Updated on 2021/12/03

写真a

 
YAMAUCHI Toshihiro
 
Organization
Natural Science and Technology Professor
Position
Professor
Other name(s)
Toshihiro Tabata
External link

Degree

  • Doctor of Engineering ( 2002.9   Kyushu University )

  • 修士(工学) ( 2000.3   九州大学 )

  • 学士(工学) ( 1998.3   九州大学 )

Research Interests

  • System security

  • System software

  • Operating system

  • Computer security

Research Areas

  • Informatics / Computer system

  • Informatics / Information security

  • Informatics / Software

Education

  • Kyushu University    

    2000.4 - 2002.9

      More details

    Country: Japan

    researchmap

  • Kyushu University   大学院システム情報科学研究科   情報工学専攻

    1998.4 - 2000.3

      More details

    Country: Japan

    researchmap

  • Kyushu University   School of Engineering  

    1994.4 - 1998.3

      More details

    Country: Japan

    researchmap

Research History

  • Okayama University   学術研究院 自然科学学域   Professor

    2021.4

      More details

    Country:Japan

    researchmap

  • Okayama University   Graduate School of Natural Science and Technology   Associate Professor

    2005.4 - 2021.3

      More details

  • Kyushu University   Faculty of Information Science and Electrical Engineering, Department of Computer Science and Communication Engineering   Research Assistant

    2002.10 - 2005.3

      More details

  • Japan Society for Promotion of Science   Research Fellow

    2001.4 - 2002.9

      More details

Professional Memberships

Committee Memberships

  • IEICE Transactions on Information and Systems, Special Section on Forefront Computing   Guest Editor-in-Chief  

    2021.9   

      More details

    Committee type:Academic society

    researchmap

  • 電子情報通信学会 情報通信システムセキュリティ(ICSS)研究会   幹事  

    2021.6   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会 コンピュータセキュリティ(CSEC)研究会   顧問  

    2021.4   

      More details

    Committee type:Academic society

    researchmap

  • 内閣サイバーセキュリティ戦略本部 研究開発戦略専門調査会 研究・産学官連携戦略ワーキンググループ   委員  

    2020.7 - 2021.3   

      More details

    Committee type:Government

    researchmap

  • 岡山県警察   サイバー犯罪対策テクニカルアドバイザー  

    2019.9   

      More details

  • 情報処理学会 コンピュータセキュリティ(CSEC)研究会   主査  

    2019.4 - 2021.3   

      More details

    Committee type:Academic society

    researchmap

  • The 15th International Workshop on Security (IWSEC 2020)   General Co-Chair  

    2019 - 2020.9   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「高度化するサイバー攻撃に対応するコンピュータセキュリティ技術」特集号   編集委員長  

    2016 - 2017.9   

      More details

    Committee type:Academic society

    researchmap

  • 24th International Conference on Information and Communications Security (ICICS 2022)   Program Committee  

    2021.10 - 2022.10   

      More details

    Committee type:Academic society

    researchmap

  • The 24th International Conference on Network-Based Information Systems (NBiS-2021)   Program Committee  

    2021.8 - 2021.9   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「量子時代をみすえたコンピュータセキュリティ技術」特集号   編集委員  

    2021.7 - 2022.9   

      More details

    Committee type:Academic society

    researchmap

  • 16th International Conference on Information Security Practice and Experience (ISPEC2021)   Program Committee  

    2021.7 - 2021.11   

      More details

    Committee type:Academic society

    researchmap

  • The 15th International Conference on Network and System Security (NSS2021)   Program Committee  

    2021.7 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS 2021)   副実行委員長  

    2021.5   

      More details

    Committee type:Academic society

    researchmap

  • The 17th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2022)   Workshop Chair  

    2021.5 - 2022.6   

      More details

    Committee type:Academic society

    researchmap

  • The 5th International Symposium on Mobile Internet Security (MobiSec'21)   Program Committee  

    2021.5 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • コンピュータセキュリティシンポジウム2021 (CSS2021)   実行委員  

    2021.5 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • システムソフトウェアとオペレーティング・システム(OS)研究会   運営委員  

    2021.4   

      More details

    Committee type:Academic society

    researchmap

  • The 6th IEEE International Workshop on Big Data and Information Security (IWBIS) 2021   Program Committee  

    2021.4 - 2021.10   

      More details

    Committee type:Academic society

    researchmap

  • 24th International Conference on Information and Communications Security (ICISC 2021)   Program Committee  

    2021.3 - 2021.12   

      More details

    Committee type:Academic society

    researchmap

  • 23rd International Conference on Information and Communications Security (ICICS 2021)   Program Committee  

    2021.3 - 2021.9   

      More details

    Committee type:Academic society

    researchmap

  • The 24th Information Security Conference (ISC 2021)   Program Committee  

    2021.2 - 2021.11   

      More details

    Committee type:Academic society

    researchmap

  • The 22nd World Conference on Information Security Applications (WISA 2021)   Program Committee  

    2021.2 - 2021.8   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Parallel and Distributed Computing and Networking   編集幹事  

    2020.11   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Blockchain Systems and Applications   編集委員  

    2020.11 - 2022.2   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Next-generation Security Applications and Practice   編集委員  

    2020.11 - 2021.11   

      More details

    Committee type:Academic society

    researchmap

  • Australasian Information Security Conference (AISC 2021)   Program Committee  

    2020.9 - 2021.2   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「Society 5.0を実現するコンピュータセキュリティ技術」特集号   編集委員  

    2020.7 - 2021.9   

      More details

    Committee type:Academic society

    researchmap

  • コンピュータセキュリティシンポジウム2020 (CSS2020)   プログラム委員  

    2020.5 - 2020.10   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS 2020)   実行委員長  

    2020.4 - 2020.10   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Parallel and Distributed Computing and Networking   編集幹事  

    2019.11 - 2020.12   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会論文誌 「実世界を支える暗号・セキュリティ・プライバシ技術」特集号   編集委員  

    2019.7 - 2020.9   

      More details

    Committee type:Academic society

    researchmap

  • 電子情報通信学会 情報通信システムセキュリティ(ICSS)研究会   幹事補佐  

    2019.6 - 2021.6   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Information and Communication System Security   編集委員  

    2019.6 - 2020.7   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS 2019)   実行委員長  

    2019.5 - 2019.10   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Security, Privacy, Anonymity and Trust in Cyberspace Computing and Communications   編集委員  

    2019.1 - 2020.2   

      More details

    Committee type:Academic society

    researchmap

  • OSSセキュリティ技術ワークショップ(OWS)組織委員会   組織委員長  

    2018.12   

      More details

    Committee type:Academic society

    researchmap

  • IEICE Transactions on Information and Systems, Special Section on Parallel and Distributed Computing and Networking   編集委員  

    2018.12 - 2019.12   

      More details

    Committee type:Academic society

    researchmap

  • The 14th International Workshop on Security (IWSEC 2019)   General Co-Chair  

    2018 - 2019.8   

      More details

    Committee type:Academic society

    researchmap

  • The 4th IEEE Cyber Science and Technology Congress (CyberSciTech 2019)   Program Co-Chair  

    2018 - 2019.8   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会 システムソフトウェアとオペレーティング・システム(OS)研究会   幹事  

    2017.4 - 2021.3   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会 コンピュータセキュリティ(CSEC)研究会   幹事  

    2017.4 - 2019.3   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会 マルウェア対策研究人材育成ワークショップ2017 (MWS2017)   プログラム委員長  

    2017 - 2017.10   

      More details

    Committee type:Academic society

    researchmap

  • 岡山県警察サイバーセキュリティ研究会   委員  

    2017   

      More details

  • 電子情報通信学会   情報通信システムセキュリティ小特集号(英文論文誌D) 編集委員長  

    2015 - 2016.4   

      More details

    Committee type:Academic society

    電子情報通信学会

    researchmap

  • 情報処理学会 コンピュータセキュリティシンポジウム2015 (CSS2015)   プログラム委員長  

    2015 - 2015.10   

      More details

    Committee type:Academic society

    researchmap

  • 情報処理学会コンピュータセキュリティ(CSEC)研究会   幹事  

    2011.4 - 2015.3   

      More details

    Committee type:Academic society

    情報処理学会

    researchmap

  • Journal of Internet Services and Information Security (JISIS)   Editorial Board member  

    2011.1   

      More details

    Committee type:Academic society

    researchmap

  • The 7th International Workshop on Security (IWSEC 2012)   Program Co-Chair  

    2011 - 2012.9   

      More details

    Committee type:Academic society

    researchmap

  • 内閣官房 情報セキュリティセンター(NISC)委託調査「OSのセキュリティ機能等に関する調査研究」検討委員会   委員  

    2005.4 - 2006.3   

      More details

  • 内閣官房情報セキュリティ対策推進室委託調査「電子政府におけるセキュリティに配慮したOSを活用した情報システムに関する調査研究」検討委員会   委員  

    2004.11 - 2005.3   

      More details

▼display all

 

Papers

  • Web access monitoring mechanism via Android WebView for threat analysis Reviewed

    Yuta Imamura, Rintaro Orito, Hiroyuki Uekawa, Kritsana Chaikaew, Pattara Leelaprute, Masaya Sato, Toshihiro Yamauchi

    International Journal of Information Security   20 ( 6 )   833 - 847   2021.12

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Springer Science and Business Media {LLC}  

    © 2021, The Author(s). Many Android apps employ WebView, a component that enables the display of web content in the apps without redirecting users to web browser apps. However, WebView might also be used for cyberattacks. Moreover, to the best of our knowledge, although some countermeasures based on access control have been reported for attacks exploiting WebView, no mechanism for monitoring web access via WebView has been proposed and no analysis results focusing on web access via WebView are available. In consideration of this limitation, we propose a web access monitoring mechanism for Android WebView to analyze web access via WebView and clarify attacks exploiting WebView. In this paper, we present the design and implementation of this mechanism by modifying Chromium WebView without any modifications to the Android framework or Linux kernel. The evaluation results of the performance achieved on introducing the proposed mechanism are also presented here. Moreover, the result of threat analysis of displaying a fake virus alert while browsing websites on Android is discussed to demonstrate the effectiveness of the proposed mechanism.

    DOI: 10.1007/s10207-020-00534-3

    Scopus

    researchmap

  • スマートフォン端末におけるセキュリティ上の脅威と対策:権限昇格攻撃と悪性Webサイトへの誘導に焦点を当てて Invited Reviewed

    山内 利宏

    金融研究   40 ( 4 )   25 - 54   2021.10

     More details

    Authorship:Lead author, Corresponding author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    researchmap

  • Additional kernel observer: privilege escalation attack prevention mechanism focusing on system call privilege changes Reviewed

    Toshihiro Yamauchi, Yohei Akao, Ryota Yoshitani, Yuichi Nakamura, Masaki Hashimoto

    International Journal of Information Security   20 ( 4 )   461 - 473   2021.8

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:Springer Science and Business Media {LLC}  

    © 2020, The Author(s). Cyberattacks, especially attacks that exploit operating system vulnerabilities, have been increasing in recent years. In particular, if administrator privileges are acquired by an attacker through a privilege escalation attack, the attacker can operate the entire system and cause serious damage. In this paper, we propose an additional kernel observer (AKO) that prevents privilege escalation attacks that exploit operating system vulnerabilities. We focus on the fact that a process privilege can be changed only by specific system calls. AKO monitors privilege information changes during system call processing. If AKO detects a privilege change after system call processing, whereby the invoked system call does not originally change the process privilege, AKO regards the change as a privilege escalation attack and applies countermeasures against it. AKO can therefore prevent privilege escalation attacks. Introducing the proposed method in advance can prevent this type of attack by changing any process privilege that was not originally changed in a system call, regardless of the vulnerability type. In this paper, we describe the design and implementation of AKO for Linux x86 64-bit. Moreover, we show that AKO can be expanded to prevent the falsification of various data in the kernel space. Then, we present an expansion example that prevents the invalidation of Security-Enhanced Linux. Finally, our evaluation results show that AKO is effective against privilege escalation attacks, while maintaining low overhead.

    DOI: 10.1007/s10207-020-00514-7

    Scopus

    researchmap

  • Mitigation of Kernel Memory Corruption Using Multiple Kernel Memory Mechanism.

    Hiroki Kuzuno, Toshihiro Yamauchi

    IEEE Access   9   111651 - 111665   2021

     More details

    Publishing type:Research paper (scientific journal)   Publisher:Institute of Electrical and Electronics Engineers ({IEEE})  

    Operating systems adopt kernel protection methods (e.g., mandatory access control, kernel address space layout randomization, control flow integrity, and kernel page table isolation) as essential countermeasures to reduce the likelihood of kernel vulnerability attacks. However, kernel memory corruption can still occur via the execution of malicious kernel code at the kernel layer. This is because the vulnerable kernel code and the attack target kernel code or kernel data are located in the same kernel address space. To gain complete control of a host, adversaries focus on kernel code invocations, such as function pointers that rely on the starting points of the kernel protection methods. To mitigate such subversion attacks, this paper presents multiple kernel memory (MKM), which employs an alternative design for kernel address space separation. The MKM mechanism focuses on the isolation granularity of the kernel address space during each execution of the kernel code. MKM provides two kernel address spaces, namely, i) the trampoline kernel address space, which acts as the gateway feature between user and kernel modes and ii) the security kernel address space, which utilizes the localization of the kernel protection methods (i.e., kernel observation). Additionally, MKM achieves the encapsulation of the vulnerable kernel code to prevent access to the kernel code invocations of the separated kernel address space. The evaluation results demonstrated that MKM can protect the kernel code and kernel data from a proof-of-concept kernel vulnerability that could lead to kernel memory corruption. In addition, the performance results of MKM indicate that the system call overhead latency ranges from 0.020 μs to 0.5445 μs , while the web application benchmark ranges from 196.27 μs to 6, 685.73 μs for each download access of 100,000 Hypertext Transfer Protocol sessions. MKM attained a 97.65% system benchmark score and a 99.76% kernel compilation time.

    DOI: 10.1109/ACCESS.2021.3101452

    Scopus

    researchmap

  • Privilege Escalation Attack Prevention Method Focusing on Privilege Changes in Guest OS on KVM Reviewed

    61 ( 9 )   1507 - 1518   2020.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    Privilege escalation attacks can lead to system tampering and information leakage. To address such attacks, we previously proposed a privilege escalation attack prevention method that focus on the modification of privileges by system calls. However, the said method needs to be implemented in the operating system (OS), and its application thus requires alteration of the kernel source code. Additionally, privilege data stored in the kernel space may be forged by attackers. To address these issues, we propose a new method in this paper for preventing privilege escalation attacks by employing KVM, (a virtual machine monitor). The new method hooks the system call invoked in the guest OS and verifies the modification of privileges through system call processing. Application of the new method does not require alteration of the kernel source code. Furthermore, forging of privilege data is deterred by storing privilege data in the memory of the host OS. In this paper, drawbacks of the previously proposed method are discussed, and the new proposed method and its evaluation results are described.

    CiNii Article

    CiNii Books

    researchmap

  • Live Forensic Method Using Process Duplication to Maintain High System Availability Reviewed

    60 ( 2 )   696 - 705   2019.2

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Most conventional digital forensic methods are designed to target hard disk drives, making them ineffective at detecting in-memory malware. In addition, in order to prevent a target system from changing the evidence on hard disk drives, it is necessary to shut down the system or stop its processing, reducing system availability. In this paper, we propose a live forensic method using process duplication to maintain high system availability. The proposed method duplicates the virtual address space of a target process for investigation, and obtains the relevant evidence from the duplicate. By reducing the occurrence of memory copy in the duplication process, it is possible to detect in-memory malware while retaining system availability. We describe the effectiveness of the proposed method, and furthermore, evaluate and report on the delay time when this method is applied to a periodically executing process.

    CiNii Article

    CiNii Books

    researchmap

  • Mitigating use-after-free attacks using memory-reuse-prohibited library Reviewed

    Toshihiro Yamauchi, Yuta Ikegami, Yuya Ban

    IEICE Transactions on Information and Systems   E100D ( 10 )   2295 - 2306   2017.10

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    Copyright © 2017 The Institute of Electronics, Information and Communication Engineers. Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. In particular, large-scale programs such as browsers often include many dangling pointers, and UAF vulnerabilities are frequently exploited by drive-by download attacks. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attackpreventionmethod that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. The first condition for reuse is that the total size of the freed memory area is beyond the designated size. The threshold for the conditions of reuse of the freed memory area can be randomized by HeapRevolver. Furthermore, we add a second condition for reuse in which the freed memory area is merged with an adjacent freed memory area before release. Furthermore, HeapRevolver can be applied without modifying the target programs. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small.

    DOI: 10.1587/transinf.2016INP0020

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet100d.html#YamauchiIB17

  • Function for Tracing Diffusion of Classified Information to Support Multiple VMs with KVM Reviewed

    Kohei Otani, Toshiki Okazaki, Toshihiro Yamauchi, Hideaki Moriyama, Masaya Sato, Hideo Taniguchi

    Proceedings of 2021 nineth International Symposium on Computing and Networking Workshops, 8th International Workshop on Information and Communication Security (WICS 2021)   352 - 358   2021.11

     More details

    Authorship:Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    researchmap

  • Proposal of Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites and Analysis Using Demonstration Experiment Data

    石原聖, 佐藤将也, 佐藤将也, 山内利宏

    情報処理学会論文誌ジャーナル(Web)   62 ( 9 )   1536 - 1548   2021.9

     More details

    Language:Japanese  

    One of the methods to attack mobile devices is redirecting a user to unwanted websites. To the best of our knowledge, there is no method to generate a blacklist that focuses on such attacks. Therefore, we propose a method to generate a blacklist for mobile devices by searching malicious websites. To detect new malicious websites, this method collects HTML files from the webspace using a crawler and searches for HTML files highly likely to be malicious using keywords extracted from known malicious websites. In the evaluation, we performed detection experiments with the blacklist generated by the proposed method using the demonstration experiment data. The evaluation results showed that the generated blacklist detects malicious websites used in attacks of redirecting a user to unwanted websites with few false positives. In addition, new malicious websites were discovered using the generated blacklist; furthermore, we describe an analysis of attacks of redirecting a user to unwanted websites.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Physical Memory Management with Two Page Sizes in Tender OS.

    Koki Kusunoki, Toshihiro Yamauchi, Hideo Taniguchi

    Lecture Notes in Networks and Systems   313   238 - 248   2021.9

     More details

    Publishing type:Research paper (international conference proceedings)  

    Physical memory capacity has increased owing to large-scale integration. In addition, memory footprints have increased in size, as multiple programs are executed on a single computer. Many operating systems manage physical memory by paging a 4 KB page. Therefore, the number of entries in the virtual address translation table for virtual to physical increases along with the size of the memory footprints. This cause a decrease in the translation lookaside buffer (TLB) hit ratio, resulting in the performance degradation of the application. To address this problem, we propose the implementation of physical memory management with two page sizes: 4 KB and 4 MB. This allows us to expand range of addresses to be translated by a single TLB entry, thereby improving the TLB hit rate. This paper describes the design and implementation of the physical memory management mechanism that manages physical memory using two page sizes on The ENduring operating system for Distributed EnviRonment (OS). Our results showed that when the page size is 4 MB, the processing time of the memory allocation can be reduced by as much as approximately 99.7%, and the processing time for process creation can be reduced by as much as approximately 51%, and the processing time of the memory operation could be reduced by as much as 91.9%.

    DOI: 10.1007/978-3-030-84913-9_22

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nbis/nbis2021.html#KusunokiYT21

  • Analysis of commands of Telnet logs illegally connected to IoT devices Reviewed

    Toshihiro Yamauchi, Ryota Yoshimoto, Takahiro Baba, Katsunari Yoshioka

    Proceedings of 2021 10th International Congress on Advanced Applied Informatics (IIAI-AAI 2021)   913 - 915   2021.7

     More details

    Authorship:Lead author, Corresponding author   Language:English   Publishing type:Research paper (international conference proceedings)  

    researchmap

  • Implementation and Evaluation of Resource Pooling Function for High-speed Process Creation Reviewed

    谷口秀夫, 山内利宏, 田村大

    情報処理学会論文誌ジャーナル(Web)   62 ( 2 )   443 - 454   2021.2

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    In the recent cloud computing environment, many short-lived processes are created, a method of realizing a service by mutual cooperation of these processes has been attracting attention. Therefore, speeding up the process creation is very important. Tender OS, thus, proposes a mechanism for fast process creation and deletion. The proposed mechanism involves the recycling of process resources. However, the proposed mechanism cannot recycle process resources during process creation if the stored process resources are not adequate. Stored process resources may increase monotonically if they are not recycled for process creation, which in turn can cause memory starvation. This paper, therefore, proposes a resource pooling function for addressing the these problems. In addition to the function for resource recycling, the resource pooling function incorporates the resource creation function and the resource reduction function. Furthermore, this paper reports the effectiveness of the resource pooling function in terms of processing time efficiency and memory usage.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Improvement and Evaluation of a Function for Tracing the Diffusion of Classified Information on KVM Reviewed

    Moriyama, H., Yamauchi, T., Sato, M., Taniguchi, H.

    Advances in Intelligent Systems and Computing   1264 AISC   338 - 349   2021

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Advances in Intelligent Systems and Computing  

    © 2021, Springer Nature Switzerland AG. The increasing amount of classified information currently being managed by personal computers has resulted in the leakage of such information to external computers, which is a major problem. To prevent such leakage, we previously proposed a function for tracing the diffusion of classified information in a guest operating system (OS) using a virtual machine monitor (VMM). The tracing function hooks a system call in the guest OS from the VMM, and acquiring the information. By analyzing the information on the VMM side, the tracing function makes it possible to notify the user of the diffusion of classified information. However, this function has a problem in that the administrator of the computer platform cannot grasp the transition of the diffusion of classified processes or file information. In this paper, we present the solution to this problem and report on its evaluation.

    DOI: 10.1007/978-3-030-57811-4_32

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nbis/nbis2020.html#MoriyamaYST20

  • KPRM: Kernel Page Restriction Mechanism to Prevent Kernel Memory Corruption

    Hiroki Kuzuno, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   12835 LNCS   45 - 63   2021

     More details

    Publishing type:Research paper (international conference proceedings)   Publisher:Springer International Publishing  

    An operating system (OS) comprises a mechanism for sharing the kernel address space with each user process. An adversary’s user process compromises the OS kernel through memory corruption, exploiting the kernel vulnerability. It overwrites the kernel code related to security features or the kernel data containing privilege information. Process-local memory and system call isolation divide one kernel address space into multiple kernel address spaces. While user processes create their own kernel address space, these methods leave the kernel code vulnerable. Further, an adversary’s user process can involve malicious code that elevates from user mode to kernel mode. Herein, we propose the kernel page restriction mechanism (KPRM), which is a novel security design that prohibits vulnerable kernel code execution and prevents writing to the kernel data from an adversary’s user process. The KPRM dynamically unmaps the kernel page of vulnerable kernel code and attack target kernel data from the kernel address space. This removes the reference of the unmapped kernel page from the kernel page table at the system call invocation. The KPRM achieves that an adversary’s user process can not employ the reference of unmapped kernel page to exploit the kernel through vulnerable kernel code on the running kernel. We implemented KPRM on the latest Linux kernel and showed that it successfully thwarts actual proof-of-concept kernel vulnerability attacks that may cause kernel memory corruption. In addition, the KPRM performance results indicated limited kernel processing overhead in software benchmarks and a low impact on user applications.

    DOI: 10.1007/978-3-030-85987-9_3

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2021.html#KuzunoY21

  • (Short Paper) Evidence Collection and Preservation System with Virtual Machine Monitoring

    Toru Nakamura, Hiroshi Ito, Shinsaku Kiyomoto, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   12835 LNCS   64 - 73   2021

     More details

    Publishing type:Research paper (international conference proceedings)   Publisher:Springer International Publishing  

    In a system audit and verification, it is important to securely collect and preserve evidence of execution environments, execution processes, and program execution results. Evidence-based verification of program processes ensures their authenticity; for example, the processes include no altered/infected program library. This paper proposes a solution for collection of evidence on program libraries based on Virtual Machine Monitor (VMM). The solution can solve semantic gap by obtaining library file path names. This paper also shows a way to obtain hash values of library files from a guest OS. Furthermore, this paper provides examples of evidence on program execution and the overhead of the solution.

    DOI: 10.1007/978-3-030-85987-9_4

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2021.html#NakamuraIKY21

  • Privilege Escalation Attack Prevention Method by Focusing on Privilege Changes on 64-bit ARM Reviewed

    61 ( 9 )   1531 - 1541   2020.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    Privilege escalation attacks that exploit operating system vulnerabilities can cause significant damage to the associated systems. We previously proposed an additional kernel observer (AKO), a prevention method that focuses on modifying process privileges by system calls. AKO verifies the modification in process privilege data and monitors the modification in privilege data by storing them in the kernel stack before processing the system call. However, if an attacker identifies the storage location of privilege data in the kernel stack and alters both process privilege data and privilege data in the kernel stack while the system call is being processed, AKO can be bypassed. Hence, in this paper, we propose a new method for preventing privilege escalation attacks in the 64-bit ARM environment as well as AKO for protecting mobile devices and IoT devices. To address the issues of AKO, the new method protects the stored privilege data employing the ARM TrustZone technology. In this paper, the new method's design, implementation, and evaluation results are described. In the evaluation, we performed a privilege escalation attack detection experiment using an exploit code and measured performance of system calls and applications. The evaluation results showed that protection by attack detection was successful and the performance degradation due to this method was limited.

    CiNii Article

    CiNii Books

    researchmap

  • Method to Reduce Redundant Security Policy Using SELinux CIL Reviewed

    61 ( 9 )   1519 - 1530   2020.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    Application of SELinux involves incorporating a general security policy that permits redundant privileges for individual systems. Hence, we previously proposed a method that eliminates redundant policies from the general policy. However, the said method cannot be applied when there is no policy source file or policies include an attribute that is not supported. During eliminating policies period, the log of access permitted by a particular policy is continually produced as an output, and the associated overhead is large. Furthermore, redundant policies in the base module cannot be eliminated. To address these issues, we propose a new method that extends the previously proposed method. The new method involves the processing of files written in SELinux CIL (an intermediate language) for eliminating redundant policies. Additionally, the new method considers attributes and eliminates policies with fine granularity. The overhead is reduced by eliminating the auditallow statement associated with the policy once converted to the policy format from the policy. Furthermore, by replacing the typeattributeset statement, redundant policies can be eliminated without modifying the base module. In this study, the effectiveness of our method is demonstrated through evaluation of policy elimination and through an attack prevention experiment by incorporating the vulnerabilities in Apache Struts2.

    CiNii Article

    CiNii Books

    researchmap

  • Support System for Assessing Anti-analysis JavaScript Code by Using Proxy Objects Reviewed

    61 ( 6 )   1134 - 1145   2020.6

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    JavaScript code used by web-based attacks is usually protected by some anti-analysis techniques such as obfuscation or cloaking in order to hide its intent or avoid detection. Analyzing such code becomes an urgent task to counter cyber attacks. Therefore, we propose an analysis support system for anti-analysis JavaScript code. The proposed system comprehensively monitors browser API operations and outputs API operation logs for helping analyst's understanding the behavior of code. By using Proxy objects to capture API operations, the proposed system successfuly monitors API operations that could not be captured completely by existing methods. In addition, by replacing variable references, it is able to comprementally monitor API operations for non-replaceable APIs. In this paper, we describe the concept of the proposed system and the implementation of analysis method. We also report the result of analyzing anti-analysis JavaScript codes as an evaluation.

