃防止手法におけるメモリ解放契機の評価 (情報セキュリティ)

    伴 侑弥, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 125 )   149 - 155   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    J-GLOBAL

    researchmap

  • プロセス管理表へのアクセス制御機能の評価 (マルチメディア情報ハイディング・エンリッチメント)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 128 )   157 - 163   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • Use-After-Free脆弱性攻撃防止手法におけるメモリ解放契機の評価 (マルチメディア情報ハイディング・エンリッチメント)

    伴 侑弥, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 128 )   149 - 155   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • プロセス管理表へのアクセス制御機能の評価 (情報セキュリティ)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 125 )   157 - 163   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    J-GLOBAL

    researchmap

  • プロセス管理表へのアクセス制御機能の評価 (技術と社会・倫理)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 126 )   157 - 163   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • OS資源をノード毎に管理するTenderの構成

    須頭 滉平, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   165 - 166   2017.3

     More details

    Language:Japanese  

    複数のマルチコアプロセッサを搭載するNUMA構成計算機は,サーバなどの高い性能が要求される分野において利用されている. NUMA環境では,コアとメモリの関係を意識したメモリ管理が重要となる.ここで, Tenderオペレーティングシステムでは,マルチコアプロセッサ対応方式として,OS資源を一元的に排他制御し管理する共有型方式とOS資源をコア毎に管理する個別型方式が提案されている.NUMA環境において,共有型方式では,異なるノード間でのメモリアクセス,個別型方式では,コア間の連携がオーバヘッドとなり,性能低下の原因となる.そこで,本稿では,NUMA環境に適した,OS資源をノード毎に管理するTenderオペレーティングシステムの構成について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • Tenderの再利用機能における未使用資源の削除機能

    田村 大, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   167 - 168   2017.3

     More details

    Language:Japanese  

    Tenderオペレーティングシステムでは,オペレーティングシステムが制御し管理する対象である資源を分離し独立化して管理している.このため,Tenderオペレーティングシステムにおけるプロセスは複数の資源から構成され,個々の資源は独立して存在できる.そこで,プロセスを構成する資源が必要になる前に事前生成したり再利用するために削除せずにメモリ上に未使用資源として保持し,プロセス生成時に使用することで,プロセス生成処理を高速化している.しかし,事前生成と再利用によりメモリ上に保持する資源は,使用されなければメモリ上に保持され続ける問題がある.そこで,本稿では,使用されない資源の削除機能について提案する.

    CiNii Article

    CiNii Books

    researchmap

  • プロセッサの違いに着目した走行モード変更機構の評価

    福居 誠二, 佐藤 将也, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   169 - 170   2017.3

     More details

    Language:Japanese  

    システムコールの発行は,プロセスの走行モードの変更を伴うため,多くのシステムコールの発行を伴う処理において走行モードの変更は大きなオーバヘッドとなる.このオーバヘッドを削減する手法として,プロセスを任意の時点でスーパバイザモードに変更可能にする走行モード変更機構を提案した.また,OS空間を保護するために,仮想空間切り替え方式とセグメント切り替え方式を提案した.ここで,走行モードの変更に伴うオーバヘッドはプロセッサの性能による影響が大きい.本稿では,プロセッサの性能の異なる計算機としてPentium 4とCore i7を搭載した計算機を用い,プロセッサの違いに着目した走行モード変更機構の評価を行う.

    CiNii Article

    CiNii Books

    researchmap

  • 未参照バッファ数に着目した入出力バッファ分割法におけるWebサーバ応答時間の評価

    河辺 誠弥, 山内 利宏, 乃村 能成, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   171 - 172   2017.3

     More details

    Language:Japanese  

    利用者が優先したい処理の実行処理時間を短縮する方式として,ディレクトリ優先方式を提案した.ディレクトリ優先方式は,入出力バッファを優先領域とその他の領域に分割し,指定したディレクトリ下のファイルを優先的にキャッシュする.しかし,優先的にキャッシュするファイルが入出力バッファを圧迫し,それらのファイル以外のファイルのキャッシュヒット率が低下することにより,計算機全体の性能低下を招いてしまう問題がある.そこで,一定期間内に参照されていないバッファ数に着目し,入出力バッファを分割する方式を提案した.提案方式では,優先的にキャッシュされたファイルをキャッシュする領域の下限と減少量を設定することで,優先ファイルのキャッシュヒット率を低下しすぎないようにする.本稿では,提案方式について,Webサーバを使用した評価結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • AndroidにおけるWebViewのWebアクセス観測機構の提案

    今村 祐太, 上川 先之, 工藤 直樹, 佐藤 将也, 山内 利宏

    第79回全国大会講演論文集   2017 ( 1 )   551 - 552   2017.3

     More details

    Language:Japanese  

    Androidを標的とする悪性なWebコンテンツを利用した攻撃が存在する.攻撃を防止するためには,Webアクセスを観測し,攻撃の特性を調査する必要がある.ここで,AndroidにおけるWebアクセスには,Webブラウザによるもの以外に,WebViewを利用するAndroidアプリケーションによるものが存在する.WebブラウザによるWebアクセスはプラグインを用いて観測可能である.一方,WebViewを利用したWebアクセスを観測する機構は存在しない.そこで,本稿では,AndroidにおけるWebViewのWebアクセス観測機構を提案する.提案手法は,WebViewの改変により,WebViewを利用する全てのAndroidアプリケーションのWebアクセスを観測可能にする.