    CiNii Article

    CiNii Books

    researchmap

  • MKM: Multiple Kernel Memory for Protecting Page Table Switching Mechanism Against Memory Corruption. Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   12231 LNCS   97 - 116   2020

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    © Springer Nature Switzerland AG 2020. Countermeasures against kernel vulnerability attacks on an operating system (OS) are highly important kernel features. Some kernels adopt several kernel protection methods such as mandatory access control, kernel address space layout randomization, control flow integrity, and kernel page table isolation; however, kernel vulnerabilities can still be exploited to execute attack codes and corrupt kernel memory. To accomplish this, adversaries subvert kernel protection methods and invoke these kernel codes to avoid administrator privileges restrictions and gain complete control of the target host. To prevent such subversion, we present Multiple Kernel Memory (MKM), which offers a novel security mechanism using an alternative design for kernel memory separation that was developed to reduce the kernel attack surface and mitigate the effects of illegal data manipulation in the kernel memory. The proposed MKM is capable of isolating kernel memory and dedicates the trampoline page table for a gateway of page table switching and the security page table for kernel protection methods. The MKM encloses the vulnerable kernel code in the kernel page table. The MKM mechanism achieves complete separation of the kernel code execution range of the virtual address space on each page table. It ensures that vulnerable kernel code does not interact with different page tables. Thus, the page table switching of the trampoline and the kernel protection methods of the security page tables are protected from vulnerable kernel code in other page tables. An evaluation of MKM indicates that it protects the kernel code and data on the trampoline and security page tables from an actual kernel vulnerabilities that lead to kernel memory corruption. In addition, the performance results show that the overhead is 0.020 $$\mu $$s to 0.5445 $$\mu $$s, in terms of the system call latency and the application overhead average is 196.27 $$\mu $$s to 6,685.73 $$\mu $$s, for each download access of 100,000 Hypertext Transfer Protocol sessions.

    DOI: 10.1007/978-3-030-58208-1_6

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2020.html#KuzunoY20

  • Identification of kernel memory corruption using kernel memory secret observation mechanism Reviewed

    Kuzuno, H., Yamauchi, T.

    IEICE Transactions on Information and Systems   E103D ( 7 )   1462 - 1475   2020

     More details

    Language:English   Publishing type:Research paper (scientific journal)  

    Copyright © 2020 The Institute of Electronics, Information and Communication Engineers. Countermeasures against attacks targeting an operating system are highly effective in preventing security compromises caused by kernel vulnerability. An adversary uses such attacks to overwrite credential information, thereby overcoming security features through arbitrary program execution. CPU features such as Supervisor Mode Access Prevention, Supervisor Mode Execution Prevention and the No eXecute bit facilitate access permission control and data execution in virtual memory. Additionally, Linux reduces actual attacks through kernel vulnerability affects via several protection methods including Kernel Address Space Layout Randomization, Control Flow Integrity, and Kernel Page Table Isolation. Although the combination of these methods can mitigate attacks as kernel vulnerability relies on the interaction between the user and the kernel modes, kernel virtual memory corruption can still occur (e.g., the eBPF vulnerability allows malicious memory overwriting only in the kernel mode). We present the Kernel Memory Observer (KMO), which has a secret observation mechanism to monitor kernel virtual memory. KMO is an alternative design for virtual memory can detect illegal data manipulation/writing in the kernel virtual memory. KMO determines kernel virtual memory corruption, inspects system call arguments, and forcibly unmaps the direct mapping area. An evaluation of KMO reveals that it can detect kernel virtual memory corruption that contains the defeating security feature through actual kernel vulnerabilities. In addition, the results indicate that the system call overhead latency ranges from 0.002 μs to 8.246 μs, and the web application benchmark ranges from 39.70 μs to 390.52 μs for each HTTP access, whereas KMO reduces these overheads by using tag-based Translation Lookaside Buffers.

    DOI: 10.1587/transinf.2019ICP0011

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicetd/ieicetd103.html#KuzunoY20

  • Accessibility service utilization rates in android applications shared on Twitter Reviewed

    Ichioka, S., Pouget, E., Mimura, T., Nakajima, J., Yamauchi, T.

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   12583 LNCS   101 - 111   2020

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

    © Springer Nature Switzerland AG 2020. The number of malware detected has been increasing annually, and 4.12% of malware reported in 2018 attacked Android phones. Therefore, preventing attacks by Android malware is critically important. Several previous studies have investigated the percentage of apps that utilize accessibility services and are distributed from Google Play, that have been reportedly used by Android malware. However, the Social Networking Services (SNSs) that are used to spread malware have distributed apps not only from Google Play but also from other sources. Therefore, apps distributed from within and outside of Google Play must be investigated to capture malware trends. In this study, we collected apps shared on Twitter in 2018, which is a representative SNS, and created a Twitter shared apps dataset. The dataset consists of 32,068 apps downloaded from the websites of URLs collected on Twitter. We clarified the proportion of apps that contained malware and proportion of apps utilizing accessibility services. We found that both, the percentage of malware and percentage of total apps using accessibility services have been increasing. Notably, the percentages of malware and un-suspicious apps using accessibility services were quite similar. Therefore, this problem cannot be solved by automatically blocking all apps that use accessibility services. Hence, specific countermeasures against malware using accessibility services will be increasingly important for online security in the future.

    DOI: 10.1007/978-3-030-65299-9_8

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/wisa/wisa2020.html#IchiokaPMNY20

  • Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites. Reviewed

    Takashi Ishihara, Masaya Sato, Toshihiro Yamauchi

    Proceedings - 2020 8th International Symposium on Computing and Networking Workshops, CANDARW 2020   328 - 333   2020

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    © 2020 IEEE. As mobile devices have become more popular, mal-ware and attacks directed at them have significantly increased. One of the methods to attack mobile devices is redirecting a user to unwanted websites by unwanted page transition. One of the countermeasures against such attacks is to generate a blacklist of URLs and hostnames, which can prevent access to malicious websites. To generate a blacklist, first, malicious websites are collected in the web space. Then, URLs and hostnames of the malicious websites are added to the blacklist. However, URLs of the malicious websites are typically changed frequently; thus, it is necessary to keep track of the malicious websites and update the blacklist in a timely manner. In this study, we proposed a method to generate blacklists for mobile devices by searching malicious websites. The method collects many HTML files from the web space using a crawler and searches for HTML files that are highly likely to be malicious using keywords extracted from the known malicious websites to discover the new ones. Thus, new malicious websites can be added to the blacklist in a timely manner. Using the proposed method, we discovered malicious websites that were not detected by Google Safe Browsing. Moreover, the blacklist generated using the method had a high detection rate for certain malicious websites. This paper reports the design process and the results of the evaluation of the new method.

    DOI: 10.1109/CANDARW51189.2020.00070

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2020w.html#IshiharaSY20

  • Method for Delegating I/O Functions to Linux in AnT Operating System Reviewed

    60 ( 12 )   2279 - 2290   2019.12

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    A specialized operating system (OS) can provide some order-made service efficiently. However, development of the specialized OS takes a large amount of cost (e.g., device driver, file management functions). Thus, it is important to reduce the cost. In this paper, we describe a method for introducing the specialized OS and Linux run independently in multicore processors, and the specialized OS uses Linux file I/O functions. This paper describes the design and the implementation of the proposed method for AnT operating system as the specialized OS, and reports the evaluation results of the proposed method.

    CiNii Article

    CiNii Books

    researchmap

  • Threat Analysis of Fake Virus Alerts Using WebView Monitor Reviewed

    Yuta Imamura, Rintaro Orito, Kritsana Chaikaew, Celia Manardo, Pattara Leelaprute, Masaya Sato, Toshihiro Yamauchi

    Proceedings - 2019 7th International Symposium on Computing and Networking, CANDAR 2019   28 - 36   2019.11

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    © 2019 IEEE. As mobile devices have become more popular, mobile web browsing has surpassed desktop browser use and the number of mobile malware cases has increased. The methods of infiltrating Android devices with malware include malvertising and scams. Android users can access websites via web browsers and Android apps using WebView, which displays web content inside an app without redirecting users to web browsers. However, WebView is vulnerable to cyberattacks and the security mechanisms are not sufficient to prevent all attacks. In this study, to analyze web access threats via WebView, we investigated web access to malicious websites against Android mobile devices. In particular, we focused on fake virus alerts. To monitor web access for threat analysis, we improved the WebView Monitor [1] to capture all web access via Android WebView. In particular, we analyzed the mechanism of displaying a fake virus alert while browsing websites on Android.

    DOI: 10.1109/CANDAR.2019.00012

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2019.html#ImamuraOCMLSY19

  • 仮想計算機を利用した性能プロファイリングシステムの分散化とデータ収集停止時間の短縮 Reviewed

    山本 昌生,中島 耕太,山内 利宏,名古屋 彰,谷口 秀夫

    電子情報通信学会論文誌D   J102-D ( 10 )   674 - 684   2019.10

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    DOI: 10.14923/transinfj.2018JDP7035

    researchmap

  • Implementation and Evaluation of Batch Processing Request for Leveraging Distributed Execution of OS Processing Reviewed

    60 ( 2 )   430 - 439   2019.2

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    In microkernel operating systems (OSes), some parts of OS functions are implemented as processes, which called OS server. For this reason, OS functions can be distributed by placing OS servers to multiple processors. However, it is difficult to reduce the response time of a processing request from an application program (AP) to an OS server. This is due to invocation of multiple inter server communication for processing requests. In addition, an interface of processing requests from AP to OS servers is blocking in most cases. Hence, a processing request is forced to be done successively even though multiple processing are concurrently executable and related OS servers are independent. In this paper, we propose a batch process request function with blocking interface to request multiple processing to OS servers at one time. We also present evaluation results of basic performance, and distributed processing by the proposed function can reduce the response time for a service consists of multiple processing.

    CiNii Article

    CiNii Books

    researchmap

  • Additional Kernel Observer to Prevent Privilege Escalation Attacks by Focusing on System Call Privilege Changes Reviewed

    Toshihiro Yamauchi, Yohei Akao, Ryota Yoshitani, Yuichi Nakamura, Masaki Hashimoto

    DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing   1 - 8   2019.1

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)  

    © 2018 IEEE. In recent years, there has been an increase in attacks that exploit operating system vulnerabilities. In particular, if an administrator's privilege is acquired by an attacker through a privilege escalation attack, the attacker can operate the entire system and the system can suffer serious damage. In this paper, an additional kernel observer (AKO) method is proposed. It prevents privilege escalation attacks that exploit operating system vulnerabilities. We focus on the fact that a process privilege can be changed only by specific system calls. AKO monitors privilege information changes during system call processing. If AKO detects a privilege change after system call processing, whereby the invoked system call does not originally change the process privilege, AKO regards the change as a privilege escalation attack and applies countermeasures against it. In this paper, we describe the design and implementation of AKO for Linux x86, 64 bit. Moreover, AKO can be expanded to prevent the falsification of various data in the kernel space. We present an expansion example that prevents the invalidation of Security-Enhanced Linux. Evaluation results show that AKO is effective against privilege escalation attacks, while maintaining low overhead.

    DOI: 10.1109/DESEC.2018.8625137

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/desec/desec2018.html#YamauchiAYNH18

  • (Short Paper) method for preventing suspicious web access in android WebView Reviewed

    Masaya Sato, Yuta Imamura, Rintaro Orito, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   11689 LNCS   241 - 250   2019

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer  

    © 2019, Springer Nature Switzerland AG. WebView is commonly used by applications on the Android OS. Given that WebView is used as a browsing component on applications, they can be attacked via the web. Existing security mechanisms mainly focus on web browsers; hence, securing WebView is an important challenge. We proposed and implemented a method for preventing suspicious web access in Android WebView. Attackers distribute their malicious content including malicious applications, potentially unwanted programs, and coin miners, by inserting contents into a web page. Because loading malicious content involves HTTP communication, our proposed method monitors HTTP communication by WebView and blocks suspicious web accesses. To apply the proposed method to widely used applications, we implemented our method inside WebView. We also evaluated the proposed method with some popular applications and confirmed that the method can block designated web content without impeding the functionality of applications.

    DOI: 10.1007/978-3-030-26834-3_14

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iwsec/iwsec2019.html#SatoIOY19

  • Hiding File Manipulation of Essential Services by System Call Proxy Reviewed

    Masaya Sato, Hideo Taniguchi, Toshihiro Yamauchi

    Lecture Notes on Data Engineering and Communications Technologies   22   853 - 863   2019

     More details

    Language:English   Publishing type:Part of collection (book)  

    © 2019, Springer Nature Switzerland AG. Security software or logging programs are frequently attacked because they are an obstruction to attackers. Protecting these essential services from attack is crucial to preventing and mitigating damage. Hiding information related to essential services, such as that of the files and processes, can help to deter attacks on these services. This paper proposes a method of hiding file manipulation for essential services. The method makes the files invisible to all services except their corresponding essential services and provides access methods to those files in a virtual machine (VM) environment. In the proposed method, system calls to those files are executed by a proxy process on the other VM. The original system call is not executed in the operating system of the original VM, however, the result of file access is returned to the original process. Thus, the files of essential services are placed on the other VM and other processes on the original VM cannot access to them. Therefore, the proposed method can prevent or deter identification of essential services based on file information monitoring.

    DOI: 10.1007/978-3-319-98530-5_76

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nbis/nbis2018.html#SatoTY18

  • Design and implementation of hiding method for file manipulation of essential services by system call proxy using virtual machine monitor. Reviewed

    Masaya Sato, Hideo Taniguchi, Toshihiro Yamauchi

    Int. J. Space Based Situated Comput.   9 ( 1 )   1 - 10   2019

     More details

    Language:English   Publishing type:Research paper (scientific journal)  

    DOI: 10.1504/IJSSC.2019.100007

    researchmap

  • KMO: Kernel Memory Observer to Identify Memory Corruption by Secret Inspection Mechanism Reviewed

    Hiroki Kuzuno, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   11879 LNCS   75 - 94   2019

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    © Springer Nature Switzerland AG, 2019. Kernel vulnerability attacks may allow attackers to execute arbitrary program code and achieve privilege escalation through credential overwriting, thereby avoiding security features. Major Linux protection methods include Kernel Address Space Layout Randomization, Control Flow Integrity, and Kernel Page Table Isolation. All of these mitigate kernel vulnerability affects and actual attacks. In addition, the No eXecute bit, Supervisor Mode Access Prevention, and Supervisor Mode Execution Prevention are CPU features for managing access permission and data execution in virtual memory. Although combinations of these methods can reduce the attack availability of kernel vulnerability based on the interaction between the user and kernel modes, kernel virtual memory corruption is still possible (e.g., the eBPF vulnerability executes the attack code only in the kernel mode). To monitor kernel virtual memory, we present the Kernel Memory Observer (KMO), which has a secret inspection mechanism and offers an alternative design for virtual memory. It allows the detection of illegal data manipulation/writing in the kernel virtual memory. KMO identifies the kernel virtual memory corruption, monitors system call arguments, and enables unmapping from the direct mapping area. An evaluation of our method indicates that it can detect the actual kernel vulnerabilities leading to kernel virtual memory corruption. In addition, the results show that the overhead is 0.038 $$\upmu $$ s to 2.505 $$\upmu $$ s in terms of system call latency, and the application benchmark is 371.0 $$\upmu $$ s to 1,990.0 $$\upmu $$ s for 100,000 HTTP accesses.

    DOI: 10.1007/978-3-030-34339-2_5

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ispec/ispec2019.html#KuzunoY19

  • Acceleration of analysis processing on decentralized performance profiling system using virtual machines Reviewed

    Masao Yamamoto, Kohta Nakashima, Toshihiro Yamauchi, Akira Nagoya, Hideo Taniguchi

    Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   152 - 158   2018.12

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    © 2018 IEEE. To detect the performance anomaly of a computer, as a structure for continuous performance profiling, decentralization of the performance profiling system using virtual machines has been proposed. Moreover, there have already been evaluation results reported regarding overhead, including data storing, and data sampling stall time. On the other hand, for continuous performance profiling, the continuous processing of performance profiling is needed, including not only data sampling and data storing but also analysis processing. Therefore, first, this paper describes a relationship condition among data sampling time, data storing time, and analysis processing time as the necessary condition for continuous performance profiling on a decentralized performance profiling system. Second, in order to satisfy the relationship condition, we propose a concurrent operation technique as the acceleration method of analysis processing for a decentralized performance profiling system. Finally, this paper presents quantitative evaluations of the proposed method, including the case of a multi-VMM environment.

    DOI: 10.1109/CANDARW.2018.00035

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2018w.html#YamamotoNYNT18

  • Mitigating use-after-free attack using library considering size and number of freed memory Reviewed

    Yuya Ban, Toshihiro Yamauchi

    Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   398 - 404   2018.12

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    © 2018 IEEE. Use-after-free (UAF) vulnerabilities, are abused by exploiting a dangling pointer that refers to a freed memory, location and then executing arbitrary code. Vulnerabilities are caused by bugs in software programs, particularly large scale programs such as browsers. We had previously proposed HeapRevolver, which prohibits freed memory area from being reused for a certain period. HeapRevolver on Windows uses the number of freed memory areas that are prohibited for reuse as a trigger to release the freed memory area. Alternatively, HeapRevolver uses the number of the freed memory areas as a threshold for releasing freed memory. However, when the size of individual freed memory area is large, HeapRevolver on Windows increases the memory overhead. In this paper, we propose an improved HeapRevolver for Windows considering the size and number of the freed memory areas. The improved HeapRevolver prohibits the reuse of a certain number of freed memory areas at a given time by considering the size and number of freed memory areas as thresholds. Evaluation results demonstrate that the improved HeapRevolver can prevent attacks that exploit UAF vulnerabilities. Particularly, when the size of individual freed memory area is small in a program, HeapRevolver is effective in decreasing the attack success rate.

    DOI: 10.1109/CANDARW.2018.00080

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2018w.html#BanY18

  • Performance Improvement and Evaluation of Function for Tracing Diffusion of Classified Information on KVM

    Hideaki Moriyama, Toshihiro Yamauchi, Masaya Sato, Hideo Taniguchi

    Proceedings - 2017 5th International Symposium on Computing and Networking, CANDAR 2017   2018-January   463 - 468   2018.4

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    © 2017 IEEE. As a result of the increasing amounts of classified information being managed by personal computers, leakage of this information to external computers has become a serious problem. To prevent such leakage, we previously proposed a function for tracing the diffusion of classified information in a guest operating system (OS) using a virtual machine monitor (VMM). This function allows determination of the classified information location and information leakage detection without modification of the guest OS source code. In addition, it is more difficult for attacks to target this function, because the VMM is isolated from the guest OS. The tracing function hooks a system call in the guest OS from the VMM and judges whether the hooked system call is related to the diffusion of classified information. However, if the tracing function induces processing of large overheads, introduction of this function may degrade performance. In this paper, we analyze the processing performance of the tracing function in detail, identifying processing involving large overheads. Hence, we determine that the recording overheads for files or processes having the potential to diffuse classified information are especially large. To reduce the influence of the tracing function introduction, it is necessary to reduce these overheads. Therefore, we present a policy for efficient management. Further, we propose an improved tracing function and report on its evaluation.

    DOI: 10.1109/CANDAR.2017.91

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2017.html#MoriyamaYST17

  • Web access monitoring mechanism for Android WebView Reviewed

    Yuta Imamura, Hiroyuki Uekawa, Yasuhiro Ishihara, Masaya Sato, Toshihiro Yamauchi

    ACM International Conference Proceeding Series   1 - 8   2018.1

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    © 2018 Association for Computing Machinery. In addition to conventional web browsers, WebView is used to display web content on Android. WebView is a component that enables the display of web content in mobile applications, and is extensively used. As WebView displays web content without having to redirect the user to web browsers, there is the possibility that unauthorized web access may be performed secretly via Web-View, and information in Android may be stolen or tampered with. Therefore, it is necessary to monitor and analyze web access via WebView, particularly because attacks exploiting WebView have been reported. However, there is no mechanism for monitoring web access viaWebView. In this work, the goals are to monitor web access via WebView and to analyze mobile applications using Web-View. To achieve these goals, we propose a web access monitoring mechanism for Android WebView. In this paper, the design and implementation of a mechanism that does not require any modifications to the Android Framework and Linux kernel are presented for the Chromium Android System WebView app. In addition, this paper presents evaluation results for the proposed mechanism.

    DOI: 10.1145/3167918.3167942

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/acsw/acsw2018.html#ImamuraUISY18

  • Access control mechanism to mitigate cordova plugin attacks in hybrid applications Reviewed

    Naoki Kudo, Toshihiro Yamauchi, Thomas H. Austin

    Journal of Information Processing   26   396 - 405   2018.1

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2018 Information Processing Society of Japan. Hybrid application frameworks such as Cordova are more and more popular to create platform-independent applications (apps) because they provide special APIs to access device resources in a platform-agonistic way. By using these APIs, hybrid apps can access device resources through JavaScript. In this paper, we present a novel apprepackaging attack that repackages hybrid apps with malicious code; this code can exploit Cordova’s plugin interface to steal and tamper with device resources. We address this attack and cross-site scripting attacks against hybrid apps. Since these attacks need to use plugins to access device resources, we refer to both of these attacks as Cordova plugin attacks. We further demonstrate a defense against Cordova plugin attacks through the use of a novel runtime access control mechanism that restricts access based on the mobile user’s judgement. Our mechanism is easy to introduce to existing Cordova apps, and allows developers to produce apps that are resistant to Cordova plugin attacks. Moreover, we evaluate the effectiveness and performance of our mechanism.

    DOI: 10.2197/ipsjjip.26.396

    Scopus

    researchmap

  • マルチコア環境におけるスケジューラ連携による優先度逆転抑制法 Reviewed

    鴨生悠冬, 山内利宏, 谷口秀夫

    電子情報通信学会論文誌D   J101-D ( 6 )   998 - 1008   2018

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    DOI: 10.14923/transinfj.2017JDP7061

    researchmap

  • ディレクトリ優先方式における未参照バッファ数に着目した入出力バッファ分割法 Reviewed

    横山和俊, 土谷彰義, 山本光一, 河辺誠弥, 山内利宏, 乃村能成, 谷口秀夫

    電子情報通信学会論文誌D   J101-D ( 1 )   46 - 56   2018

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    DOI: 10.14923/transinfj.2017SKP0012

    researchmap

  • Kernel rootkits detection method by monitoring branches using hardware features Reviewed

    Toshihiro Yamauchi, Yohei Akao

    IEICE Transactions on Information and Systems   E100D ( 10 )   2377 - 2381   2017.10

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    Copyright © 2017 The Institute of Electronics, Information and Communication Engineers. An operating system is an essential piece of software that manages hardware and software resources. Thus, attacks on an operating system kernel using kernel rootkits pose a particularly serious threat. Detecting an attack is difficult when the operating system kernel is infected with a kernel rootkit. For this reason, handling an attack will be delayed causing an increase in the amount of damage done to a computer system. In this paper, we propose Kernel Rootkits Guard (KRGuard), which is a new method to detect kernel rootkits that monitors branch records in the kernel space. Since many kernel rootkits make branches that differ from the usual branches in the kernel space, KRGuard can detect these differences by using the hardware features of commodity processors. Our evaluation shows that KRGuard can detect kernel rootkits that involve new branches in the system call handler processing with small overhead.

    DOI: 10.1587/transinf.2016INL0003

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet100d.html#YamauchiA17

  • Access control for plugins in cordova-based hybrid applications

    Naoki Kudo, Toshihiro Yamauchi, Thomas H. Austin

    Proceedings - International Conference on Advanced Information Networking and Applications, AINA   1063 - 1069   2017.5

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2017 IEEE. Hybrid application frameworks such as Cordovaallow mobile application (app) developers to create platformindependent apps. The code is written in JavaScript, with special APIs to access device resources in a platform-agnostic way. In this paper, we present a novel app-repackaging attack that repackages hybrid apps with malicious code, this code can exploit Cordova's plugin interface to tamper with device resources. We further demonstrate a defense against this attack through the use of a novel runtime access control mechanism that restricts access based on the mobile user's judgement. Our mechanism is easy to introduce to existing Cordova apps, and allows developers to produce apps that are resistant to app-repackaging attacks.

    DOI: 10.1109/AINA.2017.61

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/aina/aina2017.html#KudoYA17

  • KRGuard: Kernel Rootkits Detection Method by Monitoring Branches Using Hardware Features Reviewed

    Yohei Akao, Toshihiro Yamauchi

    ICISS 2016 - 2016 International Conference on Information Science and Security   100-D ( 10 )   22 - 26   2017.3

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    © 2016 IEEE. Attacks on an operating system kernel using kernel rootkits pose a particularly serious threat. Detecting an attack is difficult when the operating system kernel is infected with a kernel rootkit. For this reason, handling an attack will be delayed causing an increase in the amount of damage done to a computer system. In this paper, we discuss KRGuard (Kernel Rootkits Guard), which is a new method to detect kernel rootkits that monitors branch records in the kernel space. Since many kernel rootkits make branches that differ from the usual branches in the kernel space, KRGuard can detect these differences by using hardware features of commodity processors. Our evaluation shows that KRGuard can detect kernel rootkits with small overhead.

    DOI: 10.1109/ICISSEC.2016.7885860

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet100d.html#YamauchiA17

  • Memory access monitoring and disguising of process information to Avoid Attacks to essential services

    Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016   635 - 641   2017.1

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2016 IEEE. To prevent attacks on essential software and to mitigate damage, an attack avoiding method that complicates process identification from attackers is proposed. This method complicates the identification of essential services by replacing process information with dummy information. However, this method allows attackers to identify essential processes by detecting changes in process information. To address this problems and provide more complexity to process identification, this paper proposes a memory access monitoring by using a virtual machine monitor. By manipulating the page access permission, a virtual machine monitor detects page access, which includes process information, and replaces it with dummy information. This paper presents the design, implementation, and evaluation of the proposed method.

    DOI: 10.1109/CANDAR.2016.89

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ic-nc/candar2016.html#SatoYT16

  • Rule-based sensor data aggregation system for M2M gateways

    Yuichi Nakamura, Akira Moriguchi, Masanori Irie, Taizo Kinoshita, Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E99D ( 12 )   2943 - 2955   2016.12

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    © Copyright 2016 The Institute of Electronics, Information and Communication Engineers. To reduce the server load and communication costs of machine-to-machine (M2M) systems, sensor data are aggregated in M2M gateways. Aggregation logic is typically programmed in the C language and embedded into the firmware. However, developing aggregation programs is difficult for M2M service providers because it requires gatewayspecific knowledge and consideration of resource issues, especially RAM usage. In addition, modification of aggregation logic requires the application of firmware updates, which are risky. We propose a rule-based sensor data aggregation system, called the complex sensor data aggregator (CSDA), for M2M gateways. The functions comprising the data aggregation process are subdivided into the categories of filtering, statistical calculation, and concatenation. The proposed CSDA supports this aggregation process in three steps: the input, periodic data processing, and output steps. The behaviors of these steps are configured by an XML-based rule. The rule is stored in the data area of flash ROM and is updatable through the Internet without the need for a firmware update. In addition, in order to keep within the memory limit specified by the M2M gateway's manufacturer, the number of threads and the size of the working memory are static after startup, and the size of the working memory can be adjusted by configuring the sampling setting of a buffer for sensor data input. The proposed system is evaluated in an M2M gateway experimental environment. Results show that developing CSDA configurations is much easier than using C because the configuration decreases by 10%. In addition, the performance evaluation demonstrates the proposed system's ability to operate on M2M gateways.

    DOI: 10.1587/transinf.2016PAP0020

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet99d.html#NakamuraMIKY16

  • Implementation and Evaluation of Partitioning Method of I/O Buffer Based on Cache Hit Ratio

    57 ( 6 )   1539 - 1553   2016.6

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    In order to improve file access performance of the processing that users would like to execute at high priority, it is effective to improve cache hit ratio of I/O buffer. Thus, a directory oriented buffer cache mechanism was proposed. This mechanism divides I/O buffer into two areas, and gives higher caching priority to files in specified directories. However, this mechanism monotonically expands the area used for caching files given higher priority. Therefore, this mechanism declines the performance of the whole computer due to deterioration of cache hit ratio of files not given higher priority. Thus, this paper proposes the dynamic partitioning method based on cache hit ratio. The proposed method divides I/O buffer to maintain high cache hit ratio of files given higher priority and prevent cache hit ratio of the other files from degradation. Additionally, this paper describes the evaluation of effectivity of the proposed method.