    CiNii Article

    CiNii Books

    researchmap

  • KVMにおける機密情報の拡散追跡機能における性能改善策

    森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報処理学会全国大会講演論文集   2017 ( 1 )   13 - 14   2017.3

     More details

  • マルチコアAnTのスケジュール機構における優先度逆転抑制効果

    鴨生 悠冬, 佐藤 将也, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   157 - 158   2017.3

     More details

    Language:Japanese  

    オペレーティングシステムは,サービスの要望に即したプロセスのスケジュールが求められるため,優先度逆転を抑制する必要がある.特にマイクロカーネル構造OSでは,OSサーバ間通信において優先度逆転が発生する可能性がある.また,コア毎に独立したスケジューラは,マイクロカーネル構造OSの性能を左右するプロセス切替のオーバヘッドが小さい特徴を持つ.一方,他コア上のプロセス情報を操作できないため,コア間通信を必要とする.そこで,コア毎に独立したスケジューラを有するマイクロカーネル構造OSのAnTにおいて,OSサーバ間通信における優先度逆転を抑制し,かつコア間通信回数を削減するスケジュール機構を提案した.本稿では,このスケジュール機構の優先度逆転抑制効果を計算サーバにより評価した結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • マイクロカーネルOSにおけるNICドライバプロセスの入替え性能の比較

    澤田 淳, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   161 - 162   2017.3

     More details

    Language:Japanese  

    マイクロカーネル構造を有するAnT オペレーティングシステムにおいて,APプロセスが利用中である場合のNICドライバプロセスの入替え時間とデータ送信時間が分析されている.本稿では,NICドライバプロセスの入替え時間とデータ送信時間を分析することで,MINIX3とAnT のOSサーバ入替え性能を比較する.

    CiNii Article

    CiNii Books

    researchmap

  • サーバの並列処理を促進するAnTの一括依頼並列処理機能

    村岡 勇希, 佐藤 将也, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   163 - 164   2017.3

     More details

    Language:Japanese  

    マイクロカーネルOSであるAnTでは,OSサーバへ依頼する処理の依頼情報を制御用ICAに格納し,シーケンシャルに処理する.そこで,本稿では,複数個の制御用ICAを一括して処理依頼することで複数の依頼情報の処理を並列処理する一括依頼並列処理機能について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • Tenderにおけるプロセス構成資源の事前生成による高速プロセス生成機能の評価

    田村 大, 佐藤 将也, 山内 利宏, 谷口 秀夫

    コンピュータシステム・シンポジウム論文集   ( 2016 )   94 - 101   2016.11

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Tenderにおける資源「入出力」の評価

    佐野 弘尚, 山内 利宏, 谷口 秀夫

    コンピュータシステム・シンポジウム論文集   ( 2016 )   20 - 27   2016.11

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Cordovaを利用したハイブリッドアプリケーションにおけるプラグインのアクセス制御方式

    工藤 直樹, 山内 利宏

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   450 - 457   2016.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • システムコール処理による権限の変化に着目した権限昇格攻撃の防止手法

    赤尾 洋平, 山内 利宏

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   542 - 549   2016.10

     More details

  • CPUエミュレータを利用した実行コード解析システムの提案

    上川 先之, 山内 利宏

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   668 - 675   2016.10

     More details

  • 制御システムの可用性を考慮したプロセスの複製によるライブフォレンジック手法の提案

    時松 勇介, 山内 利宏

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   84 - 91   2016.10

     More details

  • 攻撃回避のためのファイル不可視化手法の提案

    佐藤 将也, 山内 利宏, 谷口 秀夫

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   224 - 228   2016.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • プロセス情報不可視化のための仮想計算機モニタによるメモリアクセス制御機能の評価 (情報セキュリティ)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   116 ( 129 )   153 - 159   2016.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • Special section on information and communication system security

    Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E99D ( 4 )   785 - 786   2016.4

     More details

  • D-6-24 Evaluation of Time Stamp Counter on Multi-core Processor

    Sano Hironao, Fujii Shota, Horii Motoshi, Teraoka Akihiko, Yamauchi Toshihiro, Matsuoka Takeshi, Etoh Fumiharu, Fukui Hidemichi, Iwasaki Shuji

    Proceedings of the IEICE General Conference   2016 ( 1 )   78 - 78   2016.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • D-6-23 Performance Evaluation of Inter-core Communication on Multi-core Processor

    Fujii Shota, Horii Motoshi, Sano Hironao, Teraoka Akihiko, Yamauchi Toshihiro, Matsuoka Takeshi, Etoh Fumiharu, Fukui Hidemichi, Iwasaki Shuji

    Proceedings of the IEICE General Conference   2016 ( 1 )   77 - 77   2016.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Design of Function for Tracing Diffusion of Classified Information for IPC on KVM

    2015 ( 3 )   191 - 198   2015.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Memory Access Control Using Virtual Machine Monitor for Process Information Hiding

    2015 ( 3 )   855 - 860   2015.10

     More details

  • B-021 Evaluation of CPU resources allocation control in KVM

    Moriyama Hideaki, Kinoshita Ryoji, Suganuma Akira, Yamauchi Toshihiro, Taniguchi Hideo

    情報科学技術フォーラム講演論文集   14 ( 1 )   217 - 218   2015.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • B-018 Delay Method of Updating File Importance on I/O Buffer Cache Mechanism Based on Frequency of System Call

    Teraoka Akihiko, Yamauchi Toshihiro, Taniguchi Hideo

    14 ( 1 )   209 - 210   2015.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • B-022 Evaluation of OS Server Replacement Mechanism of AnT Using Communication Control Server

    Sawada Jun, Yamauchi Toshihiro, Taniguchi Hideo

    14 ( 1 )   219 - 220   2015.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • B-023 Evaluation of Reduction Method for Priority Inversion of OS server for AnT in File Reading

    Kamou Yuuto, Yamauchi Toshihiro, Taniguchi Hideo

    14 ( 1 )   221 - 222   2015.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • プロセス特定困難化のためのプロセス情報の置換手法の評価 (情報セキュリティ)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   115 ( 119 )   159 - 165   2015.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • メモリ再利用禁止によるUse-After-Free脆弱性攻撃防止手法の実現と評価 (情報通信マネジメント)

    山内 利宏, 池上 祐太

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   115 ( 45 )   141 - 148   2015.5

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • 分岐トレース支援機能を用いたカーネルルートキット検知手法の提案 (情報通信マネジメント)

    赤尾 洋平, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   115 ( 45 )   9 - 16   2015.5

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • D-6-13 Comparative Evaluation of Interrupt Control Method in OS for Multi-core Processor

    Tamura Jun, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2015 ( 1 )   77 - 77   2015.2

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • AnTオペレーティングシステムにおける効率的なサーバ間通信機構

    河上 裕太, 山内 利宏, 谷口 秀夫

    情報処理学会研究報告. [システムソフトウェアとオペレーティング・システム]   2015 ( 12 )   1 - 7   2015.2

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    マルチコアプロセッサ上で動作するマイクロカーネル構造 OS では,OS サーバを各コアに分散することで OS 処理を分散できる.一方,マイクロカーネル構造 OS は,OS サーバ間の連携に多くの通信を必要とする.このため,OS サーバ間での通信を効率化するととは重要である.AnT オペレーティングシステムは,マイクロカーネル構造 OS であり,OS サーバを各コアに分散できる.そこで,プロセスの分散形態を制限することでマルチコア環境での排他制御オーバヘッドを抑制し,高速なサーバ間通信を実現している.しかし,分散形態の制限下において効率的な負荷分散を実現することは困難である.本稿では,AnT における分散形態の制限を撤廃し,効率的な負荷分散を実現するサーバ開通信機構について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • ファイル操作に着目したOS処理分散法

    江原 寛人, 河上 裕太, 山内 利宏, 谷口 秀夫

    情報処理学会研究報告. [システムソフトウェアとオペレーティング・システム]   2015 ( 7 )   1 - 7   2015.2

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    ファイル操作処理は,OS 処理として実現される.また,マイクロカーネル構造 OS は,ファイル管理処理やディスクドライバ処理といった OS 処理を OS サーバとして実現する.したがって,マルチコアプロセッサ環境において,OS サーバをコア毎に分散することで,OS 処理をコア毎に分散できる.本稿では,マルチコア向け AnT において,ファイル操作処理に関する OS サーバを複数同時起動し,これら OS サーバをコア毎に分散できることを述べる.また,複数の外部記憶装置からの独立したファイル操作処理について,評価結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • LinuxとAnTオペレーティングシステムの連携機構の評価

    福島 有輝, 山内 利宏, 乃村 能成, 谷口 秀夫

    情報処理学会研究報告. [システムソフトウェアとオペレーティング・システム]   2015 ( 11 )   1 - 7   2015.2

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    特定のサービスに適した独自 OS を利用し,さらにマルチコアプロセッサを活かして独自 OS からの既存 OS プログラム利用による独自 OS の利便性向上を目指した Linux と AnT オペレーティングシステムの混載システムを提案した.Linux は,多種の入出力機器の利用を可能とし,かつ既存 OS として普及しており,多くのサービスを実現している.一方,AnT は,マイクロカーネル構造を有し,適応性と堅牢性を特徴とする独自 OS である.この両者の特徴を生かしたサービス提供のために,両 OS の連携機構を設計した.この連携機構は,AnT から Linux にシステムコール代行実行を処理依頼する.本稿では,AnT からの Linux システムコール代行実行の評価について報告する.具体的には,連携機構実現における工数と Linux システムコール代行実行の性能について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • 2014年度喜安記念業績賞紹介,セキュアOSの普及に向けた取り組み

    中村雄一, 海外浩平, 原田季栄, 半田哲夫, 山内利宏

    情報処理   56 ( 8 )   798 - 799   2015

     More details

  • LinuxとAnTの連携機構における代行実行処理の多重化の評価

    福島有輝, 山内利宏, 乃村能成, 谷口秀夫

    情報処理学会研究報告(Web)   2015 ( OS-134 )   2015

  • Evaluation of Tracing Classified Information Diffusion for File Operations on KVM

    2014 ( 2 )   751 - 758   2014.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Implementation and Evaluation of Dynamic Control Method for Sending User Information Using TaintDroid

    2014 ( 2 )   789 - 796   2014.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • A Report on International Conference ASIACCS2014

    2014 ( 2 )   1327 - 1334   2014.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Use-After-Free Prevention Method Using Memory Reuse Prohibited Library

    2014 ( 2 )   567 - 574   2014.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • 未参照バッファ数に着目した入出力バッファ分割法