    CiNii Article

    CiNii Books

    researchmap

  • Evaluation and design of function for tracing diffusion of classified information for file operations with KVM

    Shota Fujii, Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Journal of Supercomputing   72 ( 5 )   1841 - 1861   2016.5

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:SPRINGER  

    © 2016, Springer Science+Business Media New York. Cases of classified information leakage have become increasingly common. To address this problem, we have proposed a function for tracing the diffusion of classified information within an operating system. However, this function suffers from the following two problems: first, in order to introduce the function, the operating system’s source code must be modified. Second, there is a risk that the function will be disabled when the operating system is attacked. Thus, we have designed a function for tracing the diffusion of classified information in a guest operating system by using a virtual machine monitor. By using a virtual machine monitor, we can introduce the proposed function in various environments without modifying the operating system’s source code. In addition, attacks aimed at the proposed function are made more difficult, because the virtual machine monitor is isolated from the operating system. In this paper, we describe the implementation of the proposed function for file operations and child process creation in the guest operating system with a kernel-based virtual machine. Further, we demonstrate the traceability of diffusing classified information by file operations and child process creation. We also report the logical lines of code required to introduce the proposed function and performance overheads.

    DOI: 10.1007/s11227-016-1671-5

    Web of Science

    Scopus

    researchmap

  • Plate: Persistent memory management for nonvolatile main memory Reviewed

    Toshihiro Yamauchi, Yuta Yamamoto, Kengo Nagai, Tsukasa Matono, Shinji Inamoto, Masaya Ichikawa, Masataka Goto, Hideo Taniguchi

    Proceedings of the ACM Symposium on Applied Computing   04-08-April-2016   1885 - 1892   2016.4

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)  

    © 2016 ACM. Over the past few years, nonvolatile memory has actively been researched and developed. Therefore, studying operating system (OS) designs predicated on the main memory in the form of a nonvolatile memory and studying methods to manage persistent data in a virtual memory are crucial to encourage the widespread use of nonvolatile memory in the future. However, the main memory in most computers today is volatile, and replacing highcapacity main memory with nonvolatile memory is extremely cost-prohibitive. This paper proposes an OS structure for nonvolatile main memory. The proposed OS structure consists of three functions to study and develop OSs for nonvolatile main memory computers. First, a structure, which is called plate, is proposed whereby persistent data are managed assuming that nonvolatile main memory is present in a computer. Second, we propose a persistent-data mechanism to make a volatile memory function as nonvolatile main memory, which serves as a basis for the development of OSs for computers with nonvolatile main memory. Third, we propose a continuous operation control using the persistent-data mechanism and plates. This paper describes the design and implementation of the OS structure based on the three functions on The ENduring operating system for Distributed EnviRonment and describes the evaluation results of the proposed functions.

    DOI: 10.1145/2851613.2851744

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/sac/sac2016.html#YamauchiYNMIIGT16

  • Attacker Investigation System Triggered by Information Leakage

    Yuta Ikegami, Toshihiro Yamauchi

    Proceedings - 2015 IIAI 4th International Congress on Advanced Applied Informatics, IIAI-AAI 2015   24 - 27   2016.1

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2015 IEEE. While a considerable amount of research has been devoted to preventing leakage of classified information, little attention has been paid to identifying attackers who steal information. If attackers can be identified, more precise countermeasures can be taken. In this paper, we propose an attacker investigation system that focuses on information leakage. The system traces classified information in a computer and substitutes it with dummy data, which is then sent to the outside. Moreover, a program embedded in the dummy data transmits information back from the attacker's computer to a pre-specified system for investigation. Information about the attacker can be obtained by an attacker executing the program.

    DOI: 10.1109/IIAI-AAI.2015.247

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iiaiaai/iiaiaai2015.html#IkegamiY15

  • Proposal of Kernel Rootkits Detection Method by Monitoring Branches Using Hardware Features

    Yohei Akao, Toshihiro Yamauchi

    Proceedings - 2015 IIAI 4th International Congress on Advanced Applied Informatics, IIAI-AAI 2015   721 - 722   2016.1

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2015 IEEE. Attacks on computer systems have become more frequent in recent years. Attacks using kernel root kits pose a particularly serious threat. When a computer system is infected with a kernel root kit, attack detection is difficult. Because of this, handling the attack will be delayed causing an increase in the amount of damage done to the computer system. This paper proposes a new method to detect kernel root kits by monitoring the branch records in kernel space using hardware features of commodity processors. Our method utilizes the fact that many kernel root kits make branches that differ from the usual branches. By introducing our method, it is possible to detect kernel root kits immediately and, thereby, reduce damages to a minimum.

    DOI: 10.1109/IIAI-AAI.2015.243

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/iiaiaai/iiaiaai2015.html#AkaoY15

  • プロセス間通信を抑制しデータ共有するマイクロカーネル構造OS向けファイル操作機能の実現と評価

    江原寛人, 枡田圭祐, 山内利宏, 谷口秀夫

    電子情報通信学会論文誌D   J99-D ( 10 )   1069 - 1079   2016

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    researchmap

  • Design of function for tracing diffusion of classified information for IPC on KVM

    Shota Fujii, Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Journal of Information Processing   24 ( 5 )   781 - 792   2016

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2016 Information Processing Society of Japan. The leaking of information has increased in recent years. To address this problem, we previously proposed a function for tracing the diffusion of classified information in a guest OS using a virtual machine monitor (VMM). This function makes it possible to grasp the location of classified information and detect information leakage without modifying the source codes of the guest OS. The diffusion of classified information is caused by a file operation, child process creation, and inter-process communication (IPC). In a previous study, we implemented the proposed function for a file operation and child process creation excluding IPC using a kernel-based virtual machine (KVM). In this paper, we describe the design of the proposed function for IPC on a KVM without modifying the guest OS. The proposed function traces the local and remote IPCs inside the guest OS from the outside so as to trace the information diffusion. Because IPC with an outside computer might cause information leakage, tracing the IPCs enables the detection of such a leakage. We also report the evaluation results including the traceability and performance of the proposed function.

    DOI: 10.2197/ipsjjip.24.781

    Scopus

    researchmap

  • Heaprevolver: Delaying and randomizing timing of release of freed memory area to prevent use-after-free attacks

    Toshihiro Yamauchi, Yuta Ikegami

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   9955 LNCS   219 - 234   2016

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER INT PUBLISHING AG  

    © Springer International Publishing AG 2016. Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attack-prevention method that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small.

    DOI: 10.1007/978-3-319-46298-1_15

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/nss/nss2016.html#YamauchiI16

  • Foreword.

    Toshihiro Yamauchi

    IEICE Trans. Inf. Syst.   99-D ( 4 )   785 - 786   2016

     More details

  • Fast control method of software-managed TLB for reducing zero-copy communication overhead

    Toshihiro Yamauchi, Masahiro Tsuruya, Hideo Taniguchi

    IEICE Transactions on Information and Systems   E98D ( 12 )   2187 - 2191   2015.12

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (scientific journal)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    © Copyright 2015 The Institute of Electronics, Information and Communication Engineers. Microkernel operating systems (OSes) use zero-copy communication to reduce the overhead of copying transfer data, because the communication between OS servers occurs frequently in the case of microkernel OSes. However, when a memory management unit manages the translation lookaside buffer (TLB) using software, TLB misses tend to increase the overhead of interprocess communication (IPC) between OS servers running on a microkernel OS. Thus, improving the control method of a software-managed TLB is important for microkernel OSes. This paper proposes a fast control method of software-managed TLB that manages page attachment in the area used for IPC by using TLB entries, instead of page tables. Consequently, TLB misses can be avoided in the area, and the performance of IPC improves. Thus, taking the SH-4 processor as an example of a processor having a software-managed TLB, this paper describes the design and the implementation of the proposed method for AnT operating system, and reports the evaluation results of the proposed method.

    DOI: 10.1587/transinf.2015PAL0003

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet98d.html#YamauchiTT15

  • マルチコア向けAnTオペレーティングシステムのファイル操作における分散効果の評価

    河上 裕太, 山内 利宏, 谷口 秀夫

    マルチマディア通信と分散処理ワークショップ2015論文集   2015 ( 5 )   100 - 106   2015.10

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    CiNii Article

    researchmap

  • Process hiding by virtual machine monitor for attack avoidance

    Masaya Sato, Toshihiro Yamauchi, Hideo Taniguchi

    Journal of Information Processing   23 ( 5 )   673 - 682   2015.9

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2015 Information Processing Society of Japan. As attacks to computers increase, protective software is developed. However, that software is still open to attacks by adversaries that disable its functionality. If that software is stopped or disabled, the risk of damage to the computer increases. Protections of that software are proposed however existing approaches are insufficient or cannot use those software without modification. To decrease the risk and to address these problems, this paper presents an attack avoidance method that hides process from adversaries who intend to terminate essential services. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems is unnecessary.

    DOI: 10.2197/ipsjjip.23.673

    Scopus

    researchmap

  • Dynamic Control Method for Sending User Information Using TaintDroid

    56 ( 9 )   1857 - 1867   2015.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    In recent years, Android malware has been increasing, and countermeasures against them have become an issue. In particular, the leakage of user information by malware has become an important issue. In order to address this problem, we design and implement a method that uses TaintDroid to prevent the leakage of user information from Android device. This method tracks the diffusion of user information in a device and dynamically controls the action of application program (AP) when the leakage of user information is detected. As a result, this method prevents the leakage of user information from the device. In addition, this method obtains the AP name involved in the leakage of user information and understands the diffusion path of user information when APs communicate user information with each other. Therefore, a user can deal with each AP of leakage factors. Furthermore, this method replaces user information that is leaked from a device with a dummy data. As a result, this method prevents the leakage of user information from the device without interfering the process of AP.

    CiNii Article

    CiNii Books

    researchmap

  • Reducing resource consumption of SELinux for embedded systems with contributions to open-source ecosystems

    Yuichi Nakamura, Yoshiki Sameshima, Toshihiro Yamauchi

    Journal of Information Processing   23 ( 5 )   664 - 672   2015.9

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2015 Information Processing Society of Japan. Security-Enhanced Linux (SELinux) is a useful countermeasure for resisting security threats to embedded systems, because of its effectiveness against zero-day attacks. Furthermore, it can generally mitigate attacks without the application of security patches. However, the combined resource requirements of the SELinux kernel, userland, and the security policy reduce the performance of resource-constrained embedded systems. SELinux requires tuning, and modified code should be provided to the open-source software (OSS) community to receive value from its ecosystem. In this paper, we propose an embedded SELinux with reduced resource requirements, using code modifications that are acceptable to the OSS community. Resource usage is reduced by employing three techniques. First, the Linux kernel is tuned to reduce CPU overhead and memory usage. Second, unnecessary code is removed from userland libraries and commands. Third, security policy size is reduced with a policy-writing tool. To facilitate acceptance by the OSS community, build flags can be used to bypass modified code, such that it will not affect existing features; moreover, side effects of the modified code are carefully measured. Embedded SELinux is evaluated using an evaluation board targeted for M2M gateway, and benchmark results show that its read/write overhead is almost negligible. SELinux's file space requirements are approximately 200 Kbytes, and memory usage is approximately 500 Kbytes; these account for approximately 1% of the evaluation board's respective flash ROM and RAM capacity . Moreover, the modifications did not result in any adverse side effects. The modified code was submitted to the OSS community along with the evaluation results, and was successfully merged into the community code.

    DOI: 10.2197/ipsjjip.23.664

    Scopus

    researchmap

  • Setting Method of Opportunity of Updating File Importance on FFU

    56 ( 6 )   1451 - 1462   2015.6

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Buffer cache is implemented to improve I/O performance with data in disks. As buffer cache management, there are many mechanisms based on access pattern of block. On the other hand, we proposed I/O buffer cache mechanism based on the frequency of file usage (FFU). Our previous proposed mechanism calculates file importance from the information of system-call of the file operation. Then, it controls two level buffer cache based on the file importance. In this paper, we propose a setting method of opportunity of updating file importance on FFU. The proposed method focuses on whether the file state is access intensive or not. This paper also describes a setting method of parameters of the proposed method based on access information of a target system. Finally, this paper reports the evaluation results of the proposed method by using typical access pattern data and real access patterns.

    CiNii Article

    CiNii Books

    researchmap

  • Access control to prevent malicious javascript code exploiting vulnerabilities of webview in android OS

    Jing Yu, Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E98D ( 4 )   807 - 811   2015.4

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

    Copyright © 2015 The Institute of Electronics, Information and Communication Engineers. Android applications that using WebView can load and display web pages. Interaction with web pages allows JavaScript code within the web pages to access resources on the Android device by using the Java object, which is registered into WebView. If this WebView feature were exploited by an attacker, JavaScript code could be used to launch attacks, such as stealing from or tampering personal information in the device. To address these threats, we propose an access control on the security-sensitive APIs at the Java object level. The proposed access control uses static analysis to identify these security-sensitive APIs, detects threats at runtime, and notifies the user if threats are detected, thereby preventing attacks from web pages.

    DOI: 10.1587/transinf.2014ICL0001

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/journals/ieicet/ieicet98d.html#YuY15

  • CSDA: Rule-based complex sensor data aggregation system for M2M gateway

    Yuichi Nakamura, Akira Moriguchi, Toshihiro Yamauchi

    2015 8th International Conference on Mobile Computing and Ubiquitous Networking, ICMU 2015   108 - 113   2015.3

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    © 2015 IPSJ. To reduce the server load and communication cost of machine-to-machine (M2M) systems, sensor data are aggregated in M2M gateways. The C language is typically used for programming the aggregation logic, and the program is embedded into the firmware. However, developing aggregation programs is difficult for M2M service providers because it requires gateway-specific knowledge, and consideration must be given to CPU and memory resources. In addition, modifying aggregation logic requires firmware updates, which are risky. We propose a rule-based sensor data aggregation system, called the complex sensor data aggregator (CSDA) for M2M gateways. Data aggregation is categorized into filtering, statistical calculation, and concatenation. The proposed CSDA supports this aggregation process in three steps: the input, data processing, and output steps. The behaviors of these steps are configured by an XML based rule. The CSDA also supports update modules, which download and overwrite aggregation rules from the server when the modification of data aggregation logic is required. In this case, firmware updates are not necessary. The proposed system is evaluated in an M2M gateway experimental environment. Results show that developing CSDA configurations is much easier than using C because the configuration amount decreases by 10%. In addition, the performance evaluation demonstrates the proposed system's ability to operate on M2M gateways. CPU usage was less than 10%, even with a heavy load, and memory consumption was 128 Kbytes.

    DOI: 10.1109/ICMU.2015.7061051

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/icmu/icmu2015.html#NakamuraMY15

  • Malware detection method focusing on anti-debugging functions

    Kota Yoshizaki, Toshihiro Yamauchi

    Proceedings - 2014 2nd International Symposium on Computing and Networking, CANDAR 2014   563 - 566   2015.2

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    © 2014 IEEE. Malware has received much attention in recent years. Antivirus software is widely used as a countermeasure against malware. However, some kinds of malware can evade detection by antivirus software, hence, a new detection method is required. In this paper, we propose a malware detection method that focuses on Anti-Debugging functions. An Anti-Debugging function is a method that prevents malware analysts from analyzing an application program (AP). The function can form part of benign as well as malicious APs. Our method focuses on a behavioral difference between benign and malicious APs and detects malware by comparing the two behavioral patterns. Evaluation results with malware confirmed our method to be capable of successfully detecting malware.

    DOI: 10.1109/CANDAR.2014.36

    Web of Science

    Scopus

    researchmap

  • Design of a Function for Tracing the Diffusion of Classified Information for File Operations with a KVM

    Shota Fujii, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of the 2015 International Symposium on Advances in Computing, Communications, Security, and Applications (ACSA 2015)   77   2015

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    researchmap

  • Secure and fast log transfer mechanism for virtual machine

    Masaya Sato, Toshihiro Yamauchi

    Journal of Information Processing   22 ( 4 )   597 - 608   2014.10

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2014 Information Processing Society of Japan. Ensuring the integrity of logs is essential to reliably detect and counteract attacks because adversaries tamper with logs to hide their activities on a computer. Even though some studies proposed various protections of log files, adversaries can tamper with logs in kernel space with kernel-level malicious software (malware) because file access and inter-process communication are provided by an OS kernel. Virtual machine introspection (VMI) can collect logs from virtual machines (VMs) without interposition of a kernel. It is difficult for malware to hinder that log collection, because a VM and VM monitor (VMM) are strongly separated. However, complexity and unnecessary performance overhead arise because VMI is not specialized for log collection. This paper proposes a secure and fast log transfer method using library replacement for VMs. In the proposed method, a process on a VM requests a log transfer to a VMM using the modified library, which contains a trigger for a log transfer. The VMM collects logs from the VM and isolate them to another VM. The proposed method provides VM-level log isolation and security for the mechanism itself with low performance overhead.

    DOI: 10.2197/ipsjjip.22.597

    Scopus

    researchmap

  • Proposal of Kernel Rootkits Detection Method by Comparing Kernel Stack

    55 ( 9 )   2047 - 2060   2014.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    CiNii Article

    CiNii Books

    researchmap

  • Implementation of Multi-core Tender with Mutual Exclusion Localization Based on Mechanism of Resource Independence

    7 ( 3 )   25 - 36   2014.8

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    CiNii Article

    CiNii Books

    researchmap

  • A new OS structure for simplifying understanding of operating system behavior

    Toshihiro Yamauchi, Akira Kinoshita, Taisuke Kawahara, Hideo Taniguchi

    Information (Japan)   17 ( 5 )   1945 - 1950   2014.5

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (scientific journal)  

    It is difficult to understand the processing flow of complicated software such as operating systems (OSs). Thus, a mechanism that can collect and analyze behavioral information in order to comprehend the behavior of OS is necessary. Although several collection mechanisms have been developed, their OS structures were not designed to collect OS behavior. In this paper, we describe an OS structure that simplifies comprehension of OS behavior and the implementation of it on Tender OS. We also describe a mechanism for the visualization of OS behavior. Finally, we investigate the cost of introducing our proposed comprehension mechanism and the overhead and efficiency of the proposed mechanism. © 2014 International Information Institute.

    Scopus

    researchmap

  • Implementation and Evaluation of Software Control Method for TLB on Microkernel OS

    TSURUYA Masahiro, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems (Japanese edition)   97 ( 1 )   216 - 225   2014.1

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Access control to prevent attacks exploiting vulnerabilities of WebView in android OS

    Jing Yu, Toshihiro Yamauchi

    Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013   1628 - 1633   2014

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    Android applications that using WebView can load and display web pages. Furthermore, by using the APIs provided in WebView, Android applications can interact with web pages. The interaction allows JavaScript code within the web pages to access resources on the Android device by using the Java object, which is registered into WebView. If this WebView feature were exploited by an attacker, JavaScript code could be used to launch attacks, such as stealing from or tampering personal information in the device. To address these threats, we propose a method that performs access control on the security-sensitive APIs at the Java object level. The proposed method uses static analysis to identify these security-sensitive APIs, detects threats at runtime, and notifies the user if threats are detected, thereby preventing attacks from web pages. © 2013 IEEE.

    DOI: 10.1109/HPCC.and.EUC.2013.229

    Web of Science

    Scopus

    researchmap

  • DroidTrack: Tracking and Visualizing Information Diffusion for Preventing Information Leakage on Android

    Syunya Sakamoto, Kenji Okuda, Ryo Nakatsuka, Toshihiro Yamauchi

    Journal of Internet Services and Information Security (JISIS)   4 ( 2 )   55 - 69   2014

     More details

    Language:English   Publishing type:Research paper (scientific journal)  

    researchmap

  • Complicating process identification by replacing process information for attack avoidance

    Masaya Sato, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   8639 LNCS   33 - 47   2014

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Springer Verlag  

    Security-critical software is open to attacks by adversaries that disable its functionality. To decrease the risk, we propose an attack avoidance method for complicating process identification. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems and application programs are unnecessary. © 2014 Springer International Publishing.

    DOI: 10.1007/978-3-319-09843-2_3

    Scopus

    researchmap

  • Implementation of the Localized Exclusive Control for Multi-core <i>Tender</i>

    Takahiro Yamamoto, Toshihiro Yamauchi, Hideo Taniguchi

    2013 ( 2013 )   14 - 23   2013.11

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Implementation of a Method for Dynamic Control of Application Programs by Extending SEAndroid

    Shinya Yagi, Toshihiro Yamauchi

    Journal of Information Processing   54 ( 9 )   2220 - 2231   2013.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    CiNii Article

    CiNii Books

    researchmap

  • RL-001 Kernel Level Rootkits Detection System by Comparing Kernel Stack

    Ikegami Yuta, Yamauchi Toshihiro

    12 ( 4 )   1 - 6   2013.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • Implementation of Distribution Method of OS processing for Hign Throughput

    Takeshi Sakoda, Toshihiro Yamauchi, Hideo Taniguchi

    2013 ( 2013 )   1663 - 1670   2013.7

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • A mechanism for achieving a bound on execution performance of process group to limit CPU abuse

    Toshihiro Yamauchi, Takayuki Hara, Hideo Taniguchi

    Journal of Supercomputing   65 ( 1 )   38 - 60   2013.7

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER  

    The secure OS has been the focus of several studies. However, CPU resources, which are important resources for executing a program, are not the object of access control in secure OS. For preventing the abuse of CPU resources, we had earlier proposed a new type of execution resource that controls the maximum CPU usage (Tabata et al. in Int. J. Smart Home 1(2):109-128, 2007). The previously proposed mechanism can control only one process at a time. Because most services involve multiple processes, the mechanism should control all the processes in each service. In this paper, we propose an improved mechanism that helps to achieve a bound on the execution performance of a process group in order to limit unnecessary processor usage. We report the results of an evaluation of our proposed mechanism. © 2011 Springer Science+Business Media, LLC.

    DOI: 10.1007/s11227-011-0707-0

    Web of Science

    Scopus

    researchmap

  • Proposal and Evaluation of Method to Set High Priority Directories for a Directory Oriented Buffer Cache Mechanism

    TSUCHIYA Akiyoshi, MATSUBARA Takahiro, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems (Japanese edetion)   96 ( 3 )   506 - 518   2013.3

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • External Storage Mechanism for Preserving File Access Log with Virtualization Technology

    54 ( 2 )   585 - 595   2013.2

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    Recently, it is more important to grasp and control the damage of attacks safely, so much research has been done to increase the security of the general-purpose OS by observing the behavior using virtualization technology. In this paper, we propose a mechanism to observe and logging the file access in guest OS from virtual machine monitor using the inter-domain communication by the filter driver. Our mechanism can be applied independently of the implementation of virtual machine monitor. By hooking file accesses in the guest OS, log messages are transferred and stored to the virtual machine monitor, so our approach is effective from the viewpoint of preservation of the log. We show the design and implementation of our mechanism for both Xen and KVM. Furthermore, we report the results of measuring the performance when accessing files as evaluation.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00090264/

  • DroidTrack: Tracking information diffusion and preventing information leakage on android

    Syunya Sakamoto, Kenji Okuda, Ryo Nakatsuka, Toshihiro Yamauchi

    Lecture Notes in Electrical Engineering   240 LNEE   243 - 251   2013

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    An app in Android can collaborate with other apps and control personal information by using the Intent or user's allowing of permission. However, users cannot detect when they communicate. Therefore, users might not be aware information leakage if app is malware. This paper proposes DroidTrack, a method for tracking the diffusion of personal information and preventing its leakage on an Android device. DroidTrack alerts the user of the possibility of information leakage when an app uses APIs to communicate with outside. These alerts are triggered only if the app has already called APIs to collect personal information. Users are given the option to refuse the execution of the API if it is not appropriate. Further, by illustrating how their personal data is diffused, users can have the necessary information to help them decide whether the API use is appropriate. © 2013 Springer Science+Business Media Dordrecht(Outside the USA).

    DOI: 10.1007/978-94-007-6738-6_31

    Scopus

    researchmap

  • Design and evaluation of a diffusion tracing function for classified information among multiple computers

    Nobuto Otsubo, Shinichiro Uemura, Toshihiro Yamauchi, Hideo Taniguchi

    Lecture Notes in Electrical Engineering   240 LNEE   235 - 242   2013

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    In recent years, the opportunity to deal with classified information in a computer has increased, so the cases of classified information leakage have also increased. We have developed a function called "diffusion tracing function for classified information" (tracing function), which has the ability to trace the diffusion of classified information in a computer and to manage which resources might contain classified information. The classified information exchanged among the processes in multiple computers should be traced. This paper proposes a method which traces the diffusion for classified information among multiple computers. Evaluation results show the effectiveness of the proposed methods. © 2013 Springer Science+Business Media Dordrecht(Outside the USA).

    DOI: 10.1007/978-94-007-6738-6_30

    Scopus

    researchmap

  • Evaluation of load balancing in multicore processor for AnT

    Takeshi Sakoda, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings - 16th International Conference on Network-Based Information Systems, NBiS 2013   360 - 365   2013

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    Operating systems (OSes) that is based on microkernel architecture have high adaptability and toughness. In addition, multicore processors have been developed along with the progress of LSI technology. By running a microkernel OS on a multicore processor and distributing the OS server to multiple cores, it is possible to realize load balancing of the OS processing. In this method, transaction processing, which requires a large amount of OS processing, can be provided effectively in a multicore environment. This paper presents evaluations of distributed OS processing performances for various scenarios for AnT operating system that is based on the microkernel architecture in a multicore environment. In these evaluations, we describe the differences in performance by distribution forms when referring the data in a block. Moreover, we use the PostMark and Bonnie benchmark tools to evaluate the effects of load balancing for the distribution forms. © 2013 IEEE.

    DOI: 10.1109/NBiS.2013.57

    Web of Science

    Scopus

    researchmap

  • Secure log transfer by replacing a library in a virtual machine

    Masaya Sato, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   8231 LNCS   1 - 18   2013

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    Ensuring the integrity of logs is essential to reliably detect and counteract attacks, because adversaries tamper with logs to hide their activities on a computer. Even though some research studies proposed different ways to protect log files, adversaries can tamper with logs in kernel space with kernel-level malicious software (malware). In an environment where Virtual Machines (VM) are utilized, VM Introspection (VMI) is capable of collecting logs from VMs. However, VMI is not optimized for log protection and unnecessary overhead is incurred, because VMI does not specialize in log collection. To transfer logs out of a VM securely, we propose a secure log transfer method of replacing a library. In our proposed method, a process on a VM requests a log transfer by using the modified library, which contains a trigger for a log transfer. When a VM Monitor (VMM) detects the trigger, it collects logs from the VM and sends them to another VM. The proposed method provides VM-level log isolation and security for the mechanism itself. This paper describes design, implementation, and evaluation of the proposed method. © 2013 Springer-Verlag.