    山本光一, 土谷彰義, 山内利宏, 谷口秀夫

    研究報告システムソフトウェアとオペレーティング・システム(OS)   2014 ( 5 )   1 - 8   2014.7

     More details

    Language:Japanese  

    利用者が優先して実行したい処理 (優先処理) の実行処理時間を短縮する方式として,ディレクトリ優先方式を提案した.この方式は,入出力バッファを二つの領域に分割し,指定したディレクトリ直下のファイル (優先ファイル) を優先的にキャッシュする.これにより,優先処理が頻繁にアクセスするファイルを優先ファイルとすることで,優先処理の実行処理時間を短縮できる.しかし,ディレクトリ優先方式は,優先ファイル以外のファイル (非優先ファイル) のキャッシュヒット率を著しく低下させ,悪影響を生じさせることがある.そこで,本稿では,領域のサイズを更新するまでの期間内に参照されてないバッファ数に着目し,このバッファがない方の領域のサイズを増加させる方式を提案する.提案方式は,優先ファイルをキャッシュする領域の下限を設定するパラメータを用いることで,優先ファイルをキャッシュする領域のキャッシュヒット率が低下しすぎないようにしている.また,カーネル make 処理と Web サーバ処理において提案方式を評価した結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • Tenderにおけるプロセス間通信データ域に特化したプロセス間通信の設計

    川野直樹, 山内利宏, 谷口秀夫

    研究報告システムソフトウェアとオペレーティング・システム(OS)   2014 ( 22 )   1 - 8   2014.7

     More details

    Language:Japanese  

    協調処理では,プロセス間通信の性能が処理性能に大きな影響を与える.このため,プロセス間通信の高速化が必要である.本稿では,Tender オペレーティングシステムにおいて,プロセス間通信に特化した領域 (プロセス間通信データ域) を実現し,この領域を利用したプロセス間通信の設計と実現方式について述べる.プロセス間通信データ域とは,プロセス間の複写レスでのデータ授受機能を支援する領域である.プロセスは,この領域を利用して通信することにより,複写レスなデータ授受と仮想アドレスから実アドレスへの変換の高速化を実現し,プロセス間通信を高速化できる.また,評価では,Tender オペレーティングシステムの既存のプロセス間通信との処理時間の比較結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • KVMにおける機密情報の拡散追跡機能の設計 (マルチメディア情報ハイディング・エンリッチメント)

    藤井 翔太, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   114 ( 118 )   187 - 193   2014.7

     More details

    Language:Japanese   Publisher:一般社団法人電子情報通信学会  

    計算機内の機密情報が拡散する状況を追跡し,機密情報を有する資源を把握する機能として機密情報の拡散追跡機能をOS内に実現した.しかし,機密情報の拡散追跡機能には,導入の際に対象のOSのソースコードを修正する必要があること,およびOS自体を攻撃されると,機密情報の拡散追跡機能が無効化される危険性が存在する問題がある.そこで,KVMにおける機密情報の拡散追跡機能を設計した.機密情報の拡散追跡機能をKVM内に実現することにより,導入対象OSのソースコードを修正する必要がなくなり,より多くの環境に導入可能になる.また,機密情報の拡散追跡機能をOSから隔離できるため,機密情報の拡散追跡機能への攻撃をより困難にできる.

    CiNii Article

    CiNii Books

    researchmap

  • Attack Avoiding Method Obscuring Process Identification by Making Process Information Invisible

    2013 ( 4 )   1042 - 1049   2013.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Proposal of Attacker Investigation System Triggered Information Leakage

    2013 ( 4 )   17 - 24   2013.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • B-008 Efficient Page Out Rule in Tender

    Hamaguchi Tomoyuki, Yamauchi Toshihiro, Taniguchi Hideo

    12 ( 1 )   231 - 232   2013.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • L-011 Malware Detection Method Focusing on Anti-Debugging

    Yoshizaki Kota, Yamauchi Toshihiro

    12 ( 4 )   219 - 220   2013.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • L-001 Performance Evaluation with APs for Secure Log Transfer Method Using Library Replacement

    Sato Masaya, Yamauchi Toshihiro

    12 ( 4 )   185 - 186   2013.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • マルチコアTenderにおける排他制御の細粒度化による並列性向上手法

    山本貴大, 山内利宏, 谷口秀夫

    情報処理学会研究報告. [システムソフトウェアとオペレーティング・システム]   2013 ( 16 )   1 - 8   2013.7

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    近年,マルチコアプロセッサの普及に伴い,オペレーティングシステム (以降,OS) のマルチコア対応が必要となっている.OS のマルチコア対応における課題として処理の並列性の向上がある.Tender オペレーティングシステム (以降,Tender) では,Tender 特有の OS 構造である資源インタフェース制御において一元的に排他制御することで修正工数を抑制し,マルチコア対応を実現した.このとき,資源インタフェース制御において資源の種類ごとに排他制御することで異なる種類の資源の並列処理を実現した.しかし,本手法では,同じ種類の資源を並列に処理することができない.本稿では,マルチコア向け Tender (以降,マルチコア Tender) において一元的な排他制御構造を維持しつつ,排他制御を細粒度化する手法について述べる.これにより,同じ種類の資源の並列処理を実現し,処理の並列性を向上させる.このとき,修正に要した工数について評価する.また,マイクロベンチマークを使用し,Linux,および FreeBSD と比較することでマルチコア Tender の性能を評価する.

    CiNii Article

    CiNii Books

    researchmap

  • 細粒度の情報追跡による機密情報送信の動的制御手法 (マルチメディア情報ハイディング・エンリッチメント)

    小倉 禎幸, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   113 ( 138 )   135 - 141   2013.7

     More details

    Language:Japanese   Publisher:一般社団法人電子情報通信学会  

    近年,Android端末の普及に伴い,Androidを標的とするマルウェアが増加し,マルウェアへの対策が重要視されている.特に,マルウェアによる端末外部への機密情報の漏洩が問題となっている.この問題に対処するために,機密情報の伝搬を追跡し,機密情報が外部に漏洩する際に利用者の判断に従ってAPの動作を動的に制御する手法を提案する.具体的には,提案手法は,TaintDroidを利用し,機密情報の伝搬を変数レベルで細粒度に追跡する.端末外部に機密情報が漏洩する場合,利用者の判断に従ってAPの動作を制御する.これにより,端末外部への機密情報の漏洩を防止する.また,端末外部に送信される機密情報をダミーデータに置換し,機密情報の漏洩を防止する.これにより,APの正常な動作をできるだけ妨げることなく機密情報の漏洩を防止できる.さらに,AP間で機密情報のやり取りがあった場合,機密情報の漏洩に関わったAP名を取得し,機密情報の伝搬経路を把握する.これにより,利用者は機密情報の漏洩の伝搬経路とその漏洩に関わったAPを正確に把握し,漏洩要因の各APに対処できる.

    CiNii Article

    CiNii Books

    researchmap

  • ライブラリの置き換えによるVM外部への安全なログ転送方式の評価 (マルチメディア情報ハイディング・エンリッチメント)

    佐藤 将也, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   113 ( 138 )   121 - 128   2013.7

     More details

    Language:Japanese   Publisher:一般社団法人電子情報通信学会  

    ログは,計算機の動作を把握するための重要な情報である.しかし,攻撃や問題の発生により,ログの改ざんや消失が起こる可能性がある.この問題への既存の対処の多くは,対処する以前にログを改ざんされる恐れがある.また,VM上のOSの種類に応じた対処や性能低下が問題となる.これらの問題への対処として,ライブラリの置き換えによるVM外部への安全なログ転送方式を提案した.提案方式では,ログ発行時にVMMにログの転送を依頼するように,VM上のライブラリを置き換える.VMMはVMからログを取得し,ログの取得元とは異なるVMで保存する.これにより,多種のOSへ容易に適用でき,性能低下の小さい方式を実現した.本稿では,提案方式の評価について述べる.提案方式の有効性を示すために,ログの改ざんを防止できるか検証した.また,多種のOSへの適用の容易さを評価した.性能評価では,APの性能への影響と複数台のVMを走行させた場合の性能の変化を評価した.

    CiNii Article

    CiNii Books

    researchmap

  • The 2012 IPSJ Best Paper Award: Application of Virtualization Technology for Computer Security

    54 ( 8 )   815 - 815   2013.7

     More details

  • AnTオペレーティングシステムにおける低機能MMUの制御法

    鶴谷昌弘, 山内利宏, 谷口秀夫

    研究報告システムソフトウェアとオペレーティング・システム(OS)   2013 ( 11 )   1 - 7   2013.2

     More details

    Language:Japanese  

    計算機の多様な利用を支える高い適応性と堅牢性を実現できるOSが必要となっており,これを実現するOSプログラム構造としてマイクロカーネル構造がある.マイクロカーネルOSは,OS機能の大半をOSサーバとして実現するため,OSサーバ間でプログラム間通信が頻発し,モノリシックカーネルOSに比べ性能が低下する.このため,データ複写レスによる通信により,OSサーバ間での授受データの複写オーバヘッドを低減している.しかし,低機能MMUでは,データ複写レスであっても通信時に発生するTLBミスに伴う処理オーバヘッドが大きい.そこで,マイクロカーネルOSにおける低機能MMU制御法を提案する.提案制御法は,サーバプログラム間通信で利用する領域についてはページテーブルを利用することなく,TLBエントリでページの割り当てを管理し,TLBミスを発生させないことによりサーバプログラム間通信を高速化する.SH-4を例として,提案制御法をAnTオペレーティングシステムに実現する方式を示し,性能評価の結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • ライブラリの置き換えによるVM外部への安全なログ転送方式の提案

    佐藤将也, 山内利宏

    研究報告コンピュータセキュリティ(CSEC)   2012 ( 6 )   1 - 8   2012.12

     More details

    Language:Japanese  

    ログは,計算機の動作を把握するための重要な情報である.しかし,攻撃や問題の発生により,ログの改ざんや消失が起こる可能性がある.この問題へ対処するために,ログを保護する手法が提案されている.しかし,手法の多くは AP や OS で実現されており,カーネルレベルで動作するマルウェアからログを保護するのは難しい.そこで,我々は, VMM を用いたログの保護方式を提案した.しかし,この方式では,複数の VM において多種の OS が利用される場合,それぞれの OS に対応するように VMM を修正する必要があり,その工数が大きい.そこで,複数 VM 上の多種の OS に最小限のプログラムの修正により対応可能な, AP の出力するログの保護方式を提案する.提案方式は,ログ発行時に特定の命令を実行するように, VM 上のライブラリをあらかじめ置き換える. VMM は,この命令を契機にログを保護する.このため,提案方式は OS の種類に依存しない.