    DOI: 10.1007/978-3-642-41383-4_1

    Scopus

    researchmap

  • Implementation of Mechanism to Support Tracing Diffusion of Classified Information by Visualization and Filtering Function

    53 ( 9 )   2171 - 2181   2012.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    The number of incidents leaking of classified information has increased. To prevent leakage of information, it is important for users to understand the usage of classified information. To understand the usage of classified information, an method has implemented that monitors operations on the classified information and logs those operations. However, because an analysis of logs is necessary for understanding the usage of classified information, it is difficult to prevent leakage of classified information. We proposed the function to trace the classified information diffusion and detect a leakage of classified information. However, to understand the usage of classified information from the function by users, it is necessary to analyze the log in text format. Therefore, it takes long time to investigate the cause of the leakage of information. This paper proposes a function to visualize diffusion path of classified information. The function enables us to visualize the diffusion path of designated files that contain classified information. In addition, the function can visualize the diffusion paths focusing on the designated period of file operations. This paper also describes the implementation of the proposed function by extending the existing tracing function of classified information.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00083925/

  • Implementation and Evaluation of a Method for CMP-Oriented Thread Scheduling Based on Continuation Model

    MORIYAMA Hideaki, YAMAUCHI Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    The IEICE transactions on information and systems (Japanese edetion)   95 ( 3 )   400 - 411   2012.3

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • SELinuxの不要なセキュリティポリシ削減の自動化手法の提案 Reviewed

    矢儀 真也,中村 雄一,山内 利宏

    情報処理学会論文誌 コンピューティングシステム(ACS)   5 ( 2 )   63 - 73   2012.3

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    researchmap

  • Logging System to Prevent Tampering and Loss with Virtual Machine Monitor

    53 ( 2 )   847 - 856   2012.2

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    Logging information is necessary in order to understand a computer's behavior. However, there is a possibility that attackers will delete logs to hide the evidence of their attacking and cheating. Moreover, various problems might cause the loss of logging information. To address these issues, we propose a system to prevent tampering and loss of logging information using a virtual machine monitor (VMM). In this system, logging information generated by the operating system (OS) and application program (AP) working on the target virtual machine (VM) is gathered by the VMM without any modification of the kernel source codes. The security of the logging information is ensured by its isolation from the VM. In addition, the isolation and multiple copying of logs can help in the detection of tampering.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00080698/

  • Novel control method for preventing missed deadlines in periodic scheduling

    Yuuki Furukawa, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings of the 2012 15th International Conference on Network-Based Information Systems, NBIS 2012   459 - 464   2012

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    Processing that is executed periodically must be completed before the next release time. If such processing is not completed before the next release time, the processing that had been scheduled is not executed. This is complicated by the fact that the execution time from release to the end of periodically executed processing is not constant, due to changing I/O processing time and the influence of timer interrupts. To solve this, we propose a system that records the execution time of the processing, judges whether the processing will be finished before the specified deadline, and can execute appropriate processing that can be completed within the remaining time. In this paper, we describe the design and evaluation of our system. © 2012 IEEE.

    DOI: 10.1109/NBiS.2012.79

    Scopus

    researchmap

  • VMM-based log-tampering and loss detection scheme

    Masaya Sato, Toshihiro Yamauchi

    Journal of Internet Technology   13 ( 4 )   655 - 666   2012

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:NATL ILAN UNIV, JIT  

    Logging information about the activities that placed in a computer is essential for understanding its behavior. In Homeland Security, the reliability of the computers used in their activities is of paramount importance. However, attackers can delete logs to hide evidence of their activities. Additionally, various problems may result in logs being lost. These problems decrease the dependability of Homeland Security. To address these problems, we previously proposed a secure logging scheme using a virtual machine monitor (VMM). The scheme collects logs and isolates them from the monitored OS. However, the scheme cannot store them automatically. Thus, logs in memory are lost when the computer is shutdown. Further, if the logs are not stored, it is impossible to detect incidents of tampering by comparing the logs of the monitored OS with those of the logging OS. To address these additional problems, this paper proposes a log-storing module and a tamper detection scheme. The log-storing module automatically stores logs collected by the logging module, and tamper detection is realized by comparing these stored log files with those of the monitored OS. We implemented the log-storing module and realized the tamper detection scheme. Evaluations reveal the effectiveness of the tamper detection scheme.

    Web of Science

    Scopus

    researchmap

  • LSMPMON: Performance evaluation mechanism of LSM-based secure OS

    Toshihiro Yamauchi, Kenji Yamamoto

    International Journal of Security and its Applications   6 ( 2 )   81 - 90   2012

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (scientific journal)  

    Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSs can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSs for Linux have been developed. In these OSs, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON). This paper reports the evaluation results of three secure OSs on Linux 2.6.36 by LSMPMON. The results show the effect of introducing the secure OS.

    Scopus

    researchmap

  • Design of an OS Architecture that Simplifies Understanding of Operating System Behavior

    Toshihiro Yamauchi, Akira Kinoshita, Taisuke Kawahara, Hideo Taniguchi

    Proceedings of 2012 International Conference on Information Technology and Computer Science (ITCS 2012)   51 - 58   2012

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)  

    researchmap

  • Proposal of a Method to Automatically Reduce Redundant Security Policy of SELinux

    5 ( 2011 )   84 - 94   2011.11

     More details

  • Limiting Use of Tokens for Improvement of Bayesian Filter

    52 ( 9 )   2686 - 2696   2011.9

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    Using the Bayesian filter is a popular approach to distinguish between spam and legitimate e-mails. Spam senders sometimes modify emails to bypass the Bayesian filter. The tokens included in the e-mail are investigated for improving the accuracy of classification of emails. The results show that tokens found at the first time sometimes degrade the accuracy of the classification. In this paper, we propose an anti-spam method that consider the difference of the property of tokens. The proposed method limits the use of tokens for improvement of Bayesian filter. The evaluations were performed by using some email sets. The results shows that the proposed method can decrease the false negative rate.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00077500/

  • Evaluation of Performance of Secure OS Using Performance Evaluation Mechanism of LSMPMON

    52 ( 9 )   2596 - 2601   2011.9

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    In some projects, secure OSes for Linux have been developed and different implementations have been adopted. However, there is no report on evaluation of performance of secure OS that after Linux 2.6.19 in detail, and the relationship between the kernel version and the performance is not clear. Therefore, we evaluate change of the performance at the version interval and overhead of three secure OSes (SELinux, TOMOYO Linux, LIDS), by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON) developed for Linux 2.6.30. This paper shows the performance of secure OSes on Linux 2.6.30.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00077491/

  • VMBLS: Virtual machine based logging scheme for prevention of tampering and loss

    Masaya Sato, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   6908 LNCS   176 - 190   2011

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    Logging information is necessary in order to understand a computer's behavior. However, there is a possibility that attackers will delete logs to hide the evidence of their attacking and cheating. Moreover, various problems might cause the loss of logging information. In homeland security, the plans for counter terrorism are based on data. The reliability of the data is depends on that of data collector. Because the reliability of the data collector is ensured by logs, the protection of it is important problem. To address these issues, we propose a system to prevent tampering and loss of logging information using a virtual machine monitor (VMM). In this system, logging information generated by the operating system (OS) and application program (AP) working on the target virtual machine (VM) is gathered by the VMM without any modification of the OS. The security of the logging information is ensured by its isolation from the VM. In addition, the isolation and multiple copying of logs can help in the detection of tampering. © 2011 IFIP International Federation for Information Processing.

    DOI: 10.1007/978-3-642-23300-5_14

    Web of Science

    Scopus

    researchmap

  • Control method of multiple services for CMP based on continuation model

    Hideaki Moriyama, Toshihiro Yamauchi, Hideo Taniguchi

    Proceedings - 4th International Conference on Interaction Sciences: IT, Human and Digital Content, ICIS 2011   2011 ( 29 )   83 - 89   2011

     More details

    Language:Japanese   Publishing type:Research paper (international conference proceedings)  

    In a chip multiprocessor based on the continuation concept, the hardware scheduler controls threads and achieves high performance on thread scheduling. However, the priority of threads is not considered during execution because the hardware thread scheduler schedules threads in a FIFO manner. Therefore, when multiple services execute simultaneously, the execution of each service cannot consider the priority of service. In such a case, software support is needed to control the execution of each service. This paper presents a software scheduler for multiple services that supports the hardware scheduler. In addition, this paper also reports the evaluation of the software scheduler, which targets multiple services. © 2011 AICIT.

    Scopus

    CiNii Article

    CiNii Books

    researchmap

  • Implementation and Evaluation for Sophisticated Periodic Execution Control in Embedded Systems

    Yuuki Furukawa, Toshihiro Yamauchi, Hideo Taniguchi

    International Journal of Control and Automation   4 ( 2 )   59 - 78   2011

     More details

    Language:English   Publishing type:Research paper (scientific journal)  

    researchmap

  • Implementation and Evaluation of Zero-Copy Communication Processing on Physical Memory Exchange Mechanism

    KADO Naofumi, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems   93 ( 11 )   2380 - 2389   2010.11

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Converting Linux LKM Device Driver into Concrete Process in AnT Operating System

    SHIMAZAKI Yutaka, YAMAUCHI Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    The IEICE transactions on information and systems   93 ( 10 )   1990 - 2000   2010.10

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Proposal of I/O Buffer Cache Mechanism Based on the Frequency of System Call of the File Operation

    3 ( 1 )   50 - 60   2010.3

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)  

    Buffer cache is implemented to improve I/O performance with data in disks. As buffer cache management, there are many mechanisms, but still many operating systems deploy LRU (Least Recently Used) algorithm. On the other hand, to reflect process contents of application programs to buffer cache, management scheme based on the system calls which application programs requested is better. Then, we propose I/O buffer cache mechanism based on the frequency of system call of the file operation. Our proposed mechanism calculates file importance from information of file operation. In addition in buffer cache blocks are replaced based on this file importance. In this paper, we describe our mechanism improves I/O performance by evaluation of application programs.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00068428/

  • A mechanism that bounds execution performance for process group for mitigating CPU abuse

    Toshihiro Yamauchi, Takayuki Hara, Hideo Taniguchi

    Communications in Computer and Information Science   122 CCIS   84 - 93   2010

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    Secure OS has been the focus of several studies. However, CPU resources, which are important resources for executing a program, are not the object of access control. For preventing the abuse of CPU resources, we had earlier proposed a new type of execution resource that controls the maximum CPU usage [5,6] The previously proposed mechanism can control only one process at a time. Because most services involve multiple processes, the mechanism should control all the processes in each service. In this paper, we propose an improved mechanism that helps to achieve a bound on the execution performance of a process group, in order to limit unnecessary processor usage. We report the results of an evaluation of our proposed mechanism. © 2010 Springer-Verlag.

    DOI: 10.1007/978-3-642-17610-4_10

    Web of Science

    Scopus

    researchmap

  • SELinux security policy configuration system with higher level language

    Yuichi Nakamura, Yoshiki Sameshima, Toshihiro Yamauchi

    Journal of Information Processing   18   201 - 212   2010

     More details

    Language:English   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan  

    © 2010 Information Processing Society of Japan. Creating security policy for SELinux is difficult because access rules often exceed 10,000 and elements in rules such as permissions and types are understandable only for SELinux experts. The most popular way to facilitate creating security policy is refpolicy which is composed of macros and sample configurations. However, describing and verifying refpolicy based configurations is difficult because complexities of configuration elements still exist, using macros requires expertise and there are more than 100,000 configuration lines. The memory footprint of refpolicy which is around 5MB by default, is also a problem for resource constrained devices. We propose a system called SEEdit which facilitates creating security policy by a higher level language called SPDL and SPDL tools. SPDL reduces the number of permissions by integrated permissions and removes type configurations. SPDL tools generate security policy configurations from access logs and tool user’s knowledge about applications. Experimental results on an embedded system and a PC system show that practical security policies are created by SEEdit, i.e., describing configurations is semi-automated, created security policies are composed of less than 500 lines of configurations, 100 configuration elements, and the memory footprint in the embedded system is less than 500 KB.

    DOI: 10.2197/ipsjjip.18.201

    Scopus

    researchmap

  • ISIPC: Instant synchronous interprocess communication

    Toshihiro Yamauchi, Kazuhiro Fukutomi, Hideo Taniguchi

    Journal of Next Generation Information Technology   1 ( 3 )   75 - 83   2010

     More details

    Authorship:Lead author   Language:English   Publishing type:Research paper (scientific journal)  

    Interprocess communication (IPC) is often used to exchange data between cooperative processes, and the performance of IPC largely determines the processing time of application programs. Moreover, it is used for most of the kernel calls in a microkernel-based operating system (OS). Therefore, the performance of IPC affects the performance of the OS. In addition, the completion of the message-passing mechanism has to be indicated by executing a receive operation in order to maintain synchronization. Thus, two operations are required in this mechanism to complete the communication. On the other hand, no receive operation is required to indicate the completion of the communication in the case of asynchronous communication; however, in this case, no proof of the data being received is provided to the sender process. In this paper, we propose an instant synchronous interprocess communication (ISIPC) mechanism that can achieve both instantaneous communication and data synchronization. ISIPC has two functions: push function and sack function. We describe the design of the ISIPC mechanism and also its implementation on the Tender operating system. In addition, we present the evaluation results for the ISIPC mechanism.

    DOI: 10.4156/jnit.vol1.issue3.9

    Scopus

    researchmap

  • Proposal for sophisticated periodic execution control in embedded systems

    Yuuki Furukawa, Toshihiro Yamauchi, Hideo Taniguchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   6485 LNCS   549 - 563   2010

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    In embedded systems, the types of processings to be executed are limited, and many processes are executed periodically. In such systems, we need to reduce the overhead of periodic execution control and the dispersion of the processing time. ART-Linux has been proposed as a conventional real-time operating system that can be used for this purpose in various devices such as robots. In this paper, we discuss the periodic execution control of ART-Linux and clarify several problems. Next, we propose a design for sophisticated periodic execution control in order to solve these problems. Finally, we discuss the realization of periodic execution control, the effect of this control, and the result of the evaluation. © 2010 Springer-Verlag Berlin Heidelberg.

    DOI: 10.1007/978-3-642-17569-5_54

    Web of Science

    Scopus

    researchmap

  • Evaluation of performance of secure OS using performance evaluation mechanism of LSM-based LSMPMON

    Kenji Yamamoto, Toshihiro Yamauchi

    Communications in Computer and Information Science   122 CCIS   57 - 67   2010

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSes can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSes for Linux have been developed. In these OSes, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS, and a characteristic by the difference of the implementation method by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON); the LSMPMON can be used to evaluate three different secure OSes. © 2010 Springer-Verlag.

    DOI: 10.1007/978-3-642-17610-4_7

    Web of Science

    Scopus

    researchmap

  • Evaluation of Dynamic OS Server Replacement Mechanism fo AnT

    2009 ( 9 )   261 - 266   2009.9

     More details

  • Tracing Classified Information Diffusion for Protecting Information Leakage

    Toshihiro Tabata, Satoshi Hakomori, Kei Ohashi, Shinichiro Uemura, Kazutoshi Yokoyama, Hideo Taniguchi

    50 ( 9 )   2088 - 2102   2009.9

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)  

    In personal computer environment, it is important to protect the information leakage. In this paper, a mechanism of protecting information leakage is proposed. This mechanism has two functions. One function is the function of tracing classified information. The other function is the function of controlling the write function. The tracing function is deployed by hook the call of file operations, interprocess communication, and process creation. This paper describes a method that improve the accuracy of tracing classified information and reduce the labor of configuration. This paper shows the proposed mechanism can trace all files and improve the the accuracy of tracing classified information by using the user judgement.

    CiNii Article

    CiNii Books

    researchmap

  • Design and Implementation of Performance Evaluation Function of Secure OS Based on LSM

    MATSUDA Naoto, SATO Kazuya, TABATA Toshihiro, MUNETOH Seiji

    The IEICE transactions on information and systems   92 ( 7 )   963 - 974   2009.7

     More details

    Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Implementation and Evaluation of Heterogeneous Virtual Storage (HVS) on Tender Operating System

    TABATA Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems   92 ( 1 )   12 - 24   2009.1

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • ファイル操作のシステムコール発行頻度に基づくバッファキャッシュ制御法の提案

    Tatsuya Katakami, Toshihiro Tabata, Hideo Taniguchi

    2009 ( 13 )   111 - 118   2009

     More details

    Language:Japanese  

    J-GLOBAL

    researchmap

  • SEEdit: SELinux security policy configuration system with higher level language

    Yuichi Nakamura, Yoshiki Sameshima, Toshihiro Tabata

    Proceedings of the 23rd Large Installation System Administration Conference, LISA 2009   107 - 117   2009

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)  

    © LISA 2009. Security policy for SELinux is usually created by customizing a sample policy called refpolicy. However, describing and verifying security policy configurations is difficult because in refpolicy, there are more than 100,000 lines of configurations, thousands of elements such as permissions, macros and labels. The memory footprint of refpolicy which is around 5MB, is also a problem for resource constrained devices. We propose a security policy configuration system SEEdit which facilitates creating security policy by a higher level language called SPDL and SPDL tools. SPDL reduces the number of permissions by integrated permissions and removes label configurations. SPDL tools generate security policy configurations from access logs and tool user's knowledge about applications. Experimental results on an embedded system and a PC system show that practical security policies are created by SEEdit, i.e., describing configurations is semiautomated, created security policies are composed of less than 500 lines of configurations, 100 configuration elements, and the memory footprint in the embedded system is less than 500KB.

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/conf/lisa/2009

  • Dynamic OS Server Replacement Scheme for AnT

    藤原康行, 岡本幸大, 田端利宏, 乃村能成, 谷口秀夫

    情報処理学会シンポジウム論文集   2008 ( 14 )   201 - 206   2008.12

     More details

  • Realization and Evaluation of High Speed Fork & Exec System-Call by Recycling Resource on Tender

    SAEKI Kenji, TABATA Toshihiro, TANIGUCHI Hideo

    The IEICE transactions on information and systems   91 ( 12 )   2892 - 2903   2008.12

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • A Bayesian-filter-based Image Spam Filtering Method

    49 ( 9 )   3093 - 3103   2008.9

     More details

    Language:Japanese  

    In recent years, with the spread of the Internet, the increase in the number of spam has become one of the most serious problems. A recent report reveals that 91% of all e-mail exchanged in 2006 was spam. Using the Bayesian filter is a popular approach to distinguish between spam and legitimate e-mails. It applies the Bayes theory to identify spam. This filter proffers high filtering precision and is capable of detecting spam as per personal preferences. However, the number of image spam, which contains the spam message as an image, has been increasing rapidly. The Bayesian filter is not capable of distinguishing between image spam and legitimate e-mails since it learns from and examines only text data. Therefore, in this study, we propose an anti-image spam technique that uses image information such as file size. This technique can be easily implemented on the existing Bayesian filter. In addition, we report the results of the evaluations of this technique.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00009442/

  • Implementation and Evaluation of a Directory Oriented Buffer Cache Mechanism

    TABATA Toshihiro, KOTOGE Miyuki, NOMURA Yoshinari, TANIGUCHI Hideo

    The IEICE transactions on information and systems   91 ( 2 )   435 - 448   2008.2

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design and evaluation of a Bayesian-filter-based image spam filtering method

    Masahiro Uemura, Toshihiro Tabata

    Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008   46 - 51   2008

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    In recent years, with the spread of the Internet, the number of spam e-mail has become one of the most serious problems. A recent report reveals that 91% of all e-mail exchanged in 2006 was spam. Using the Bayesian filter is a popular approach to distinguish between spam and legitimate e-mails. It applies the Bayes theory to identify spam. This filter proffers high filtering precision and is capable of detecting spam as per personal preferences. However, the number of image spam, which contains the spam message as an image, has been increasing rapidly. The Bayesian filter is not capable of distinguishing between image spam and legitimate e-mails since it learns from and examines only text data. Therefore, in this study, we propose an anti-image spam technique that uses image information such as file size. This technique can be easily implemented on the existing Bayesian filter. In addition, we report the results of the evaluations of this technique. © 2008 IEEE.

    DOI: 10.1109/ISA.2008.84

    Web of Science

    Scopus

    researchmap

  • 機密情報の拡散追跡機能を利用した書き出し制御手法

    植村 晋一郎, 田端 利宏, 谷口 秀夫, 横山 和俊, 箱守 聰

    マルチメディア,分散,協調とモバイル(DICOMO2008)シンポジウム論文集   768 - 775   2008

     More details

  • Proposal of instant synchronous interprocess communication

    Toshihiro Tabata, Kazuhiro Fukutomi, Hideo Taniguchi

    Proceedings - 3rd International Conference on Convergence and Hybrid Information Technology, ICCIT 2008   2   146 - 149   2008

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    Interprocess communication (IPC) is often applied to cooperative processes and IPC performance largely determine the processing time. Here, we propose an instant synchronous IPC mechanism for preferential processing of high-priority data. In addition, we present that the results of an evaluation using an application program by using an imprecise computational model. © 2008 IEEE.

    DOI: 10.1109/ICCIT.2008.106

    Web of Science

    Scopus

    researchmap

  • I/O buffer cache mechanism based on the frequency of file usage

    Tatsuya Katakami, Toshihiro Tabata, Hideo Taniguchi

    Proceedings - 3rd International Conference on Convergence and Hybrid Information Technology, ICCIT 2008   2   76 - 82   2008

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    Most operating systems manage buffer caches for buffering I/O blocks, because I/O processing is slower than CPU processing. Application programs request I/O processing from files. In order to improve the performance of I/O processing, a buffer cache should be managed with regard to both blocks and files. This paper proposes an I/O buffer cache mechanism based on the frequency of file usage. This mechanism calculates the importance of each file. Then, blocks of important files are stored in a protected space. The blocks stored in the protected space are given priority for caching. We evaluated the proposed mechanism by kernel make processing. The results show that the proposed mechanism improves the processing time by 18 s (5.7%) as compared to the LRU algorithm. © 2008 IEEE.

    DOI: 10.1109/ICCIT.2008.107

    Web of Science

    Scopus

    researchmap

  • An Improved Recyclable Resource Management Method for Fast Process Creation and Reduced Memory Consumption

    Toshihiro Tabata, Hideo Taniguchi

    International Journal of Hybrid Information Technology (IJHIT)   1 ( 1 )   31 - 44   2008

     More details

  • Integrated access permission: Secure and simple policy description by integration of file access vector permission

    Takuto Yamaguchi, Toshihiro Tabata, Yuichi Nakamura

    Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008   40 - 45   2008

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    In pervasive computing, embedded systems have a possibility to be attacked by crackers, including 0-day attack, as well as enterprise systems. In particular, in a case where a cracker gets a root privilege, damages are significant. To resolve this problem, Security-Enhanced Linux (SELinux) is useful. However, SELinux has a problem that is significant complexity for configuration because of too fine-grained access control. As a method for resolving this problem, SELinux Policy Editor (SEEdit) has been developed; this is a tool that simplifies the SELinux configuration. SEEdit uses the Simplified Policy Description Language (SPDL) as a policy description language. In the SPDL, we define new access permissions that integrate Access Vector Permissions (AVPs) employed in SELinux to provide access permissions in a security policy. Thus, we propose a set of access permissions named Integrated Access Permissions (IAPs), which enables the achievement of a good balance between reducing the workload of the configurations and guaranteeing security in SELinux. In addition, we evaluate our IAPs and show them almost secure. © 2008 IEEE.

    DOI: 10.1109/ISA.2008.21

    Web of Science

    Scopus

    researchmap

  • Mechanism of regulating execution performance for process group by execution resource on tender operating system

    Toshihiro Tabata, Yoshinari Nomura, Hideo Taniguchi

    Systems and Computers in Japan   38 ( 14 )   63 - 78   2007.12

     More details

    Language:English   Publishing type:Research paper (scientific journal)  

    With increases in the performance of computers, it has become possible to provide a large number of services on a single computer. However, since the required execution performance can vary from service to service, it is necessary to guarantee execution performance for each service individually. In addition, it is common for a single service to be composed of multiple processes. Consequently, the ability to regulate execution performance for units consisting of multiple processes is desirable. Therefore, in this paper we propose a mechanism for regulating the execution performance of process groups using execution resources that encapsulate the assignable processor units designed for the Tender operating system. Specifically, executions are managed in a tree-structure and we then regulate execution performance by associating processes with these executions. In addition, we show via an implementation and evaluations that the proposed method is able to regulate the execution performance of process groups well and present an evaluation that makes use of a Web server. © 2007 Wiley Periodicals, Inc.

    DOI: 10.1002/scj.20403

    Scopus

    J-GLOBAL

    researchmap

  • Write Control Method by Using Diffusion Tracing Function of Classified Information

    大橋慶, 箱守聰, 箱守聰, 田端利宏, 横山和俊, 谷口秀夫

    情報処理学会シンポジウムシリーズ(CD-ROM)   2007 ( 1 )   690 - 697   2007

  • An intrusion detection system which can restore altered data

    Fumiaki Nagano, Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    Fourth International Conference on Information Technology and Applications, ICITA 2007   29 - 34   2007

     More details

    Publishing type:Research paper (international conference proceedings)  

    We propose an intrusion detection system. Our system can detect the alteration of data in memory and also can restore altered data. This type of intrusion detection system has been proposed variously so far. But many of them can detect only a part of attacks. And as far as we know, few of them can restore altered data. Our system can detect attacks which can not be detected by existing systems and also can restore altered data. Our system protects data in the kernel area using hash functions. The overhead of accessing the kernel area and using a hash function is high. But our system reduces the frequency of accessing the kernel area and using a hash function in safety.

    Scopus

    J-GLOBAL

    researchmap

  • Controlling CPU usage for processes with execution resource for mitigating CPU DoS attack

    Toshihiro Tabata, Satoshi Hakomori, Kazutoshi Yokoyama, Hideo Taniguchi

    Proceedings - 2007 International Conference on Multimedia and Ubiquitous Engineering, MUE 2007   141 - 146   2007

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    In a ubiquitous environment, the hardware resources are limited; thus, an appropriate resource management mechanism is required for guaranteeing its processing activity. However, most operating systems (OSs) lack an access control mechanism for CPU resources to guarantee satisfactory processing and to safeguard the system from malicious attacks that affect the CPU resources, resulting in denial of service (DoS). Access control is not intended for general OSs and CPU resources, which are important for the execution of a program. As a result, OSs cannot control the usage ratio of CPU resources. In this paper, we propose an access control model for CPU resources based on an execution resource. The proposed model can control the usage ratio of CPU resources appropriately for each program domain. This execution resource can be applied to mitigate DoS attacks. © 2007 IEEE.

    DOI: 10.1109/MUE.2007.111

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/mue/mue2007.html#TabataHYT07

  • A CPU usage control mechanism for processes with execution resource for mitigating CPU DoS attack

    Toshihiro Tabata, Satoshi Hakomori, Kazutoshi Yokoyama, Hideo Taniguchi

    International Journal of Smart Home   1 ( 2 )   109 - 128   2007

     More details

    Publishing type:Research paper (scientific journal)  

    In a ubiquitous environment, the hardware resources are limited; thus, an appropriate resource management mechanism is required for guaranteeing its processing activity. However, most operating systems (OSs) lack an access control mechanism for CPU resources to guarantee satisfactory processing and to safeguard the system from malicious attacks that affect the CPU resources, resulting in denial of service (DoS). Access control is not intended for CPU resources, which are important for the execution of a program. As a result, OSs cannot control the usage ratio of CPU resources. In this paper, we propose an access control model for CPU resources based on an execution resource. The proposed model can control the usage ratio of CPU resources appropriately for each user and each program domain. This execution resource can be applied to mitigate DoS attacks. In order to evaluate the effectiveness of the proposed method, we describe the results of a basic performance experiment and a DoS simulation experiment employing the Apache web server. From the results, we show that the proposed method can mitigate DoS attacks and does not have bad effects upon the performance of a target service.

    Scopus

    researchmap

  • A recyclable resource management method for fast process creation and reduced memory consumption

    Toshihiro Tabata, Hideo Taniguchi

    Proceedings The 2007 International Conference on Intelligent Pervasive Computing, IPC 2007   194 - 199   2007

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE COMPUTER SOC  

    The costs involved in process creation and termination make this procedure expensive. This procedure expensive, thus degrading the performance of program execution. To solve this problem, a fast process creation and termination mechanism is proposed. This mechanism is implemented by recycling process resources. In order to improve the efficiency of recycling, the management of preserved process resources for recycling is an important factor. In this paper, we propose an improved resource management method for recycling process resources and an adaptive control mechanism. In the method, only one process resource with a program image is preserved for each program that occurs with high frequency of program execution. The proposed method can reduce the amount of memory consumption for preserved process resources in a concurrent execution environment. We also describe the implementation of the proposed method on the Tender operating system and report the results of our experiments. © 2007 IEEE.