    CiNii Article

    CiNii Books

    researchmap

  • Proposal of a Method for Dynamic Control of Application Programs by Extending the SEAndroid

    2012 ( 3 )   130 - 137   2012.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Dynamic Driver Process Replacement Mechanism for AnT

    2012 ( 4 )   202 - 209   2012.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Evaluation of Load Balancing in Multi-core for AnT

    Takeshi Sakoda, Keisuke Masuda, Noriaki Hasuoka, Toshihiro Yamauchi, Hideo Taniguchi

    IPSJ SIG Notes   2012 ( 31 )   1 - 7   2012.9

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Operating system based on microkernel architecture has high adaptability and toughness. Otherwise, multi-core processor appeared by progress of LSI technology. If it is made to run OS based on microkernel architecture and OS server can be distributed to each core on the multi-core processor, load balancing of OS processing will become possible. For the above reasons, the load balancing of OS processing can offer large transaction processing effectively on the multi-core environment. This paper shows the result of evaluations for performance of distributing OS processing in the AnT operating system based on microkernel architecture works on the multi-core environment. To put it concretely, this paper shows the difference in the performance by distributed forms at the time of data reference in a block unit. Moreover, this paper shows the distribution effect by distributed forms using PostMark and Bonnie.

    CiNii Article

    CiNii Books

    researchmap

  • Development of Multicore Tender Operating System

    2012 ( 4 )   1 - 8   2012.7

     More details

  • Evaluation for Fast Method of Inter Server Program Communication on AnT for SH-4

    2012 ( 7 )   1 - 7   2012.4

     More details

  • Evaluation of Regulating I/O performance on Tender Operating System

    2012 ( 6 )   1 - 8   2012.4

     More details

  • Proposal of a Method for Tracing Diffusion of Information and Preventing Information Leakage on Android

    OKUDA Kenji, NAKATSUKA Ryo, YAMAUCHI Toshihiro

    IEICE technical report. Information and communication system security   111 ( 495 )   5 - 10   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Application program (AP) can collaborate with other APs and control personal information with Intent or user's allowing of permission. However, users cannot detect those behaviors. Therefore, users might not be able to be aware of an AP as a malware. This paper proposes a method for tracing diffusion of personal information and preventing its leakage on Android. Our method alerts information leakage when an AP uses APIs to communicate with outside. These alerts are caused only if the AP has already called APIs to collect personal information. Users can refuse execution of the API if it was not appropriate. Further, we visualize the diffusion path of personal information to support users to decide the API is appropriate or not.

    CiNii Article

    CiNii Books

    researchmap

  • D-6-16 Fast Method of Inter Server Program Communication on AnT for SH-4

    TSURUYA Masahiro, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   77 - 77   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-18 Evaluation for Sophisticated Periodic Execution Control on SH-4 Processor

    Furukawa Yuuki, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   79 - 79   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-19-6 Solution of the Diffusion Tracing Function of Classified Information for Distributed Environment

    Otsubo Nobuto, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2012 ( 2 )   213 - 213   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • D-6-13 Tender Operating System for multicore processor

    Nagai Kengo, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   74 - 74   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-14 Implementation of Resources "Periodic Timer" in Multicore Tender

    Yamamoto Takahiro, Nagai Kengo, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   75 - 75   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-15 Dynamic NIC Driver Process Replacement Mechanism for AnT

    HASUOKA Noriaki, TSURUYA Masahiro, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   76 - 76   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Method to Set Effective Directories for a Directory Oriented Buffer Cache Mechanism

    2012 ( 9 )   1 - 8   2012.2

     More details

  • The relation between program description and high performance mechanism of processor

    57 - 64   2012.1

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Preface

    Goichiro Hanaoka, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   7631 LNCS   2012

     More details

  • Automatic Method of Partitioning I/O Buffer Based on Cache Hit Ratio

    ( 2011 )   62 - 72   2011.11

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Proposal of Function to Visualize Diffusion Path of Classified Information

    2011 ( 3 )   367 - 372   2011.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • A profiling method of malware's behavior using integratedvirtualized system monitor

    2009 ( 2009 )   1 - 6   2011.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Implementation and Evaluation of I/O Resource on Tender Operating System

    2011 ( 19 )   1 - 8   2011.7

     More details

  • Evaluation of Inter Server Program Communication for AnT operating system on SH-4

    2011 ( 12 )   1 - 8   2011.7

     More details

  • Interprocess communication function using the physical memory exchange function on Tender Operating System

    2011 ( 13 )   1 - 7   2011.7

     More details

  • I/O Buffer Partitioning Method Based on Cache Hit Ratio

    2011 ( 18 )   1 - 9   2011.7

     More details

  • Implementation and Evaluation of Virtual Machine Based Kernel Log Collector

    2011 ( 28 )   1 - 8   2011.7

     More details

  • Design and Evaluation of a Method to Reduce Redundant Security Policy of SELinux

    YAGI SHINYA, NAKAMURA YUICHI, YAMAUCHI TOSHIHIRO

    IEICE technical report   111 ( 30 )   71 - 76   2011.5

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    In many cases, general security policy is used because of the difficulty of creating security policy. However, this security policy is possible to allow excessive rights in system. In addition, it is difficult to use this security policy in embeded systems because of the memory footprint. To deal with these problems, we propose a method system automatically detects redundant security policies by using log SELinux outputs and deletes them. The proposed system also suggests system administrator and improves security of the system and reduces the memory footprint. This paper shows the problems of security policy and dealing with them. This paper also shows design and evaluation.

    CiNii Article

    CiNii Books

    researchmap

  • Design and Evaluation of a Method to Reduce Redundant Security Policy of SELinux

    2011 ( 13 )   1 - 6   2011.5

     More details

  • 周期実行制御における周期超過防止法の周期処理分割に関する評価

    古川友樹, 山内利宏, 谷口秀夫

    第73回全国大会講演論文集   2011 ( 1 )   39 - 40   2011.3

     More details

    Language:Japanese  

    ロボットのモータ制御やセンサ制御における処理は周期的に実行される.周期的に実行される処理は次の周期までに処理を終了する必要があり,次の周期までに処理が終了しない場合,予定されていた処理の実行が行われず,問題となる.一方,周期実行される処理の開始から終了までの時間は,実入出力処理時間の変動やタイマ割り込み処理の影響により一定でない.そこで,処理の実行状況を記録し,次の周期までに処理が終了できるか否か判定し,超過すると判定した場合,終了時刻までに終了できる適切な処理を起動できる方法を提案した.ここでは,提案手法の周期処理分割に関する評価について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • Proposal of I/O Resource on Tender Operating System

    2010 ( 5 )   1 - 7   2011.2

     More details

  • Design and Evaluation of Control Method to Deal with Deadline Miss for Periodic Scheduling

    FURUKAWA Yuuki, YAMAUCHI Toshihiro, TANIGUCH Hideo

    IEICE technical report   110 ( 278 )   23 - 28   2010.11

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    The processing executed periodically must be finished before the next release time. If such a processing is not finished before a deadline, the scheduled processing is not executed in the next period. On the other hand, the execution time of the processing executed periodically from the release to the end is not constant by changing of I/O processing time and influencing the timer interrupt. Therefore, our proposed system records the execution time of the processing, judges whether the processing will be finished before the deadline and can execute the appropriate processing for the remaining time. In this paper, we describe the design and evaluation of our system.

    CiNii Article

    CiNii Books

    researchmap

  • Evaluation of Dynamic Communication Control Server Replacement Processing for AnT

    2010 ( 11 )   99 - 104   2010.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Linux Security Features : Tackling the Difficulty of Seculity Policy Configuration

    NAKAMURA Yuichi, YAMAUCHI Toshihiro

    IPSJ Magazine   51 ( 10 )   1268 - 1275   2010.10

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00070553/

  • L-033 Tracing and Visualization Function of Information Propagation by File Manipulation

    Nakatsuka Ryo, Yamauchi Toshihiro, Taniguchi Hideo

    9 ( 4 )   251 - 252   2010.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • B-038 Implementation of control method to deal with deadline miss for periodic scheduling

    Furukawa Yuuki, Yamauchi Toshihiro, Taniguchi Hideo

    9 ( 1 )   367 - 368   2010.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • Control method to detect and deal with deadline miss for periodic scheduling

    FURUKAWA YUUKI, YAMAUCHI TOSHIHIRO, TANIGUCHI HIDEO

    115   W1 - W6   2010.8

     More details

  • Realization and Evaluation of the Generation Management Function on Tender Operating System

    NAGAI KENGO, YAMAMOTO YUTA, YAMAUCHI TOSHIHIRO, TANIGUCHI HIDEO

    115   B1 - B8   2010.8

     More details

  • Implementation of the TCP/IP communication function in the AnT operating system

    INOUE YOSHIHIRO, TANIGUCHI HIDEO, YAMAUCHI TOSHIHIRO

    115   J1 - J8   2010.8

     More details

  • Design of Converting Linux LKM Device Driver into Concrete Process in AnT Operating System

    SHIMAZAKI Yutaka, TABATA Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    IEICE technical report   109 ( 475 )   517 - 522   2010.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Recent OS has a large number of device drivers. It is important to reduce cost for developing new device drivers in OS development. When we port an existing device driver into the OS which realizing device driver process to reduce the development cost, we need to not only port but also form it into process. In this paper, we show a method for converting an existing Linux LKM device driver into process in AnT operating system. Furthermore, we evaluated the proposal method using drivers such as the FD, Intel 1GbE, and Realtek 1GbE driver.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design of Sophisticated Periodic Execution Control for Embedded Systems

    FURUKAWA Yuuki, TABATA Toshihiro, TANIGUCHI Hideo

    IEICE technical report   109 ( 475 )   523 - 528   2010.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    In embedded systems, a kind of the processing to be executed is limited, and a lot of processing are executed periodically. In such systems, we need to reduce the overhead of periodic execution control and the dispersion of its time. ART-Linux is proposed as one of the conventional real-time operating system that is used such as robot. In this paper, we show a periodic execution control of ART-Linux and clarify several problems. Next, we design a sophisticated periodic execution control to solve these problems of ART-Linux. Finally, we show the realization of the periodic execution control and the effect of it.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • I/O Buffer Partition Method to Improve Execution Time of Priority Processing

    TSUCHIYA Akiyoshi, TABATA Toshihiro, TANIGUCHI Hideo

    72 ( 0 )   99 - 100   2010.3

     More details

  • A proposal of physical memory exchange function to enable Zero-copy communication processing

    KADO NAOFUMI, TABATA TOSHIHIRO, TANIGUCHI HIDEO

    113 ( 8 )   H1 - H8   2010.1

     More details

  • Evaluation of Uniformity of Processing in Mechanism for Regulating Program Execution Speed in Library