    DOI: 10.1109/IPC.2007.83

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/ipc/ipc2007.html#TabataT07

  • Evaluation for guarantee of service processing by regulating program execution resource

    箱守聰, 箱守聰, 田端利宏, 横山和俊, 谷口秀夫

    情報処理学会シンポジウム論文集   2007 ( 14 )   183 - 190   2007

  • Directory Oriented Buffer Cache Mechanism

    田端利宏, 小峠みゆき, 齊藤圭, 乃村能成, 谷口秀夫

    情報処理学会シンポジウム論文集   2006 ( 14 )   2006

  • Usage Control Model and Architecture for Data Confidentiality in a Database Service Provider

    SYALIM Amril, TABATA Toshihiro, SAKURAI Kouichi

    情報処理学会論文誌   47 ( 2 )   2006

  • An intrusion detection system using alteration of data

    Fumiaki Nagano, Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    Proceedings - International Conference on Advanced Information Networking and Applications, AINA   1   243 - 248   2006

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:IEEE  

    Attacks against data in memory are one of the most serious threats these days. Although many detection systems have been proposed so far, most of them can detect only part of alteration. Some detection systems use canaries to detect alteration. However, if an execution code has bugs that enable attackers to read data in memory, the system could be bypassed by attackers who can guess canaries. To overcome the problems, we propose a system using alteration of data. Our proposed system detects illegal alteration with verifier for vulnerable data. Verifier is made before vulnerable data could be altered by attackers, and verifier is checked when the program uses the vulnerable data. Part of Verifier is stored in kernel area to prevent attackers from reading data in user memory. Our approach can detect illegal alteration of arbitrary data in user memory. Our proposed system, moreover, does not have the problem systems using canaries have. © 2006 IEEE.

    DOI: 10.1109/AINA.2006.94

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/aina/aina2006.html#NaganoTST06

  • Active Modification Method of Program Control Flow for Efficient Anomaly Detection

    Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    GESTS International Transactions on Computer Science and Engineering   2006

     More details

  • Proposal of File Access Permission which has both Security and Simplified Configuration

    Takuto Yamaguchi, Yuichi Nakamura, Toshihiro TABATA

    PreProceedings of the 7th International Workshop on Information Security Applications (WISA2006)   2006

     More details

  • Actively modifying control flow of program for efficient anormaly detection

    Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   4252 LNAI - II   737 - 744   2006

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer's attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives. © Springer-Verlag Berlin Heidelberg 2006.

    DOI: 10.1007/11893004_94

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/kes/kes2006-2.html#TataraTS06

  • Proposal and Evaluation for Improvement of Corpus Separation in Bayesian Spam Filtering on Multi-lingual Environment

    IWANAGA MANABU, TABATA TOSHIHIRO, SAKURAI KOUICHI

    IPSJ journal   46 ( 8 )   1959 - 1966   2005.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Statistical filtering using Bayes theory, called Bayesian filtering, is studied for years, and after Graham published an essay "A plan for spam", many implementations of Bayesian filtering have developed. In multi-lingual email environment, which more than one language is used in incoming email, corpus for statistical filtering is usually separated into ones specified to each language. In this paper, we propose a new method in which a corpus is chosen for each token, and then we show the efficiency of our proposed method by experiments in comparison to traditional methods.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010556/

  • A Software Fingerprinting Scheme for Java Using Class Structure Transformation

    FUKUSHIMA KAZUHIDE, TABATA TOSHIHIRO, TANAKA TOSHIAKI, SAKURAI KOUICHI

    IPSJ journal   46 ( 8 )   2042 - 2052   2005.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Embedding personal identifiers as watermarks to software is effective in order to protect copyright of them. Monden et al. proposed program watermarking scheme for embedding arbiter character sequence to target Java class files. But their scheme can be used to embed only the same watermarking to all the programs. Thus, if we apply their scheme to embed users' personal identifiers, the watermark can be specified by comparing two or more users' program. This paper improve the problem by using a class structure transformation.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010564/

  • The Design and Evaluation of Anomaly Detection System Based on System Call

    TATARA KOHEI, TABATA TOSHIHIRO, SAKURAI KOUICHI

    IPSJ journal   46 ( 8 )   1967 - 1975   2005.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    In order to prevent attacks exploiting buffer overflow vulnerabilities, there are many researches of checking programs for abnormal behaviors based on history of system calls emitted by them. In this paper, the authors take into account control flow of the programs, and prove an efficiency of a method for modeling history of system calls in a Bayesian Network. We also consider a method for appropriate anomaly detection without false positives.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010557/

  • On the Security of Integration of SELinux Access Permissions

    TABATA TOSHIHIRO, SUEYASU KATSUYA, SAKURAI KOUICHI

    IPSJ journal   46 ( 4 )   1070 - 1073   2005.4

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    SELinux Policy Editor is a configuration tool for SELinux. As a part of its support of configuration, this tool simplifies the configuration of SELinux by integrating configuration items. However, the integration of configuration items may harm the fine-grained access control of SELinux. In this paper, we examine the effects of the simplification on access control policy and report the evaluation of the security about Apache web server.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010661/

  • A probabilistic method for detecting anomalous program behavior

    Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    Lecture Notes in Computer Science   3325   87 - 98   2005

     More details

    Publishing type:Research paper (international conference proceedings)  

    In this paper, we, as well as Eskin, Lee, Stolfo propose a method of prediction model. In their method, the program was characterized with both the order and the kind of system calls. We focus on a non-sequential feature of system calls given from a program. We apply a Bayesian network to predicting the N-th system call from the sequence of system calls of the length N - 1. In addition, we show that a correlation between several kinds of system calls can be expressed by using our method, and can characterize a program behavior. © Springer-Verlag Berlin Heidelberg 2004.

    DOI: 10.1007/978-3-540-31815-6_8

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/wisa/wisa2004.html#TataraTS04

  • An Abuse Prevention Technique of CPU Time by Using Execution Resource

    Toshihiro TABATA, Satoshi Hakomori, Hideo Taniguchi

    PreProc. of the 6th International Workshop on Information Security Applications (WISA2005)   2005

     More details

  • Program obfuscation scheme using random numbers to complicate control flow

    Tatsuya Toyofuku, Toshihiro Tabata, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   3823 LNCS   916 - 925   2005

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    For the security technology that has been achieved with software in the computer system and the protection of the intellectual property right of software, software protection technology is necessary. One of those techniques is called obfuscation, which converts program to make analysis difficult while preserving its function. In this paper, we examine the applicability of our program obfuscation scheme to complicate control flow and study the tolerance against program analysis. © IFIP International Federation for Information Processing 2005.

    DOI: 10.1007/11596042_94

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/euc/eucw2005.html#ToyofukuTS05

  • Some fitting of naive Bayesian spam filtering for Japanese environment

    Manabu Iwanaga, Toshihiro Tabata, Kouichi Sakurai

    Lecture Notes in Computer Science   3325   135 - 143   2005

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:SPRINGER-VERLAG BERLIN  

    Bayesian filtering is one of the most famous anti-spam measures. However, there is no standard implementation for treatment of Japanese emails by Bayesian filtering. In this paper, we compare several conceivable ways to treat Japanese emails about tokenizing and corpus separation. In addition, we give experimental results and some knowledge obtained by the experiments. © Springer-Verlag Berlin Heidelberg 2004.

    DOI: 10.1007/978-3-540-31815-6_12

    Web of Science

    Scopus

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/wisa/wisa2004.html#IwanagaTS04

  • Usage Control Model and Architecture for Data Confidentiality in Database Service Provider

    Amril Syalim, Toshihiro Tabata, Kouichi Sakurai

    Proc. of Indonesia Cryptology and Information Security Conference (INA-CISC) 2005   2005

  • A Software Fingerprinting Scheme for Java Using Class Structure Transformation

    福島和英, 田端利宏, 田中俊昭, 桜井幸一

    情報処理学会論文誌   46 ( 8 )   2005

  • The Design and Evaluation of Anomaly Detection System Based on System Call

    たたら講平, 田端利宏, 桜井幸一

    情報処理学会論文誌   46 ( 8 )   2005

  • Proposal and Evaluation for Improvement of Corpus Separation in Bayesian Spam Filtering on Multi-lingual Environment

    岩永学, 田端利宏, 桜井幸一

    情報処理学会論文誌   46 ( 8 )   2005

  • On the Security of Integration of SELinux Access Permissions

    田端利宏, 末安克也, 桜井幸一

    情報処理学会論文誌   46 ( 4 )   2005

  • A Mechanism of Regulating Execution Performance for Process Group by Execution Resource on Tender Operating System

    TABATA Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    The IEICE transactions on information systems Pt. 1   87 ( 11 )   961 - 974   2004.11

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Proposal of Anti-spam Scheme Combining Challenge-response and Bayesian Filtering

    IWANAGA MANABU, TABATA TOSHIHIRO, SAKURAI KOUICHI

    IPSJ journal   45 ( 8 )   1939 - 1947   2004.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Some anti-spam schemes are based on challenge-response, a principle that a recipient reads only messages from senders who are registered by the recipient. In these schemes, request for setup is sent to senders who are not registered. Since bounce messages are legitimate but MTA cannot reply to request, we should have some exception to receive for them. However, spammers can abuse this exception to send spam to users, disguising their spam with bounce messages. In this paper, we propose an improved scheme, combining challenge-response and Bayesian filtering, then perform some tests on the effect of our scheme to avoid those spam.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00010841/

  • Evaluation of detection of bounce-disguised spam by combining challenge-response and Bayeaian filtering

    Iwanaga Manabu, Tabata Toshihiro, Sakurai Kouichi

    Annual report of Computing and Communications Center, Kyushu University   ( 4 )   41 - 47   2004.3

     More details

    Language:Japanese   Publisher:Kyushu University  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design of Intrusion Detection System at User Level with System-Call Interposing.

    Toshihiro Tabata, Kouichi Sakurai

    263 - 268   2004

     More details

    Publishing type:Research paper (international conference proceedings)  

    researchmap

    Other Link: https://dblp.uni-trier.de/db/conf/icete/icete2004.html#TabataS04

  • A resource management method for improving recycling ratio in recycling process elements

    T Tabata, H Taniguchi

    8TH WORLD MULTI-CONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL V, PROCEEDINGS   203 - 208   2004

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:INT INST INFORMATICS & SYSTEMICS  

    A process is a program in execution. Processes can be executed concurrently in operating Systems (OS) and they may be created and be deleted dynamically. Process creation and termination are required for program execution. They axe an important processing, but the cost of them is expensive. The cost of them affects the execution performance of programs. We proposed a fast process creation and termination mechanism by recycling process elements. The management of preserved process elements is an important problem for recycling. We also proposed an efficient resource management for recycling process elements. The proposed method can reduce the amount of memory consumption of preserved resources. It focused on frequency of program execution, but it is insufficient to reduce the cost.
    In this paper, we propose an improved resource management method for recycling process elements. In the method, only one process element with program image is preserved for each program with high frequency in program execution. The method can reduce the amount of memory consumption of preserved process elements. We also describe the implementation of proposal method on Tender operating system and report the contents of experiments and the result of them.

    Web of Science

    researchmap

  • End-User Security Management with Mobile Agents

    Yuki KOTEGAWA, Toshihiro TABATA, Kouichi SAKURAI

    Proc. of the Third International Conference on Information (Info'2004), International Workshop on Information Assurance and Security   2004

     More details

  • Proposal and implementation of heterogeneous virtual storage coexisted of single virtual storage and multiple virtual storage

    T Tabata, H Taniguchi

    International Conference on Computing, Communications and Control Technologies, Vol 1, Proceedings   415 - 420   2004

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:INT INST INFORMATICS & SYSTEMICS  

    Most of Operating Systems (OSs) provide processes with virtual memory. One advantage of this technique is that programs can be larger than physical memory. In addition, this technique abstracts main memory into large address space and frees programmers from the limitation of main memory. Single Virtual Storage (SVS) or Multiple Virtual Storage (MVS) are implemented in current OSs, but SVS and MVS do not coexist in existing OSs. If they coexist in an operating system, users can make use of each advantage. In this paper, we propose Heterogeneous Virtual Storage (HVS). Because SVS and MVS can coexist in HVS, HVS can provide both of the advantages of SVS and MVS to users. We also describe about implementation of HVS on The EN-during operating system for Distributed Environment (Tender). After that, we explain contents of experiments and report that result.

    Web of Science

    researchmap

  • Proposal of Anti-spam Scheme Combining Challenge-response and Bayesian Filtering

    岩永学, 田端利宏, 桜井幸一

    情報処理学会論文誌   45 ( 8 )   2004

  • Proposal of Efficient Resource Management for Recycling Process Elements

    TABATA TOSHIHIRO, TANIGUCHI HIDEO

    44 ( 10 )   48 - 61   2003.7

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan (IPSJ)  

    Operating system controls a process to execute a program. A process is created for executing a program. Then the process is deleted when the program terminated. Processing of process creation needs creation of virtual address space and a read of program. The load of the processing is heavy. Therefore there are many researches for fast process creation. We proposed fast process creation mechanism by recycling process elements. Fast process creation and fast process deletion are realized by recycling process elements. However, reserved process elements consume memory resources. Therefore efficient resource management is necessary. This paper proposes efficient resource management for recycling process elements.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00018559/

  • Process Schedule Mechanism for Regulating Processing Time of Multiple Services

    TABATA Toshihiro, TANIGUCHI Hideo

    The Transactions of the Institute of Electronics,Information and Communication Engineers.   86 ( 7 )   458 - 468   2003.7

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Proposal and Evaluation of Process Restart Function by Initializing Data Segments

    TABATA Toshihiro, TANIGUCHI Hideo

    Transactions of Information Processing Society of Japan   44 ( 6 )   1538 - 1547   2003.6

     More details

    Authorship:Lead author   Language:Japanese   Publishing type:Research paper (scientific journal)   Publisher:Information Processing Society of Japan (IPSJ)  

    An operating system controls many processes to execute programs. The processing of process creation and process termination has a heavy load in an operating system. Therefore there are many techniques that can speed up process creation ; for example, sticky bit and the vfork system call are realized in UNIX. Furthermore, demand paging and copy-on-write are realized. Generally, specific programs are often executed repeatedly. For example, in the "make" command of UNIX, process creation and process termination are repeated, because a compiler is executed many times. We propose the function for restarting a process. The function is effective where specific programs are executed repeatedly, because the function can reduce the overhead of process creation and process termination. This paper describes the structure of a process and the function for restarting a process. This paper also reports the performance of the function.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00011209/

  • Evaluation of communication bandwidth control mechanism by regulating program execution speed

    Toshihiro Tabata, Yoshinari Nomura, Hideo Taniguchi

    Proceedings of the IASTED International Conference on Internet and Multimedia Systems and Applications   7   14 - 19   2003

     More details

    Publishing type:Research paper (international conference proceedings)  

    With the spread of the Internet, services that communicate to other services are increasing. Multimedia applications such as video on demand also ask for network Quality of Service (QoS). Thus, operating systems have to guarantee the allocation of computer resources to services. The computer resources are CPU, disk, network devices and so on. We suppose that the communications have to be controlled well, because services using network are increasing. This paper proposes the communication bandwidth control mechanism by regulating program execution speed. Our proposed mechanism is based on the process schedule method for regulating program execution speed. In the process schedule method, the operating system reserves the amount of CPU time of target processes and guarantees the allocation of CPU time on a sending host. Our proposed mechanism can guarantee a required data rate of target processes by allocating enough CPU time for communications. Because operating systems manage computer resources, they guarantee the allocation of CPU time if the process schedule method is implemented. The allocation of CPU time is not almost affected by non-target processes. This paper introduces the process schedule method and the implementation of it. This paper also shows how to control the communication bandwidth of target processes. Then this paper describes about an evaluation of our proposed mechanism.

    Scopus

    J-GLOBAL

    researchmap

  • Evaluation of obfuscation scheme focusing on calling relationships of fields and methods in methods

    Kazuhide Fukushima, Toshihiro Tabata, Kouichi Sakurai

    Proceedings of the IASTED International Conference on Communication, Network, and Information Security   108 - 113   2003

     More details

    Publishing type:Research paper (international conference proceedings)  

    Recently, Java has been spread widely. However, Java has a problem that an attacker can reconstruct Java source codes from Java classfiles. Therefore many techniques for protecting Java software have been proposed, but, quantitive security evaluations are not fully given. This paper proposes an obfuscation scheme for Java source codes by destructing the encapsulation. In addition, we propose an evaluation scheme on the number of accesses to the fields and the methods of the other classes. We try to realize tamper-resistant software with the certain quantitive basis of security using our evaluation.

    Scopus

    J-GLOBAL

    researchmap

  • Evaluation of Obfuscation Scheme for Java Focusing on Accessing Relationships of Fields and Methods between Classes

    Kazuhide FUKUSHIMA, Toshihiro TABATA, Kouichi SAKURAI

    Proc. of IASTED International Conference on Communication, Network, and Information Security (CNIS 2003)   2003

     More details

  • On the security of SELinux with a simplified policy

    Katsuya Sueyasu, Toshihiro Tabata, Kouichi Sakurai

    Proceedings of the IASTED International Conference on Communication, Network, and Information Security   79 - 84   2003

     More details

    Publishing type:Research paper (international conference proceedings)  

    Security-Enhanced Linux (SELinux) is a secure operating system. SELinux implements some features in order to perform strong access control. However, the configuration of SELinux access control becomes very complex. Such complexity may cause misconfiguration which can harm the strong access control. SELinux Policy Editor is a configuration tool for SELinux. It is developed in order to reduce the complexity and the risk of misconfiguration. As a part of its support of configuration, this tool simplifies the configuration of SELinux by integrating configuration items for complicated access control policy of SELinux. Although we can originally define and use macros which integrate permissions in SELinux access control policy, the integrated permissions of SELinux Policy Editor and the macros differ fundamentally in whether the use of them is mandatory or discretionary. In this paper, we examine effects of the simplification by SELinux Policy Editor on an example access control policy and evaluate the security of the access control based on the simplified policy about Apache, a web server software.

    Scopus

    J-GLOBAL

    researchmap

  • Route Detecting System using Multi-Agent for Mobile Agents

    Yuki KOTEGAWA, Toshihiro TABATA, Kouichi SAKURAI

    Proc. of International Symposium on Information Science and Electrical Engineering 2003 (ISEE 2003)   2003

     More details

  • Preventing Spam Disguised as Error Mail

    Manabu IWANAGA, Toshihiro TABATA, Kouichi SAKURAI

    Proc. of International Symposium on Information Science and Electrical Engineering 2003 (ISEE 2003)   2003

     More details

  • Evaluation of anti-spam method combining Bayesian filtering and strong challenge and response

    Manabu Iwanaga, Toshihiro Tabata, Kouichi Sakurai

    Proceedings of the IASTED International Conference on Communication, Network, and Information Security   214 - 219   2003

     More details

    Publishing type:Research paper (international conference proceedings)  

    Recently, various schemes against spam are proposed because of rapid increasing of spam. Some schemes are based on sender whitelisting with auto registration, a principle that a recipient reads only messages from senders who are registered by the recipient, and a sender have to perform some procedure to be registered (challenge-response.) In these schemes, some exceptions are required to show error mail to a sender of an original message. However, spammers can abuse this exception to send spam to users. We have proposed improved scheme in [1], combining challenge-response and Bayesian filtering. In this paper, we make tests on our scheme and a scheme using only Bayesian filtering to show efficiency of our scheme.

    Scopus

    J-GLOBAL

    researchmap

  • Proposal and Evaluation of Process Restart Function by Initializing Data Segments

    田端利宏, 谷口秀夫

    情報処理学会論文誌   44 ( 6 )   2003

  • Proposal of Efficient Resource Management for Recycling Process Elements

    田端利宏, 谷口秀夫

    情報処理学会論文誌   44 ( SIG10(ACS2) )   2003

  • Efficient Resource Management for Recycling Process Elements.

    田端利宏, 谷口秀夫

    情報処理学会シンポジウム論文集   2002 ( 18 )   2002

  • Guarantee of Service Processing Time of Process Group for Multimedia Application

    Toshihiro TABATA, Yoshinari NOMURA, Hideo TANIGUCHI

    Proc. of Pan-Yellow-Sea International Workshop on Information Technologies for Network Era (PYIWIT'02)   2002

     More details

  • Implementation and evaluation of multiple processes control mechanism for regulating program execution speed Reviewed

    Toshihiro Tabata, Hideo Taniguchi, Kazuo Ushijima

    International Workshop on Principles of Software Evolution (IWPSE)   2000-January   316 - 320   2000

     More details

    Language:English   Publishing type:Research paper (international conference proceedings)   Publisher:Institute of Electrical and Electronics Engineers Inc.  

    © 2001 IEEE. If it is possible to regulate program execution speed, we can control program execution speed arbitrarily regardless of hardware performance to improve convenience of service. We proposed mechanism to regulate program execution speed. The proposed mechanism can control only one process, but can't control multiple processes. However, since in most cases one service consists of multiple processes, it is necessary to establish multiple processes control mechanism for regulating program execution speed. There are numerous combinations of processes when multiple processes are controlled. Therefore the execution speed of all processes need to be regulated smoothly in all combinations. We show basic mechanism for regulating program execution speed, and describe the problem and treatment for multiple processes control mechanism. And this paper reports the result of evaluation.

    DOI: 10.1109/ISPSE.2000.913253

    Scopus

    researchmap

  • New Directions in System Software. Guarantee of Service Processing Time by Execution on Tender Operating System.

    田端利宏, 谷口秀夫

    情報処理学会論文誌   41 ( 6 )   2000

  • Tender Operating System Based on Mechanism of Resource Independence.

    谷口秀夫, 青木義則, 後藤真孝, 村上大介, 田端利宏

    情報処理学会論文誌   41 ( 12 )   2000

  • Implementation and Evaluation of Speed Control Mechanism of Program Execution on Resource Execution on Tender.

    田端利宏, 谷口秀夫

    情報処理学会論文誌   40 ( 6 )   1999

▼display all

Books

  • Advances in Information and Computer Security - IWSEC 2012

    Springer-Verlag  2012 

     More details

MISC

  • LKMを介したSeccompフィルタの適用によるアクセス制御手法の提案と評価

    山内利宏, 山内利宏, 吉元亮太

    情報処理学会研究報告(Web)   2021 ( CSEC-93 )   2021

  • Improvement for Detection Method of Transition to Unwanted Website Focusing on URL Bar Switching Interval and Evaluation Using Data of Demonstration Experiment

    9 - 16   2020.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Large-Scale Survey on Secure Development of IoT Devices by Software Analysis and Vendor Interview

    875 - 882   2020.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Proposal of Method of Page Transition Visualization and Survey of Page Transitions in Android

    551 - 558   2020.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Evaluation of Exclusive Page Reference Mechanism Capability for Kernel Data

    葛野弘樹, 山内利宏

    情報科学技術フォーラム講演論文集   19th   2020

  • Design and Implementation of Exclusive Page Reference Mechanism Mitigates Kernel Vulnerability Attack

    ( 2019 )   660 - 667   2019.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Expanding Detectable Privilege Escalation Attacks and Reducing Overhead by Guest OS Monitoring Using Single Hook Point

    ( 2019 )   144 - 151   2019.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Selective Usage Method of Resource Pooling Function on Tender

    林里咲, 山内利宏, 谷口秀夫

    情報科学技術フォーラム講演論文集   20th   2021

  • Malware Classification by Deep Learning Using the Characteristics of Hash Functions

    馬場隆寛, 馬場謙介, 山内利宏

    情報科学技術フォーラム講演論文集   20th   2021

  • 攻撃ユーザプロセスの利用するカーネルコードの追跡と特定手法の提案と評価

    葛野弘樹, 山内利宏

    情報科学技術フォーラム講演論文集   20th   2021

  • Evaluation of Memory Access Performance in NUMA Architecture

    島谷隼生, 山内利宏, 谷口秀夫, 佐藤将也

    情報科学技術フォーラム講演論文集   20th   2021

  • Evaluation of OFF2F Program Using Pseudo Non-Volatile Memory

    額田哲彰, 佐藤将也, 山内利宏, 谷口秀夫

    情報科学技術フォーラム講演論文集   20th   2021

  • Twitterで収集されたAndroidアプリのアクセシビリティサービスの利用率とAPI Levelの分析

    市岡秀一, 三村隆夫, 中嶋淳, 山内利宏

    電子情報通信学会技術研究報告(Web)   121 ( 118(ISEC2021 10-40) )   2021

  • カーネル仮想記憶空間における排他的ページ参照機構の実現方式と性能評価

    葛野弘樹, 山内利宏

    電子情報通信学会技術研究報告(Web)   120 ( 384(ICSS2020 26-59) )   2021

  • Proposal of Method to Support Analysis by Structuring Cyber Threat Intelligence

    藤井翔太, 藤井翔太, 川口信隆, 重本倫宏, 山内利宏

    情報処理学会研究報告(Web)   2021 ( CSEC-92 )   2021

  • Analysis focusing on commands of telnet logs on IoT devices

    山内利宏, 山内利宏, 吉元亮太, 吉岡克成

    情報処理学会全国大会講演論文集   83rd ( 3 )   2021

  • Analysis of HTTP Response between Landing Website and Malicious Website in Android

    川島千明, 市岡秀一, 山内利宏

    情報処理学会研究報告(Web)   2021 ( CSEC-92 )   2021

  • 計算機状態の高速な保存と復元を可能にする不揮発性メモリ向けTenderのプレート機能の実現

    田中雅大, 山内利宏, 谷口秀夫

    情報処理学会研究報告(Web)   2021 ( OS-151 )   2021

  • Tenderにおける2種類の管理単位を持つ資源「実メモリ」の設計と実現

    楠恒輝, 山内利宏, 谷口秀夫

    情報処理学会研究報告(Web)   2021 ( OS-151 )   2021

  • Evaluation of Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites Using Demonstration Experiment Data

    21 - 28   2020.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Design and Implementation of Kernel Address Isolation for Container

    859 - 866   2020.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • 悪性Webサイトの探索によるモバイル向けブラックリスト構築手法の評価

    石原 聖, 佐藤 将也, 山内 利宏

    第82回全国大会講演論文集   2020 ( 1 )   441 - 442   2020.2

     More details

    Language:Japanese  

    モバイル端末において,利用者の意図しないWebサイトへ誘導する攻撃が存在する.この攻撃への対策の1つとして,URLやホスト名のブラックリストを構築し,悪性Webサイトへのアクセスを未然に防止する手段がある.そこで,我々は,悪性Webサイトを探索し,モバイル向けのブラックリストを構築する手法を提案した.また,構築したブラックリストについて,悪性Webサイト検知率の評価を行った.しかし,悪性Webサイトの探索期間が短く,十分な評価が行われていない.本稿では,より長い期間の探索により構築したブラックリストを用いて,悪性Webサイト検知率の評価を行った結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • Tenderの資源プール機能における資源量の可視化機能

    林 里咲, 山内 利宏, 谷口 秀夫

    第82回全国大会講演論文集   2020 ( 1 )   39 - 40   2020.2

     More details

    Language:Japanese  

    オペレーティングシステムにおいて,プロセス生成処理は,空間の生成やプログラム読み込みといった処理を行うため,負荷が大きい.そこで,分散指向永続オペレーティングシステムTenderでは,プロセス削除時にプロセスを構成する資源を削除せずに保持し,プロセス生成時に再利用することで,プロセスの生成処理と削除処理を高速化する資源プール機能を実現している.資源プール機能をより効率的に使用するためには,資源プール内に保持している資源について,計算機管理者が正確に把握する必要がある.本稿では,資源プール内の資源量と,資源プール機能に対して行われる資源の生成要求と削除要求を取得する機能を実現する手法を述べる.