    SAKAI KOICHI, TABATA TOSHIHIRO, TANIGUCHI HIDEO, HAKOMORI SATOSHI

    113 ( 14 )   N1 - N8   2010.1

     More details

  • A proposal of physical memory exchange function to enable Zero-copy communication processing

    門直史, 田端利宏, 谷口秀夫

    情報処理学会研究報告(CD-ROM)   2009 ( 5 )   2010

  • Evaluation of Uniformity of Processing in Mechanism for Regulating Program Execution Speed in Library

    境講一, 田端利宏, 谷口秀夫, 箱守聰

    情報処理学会研究報告(CD-ROM)   2009 ( 5 )   2010

  • Design of Upper Limit Function of Protected Area and Buffer Migration Function for a Directory Oriented Buffer Cache Mechanism

    TABATA Toshihiro, TSUCHIYA Akiyoshi, YAMADA Katsuyasu, TANIGUCHI Hideo

    IEICE technical report   109 ( 296 )   43 - 48   2009.11

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Noticing that application programs handle files as a unit of input and output, we proposed a Directory Oriented Buffer Cache Mechanism. The proposed mechanism gives a high priority to important directories, which are associated with important jobs. Files in the important directories are given a high priority, and its blocks files are cached with the high priority. The proposed mechanism makes processing of important jobs frequently faster. However, the proposed mechanism degrades the performance of the processing in some cases due to three problems of it. This paper describes the three problems of the proposed mechanism. Then, this paper describes upper limit function of protected area and buffer migration function that solve the three problems.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Anti-spam e-mail method based on characteristic token ratio accounting for all tokens

    UEMURA Masahiro, TABATA Toshihiro

    IEICE technical report   109 ( 33 )   27 - 32   2009.5

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    J-GLOBAL

    researchmap

  • Evaluation for a Mechanism of Regulating Execution Speed that Considered the Run Mode of Program

    SAKAI KOICHI, TABATA TOSHIHIRO, TANIGUCHI HIDEO, HAKOMORI SATOSHI

    111 ( 26 )   Y1 - Y8   2009.4

     More details

  • D-6-24 Implementation of Display Part of Visualization Considering Process Running Mode

    Kinoshita Akira, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2009 ( 1 )   74 - 74   2009.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-17 Design of Visual Function on Diffusion Tracing Function of Classified Information

    Fukushima Kenta, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2009 ( 1 )   67 - 67   2009.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-23 Design of a Mechanism of Bounding Execution Performance for Process Group by Execution Resource on Tender

    Hara Takayuki, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2009 ( 1 )   73 - 73   2009.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-20 Proposal of Function for Regulating I/O Performance based on I/O Slot

    Nagao Takashi, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2009 ( 1 )   70 - 70   2009.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-19 プログラム実行速度調整法におけるフィードバックを利用した高精度な制御法の提案(D-6. コンピュータシステムC(ソフトウェア),一般セッション)

    境 講一, 田端 利宏, 谷口 秀夫, 箱守 聰

    電子情報通信学会総合大会講演論文集   2009 ( 1 )   69 - 69   2009.3

     More details

    Language:Japanese   Publisher:一般社団法人電子情報通信学会  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design of Network-Transparent InterProcess Communication on Tender

    SAEKI Kenji, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   138 ( 20 )   55 - 60   2009.2

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    The Tender operating system has original InterProcess Communications. We realize Network-Transparent InterProcess Communication which can use in distributed system. In this paper, We describe Network-Transparent original InterProcess Communication with "container", "container box" and "event" on Tender. Furthermore, We describe method of send and receive container, and shared container which used distributed shared memory.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Mechanism of Regulating Execution Speed that Considered the Run Mode of Program

    SAKAI Koichi, TABATA Toshihiro, TANIGUCHI Hideo, HAKOMORI Satoshi

    IPSJ SIG Notes   110 ( 6(OS-110) )   99 - 106   2009.1

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    If execution speed of software is regulated without concerning by performance of the computer hardware, Convenience of the service better. In addition, regulating execution speed inhibits influence of DoS attack, and help restoration from DoS attack. On the other hand, program runs in user mode and supervisor mode. Therefore, considering run mode of program enables high accuracy regulating execution speed. We propose a mechanism of regulating execution speed in consideration of the run mode of program. Specifically, our method can regulate the execution speed of program in user mode, supervisor mode, and both modes. This paper describes a method of stopping process and a method of setting regulated performance. Furthermore, we implement and evaluate the proposed mechanism in library to clarify the characteristic and the effectiveness of it.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Evaluation for a Mechanism of Regulating Execution Speed that Considered the Run Mode of Program

    境講一, 田端利宏, 谷口秀夫, 箱守聰

    情報処理学会研究報告(CD-ROM)   2009 ( 1 )   2009

  • 統合仮想化システムモニタを用いたマルウェアのプロファイリング

    安藤類央, 高橋一志, 田端利宏, 須崎有康

    情報処理学会シンポジウム論文集   2009 ( 11 )   2009

  • Evauluation of I/O Buffer Cache Mechanism Based on the Frequency of File Usage

    KATAKAMI TATSUYA, TABATA TOSHIHIRO, TANIGUCHI HIDEO

    情報処理学会研究報告   27 ( 119(EVA-27) )   13 - 18   2008.11

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    We proposed an I/O buffer cache mechanism based on the frequency of file usage. This paper describes an evaluation of the proposed mechanism and effectiveness of the proposed mechanism from evaluation results.