    CiNii Article

    CiNii Books

    researchmap

  • Tenderにおける資源「実メモリ」の機能拡張

    楠 恒輝, 山内 利宏, 谷口 秀夫

    第82回全国大会講演論文集   2020 ( 1 )   51 - 52   2020.2

     More details

    Language:Japanese  

    一つの計算機において,プログラムを実行するコアの数を増加させるうえで,NUMA構成が有効である.Tenderでは,UMA構成を意識した実メモリ管理を行っているため,NUMA構成のノード毎に分割された実メモリを有効に扱えない.このため,Tenderの実メモリ管理のNUMA構成への対応が課題である.Tenderでは,実メモリを資源「実メモリ」として管理しており,現在の資源管理で管理できる実メモリは256MBまでである.しかし,現在のNUMA構成の計算機は,少ないもので64GB程度の実メモリを搭載している.本稿では,Tenderの実メモリ管理機能の拡張ついて述べる.

    CiNii Article

    CiNii Books

    researchmap

  • Implementation of Resource “Physical Memory” Extension in Tender

    楠恒輝, 山内利宏, 谷口秀夫

    電気・情報関連学会中国支部連合大会講演論文集(CD-ROM)   71st   2020

  • マルチコアTenderにおけるコア間遠隔手続呼出制御処理の高速化と機能拡充

    藤戸宏洋, 山内利宏, 谷口秀夫

    情報処理学会研究報告(Web)   2020 ( OS-148 )   2020

  • Method of Generating Blacklist by Searching Malicious Mobile Websites

    ( 2019 )   1025 - 1032   2019.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Protection of Privileges Using ARM TrustZone in Privilege Escalation Attack Prevention Method

    ( 2019 )   581 - 588   2019.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Proposal on Fine-Grained Reduction Method of Redundant Security Policy by Replacing typeattributeset Statement

    ( 2019 )   668 - 675   2019.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Unwanted Web Site Classification for Android

    ( 2019 )   1011 - 1016   2019.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Detection Method of Transition to Unwanted Website Focusing on URL Bar Switching Interval in Android

    ( 2019 )   1017 - 1024   2019.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Consideration of Visualization Mechanism to Support Diffusion Tracing Function of Classified Information on KVM

    Takumi Honda, Hideaki Moriyama, Toshihiro Yamauchi

    2019 ( 1 )   431 - 432   2019.2

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    CiNii Books

    researchmap

  • Method of Timely Detecting for Tracing Diffusion of Classified Information

    Hideaki Moriyama, Toshihiro Yamauchi, Masaya Sato, Hideo Taniguchi

    2019 ( 1 )   25 - 26   2019.2

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    CiNii Article

    CiNii Books

    researchmap

  • KVMを利用した機密情報の拡散追跡機能におけるファイルパス取得処理削減の評価

    荒木 涼, 森山 英明, 山内 利宏

    第81回全国大会講演論文集   2019 ( 1 )   433 - 434   2019.2

     More details

    Language:Japanese  

    計算機内で管理されている機密情報は,外部に漏えいすることで,企業や個人にとって大きな損失となる.機密情報を保有するファイルの外部への拡散を検知するために,仮想計算機モニタ(VMM)を利用した機密情報の拡散追跡機能を提案し,実現している.この機能では,機密情報を保有するファイルを操作するシステムコールをフックして情報を取得することで,検知及び拡散経路の通知を可能としている.一方,フックによるシステム応答が問題となっており,いくつかの高速化手法を提案されている. 本稿では,KVMを用いた機密情報の拡散追跡機能について,拡散情報の一つであるファイルパス取得処理削減による高速化を適用した際の評価結果について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • KVMにおける機密情報の拡散追跡機能を用いた複数VM監視手法の評価

    岡崎 俊樹, 森山 英明, 山内 利宏, 佐藤 将也, 谷口 秀夫

    第81回全国大会講演論文集   2019 ( 1 )   429 - 430   2019.2

     More details

    Language:Japanese   Publishing type:Research paper, summary (national, other academic conference)  

    機密情報を計算機上で扱う機会の増加により,計算機外部に機密情報が漏えいする事例が増加している.そこで,計算機内部における機密情報の拡散状況を把握する機能として,仮想計算機モニタであるKVMを利用した機密情報の拡散追跡機能を提案した.また,KVMにおける機密情報の拡散追跡機能を拡張し,複数の監視対象 VMにおける機密情報拡散をVMM上で一元的に追跡する機構(以降,複数VM監視機構)を提案した.本稿では,複数VM監視機構に関する評価として,複数のVMを同時に操作する状況を想定し,提案手法を評価した結果について報告する.

    CiNii Article

    CiNii Books

    researchmap

  • Implementation of Display Function for Tracing Diffusion of Classified Information on KVM

    Record of Joint Conference of Electrical and Electronics Engineers in Kyushu   2019 ( 0 )   132 - 132   2019

     More details

    Language:Japanese   Publisher:Committee of Joint Conference of Electrical, Electronics and Information Engineers in Kyushu  

    DOI: 10.11527/jceeek.2019.0_132

    CiNii Article

    researchmap

  • KVM上のゲストOSにおける権限の変更に着目した権限昇格攻撃防止手法の評価

    福本淳文, 山内利宏

    情報科学技術フォーラム講演論文集   18th   2019

  • カーネルに対する攻撃における独自の仮想記憶空間の切替え手法の検出能力と防御手法

    葛野弘樹, 葛野弘樹, 山内利宏

    情報処理学会研究報告(Web)   2019 ( CSEC-84 )   2019

  • カーネル脆弱性を利用した攻撃に対する仮想記憶空間の切替え処理の保護と改ざん検出

    葛野弘樹, 葛野弘樹, 山内利宏

    情報科学技術フォーラム講演論文集   18th   2019

  • 64-bit ARM環境における権限の変更に着目した権限昇格攻撃防止手法の評価

    吉谷亮汰, 山内利宏

    情報科学技術フォーラム講演論文集   18th   2019

  • KVM上のゲストOSにおける権限の変更に着目した権限昇格攻撃防止手法の実現

    福本淳文, 山内利宏

    情報処理学会研究報告(Web)   2019 ( CSEC-84 )   2019

  • 難読化JavaScriptコード解析支援システムの自動化の実現

    上原渓一郎, 山内利宏

    情報処理学会研究報告(Web)   2019 ( CSEC-84 )   2019

  • 過去のNIC負荷とプロセスのデータ送信量を考慮した複数NIC間での負荷分散法 Reviewed

    谷口 秀夫, 吉田 泰三, 山内 利宏, 佐藤 将也

    第26回マルチメディア通信と分散処理ワークショップ論文集   68 - 73   2018.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • KVMを利用した機密情報の拡散追跡機能におけるファイルアクセス性能の評価

    森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報科学技術フォーラム講演論文集   17th   147‐148   2018.9

     More details

    Language:Japanese  

    J-GLOBAL

    researchmap

  • 権限の変更に着目した権限昇格攻撃防止手法のARMへの拡張 (情報セキュリティ)

    吉谷 亮汰, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   118 ( 151 )   177 - 183   2018.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    J-GLOBAL

    researchmap

  • SELinux CILを利用した不要なポリシ削減手法の提案 (情報セキュリティ)

    齋藤 凌也, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   118 ( 151 )   185 - 192   2018.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • KVMを利用した機密情報の拡散追跡機能における高速化の評価

    森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報処理学会全国大会講演論文集   2018 ( 1 )   1 - 2   2018.3

     More details

  • AnT の要求箱通信機能を利用した処理の多重化

    本田 紘貴, 佐藤 将也, 山内 利宏, 谷口 秀夫

    第80回全国大会講演論文集   2018 ( 1 )   127 - 128   2018.3

     More details

    Language:Japanese  

    AnT は,マイクロカーネル構造OSである.マイクロカーネル構造OSでは,OS機能の大半をOSサーバとして実現する.このため,OSサーバ間でのサーバプログラム間通信が必要となる.AnT におけるサーバプログラム間通信機構には,要求箱通信方式がある.要求箱通信方式では,要求箱とよばれる領域を作成する.依頼プロセスはこの領域に依頼を登録することで,OSサーバを定めることなく通信できる.この要求箱通信方式とバックグラウンドで処理を行う影OSサーバを用いることで,依頼プロセスが意識せず同じ処理を多重に実行することができる.そこで,本稿では,AnT の要求箱通信機能を利用した処理の多重化を提案する.

    CiNii Article

    CiNii Books

    researchmap

  • 独自のカーネル用仮想記憶空間を用いたカーネルモジュール監視手法

    葛野弘樹, 葛野弘樹, 山内利宏

    情報処理学会シンポジウムシリーズ(CD-ROM)   2018 ( 2 )   2018

  • マルチコアTenderにおけるメモリを介した遠隔手続呼出制御の方式の設計

    藤戸宏洋, 山内利宏, 谷口秀夫

    情報処理学会研究報告(Web)   2018 ( OS-144 )   2018

  • 権限昇格攻撃防止手法における権限の格納位置のランダム化

    吉谷亮汰, 山内利宏

    情報処理学会シンポジウムシリーズ(CD-ROM)   2018 ( 2 )   2018

  • AndroidにおけるWebViewのWebアクセス観測機構を利用した悪性Webサイトの脅威分析と対策の提案

    今村祐太, 折戸凜太郎, CHAIKAEW Kritsana, CHAIKAEW Kritsana, MANARDO Celia, MANARDO Celia, LEELAPRUTE Pattara, 佐藤将也, 山内利宏

    情報処理学会シンポジウムシリーズ(CD-ROM)   2018 ( 2 )   2018

  • スタック領域へのガードページ挿入による戻りアドレス書き換え防止手法

    溝内剛, 上川先之, 山内利宏

    情報処理学会研究報告(Web)   2018 ( CSEC-80 )   2018

  • AndroidにおけるWebViewのWebアクセス観測機構

    今村 祐太, 上川 先之, 石原 靖弘, 佐藤 将也, 山内 利宏

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • WindowsにおけるUse-After-Free脆弱性攻撃防止手法

    伴 侑弥, 山内 利宏

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

  • 仮想計算機を用いた重要ファイル保護手法

    佐藤 将也, 山内 利宏, 谷口 秀夫

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

  • KVM上の複数VMの動作に対応した機密情報の拡散追跡機能

    岡崎俊樹, 森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報処理学会シンポジウムシリーズ(CD-ROM)   2017 ( 2 )   ROMBUNNO.3D3‐1   2017.10

     More details

  • プロセスの複製による可用性を考慮したライブフォレンジック手法のマルチコア対応と評価

    時松 勇介, 山内 利宏, 谷口 秀夫

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • API操作ログ取得による難読化JavaScriptコード解析支援システム

    上川 先之, 山内 利宏

    コンピュータセキュリティシンポジウム2017論文集   2017 ( 2 )   2017.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • 特集「高度化するサイバー攻撃に対応するコンピュータセキュリティ技術」の編集にあたって

    山内 利宏

    情報処理学会論文誌   58 ( 9 )   1387 - 1387   2017.9

     More details

  • KVMにおける機密情報の拡散追跡機能の高速化

    森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報科学技術フォーラム講演論文集   16th   191‐192   2017.9

     More details

    Language:Japanese  

    J-GLOBAL

    researchmap

  • Editor’s message to special issue of computer security technologies against sophisticated cyber attacks

    Toshihiro Yamauchi

    Journal of Information Processing   25 ( 0 )   852 - 853   2017.9

     More details

    Language:English   Publisher:Information Processing Society of Japan  

    DOI: 10.2197/ipsjjip.25.852

    Scopus

    researchmap

  • Use-After-Free脆弱性攻撃防止手法におけるメモリ解放契機の評価 (情報セキュリティ)

    伴 侑弥, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 125 )   149 - 155   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    J-GLOBAL

    researchmap

  • プロセス管理表へのアクセス制御機能の評価 (マルチメディア情報ハイディング・エンリッチメント)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 128 )   157 - 163   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • Use-After-Free脆弱性攻撃防止手法におけるメモリ解放契機の評価 (マルチメディア情報ハイディング・エンリッチメント)

    伴 侑弥, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 128 )   149 - 155   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • プロセス管理表へのアクセス制御機能の評価 (情報セキュリティ)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 125 )   157 - 163   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    J-GLOBAL

    researchmap

  • プロセス管理表へのアクセス制御機能の評価 (技術と社会・倫理)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 126 )   157 - 163   2017.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • OS資源をノード毎に管理するTenderの構成

    須頭 滉平, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   165 - 166   2017.3

     More details

    Language:Japanese  

    複数のマルチコアプロセッサを搭載するNUMA構成計算機は,サーバなどの高い性能が要求される分野において利用されている. NUMA環境では,コアとメモリの関係を意識したメモリ管理が重要となる.ここで, Tenderオペレーティングシステムでは,マルチコアプロセッサ対応方式として,OS資源を一元的に排他制御し管理する共有型方式とOS資源をコア毎に管理する個別型方式が提案されている.NUMA環境において,共有型方式では,異なるノード間でのメモリアクセス,個別型方式では,コア間の連携がオーバヘッドとなり,性能低下の原因となる.そこで,本稿では,NUMA環境に適した,OS資源をノード毎に管理するTenderオペレーティングシステムの構成について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • Tenderの再利用機能における未使用資源の削除機能

    田村 大, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   167 - 168   2017.3

     More details

    Language:Japanese  

    Tenderオペレーティングシステムでは,オペレーティングシステムが制御し管理する対象である資源を分離し独立化して管理している.このため,Tenderオペレーティングシステムにおけるプロセスは複数の資源から構成され,個々の資源は独立して存在できる.そこで,プロセスを構成する資源が必要になる前に事前生成したり再利用するために削除せずにメモリ上に未使用資源として保持し,プロセス生成時に使用することで,プロセス生成処理を高速化している.しかし,事前生成と再利用によりメモリ上に保持する資源は,使用されなければメモリ上に保持され続ける問題がある.そこで,本稿では,使用されない資源の削除機能について提案する.

    CiNii Article

    CiNii Books

    researchmap

  • プロセッサの違いに着目した走行モード変更機構の評価

    福居 誠二, 佐藤 将也, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   169 - 170   2017.3

     More details

    Language:Japanese  

    システムコールの発行は,プロセスの走行モードの変更を伴うため,多くのシステムコールの発行を伴う処理において走行モードの変更は大きなオーバヘッドとなる.このオーバヘッドを削減する手法として,プロセスを任意の時点でスーパバイザモードに変更可能にする走行モード変更機構を提案した.また,OS空間を保護するために,仮想空間切り替え方式とセグメント切り替え方式を提案した.ここで,走行モードの変更に伴うオーバヘッドはプロセッサの性能による影響が大きい.本稿では,プロセッサの性能の異なる計算機としてPentium 4とCore i7を搭載した計算機を用い,プロセッサの違いに着目した走行モード変更機構の評価を行う.

    CiNii Article

    CiNii Books

    researchmap

  • 未参照バッファ数に着目した入出力バッファ分割法におけるWebサーバ応答時間の評価

    河辺 誠弥, 山内 利宏, 乃村 能成, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   171 - 172   2017.3

     More details

    Language:Japanese  

    利用者が優先したい処理の実行処理時間を短縮する方式として,ディレクトリ優先方式を提案した.ディレクトリ優先方式は,入出力バッファを優先領域とその他の領域に分割し,指定したディレクトリ下のファイルを優先的にキャッシュする.しかし,優先的にキャッシュするファイルが入出力バッファを圧迫し,それらのファイル以外のファイルのキャッシュヒット率が低下することにより,計算機全体の性能低下を招いてしまう問題がある.そこで,一定期間内に参照されていないバッファ数に着目し,入出力バッファを分割する方式を提案した.提案方式では,優先的にキャッシュされたファイルをキャッシュする領域の下限と減少量を設定することで,優先ファイルのキャッシュヒット率を低下しすぎないようにする.本稿では,提案方式について,Webサーバを使用した評価結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • AndroidにおけるWebViewのWebアクセス観測機構の提案

    今村 祐太, 上川 先之, 工藤 直樹, 佐藤 将也, 山内 利宏

    第79回全国大会講演論文集   2017 ( 1 )   551 - 552   2017.3

     More details

    Language:Japanese  

    Androidを標的とする悪性なWebコンテンツを利用した攻撃が存在する.攻撃を防止するためには,Webアクセスを観測し,攻撃の特性を調査する必要がある.ここで,AndroidにおけるWebアクセスには,Webブラウザによるもの以外に,WebViewを利用するAndroidアプリケーションによるものが存在する.WebブラウザによるWebアクセスはプラグインを用いて観測可能である.一方,WebViewを利用したWebアクセスを観測する機構は存在しない.そこで,本稿では,AndroidにおけるWebViewのWebアクセス観測機構を提案する.提案手法は,WebViewの改変により,WebViewを利用する全てのAndroidアプリケーションのWebアクセスを観測可能にする.

    CiNii Article

    CiNii Books

    researchmap

  • KVMにおける機密情報の拡散追跡機能における性能改善策

    森山英明, 山内利宏, 佐藤将也, 谷口秀夫

    情報処理学会全国大会講演論文集   2017 ( 1 )   13 - 14   2017.3

     More details

  • マルチコアAnTのスケジュール機構における優先度逆転抑制効果

    鴨生 悠冬, 佐藤 将也, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   157 - 158   2017.3

     More details

    Language:Japanese  

    オペレーティングシステムは,サービスの要望に即したプロセスのスケジュールが求められるため,優先度逆転を抑制する必要がある.特にマイクロカーネル構造OSでは,OSサーバ間通信において優先度逆転が発生する可能性がある.また,コア毎に独立したスケジューラは,マイクロカーネル構造OSの性能を左右するプロセス切替のオーバヘッドが小さい特徴を持つ.一方,他コア上のプロセス情報を操作できないため,コア間通信を必要とする.そこで,コア毎に独立したスケジューラを有するマイクロカーネル構造OSのAnTにおいて,OSサーバ間通信における優先度逆転を抑制し,かつコア間通信回数を削減するスケジュール機構を提案した.本稿では,このスケジュール機構の優先度逆転抑制効果を計算サーバにより評価した結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • マイクロカーネルOSにおけるNICドライバプロセスの入替え性能の比較

    澤田 淳, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   161 - 162   2017.3

     More details

    Language:Japanese  

    マイクロカーネル構造を有するAnT オペレーティングシステムにおいて,APプロセスが利用中である場合のNICドライバプロセスの入替え時間とデータ送信時間が分析されている.本稿では,NICドライバプロセスの入替え時間とデータ送信時間を分析することで,MINIX3とAnT のOSサーバ入替え性能を比較する.

    CiNii Article

    CiNii Books

    researchmap

  • サーバの並列処理を促進するAnTの一括依頼並列処理機能

    村岡 勇希, 佐藤 将也, 山内 利宏, 谷口 秀夫

    第79回全国大会講演論文集   2017 ( 1 )   163 - 164   2017.3

     More details

    Language:Japanese  

    マイクロカーネルOSであるAnTでは,OSサーバへ依頼する処理の依頼情報を制御用ICAに格納し,シーケンシャルに処理する.そこで,本稿では,複数個の制御用ICAを一括して処理依頼することで複数の依頼情報の処理を並列処理する一括依頼並列処理機能について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • <i>Tender</i>におけるプロセス構成資源の事前生成による高速プロセス生成機能の評価

    田村 大, 佐藤 将也, 山内 利宏, 谷口 秀夫

    コンピュータシステム・シンポジウム論文集   ( 2016 )   94 - 101   2016.11

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • <i>Tender</i>における資源「入出力」の評価

    佐野 弘尚, 山内 利宏, 谷口 秀夫

    コンピュータシステム・シンポジウム論文集   ( 2016 )   20 - 27   2016.11

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Cordovaを利用したハイブリッドアプリケーションにおけるプラグインのアクセス制御方式

    工藤 直樹, 山内 利宏

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   450 - 457   2016.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • システムコール処理による権限の変化に着目した権限昇格攻撃の防止手法

    赤尾 洋平, 山内 利宏

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   542 - 549   2016.10

     More details

  • CPUエミュレータを利用した実行コード解析システムの提案

    上川 先之, 山内 利宏

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   668 - 675   2016.10

     More details

  • 制御システムの可用性を考慮したプロセスの複製によるライブフォレンジック手法の提案

    時松 勇介, 山内 利宏

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   84 - 91   2016.10

     More details

  • 攻撃回避のためのファイル不可視化手法の提案

    佐藤 将也, 山内 利宏, 谷口 秀夫

    コンピュータセキュリティシンポジウム2016論文集   2016 ( 2 )   224 - 228   2016.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • プロセス情報不可視化のための仮想計算機モニタによるメモリアクセス制御機能の評価 (情報セキュリティ)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   116 ( 129 )   153 - 159   2016.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • Special section on information and communication system security

    Toshihiro Yamauchi

    IEICE Transactions on Information and Systems   E99D ( 4 )   785 - 786   2016.4

     More details

  • D-6-24 Evaluation of Time Stamp Counter on Multi-core Processor

    Sano Hironao, Fujii Shota, Horii Motoshi, Teraoka Akihiko, Yamauchi Toshihiro, Matsuoka Takeshi, Etoh Fumiharu, Fukui Hidemichi, Iwasaki Shuji

    Proceedings of the IEICE General Conference   2016 ( 1 )   78 - 78   2016.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • D-6-23 Performance Evaluation of Inter-core Communication on Multi-core Processor

    Fujii Shota, Horii Motoshi, Sano Hironao, Teraoka Akihiko, Yamauchi Toshihiro, Matsuoka Takeshi, Etoh Fumiharu, Fukui Hidemichi, Iwasaki Shuji

    Proceedings of the IEICE General Conference   2016 ( 1 )   77 - 77   2016.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Design of Function for Tracing Diffusion of Classified Information for IPC on KVM

    2015 ( 3 )   191 - 198   2015.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Memory Access Control Using Virtual Machine Monitor for Process Information Hiding

    2015 ( 3 )   855 - 860   2015.10

     More details

  • B-021 Evaluation of CPU resources allocation control in KVM

    Moriyama Hideaki, Kinoshita Ryoji, Suganuma Akira, Yamauchi Toshihiro, Taniguchi Hideo

    情報科学技術フォーラム講演論文集   14 ( 1 )   217 - 218   2015.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • B-018 Delay Method of Updating File Importance on I/O Buffer Cache Mechanism Based on Frequency of System Call

    Teraoka Akihiko, Yamauchi Toshihiro, Taniguchi Hideo

    14 ( 1 )   209 - 210   2015.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • B-022 Evaluation of OS Server Replacement Mechanism of AnT Using Communication Control Server

    Sawada Jun, Yamauchi Toshihiro, Taniguchi Hideo

    14 ( 1 )   219 - 220   2015.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • B-023 Evaluation of Reduction Method for Priority Inversion of OS server for AnT in File Reading

    Kamou Yuuto, Yamauchi Toshihiro, Taniguchi Hideo

    14 ( 1 )   221 - 222   2015.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • プロセス特定困難化のためのプロセス情報の置換手法の評価 (情報セキュリティ)

    佐藤 将也, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   115 ( 119 )   159 - 165   2015.7

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • メモリ再利用禁止によるUse-After-Free脆弱性攻撃防止手法の実現と評価 (情報通信マネジメント)

    山内 利宏, 池上 祐太

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   115 ( 45 )   141 - 148   2015.5

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • 分岐トレース支援機能を用いたカーネルルートキット検知手法の提案 (情報通信マネジメント)

    赤尾 洋平, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   115 ( 45 )   9 - 16   2015.5

     More details

    Language:Japanese   Publisher:電子情報通信学会  

    CiNii Article

    researchmap

  • D-6-13 Comparative Evaluation of Interrupt Control Method in OS for Multi-core Processor

    Tamura Jun, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2015 ( 1 )   77 - 77   2015.2

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • <i>AnT</i>オペレーティングシステムにおける効率的なサーバ間通信機構

    河上 裕太, 山内 利宏, 谷口 秀夫

    情報処理学会研究報告. [システムソフトウェアとオペレーティング・システム]   2015 ( 12 )   1 - 7   2015.2

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    マルチコアプロセッサ上で動作するマイクロカーネル構造 OS では,OS サーバを各コアに分散することで OS 処理を分散できる.一方,マイクロカーネル構造 OS は,OS サーバ間の連携に多くの通信を必要とする.このため,OS サーバ間での通信を効率化するととは重要である.AnT オペレーティングシステムは,マイクロカーネル構造 OS であり,OS サーバを各コアに分散できる.そこで,プロセスの分散形態を制限することでマルチコア環境での排他制御オーバヘッドを抑制し,高速なサーバ間通信を実現している.しかし,分散形態の制限下において効率的な負荷分散を実現することは困難である.本稿では,AnT における分散形態の制限を撤廃し,効率的な負荷分散を実現するサーバ開通信機構について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • ファイル操作に着目したOS処理分散法

    江原 寛人, 河上 裕太, 山内 利宏, 谷口 秀夫

    情報処理学会研究報告. [システムソフトウェアとオペレーティング・システム]   2015 ( 7 )   1 - 7   2015.2

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    ファイル操作処理は,OS 処理として実現される.また,マイクロカーネル構造 OS は,ファイル管理処理やディスクドライバ処理といった OS 処理を OS サーバとして実現する.したがって,マルチコアプロセッサ環境において,OS サーバをコア毎に分散することで,OS 処理をコア毎に分散できる.本稿では,マルチコア向け AnT において,ファイル操作処理に関する OS サーバを複数同時起動し,これら OS サーバをコア毎に分散できることを述べる.また,複数の外部記憶装置からの独立したファイル操作処理について,評価結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • Linuxと<i>AnT</i>オペレーティングシステムの連携機構の評価

    福島 有輝, 山内 利宏, 乃村 能成, 谷口 秀夫

    情報処理学会研究報告. [システムソフトウェアとオペレーティング・システム]   2015 ( 11 )   1 - 7   2015.2

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    特定のサービスに適した独自 OS を利用し,さらにマルチコアプロセッサを活かして独自 OS からの既存 OS プログラム利用による独自 OS の利便性向上を目指した Linux と AnT オペレーティングシステムの混載システムを提案した.Linux は,多種の入出力機器の利用を可能とし,かつ既存 OS として普及しており,多くのサービスを実現している.一方,AnT は,マイクロカーネル構造を有し,適応性と堅牢性を特徴とする独自 OS である.この両者の特徴を生かしたサービス提供のために,両 OS の連携機構を設計した.この連携機構は,AnT から Linux にシステムコール代行実行を処理依頼する.本稿では,AnT からの Linux システムコール代行実行の評価について報告する.具体的には,連携機構実現における工数と Linux システムコール代行実行の性能について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • 2014年度喜安記念業績賞紹介,セキュアOSの普及に向けた取り組み

    中村雄一, 海外浩平, 原田季栄, 半田哲夫, 山内利宏

    情報処理   56 ( 8 )   798 - 799   2015

     More details

  • Evaluation of Tracing Classified Information Diffusion for File Operations on KVM

    2014 ( 2 )   751 - 758   2014.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Implementation and Evaluation of Dynamic Control Method for Sending User Information Using TaintDroid

    2014 ( 2 )   789 - 796   2014.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • A Report on International Conference ASIACCS2014

    2014 ( 2 )   1327 - 1334   2014.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Use-After-Free Prevention Method Using Memory Reuse Prohibited Library

    2014 ( 2 )   567 - 574   2014.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • KVMにおける機密情報の拡散追跡機能の設計 (マルチメディア情報ハイディング・エンリッチメント)

    藤井 翔太, 山内 利宏, 谷口 秀夫

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   114 ( 118 )   187 - 193   2014.7

     More details

    Language:Japanese   Publisher:一般社団法人電子情報通信学会  

    計算機内の機密情報が拡散する状況を追跡し,機密情報を有する資源を把握する機能として機密情報の拡散追跡機能をOS内に実現した.しかし,機密情報の拡散追跡機能には,導入の際に対象のOSのソースコードを修正する必要があること,およびOS自体を攻撃されると,機密情報の拡散追跡機能が無効化される危険性が存在する問題がある.そこで,KVMにおける機密情報の拡散追跡機能を設計した.機密情報の拡散追跡機能をKVM内に実現することにより,導入対象OSのソースコードを修正する必要がなくなり,より多くの環境に導入可能になる.また,機密情報の拡散追跡機能をOSから隔離できるため,機密情報の拡散追跡機能への攻撃をより困難にできる.

    CiNii Article

    CiNii Books

    researchmap

  • Attack Avoiding Method Obscuring Process Identification by Making Process Information Invisible

    2013 ( 4 )   1042 - 1049   2013.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Proposal of Attacker Investigation System Triggered Information Leakage

    2013 ( 4 )   17 - 24   2013.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • B-008 Efficient Page Out Rule in Tender

    Hamaguchi Tomoyuki, Yamauchi Toshihiro, Taniguchi Hideo

    12 ( 1 )   231 - 232   2013.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • L-011 Malware Detection Method Focusing on Anti-Debugging

    Yoshizaki Kota, Yamauchi Toshihiro

    12 ( 4 )   219 - 220   2013.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • L-001 Performance Evaluation with APs for Secure Log Transfer Method Using Library Replacement

    Sato Masaya, Yamauchi Toshihiro

    12 ( 4 )   185 - 186   2013.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • マルチコア<i>Tender</i>における排他制御の細粒度化による並列性向上手法

    山本貴大, 山内利宏, 谷口秀夫

    情報処理学会研究報告. [システムソフトウェアとオペレーティング・システム]   2013 ( 16 )   1 - 8   2013.7

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    近年,マルチコアプロセッサの普及に伴い,オペレーティングシステム (以降,OS) のマルチコア対応が必要となっている.OS のマルチコア対応における課題として処理の並列性の向上がある.Tender オペレーティングシステム (以降,Tender) では,Tender 特有の OS 構造である資源インタフェース制御において一元的に排他制御することで修正工数を抑制し,マルチコア対応を実現した.このとき,資源インタフェース制御において資源の種類ごとに排他制御することで異なる種類の資源の並列処理を実現した.しかし,本手法では,同じ種類の資源を並列に処理することができない.本稿では,マルチコア向け Tender (以降,マルチコア Tender) において一元的な排他制御構造を維持しつつ,排他制御を細粒度化する手法について述べる.これにより,同じ種類の資源の並列処理を実現し,処理の並列性を向上させる.このとき,修正に要した工数について評価する.また,マイクロベンチマークを使用し,Linux,および FreeBSD と比較することでマルチコア Tender の性能を評価する.

    CiNii Article

    CiNii Books

    researchmap

  • 細粒度の情報追跡による機密情報送信の動的制御手法 (マルチメディア情報ハイディング・エンリッチメント)

    小倉 禎幸, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   113 ( 138 )   135 - 141   2013.7

     More details

    Language:Japanese   Publisher:一般社団法人電子情報通信学会  

    近年,Android端末の普及に伴い,Androidを標的とするマルウェアが増加し,マルウェアへの対策が重要視されている.特に,マルウェアによる端末外部への機密情報の漏洩が問題となっている.この問題に対処するために,機密情報の伝搬を追跡し,機密情報が外部に漏洩する際に利用者の判断に従ってAPの動作を動的に制御する手法を提案する.具体的には,提案手法は,TaintDroidを利用し,機密情報の伝搬を変数レベルで細粒度に追跡する.端末外部に機密情報が漏洩する場合,利用者の判断に従ってAPの動作を制御する.これにより,端末外部への機密情報の漏洩を防止する.また,端末外部に送信される機密情報をダミーデータに置換し,機密情報の漏洩を防止する.これにより,APの正常な動作をできるだけ妨げることなく機密情報の漏洩を防止できる.さらに,AP間で機密情報のやり取りがあった場合,機密情報の漏洩に関わったAP名を取得し,機密情報の伝搬経路を把握する.これにより,利用者は機密情報の漏洩の伝搬経路とその漏洩に関わったAPを正確に把握し,漏洩要因の各APに対処できる.

    CiNii Article

    CiNii Books

    researchmap

  • ライブラリの置き換えによるVM外部への安全なログ転送方式の評価 (マルチメディア情報ハイディング・エンリッチメント)

    佐藤 将也, 山内 利宏

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   113 ( 138 )   121 - 128   2013.7

     More details

    Language:Japanese   Publisher:一般社団法人電子情報通信学会  

    ログは,計算機の動作を把握するための重要な情報である.しかし,攻撃や問題の発生により,ログの改ざんや消失が起こる可能性がある.この問題への既存の対処の多くは,対処する以前にログを改ざんされる恐れがある.また,VM上のOSの種類に応じた対処や性能低下が問題となる.これらの問題への対処として,ライブラリの置き換えによるVM外部への安全なログ転送方式を提案した.提案方式では,ログ発行時にVMMにログの転送を依頼するように,VM上のライブラリを置き換える.VMMはVMからログを取得し,ログの取得元とは異なるVMで保存する.これにより,多種のOSへ容易に適用でき,性能低下の小さい方式を実現した.本稿では,提案方式の評価について述べる.提案方式の有効性を示すために,ログの改ざんを防止できるか検証した.また,多種のOSへの適用の容易さを評価した.性能評価では,APの性能への影響と複数台のVMを走行させた場合の性能の変化を評価した.

    CiNii Article

    CiNii Books

    researchmap

  • The 2012 IPSJ Best Paper Award: Application of Virtualization Technology for Computer Security

    54 ( 8 )   815 - 815   2013.7

     More details

  • <i>AnT</i>オペレーティングシステムにおける低機能MMUの制御法

    鶴谷昌弘, 山内利宏, 谷口秀夫

    研究報告システムソフトウェアとオペレーティング・システム(OS)   2013 ( 11 )   1 - 7   2013.2

     More details

    Language:Japanese  

    計算機の多様な利用を支える高い適応性と堅牢性を実現できるOSが必要となっており,これを実現するOSプログラム構造としてマイクロカーネル構造がある.マイクロカーネルOSは,OS機能の大半をOSサーバとして実現するため,OSサーバ間でプログラム間通信が頻発し,モノリシックカーネルOSに比べ性能が低下する.このため,データ複写レスによる通信により,OSサーバ間での授受データの複写オーバヘッドを低減している.しかし,低機能MMUでは,データ複写レスであっても通信時に発生するTLBミスに伴う処理オーバヘッドが大きい.そこで,マイクロカーネルOSにおける低機能MMU制御法を提案する.提案制御法は,サーバプログラム間通信で利用する領域についてはページテーブルを利用することなく,TLBエントリでページの割り当てを管理し,TLBミスを発生させないことによりサーバプログラム間通信を高速化する.SH-4を例として,提案制御法をAnTオペレーティングシステムに実現する方式を示し,性能評価の結果を報告する.

    CiNii Article

    CiNii Books

    researchmap

  • ライブラリの置き換えによるVM外部への安全なログ転送方式の提案

    佐藤将也, 山内利宏

    研究報告コンピュータセキュリティ(CSEC)   2012 ( 6 )   1 - 8   2012.12

     More details

    Language:Japanese  

    ログは,計算機の動作を把握するための重要な情報である.しかし,攻撃や問題の発生により,ログの改ざんや消失が起こる可能性がある.この問題へ対処するために,ログを保護する手法が提案されている.しかし,手法の多くは AP や OS で実現されており,カーネルレベルで動作するマルウェアからログを保護するのは難しい.そこで,我々は, VMM を用いたログの保護方式を提案した.しかし,この方式では,複数の VM において多種の OS が利用される場合,それぞれの OS に対応するように VMM を修正する必要があり,その工数が大きい.そこで,複数 VM 上の多種の OS に最小限のプログラムの修正により対応可能な, AP の出力するログの保護方式を提案する.提案方式は,ログ発行時に特定の命令を実行するように, VM 上のライブラリをあらかじめ置き換える. VMM は,この命令を契機にログを保護する.このため,提案方式は OS の種類に依存しない.

    CiNii Article

    CiNii Books

    researchmap

  • Proposal of a Method for Dynamic Control of Application Programs by Extending the SEAndroid

    2012 ( 3 )   130 - 137   2012.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Dynamic Driver Process Replacement Mechanism for AnT

    2012 ( 4 )   202 - 209   2012.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Evaluation of Load Balancing in Multi-core for <i>AnT</i>

    Takeshi Sakoda, Keisuke Masuda, Noriaki Hasuoka, Toshihiro Yamauchi, Hideo Taniguchi

    IPSJ SIG Notes   2012 ( 31 )   1 - 7   2012.9

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Operating system based on microkernel architecture has high adaptability and toughness. Otherwise, multi-core processor appeared by progress of LSI technology. If it is made to run OS based on microkernel architecture and OS server can be distributed to each core on the multi-core processor, load balancing of OS processing will become possible. For the above reasons, the load balancing of OS processing can offer large transaction processing effectively on the multi-core environment. This paper shows the result of evaluations for performance of distributing OS processing in the AnT operating system based on microkernel architecture works on the multi-core environment. To put it concretely, this paper shows the difference in the performance by distributed forms at the time of data reference in a block unit. Moreover, this paper shows the distribution effect by distributed forms using PostMark and Bonnie.

    CiNii Article

    CiNii Books

    researchmap

  • Development of Multicore <i>Tender</i> Operating System

    2012 ( 4 )   1 - 8   2012.7

     More details

  • Proposal of a Method for Tracing Diffusion of Information and Preventing Information Leakage on Android

    OKUDA Kenji, NAKATSUKA Ryo, YAMAUCHI Toshihiro

    IEICE technical report. Information and communication system security   111 ( 495 )   5 - 10   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Application program (AP) can collaborate with other APs and control personal information with Intent or user's allowing of permission. However, users cannot detect those behaviors. Therefore, users might not be able to be aware of an AP as a malware. This paper proposes a method for tracing diffusion of personal information and preventing its leakage on Android. Our method alerts information leakage when an AP uses APIs to communicate with outside. These alerts are caused only if the AP has already called APIs to collect personal information. Users can refuse execution of the API if it was not appropriate. Further, we visualize the diffusion path of personal information to support users to decide the API is appropriate or not.

    CiNii Article

    CiNii Books

    researchmap

  • D-6-16 Fast Method of Inter Server Program Communication on AnT for SH-4

    TSURUYA Masahiro, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   77 - 77   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-18 Evaluation for Sophisticated Periodic Execution Control on SH-4 Processor

    Furukawa Yuuki, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   79 - 79   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-19-6 Solution of the Diffusion Tracing Function of Classified Information for Distributed Environment

    Otsubo Nobuto, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2012 ( 2 )   213 - 213   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • D-6-13 Tender Operating System for multicore processor

    Nagai Kengo, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   74 - 74   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-14 Implementation of Resources "Periodic Timer" in Multicore Tender

    Yamamoto Takahiro, Nagai Kengo, Yamauchi Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   75 - 75   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-15 Dynamic NIC Driver Process Replacement Mechanism for AnT

    HASUOKA Noriaki, TSURUYA Masahiro, YAMAUCHI Toshihiro, TANIGUCHI Hideo

    Proceedings of the IEICE General Conference   2012 ( 1 )   76 - 76   2012.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    researchmap

  • Method to Set Effective Directories for a Directory Oriented Buffer Cache Mechanism

    2012 ( 9 )   1 - 8   2012.2

     More details

  • The relation between program description and high performance mechanism of processor

    57 - 64   2012.1

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Preface

    Goichiro Hanaoka, Toshihiro Yamauchi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   7631 LNCS   2012

     More details

  • Automatic Method of Partitioning I/O Buffer Based on Cache Hit Ratio

    ( 2011 )   62 - 72   2011.11

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Proposal of Function to Visualize Diffusion Path of Classified Information

    2011 ( 3 )   367 - 372   2011.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • A profiling method of malware's behavior using integratedvirtualized system monitor

    ( 2009 )   1 - 6   2011.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Implementation and Evaluation of <i>I</i>/<i>O</i> Resource on <i>Tender</i> Operating System

    2011 ( 19 )   1 - 8   2011.7

     More details

  • Evaluation of Inter Server Program Communication for <i>AnT</i> operating system on SH-4

    2011 ( 12 )   1 - 8   2011.7

     More details

  • Interprocess communication function using the physical memory exchange function on Tender Operating System

    2011 ( 13 )   1 - 7   2011.7

     More details

  • I/O Buffer Partitioning Method Based on Cache Hit Ratio

    2011 ( 18 )   1 - 9   2011.7

     More details

  • Design and Evaluation of a Method to Reduce Redundant Security Policy of SELinux

    YAGI SHINYA, NAKAMURA YUICHI, YAMAUCHI TOSHIHIRO

    IEICE technical report   111 ( 30 )   71 - 76   2011.5

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    In many cases, general security policy is used because of the difficulty of creating security policy. However, this security policy is possible to allow excessive rights in system. In addition, it is difficult to use this security policy in embeded systems because of the memory footprint. To deal with these problems, we propose a method system automatically detects redundant security policies by using log SELinux outputs and deletes them. The proposed system also suggests system administrator and improves security of the system and reduces the memory footprint. This paper shows the problems of security policy and dealing with them. This paper also shows design and evaluation.

    CiNii Article

    CiNii Books

    researchmap

  • 周期実行制御における周期超過防止法の周期処理分割に関する評価

    古川友樹, 山内利宏, 谷口秀夫

    第73回全国大会講演論文集   2011 ( 1 )   39 - 40   2011.3

     More details

    Language:Japanese  

    ロボットのモータ制御やセンサ制御における処理は周期的に実行される.周期的に実行される処理は次の周期までに処理を終了する必要があり,次の周期までに処理が終了しない場合,予定されていた処理の実行が行われず,問題となる.一方,周期実行される処理の開始から終了までの時間は,実入出力処理時間の変動やタイマ割り込み処理の影響により一定でない.そこで,処理の実行状況を記録し,次の周期までに処理が終了できるか否か判定し,超過すると判定した場合,終了時刻までに終了できる適切な処理を起動できる方法を提案した.ここでは,提案手法の周期処理分割に関する評価について述べる.

    CiNii Article

    CiNii Books

    researchmap

  • Proposal of I/O Resource on Tender Operating System

    2010 ( 5 )   1 - 7   2011.2

     More details

  • Design and Evaluation of Control Method to Deal with Deadline Miss for Periodic Scheduling

    FURUKAWA Yuuki, YAMAUCHI Toshihiro, TANIGUCH Hideo

    IEICE technical report   110 ( 278 )   23 - 28   2010.11

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    The processing executed periodically must be finished before the next release time. If such a processing is not finished before a deadline, the scheduled processing is not executed in the next period. On the other hand, the execution time of the processing executed periodically from the release to the end is not constant by changing of I/O processing time and influencing the timer interrupt. Therefore, our proposed system records the execution time of the processing, judges whether the processing will be finished before the deadline and can execute the appropriate processing for the remaining time. In this paper, we describe the design and evaluation of our system.

    CiNii Article

    CiNii Books

    researchmap

  • Evaluation of Dynamic Communication Control Server Replacement Processing for AnT

    2010 ( 11 )   99 - 104   2010.10

     More details

    Language:Japanese  

    CiNii Article

    researchmap

  • Linux Security Features : Tackling the Difficulty of Seculity Policy Configuration

    NAKAMURA Yuichi, YAMAUCHI Toshihiro

    IPSJ Magazine   51 ( 10 )   1268 - 1275   2010.10

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00070553/

  • L-033 Tracing and Visualization Function of Information Propagation by File Manipulation

    Nakatsuka Ryo, Yamauchi Toshihiro, Taniguchi Hideo

    9 ( 4 )   251 - 252   2010.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • B-038 Implementation of control method to deal with deadline miss for periodic scheduling

    Furukawa Yuuki, Yamauchi Toshihiro, Taniguchi Hideo

    9 ( 1 )   367 - 368   2010.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    researchmap

  • Control method to detect and deal with deadline miss for periodic scheduling

    FURUKAWA YUUKI, YAMAUCHI TOSHIHIRO, TANIGUCHI HIDEO

    115   W1 - W6   2010.8

     More details

  • Realization and Evaluation of the Generation Management Function on Tender Operating System

    NAGAI KENGO, YAMAMOTO YUTA, YAMAUCHI TOSHIHIRO, TANIGUCHI HIDEO

    115   B1 - B8   2010.8

     More details

  • Implementation of the TCP/IP communication function in the AnT operating system

    INOUE YOSHIHIRO, TANIGUCHI HIDEO, YAMAUCHI TOSHIHIRO

    115   J1 - J8   2010.8

     More details

  • Design of Converting Linux LKM Device Driver into Concrete Process in AnT Operating System

    SHIMAZAKI Yutaka, TABATA Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    IEICE technical report   109 ( 475 )   517 - 522   2010.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Recent OS has a large number of device drivers. It is important to reduce cost for developing new device drivers in OS development. When we port an existing device driver into the OS which realizing device driver process to reduce the development cost, we need to not only port but also form it into process. In this paper, we show a method for converting an existing Linux LKM device driver into process in AnT operating system. Furthermore, we evaluated the proposal method using drivers such as the FD, Intel 1GbE, and Realtek 1GbE driver.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design of Sophisticated Periodic Execution Control for Embedded Systems

    FURUKAWA Yuuki, TABATA Toshihiro, TANIGUCHI Hideo

    IEICE technical report   109 ( 475 )   523 - 528   2010.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    In embedded systems, a kind of the processing to be executed is limited, and a lot of processing are executed periodically. In such systems, we need to reduce the overhead of periodic execution control and the dispersion of its time. ART-Linux is proposed as one of the conventional real-time operating system that is used such as robot. In this paper, we show a periodic execution control of ART-Linux and clarify several problems. Next, we design a sophisticated periodic execution control to solve these problems of ART-Linux. Finally, we show the realization of the periodic execution control and the effect of it.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • I/O Buffer Partition Method to Improve Execution Time of Priority Processing

    TSUCHIYA Akiyoshi, TABATA Toshihiro, TANIGUCHI Hideo

    72 ( 0 )   99 - 100   2010.3

     More details

  • A proposal of physical memory exchange function to enable Zero-copy communication processing

    KADO NAOFUMI, TABATA TOSHIHIRO, TANIGUCHI HIDEO

    113   H1 - H8   2010.1

     More details

  • Evaluation of Uniformity of Processing in Mechanism for Regulating Program Execution Speed in Library

    SAKAI KOICHI, TABATA TOSHIHIRO, TANIGUCHI HIDEO, HAKOMORI SATOSHI

    113   N1 - N8   2010.1

     More details

  • A proposal of physical memory exchange function to enable Zero-copy communication processing

    門直史, 田端利宏, 谷口秀夫

    情報処理学会研究報告(CD-ROM)   2009 ( 5 )   2010

  • Evaluation of Uniformity of Processing in Mechanism for Regulating Program Execution Speed in Library

    境講一, 田端利宏, 谷口秀夫, 箱守聰

    情報処理学会研究報告(CD-ROM)   2009 ( 5 )   2010

  • Design of Upper Limit Function of Protected Area and Buffer Migration Function for a Directory Oriented Buffer Cache Mechanism

    TABATA Toshihiro, TSUCHIYA Akiyoshi, YAMADA Katsuyasu, TANIGUCHI Hideo

    IEICE technical report   109 ( 296 )   43 - 48   2009.11

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Noticing that application programs handle files as a unit of input and output, we proposed a Directory Oriented Buffer Cache Mechanism. The proposed mechanism gives a high priority to important directories, which are associated with important jobs. Files in the important directories are given a high priority, and its blocks files are cached with the high priority. The proposed mechanism makes processing of important jobs frequently faster. However, the proposed mechanism degrades the performance of the processing in some cases due to three problems of it. This paper describes the three problems of the proposed mechanism. Then, this paper describes upper limit function of protected area and buffer migration function that solve the three problems.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Tracing Classified Information Diffusion for Protecting Information Leakage

    50 ( 9 )   2088 - 2102   2009.9

     More details

  • Anti-spam e-mail method based on characteristic token ratio accounting for all tokens

    UEMURA Masahiro, TABATA Toshihiro

    IEICE technical report   109 ( 33 )   27 - 32   2009.5

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    J-GLOBAL

    researchmap

  • Evaluation for a Mechanism of Regulating Execution Speed that Considered the Run Mode of Program

    SAKAI KOICHI, TABATA TOSHIHIRO, TANIGUCHI HIDEO, HAKOMORI SATOSHI

    111   Y1 - Y8   2009.4

     More details

  • D-6-24 Implementation of Display Part of Visualization Considering Process Running Mode

    Kinoshita Akira, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2009 ( 1 )   74 - 74   2009.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-17 Design of Visual Function on Diffusion Tracing Function of Classified Information

    Fukushima Kenta, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2009 ( 1 )   67 - 67   2009.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-23 Design of a Mechanism of Bounding Execution Performance for Process Group by Execution Resource on Tender

    Hara Takayuki, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2009 ( 1 )   73 - 73   2009.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-20 Proposal of Function for Regulating I/O Performance based on I/O Slot

    Nagao Takashi, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2009 ( 1 )   70 - 70   2009.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-19 プログラム実行速度調整法におけるフィードバックを利用した高精度な制御法の提案(D-6. コンピュータシステムC(ソフトウェア),一般セッション)

    境 講一, 田端 利宏, 谷口 秀夫, 箱守 聰

    電子情報通信学会総合大会講演論文集   2009 ( 1 )   69 - 69   2009.3

     More details

    Language:Japanese   Publisher:一般社団法人電子情報通信学会  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design of Network-Transparent InterProcess Communication on Tender

    SAEKI Kenji, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   138 ( 20 )   55 - 60   2009.2

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    The Tender operating system has original InterProcess Communications. We realize Network-Transparent InterProcess Communication which can use in distributed system. In this paper, We describe Network-Transparent original InterProcess Communication with "container", "container box" and "event" on Tender. Furthermore, We describe method of send and receive container, and shared container which used distributed shared memory.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Mechanism of Regulating Execution Speed that Considered the Run Mode of Program

    SAKAI Koichi, TABATA Toshihiro, TANIGUCHI Hideo, HAKOMORI Satoshi

    IPSJ SIG Notes   110 ( 6(OS-110) )   99 - 106   2009.1

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    If execution speed of software is regulated without concerning by performance of the computer hardware, Convenience of the service better. In addition, regulating execution speed inhibits influence of DoS attack, and help restoration from DoS attack. On the other hand, program runs in user mode and supervisor mode. Therefore, considering run mode of program enables high accuracy regulating execution speed. We propose a mechanism of regulating execution speed in consideration of the run mode of program. Specifically, our method can regulate the execution speed of program in user mode, supervisor mode, and both modes. This paper describes a method of stopping process and a method of setting regulated performance. Furthermore, we implement and evaluate the proposed mechanism in library to clarify the characteristic and the effectiveness of it.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Evaluation for a Mechanism of Regulating Execution Speed that Considered the Run Mode of Program

    境講一, 田端利宏, 谷口秀夫, 箱守聰

    情報処理学会研究報告(CD-ROM)   2009 ( 1 )   2009

  • 統合仮想化システムモニタを用いたマルウェアのプロファイリング

    安藤類央, 高橋一志, 田端利宏, 須崎有康

    情報処理学会シンポジウム論文集   2009 ( 11 )   2009

  • Evauluation of I/O Buffer Cache Mechanism Based on the Frequency of File Usage

    KATAKAMI TATSUYA, TABATA TOSHIHIRO, TANIGUCHI HIDEO

    情報処理学会研究報告   27 ( 119(EVA-27) )   13 - 18   2008.11

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    We proposed an I/O buffer cache mechanism based on the frequency of file usage. This paper describes an evaluation of the proposed mechanism and effectiveness of the proposed mechanism from evaluation results. In particular, we evaluated two examples to decrease a cache hit rate by LRU algorithm. The results show that the proposed mechanism improves the performance as compared to the LRU algorithm. And we evaluated the proposed mechanism by kernel make processing, and the proposed mechanism improves the processing time by 22.4s (7.1%) as compared to the LRU algorithm.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • High-speed page data transfer mechanism on Tender

    KADO Naofumi, TABATA Toshihiro, TANIGUCHI Hideo

    IEICE technical report   108 ( 273 )   1 - 6   2008.10

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Distributed shared memory on Tender operating system transfers data per 1 page unit. In data transferring processing, the data copy between user space and kernel space is the high overhead. Thus performance improvement in data transfer processing is expected by reducing data copy. In this paper, we propose a mechanism of data transferring which exchanges "physical memory" resources between two "virtual region" resources.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • B-032 A Method of Executing Linux FD Driver as a Process for AnT Operating System

    Shimazaki Yutaka, Taniguchi Hideo, Tabata Toshihiro, Nomura Yoshinari

    7 ( 1 )   179 - 180   2008.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • B-031 Design of Sophisticated Periodic Execution for AnT Operating System

    Furukawa Yuuki, Taniguchi Hideo, Tabata Toshihiro

    7 ( 1 )   177 - 178   2008.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Control of Processor Usage by Regulating Intervals between System Calls

    SAKAI Koichi, TABATA Toshihiro, TANIGUCHI Hideo, HAKOMORI Satoshi

    IPSJ SIG Notes   109 ( 77(OS-109) )   101 - 108   2008.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Improvement of hardware performance reduces the processing time of software and various processing can be executed on computers. On the other hand, processing performance of software depends on hardware performance significantly. Therefore, it is necessary to establish mechanism that regulating a program execution speed within hardware performance. This paper proposes a mechanism of library which regulates program execution speed by controlling a time of processor usage. Specifically, this paper describes the basic method of a library which controls a time of processor usage based on intervals between system-calls. This paper describes a method of stopping process and a method of assigning processor performance. Furthermore, we implement and evaluate the proposed mechanism to clarify the characteristic and the effectiveness of it.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • I/O Device Management of Persistent Mechanism on Tender

    YAMAMOTO YUTA, TABATA TOSHIHIRO, TANIGUCHI HIDEO

    IPSJ SIG Notes   109 ( 77(OS-109) )   61 - 68   2008.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Data on main memory is no longer available when a computer is turned off, because volatile memory is used for main memory. Therefore, if a computer shutdowns unexpectedly, a computer cannot continue processing before the shutdown. Thus, we propose persistent mechanism for computer processing using "plate" function. Plate manages a persistent data on virtual memory space. However, this persistent mechanism ignores status of I/O devices. If plate persists data during I/O, a computer cannot continue processing after plate restore data. In this paper, we explain I/O device management method on persistent mechanism.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • I/O Buffer Cache Mechanism Based on Use Frequency of File

    KATAKAMI TATSUYA, TABATA TOSHIHIRO, TANIGUCHI HIDEO, WATANABE HIROSHI, NOMURA YOSHINARI

    IPSJ SIG Notes   108 ( 35(OS-108) )   115 - 122   2008.4

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Most operating systems manage a buffer cache for I/O processing by a block unit. On the other hand, application programs handle a data from a viewpoint of files. I/O buffer cache mechanism considered this difference is effective to execute I/O processing efficiently because I/O processing is slower than CPU processing. In this paper, we describe I/O buffer cache mechanism that decides blocks protected based on use frequency of file of application programs.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Method for Control of Driver Program Invocation based on Device Operation History on AnT Operating System

    TAKIGUCHI Shinichi, NOMURA Yoshinari, TABATA Toshihiro, TANIGUCHI Hideo

    情報処理学会研究報告   134 ( 32 )   43 - 48   2008.3

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Recently, operating systems have become increasingly multi-functional by the providing of various devices. Its functions are provided as driver programs. Even though average users do not use all functions, they do not customize and shrink their operating systems because of its job difficulty. Accordingly, they usually use wasteful and fat operating systems: much memory, slow down bootup time. In this paper, we propose an effective method for controlling invocation timing of device driver programs. As a strategy for the control, we use operation history on device drivers. And we present this design on AnT operating system.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Method for Control of Driver Program Invocation based on Device Operation History on AnT Operation System

    TAKIGUCHI Shinichi, NOMURA Yoshinari, TABATA Toshihiro, TANIGUCHI Hideo

    IEICE technical report   107 ( 559 )   43 - 48   2008.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Recently, operating systems have become increasingly multi-functional by the providing of various devices. Its functions are provided as driver programs. Even though average users do not use all functions, they do not customize and shrink their operating systems because of its job difficulty. Accordingly, they usually use wasteful and fat operating systems: much memory, slow down bootup time. In this paper, we propose an effective method for controlling invocation timing of device driver programs. As a strategy for the control, we use operation history on device drivers. And we present this design on AnT operating system.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A library program for controlling the execution speed of a program by regulating amount of processor use

    SAKAI Koichi, TABATA Toshihiro, HOKOMORI Satoshi, TANIGUCHI Hideo

    70 ( 0 )   29 - 30   2008.3

     More details

  • Proposal of Buffer Cache Management Based on Use Frequency of File

    KATAKAMI Tatsuya, TABATA Toshihiro, TANIGUCHI Hideo

    70 ( 0 )   35 - 36   2008.3

     More details

  • Improvement Method of the Detection Accuracy of the Information Leakage in Diffusion Tracing Function of Classified Information

    OHASHI Kei, TABATA Toshihiro, TANIGUCHI Hideo, YOKOYAMA Kazutoshi, HAKOMORI Satoshi

    IPSJ SIG Notes   134 ( 21 )   97 - 102   2008.3

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Recently, a leak of classified information has become a serious problem. To prevent the leak, various methods are proposed. We proposed the method to trace the classified information diffusion and to detect an information leak of classified information. As a matter, this method identify non classified file as classified file. In this paper, we propose a method to improve accuracy at the time of the information leakage detection. Specifically, we prevent classified information diffusion to config file and history file. In addition, our proposal function enable user easily to read and edit classified file table. We implement the proposal method on the Linux kernel and evaluate it and show that accuracy of the information leakage detection is improved.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design of a Function to Store and Restore Process State including InterProcess Communication on Tender

    NANBA Hiroki, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   107 ( 9(OS-107) )   87 - 94   2008.1

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    System failure makes process restart from initial state. Function to store and restore process state are effective mechanism that prevents a process from restarting from the initial state when a system failure occurs. In this paper, we describe a function to store and restore processes state including InterProcess Communication(IPC). In addition, we report the implementation and evaluation results on Tender operating system.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-6-21 Design of Ethernet Communication Using Resource "Input and Output" on Tender

    Kado Naofumi, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2008   94 - 94   2008

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Proposal of a Method to Cut Redundant Security Policy of SELinux

    YAMAGUCHI TAKUTO, NAKAMURA YUICHI, TABATA TOSHIHIRO

    IPSJ SIG Notes   2008 ( 21(DPS-134 CSEC-40) )   37 - 42   2008

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    In installing SELinux, in many cases, general security policy is adapted. This has possibility to authorize excessive rights. In addition, if such rights are permitted from a: denied log file, it is difficult for SELinux to detect them. To solve this problem, we propose a method to detect automatically such rights and to cut redundant security policy of SELinux. Our method collects used policies and gains difference between enforcing policies and those of them. In this paper, we clarify problems of security policy of SELinux and take measures against them. We also show the design of this system.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Application of the Diffusion Tracing Function of Classified Information to Socket Communication

    植村晋一郎, 田端利宏, 谷口秀夫, 横山和俊, 箱守聰

    情報処理学会シンポジウムシリーズ(CD-ROM)   2008 ( 1 )   2008

  • Evaluation for Guarantee of Service Processing by Regulating Processor Use in Library

    境講一, 田端利宏, 谷口秀夫, 箱守聰

    情報処理学会シンポジウム論文集   2008 ( 8 )   2008

  • Analysis of Malware Activities Based on Download Hosts

    石井宏樹, 佐藤和哉, 田端利宏

    情報処理学会シンポジウム論文集   2008 ( 8 )   2008

  • B-013 Implementation and Evaluation of Analyzer of Visualization Information for Understanding Operating System Behaviors in Tender

    Kawae Junpei, Tabata Toshihiro, Taniguchi Hideo

    6 ( 1 )   105 - 106   2007.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Evaluation of a Buffer Cache Mechanism for Homepage Contents

    KOTOGE Miyuki, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   106 ( 83(OS-106) )   95 - 102   2007.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Web site contains various contents. It also has an entrance page of the web site. Many internet users tend to browse the various contents from the entrance page. Therefore, it is important to shorten the access response time of the entrance page for web service. To meet this requirement, we proposed a buffer cache control method that stores files of specific directories in buffer cache on a web server. We focused attention on that the web server stores similar types of files for a same directory. In this paper, we describe the buffer cache control method, and evaluate access response time at each entrance page of department of Okayama University with our method. From the result of this e valuation, we show effectiveness of our method.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Design and Evaluation of Filtering Method of Image Spam in Bayesian Filter

    UEMURA MASAHIRO, TABATA TOSHIHIRO

    IPSJ SIG Notes   38   311 - 318   2007.7

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    In late years, with the spread of Internet, increase of an unwanted e-mail becomes a problem. In 2006, there is a finding that spam-mail is occupied 91% of the whole E-mail. A Bayesian filter filtering statistically with Bayes theory as an anti-unwanted e-mail measure is used widely. The filter has high precision of filtering and is able to match with the trend of an unwanted e-mail and personal preference as the characteristic. However, the image spam that does imaging of contents of an unwanted e-mail increases rapidly as the end run. Baysian filter is not able to do an appropriate learning and judgement for binary data such as images since Bayesian filter learns and judges for only text data. Therefore, in this paper, we pay attention to information, such as file size of an attached image and suggest a technique of filtering with adding these information to a corpus of existing Bayesian filter as an anti-image spam measure. In addition, we report the evaluation result.

    CiNii Article

    CiNii Books

    researchmap

  • A Design and Evaluation of Filtering Method of Image Spam in Bayesian Filter

    UEMURA MASAHIRO, TABATA TOSHIHIRO

    IEICE technical report   107 ( 141 )   103 - 110   2007.7

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    In late years, with the spread of Internet, increase of an unwanted e-mail becomes a problem. In 2006, there is a finding that spam-mail is occupied 91% of the whole E-mail. A Bayesian filter filtering statistically with Bayes theory as an anti-unwanted e-mail measure is used widely. The filter has high precision of filtering and is able to match with the trend of an unwanted e-mail and personal preference as the characteristic. However, the image spam that does imaging of contents of an unwanted e-mail increases rapidly as the end run. Baysian filter is not able to do an appropriate learning and judgement for binary data such as images since Bayesian filter learns and judges for only text data. Therefore, in this paper, we pay attention to information, such as file size of an attached image and suggest a technique of filtering with adding these information to a corpus of existing Bayesian filter as an anti-image spam measure. In addition, we report the evaluation result.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Mechanism of Information Gathering and Display for Visualization of Operating System Behavior in Tender

    KINOSHITA Akira, KAWAHARA Taisuke, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   105 ( 36(OS-105) )   31 - 38   2007.4

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    It is difficult to grasp the behavior situation of software, because a scale of software grows. In addition, it is hard work to understand the flow of complicated software such as OSs. Although the visualization of OS behavior has been developed, it is difficult to grasp the flow of internal processing of OS including interrupts and exceptions. In this paper, we describe the mechanism of the visualization of OS behavior including interrupts in Tender. In Tender, the information of the flow of internal processing of OS can be gathered by adopting the program structure, and the mechanism of visualization can be achieved at OS level by considering the processing type of interrupt and so on. Employing this mechanism, the information of the visualization of OS behavior can be used for studying OSs and for supporting program developments. We describe the mechanism of display and the visualization of the process scheduling as an example of OS behavior to study.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Speed-up of fork & exec System-call by Recycling Resource on Tender

    SAEKI Kenji, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   105 ( 36(OS-105) )   23 - 30   2007.4

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    The cost of process creation is high in the processing of OS. The costs degrade the performance of program execution. To solve this problem, we have implemented fast process creation and disappearance by recycling process resource in Tender. Tender has BSD/OS interface for program execution of the BSD/OS. In this paper, we describe the method of speed-up of fork and exec system-call by recycling resource in Tender, and evaluate fork and exec system-call by recycling each resource. Moreover, we report the effect of recycling resource by using Apache web server.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Process creation mechanism for AnT

    NISHINA Tadato, NOMURA Yusuke, TABATA Toshihiro, NOMURA Yoshinari, TANIGUCHI Hideo

    IPSJ SIG Notes   105 ( 36(OS-105) )   7 - 14   2007.4

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    AnT is an operating system based on micro-kernel architecture. Filesystem, device driver and other operating system modules run as a process named external-core. AnT can adapt various kind of computer environment by changing set of external-core. In this paper, we present process creation mechanism for AnT to make AnT adapt computer environment and create process need by AnT. And we present efficient mechanism of process control.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • D-3-7 Startup of Device Driver Process by I/O Request for AnT

    Nishina Tadato, Nomura Yusuke, Tabata Toshihiro, Taniguchi Hideo

    Proceedings of the IEICE General Conference   2007 ( 1 )   22 - 22   2007.3

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Tender上のWebサーバにおける資源再利用機能の効果

    佐伯 顕治, 田端 利宏, 谷口 秀夫

    第69回全国大会講演論文集   2007 ( 1 )   35 - 36   2007.3

     More details

  • ドライバプログラムの効率的な構成制御法

    滝口 真一, 田端 利宏, 乃村 能成, 谷口 秀夫

    第69回全国大会講演論文集   2007 ( 1 )   27 - 28   2007.3

     More details

  • AnT におけるNICドライバプロセスの実現

    岡本 幸大, 乃村 能成, 田端 利宏, 谷口 秀夫

    第69回全国大会講演論文集   2007 ( 1 )   29 - 30   2007.3

     More details

  • Proposal of a Persistent Mechanism for Computer Processing by Non-volatilizing Data on Virtual Memory Space

    OHMOTO TAKUMI, TABATA TOSHIHIRO, TANIGUCHI HIDEO

    IPSJ SIG Notes   104 ( 10(OS-104) )   25 - 32   2007.1

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Data on main memory is no longer available when a computer is turned off, because volatile memory is used for main memory. Therefore, a computer cannot continue processing before the shutdown. In order to solve this problem, users use a file function or hibernation function. However, users have to specify I/O operations between main memory and external storage. As the result, these functions cannot deal with an urgent stop of a computer. Thus, we propose a persistent data management on virtual memory space. We call this mechanism "plate" function. In this paper, we explain persistent mechanism for computer processing using plate. This mechanism regularly stores data which are managed by plate. Thus, using this mechanism, the loss of processing can be reduced.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design and Implementation of Memory Management for AnT Operating System

    UMEMOTO MASANORI, TABATA TOSHIHIRO, NOMURA YOSHINARI, TANIGUCHI HIDEO

    IPSJ SIG Notes   104 ( 10(OS-104) )   33 - 40   2007.1

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    AnT is an operating system based on micro-kernel architecture. Therefore, AnT can provide various kinds of service. However, there is a problem about a data transferring overhead caused by a lot of inter-process communications. Therefore, we need to examine memory management so that AnT can transfer data with low overhead. In this paper, we present design, implementation and evaluation of memory management. Resulting from the design and the implementation, AnT can realize memory protection from each program, high speed inter-process communication and high speed rebooting. We evaluate data transferring and rebooting.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Evaluation of File Access Permissions that Integrate Access Vector Permissions

    山口拓人, 中村雄一, 田端利宏

    情報処理学会シンポジウム論文集   2007 ( 10 )   2007

  • An Evaluation of Performance of Security Focused OS by Measuring the Overhead of LSM

    松田直人, 田端利宏, 宗藤誠治

    情報処理学会シンポジウム論文集   2007 ( 10 )   2007

  • B_036 Evaluation of Directory Oriented Buffer Cache Mechanism

    Kotoge Miyuki, Saitou Kei, Tabata Toshiihro, Nomura Yoshinari, Taniguchi Hideo

    5 ( 1 )   147 - 148   2006.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • B_038 Proposal of Fast Cryptographic File System by Using Delayed Write

    Matsuda Naoto, Tabata Toshiihro

    5 ( 1 )   151 - 152   2006.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • B_028 Basic Function of Save and Restore a Process Context on Tender

    Nanba Hiroki, Tabata Toshihiro, Taniguchi Hideo

    5 ( 1 )   131 - 132   2006.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • B_030 Realization of High Speed Inter-process Communication for AnT

    Umemoto Masanori, Tabata Toshihiro, Nomura Yoshinari, Taniguchi Hideo

    5 ( 1 )   135 - 136   2006.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design for AnT Operating System

    TANIGUCHI Hideo, NOMURA Yoshinari, TABATA Toshihiro, ADACHI Toshimitsu, NOMURA Yusuke, UMEMOTO Masanori, NISINA Tadato

    IPSJ SIG Notes   103 ( 86(OS-103) )   71 - 78   2006.8

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    There is a remarkable thing for progress of a microprocessor and input-output hardware. Furthermore, improvement of transmission speed of a channel is remarkable, too. In addition, a computer is necessary in various scenes, and service classification to offer increases drastically. It is demanded that base software can use a function and performance of these hardware effectively. Therefore it was started development the AnT operating system (An operating system with adaptability and toughness) to have both adaptability and solidity. This article explains a design policy of the AnT operating system and a characteristic function.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Evaluation of Heterogeneous Virtual Storage (HVS)

    TABATA TOSHIHIRO, TANIGUCHI HIDEO

    IPSJ SIG Notes   102 ( 44(OS-102) )   29 - 36   2006.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    We have proposed Heterogeneous Virtual Storage (HVS) that is integrated both single virtual storage and multiple virtual storage. HVS has multiple virtual storage spaces. The number of processes on a virtual storage space is more than zero. Besides, a process can migrate between virtual storage spaces. Therefore, HVS has both single virtual storage's advantages and multiple virtual storage's advantages. In this paper, we report the evaluation of basic functions in OS in order to make clear the application of HVS functions. In addition, we implemented some functions in Apache Web server in order to use the functions of HVS, and describe the performance of Apache.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • AnTオペレーティングシステムの設計

    谷口 秀夫, 乃村 能成, 田端 利宏

    第68回全国大会講演論文集   2006 ( 1 )   41 - 42   2006.3

     More details

  • AnTオペレーティングシステムのメモリ領域管理

    田端 利宏, 梅本 昌典, 安達 俊光, 谷口 秀夫

    第68回全国大会講演論文集   2006 ( 1 )   45 - 46   2006.3

     More details

  • SPAM mail filtering : commentary of Bayesian filter(<Special feature>Information filtering)

    TABATA Toshihiro

    The Journal of Information Science and Technology Association   56 ( 10 )   464 - 468   2006

     More details

    Language:Japanese   Publisher:Information Science and Technology Association, Japan  

    SPAM mail has being increased with the spread of e-mail. The increase of SPAM mails becomes a serious problem for email users. Email filtering that can filter out SPAM mail, has been received much attention. Bayesian filter is one application of Bayes' Theorem. The filter program creates a database from received emails and calculates the SPAM probability of an email based on the database. This article explains the method of learning and calculation of SPAM probability of Bayesian filtering.

    DOI: 10.18919/jkg.56.10_464

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Information Leak Detection by Tracing Classified Information Diffusion

    田端利宏, 箱守聰, 箱守聰, 横山和俊, 乃村能成, 谷口秀夫

    情報処理学会シンポジウム論文集   2006

  • Proposal of Fast Cryptographic File System with Cache System

    松田直人, 田端利宏

    情報処理学会シンポジウム論文集   2006

  • アクセスベクタパーミッションと脅威の関係に関する調査

    山口拓人, 田端利宏

    電気・情報関連学会中国支部連合大会講演論文集(CD-ROM)   57th   2006

  • ファイルの格納ディレクトリを考慮したバッファキャッシュ制御法の評価

    小峠みゆき, 田端利宏, 谷口秀夫

    電気・情報関連学会中国支部連合大会講演論文集(CD-ROM)   57th   2006

  • Tenderにおける動作継続制御切り替え機能の実現

    大本拓実, 田端利宏, 谷口秀夫

    電気・情報関連学会中国支部連合大会講演論文集(CD-ROM)   57th   2006

  • AnTにおけるプラグアンドプレイ機能の実現方式

    安達俊光, 田端利宏, 乃村能成, 谷口秀夫

    電気・情報関連学会中国支部連合大会講演論文集(CD-ROM)   57th   2006

  • Information Leak Detection by Tracing Classified Information Diffusion

    田端利宏, 箱守聰, 箱守聰, 横山和俊, 乃村能成, 谷口秀夫

    情報処理学会シンポジウム論文集   2006 ( 11 )   2006

  • Proposal of Fast Cryptographic File System with Cache System

    松田直人, 田端利宏

    情報処理学会シンポジウム論文集   2006 ( 11 )   2006

  • B-019 Proposal of Advance Creation Mechanism of Process Resources

    Tabata Toshihiro, Taniguchi Hideo

    4 ( 1 )   135 - 136   2005.8

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Note on Application of the Program Obfuscation Scheme using Random Numbers to Complicate Control Flow

    TOYOFUKU Tatsuya, TABATA Toshihiro, SAKURAI Kouichi

    IPSJ SIG Notes   30   213 - 220   2005.7

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    For the security technology that has been achieved with software in the computer system and the protection of the intellectual property right of software, software protection technology is necessary. One of that technique is called obfuscation, which converts program to make analysis difficult while preserving its function. In this thesis, we examine the applicablity of our program obfuscation scheme to complicate control flow and study the torelance against program analysis.

    CiNii Article

    CiNii Books

    researchmap

  • A Note of Intrusion Detection using Alteration of Data

    NAGANO Fumiaki, TATARA Kohei, TABATA Toshihiro, SAKURAI Kouichi

    IPSJ SIG Notes   30   37 - 44   2005.7

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    These days, Attacks which alter data in memory illegally are one of the most serious security threats. Although a lot of detection systems have been proposed so far, most of the systems have the problem that only a part of the alteration of data in memory can be detected. And, some detection systems use secret data. But, if an execution code has a bug like format string bug which enable attackers to read data in memory, data in memory might be altered illegally because the secrete data might be guessed by the attackers. Then, we propose a system which detects the alteration of arbitrary data in memory by attackers. Moreover, this system doesn't have the vulnerability that exist the systems which use secret data.

    CiNii Article

    CiNii Books

    researchmap

  • A Note of Intrusion Detection using Alteration of Data

    NAGANO Fumiaki, TATARA Kohei, TABATA Toshihiro, SAKURAI Kouichi

    IEICE technical report. Social Implications of Technology and Information Ethics   105 ( 192 )   37 - 44   2005.7

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    These days, Attacks which alter data in memory illegally are one of the most serious security threats. Although a lot of detection systems have been proposed so far, most of the systems have the problem that only a part of the alteration of data in memory can be detected. And, some detection systems use secret data. But, if an execution code has a bug like format string bug which enable attackers to read data in memory, data in memory might be altered illegally because the secrete data might be guessed by the attackers. Then, we propose a system which detects the alteration of arbitrary data in memory by attackers. Moreover, this system doesn't have the vulnerability that exist the systems which use secret data.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Note on Application of the Program Obfuscation Scheme using Random Numbers to Complicate Control Flow

    TOYOFUKU Tatsuya, TABATA Toshihiro, SAKURAI Kouichi

    IEICE technical report. Social Implications of Technology and Information Ethics   105 ( 192 )   213 - 220   2005.7

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    For the security technology that has been achieved with software in the computer system and the protection of the intellectual property right of software, software protection technology is necessary. One of that technique is called obfuscation, which converts program to make analysis difficult while preserving its function. In this thesis, we examine the applicablity of our program obfuscation scheme to complicate control flow and study the torelance against program analysis.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Active Modifier of Control Flow for Detecting Anomalous Program Behavior

    Tatara Kohei, Tabata Toshihiro, Sakurai Kouichi

    IPSJ SIG Notes   2005 ( 33 )   75 - 80   2005.3

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    In order to prevent malicious use of the computer using buffer overflow vulnerabilities, a corrective action by not only calling a programmer's attention but expansion of compiler or OS is important. On the other hand, introduction and employment of an intrusion detection system must be easy for the user by whom the knowledge about a computer is restricted. In this paper, we can detect an anomly program behavior by actively modifying some control flows of a program. Our method satisfies these requirements and gives no false positives.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Proposal of a System for Detecting Buffer Overflow with Detecting Alteration of Data

    NAGANO Fumiaki, TATARA Kohei, TABATA Toshihiro, SAKURAI Kouichi

    IPSJ SIG Notes   2005 ( 33 )   81 - 86   2005.3

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Numerous security technologies which detect buffer overflow have already proposed. Almost these technologies detect if buffer overflows happen or not, but don't detect alteration of variable integrity. But there are attacks which are not be able to be defenced unless the technology detect alteration of variable integrity. So in this paper, we propose a system which detect alteration of variable integrity. Some exinting technologies could be bypassed if the attacker can see the user memory, but our proposed system can't be bypassed even if the attacker can see the user memory. And our proposed system can restore data which is altered by attackers using buffer overflow.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Tenderにおける資源「プレート」のサイズ変更機能

    大本 拓実, 田端 利宏, 乃村 能成, 谷口 秀夫

    第67回全国大会講演論文集   2005 ( 1 )   43 - 44   2005.3

     More details

  • スタックの改ざん検知による侵入検知システムの一考察

    長野 文昭, 鑪 講平, 田端 利宏, 櫻井 幸一

    第67回全国大会講演論文集   2005 ( 1 )   577 - 578   2005.3

     More details

  • A Proposal of Intrusion Detection System that can Restore Altered Data

    長野文昭, たたら講平, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2005 ( 13,Vol.2 )   2005

  • Proposal of Access Control Technique of CPU Resource by Using Execution Resource

    田端利宏, 箱守聡, 箱守聡, 横山和俊, 横山和俊, 谷口秀夫

    情報処理学会シンポジウム論文集   2005 ( 13,Vol.2 )   2005

  • The effect by recycling of the resources in a process transformation mechanism

    NOMURA Kazutaka, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   96 ( 63(OS-96) )   149 - 156   2004.6

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    A process transformation technique has been implemented in Tender. The purpose of this technique is load distribution in distributed environment. This technique consists of three functions, which are the change of a program, the change of start point of a program and the change of a virtual address space in process execution. In order to utilize this technique efficiently, it is necessary to reduce the cost of the transformation. In this paper, we discuss how a resource recycle mechanism is applied to the process transformation. We also evaluate the process transformation and report the result of the evaluation.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Agent-based IDS for Dynamic Variation of Network Composition

    KOTEGAWA Yuki, TABATA Toshihiro, SAKURAI Kouichi

    IPSJ SIG Notes   117 ( 22(DPS-117 CSEC-24) )   109 - 114   2004.3

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Compared with IDS installed on a network, IDS installed on a host can use more information for intrusion detection. However, IDS installed on a host can detect intrusion into only the host. Therefore, when a host is newly connected to the network, it is necessary to newly install IDS into the connected host. In this paper, Agent-based IDS is proposed. The system can automatically install IDS into the connected host On the proposed system, the mobility of mobile agents can save the time and effort of introduction of IDS. Moreover, by simultaneous distribution of upgraded agents, efficient maintenance management is realized.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • A Study on Probabilistic Method for Anomaly Detection

    たたら講平, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2004 ( 11(CD-ROM) )   2004

  • A Survey of Network and Distributed System Security Symposium

    小手川祐樹, 田端利宏, 堀良彰, 桜井幸一

    情報処理学会研究報告   2004 ( 54(CSEC-25) )   2004

  • An analysis of word salad attack against statistical filtering

    岩永学, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2004 ( 11(CD-ROM) )   2004

  • Security Management Mechanism for End-Host using Mobile Agents

    小手川祐樹, 田端利宏, 堀良彰, 桜井幸一

    情報処理学会シンポジウム論文集   2004 ( 11(CD-ROM) )   2004

  • A Survey of IEEE Symposium on Security and Privacy

    田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2004 ( 11(CD-ROM) )   2004

  • Program Birthmark Scheme with Tolerance to Equivalent Conversion of Java Classfiles

    FUKUSHIMA Kazuhide, TABATA Toshihiro, SAKURAI Kouichi

    IPSJ SIG Notes   23 ( 126(CSEC-23) )   81 - 86   2003.12

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    This paper examines program birthmark scheme for Java in order to detect illegal thefts of Java classfile. Tamada et al. proposed birthmark scheme based on initial value assignments, the sequence of method call, and the inheritance structure. We show that the birthmarks based on initial value assignments and the inheritance structure can be modified easily. In addition, we propose a birthmark scheme using automata.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Implementation and Evaluation of Instant Synchronization InterProcess Communication on Tender

    FUKUTOMI Kazuhiro, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   93 ( 42(OS-93) )   25 - 32   2003.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    InterProcess Communication (IPC) is used in many application programs. IPC is important and used in various ways. Especially exchanging data, a common form of IPC is message passing. However, in the message passing, since communication is completed in the combination of the send and receive operation, IPC cannot contain two elements simultaneously - the instant communication operation and the synchronization of data transfer. In this paper, we propose the mechanism of Instant Synchronization InterProcess Communication. We describe the implementation of this mechanism on Tender operating system. Also, we show the basic performance of this mechanism and evaluate this mechanism using an application program.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design of Resource Enduring Mechanism Using Plate on Tender

    MATONO Tsukasa, TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   93 ( 42(OS-93) )   147 - 154   2003.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    To provide various functions such as process management and memory management, an operating system (OS) builds various kinds of management information on volatile memory. Data on volatile memory, however, is no longer available when a computer is turned off. This unreliability of volatile memory causes serious problem - if computer crashes, a computer cannot continue previous processing. One way to solve this problem is to make OS management information persistent. On Tender operating system, which we are developing, we define a resource as an object controlled and managed by the OS. Therefore, as long as we can make resources persistent on Tender, we can make OS management information persistent. In this paper, we propose resource enduring mechanism using plate, which makes data on virtual memory persistent, and explain the design of this mechanism.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • プログラム実行速度調整による通信帯域制御

    田端 利宏, 乃村 能成, 谷口 秀夫

    第65回全国大会講演論文集   2003 ( 1 )   1 - 2   2003.3

     More details

  • Design of User Level Access Control Mechanism Using Dynamic Linker.

    田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2003 ( 15 )   2003

  • On the Security of SELinux Access Control Based on a Simplified Policy.

    末安克也, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2003 ( 15 )   2003

  • Evaluation of Anti-Spam Method Combining Bayesian Filtering and Confirming Sender’s Intention.

    岩永学, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2003 ( 15 )   2003

  • A Method for Detecting Anomalous Program Behavior with Probabilistic Network.

    たたら講平, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2003 ( 15 )   2003

  • Implementation and Evaluation of a Tampering Detection System Using a Verification-Agent for Mobile Agents.

    小手川祐樹, 田端利宏, 桜井幸一

    情報処理学会シンポジウム論文集   2003 ( 15 )   2003

  • B-46 Resource Enduring Mechanism by Using Plate Function on Tender

    MATONO Tsukasa, TABATA Toshihiro, TANIGUCHI Hideo

    2002 ( 1 )   179 - 180   2002.9

     More details

    Language:Japanese   Publisher:Forum on Information Technology  

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Evaluation of Execution Resource on Tender by Using Web server : A Mechanism of Regulating Execution Performance for Multi Process

    TABATA Toshihiro, NOGUCHI Naoki, NAKASHIMA Kohta, TANIGUCHI Hideo

    IPSJ SIG Notes   90 ( 60(OS-90) )   33 - 40   2002.6

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Many services can be provided on a computer by improvement of computer performance. Also, each service requests different processing performance. Besides, one service is composed of many processes in many cases. Thus these processes need to be a unit for process scheduling. We proposed a mechanism of regulating execution performance for multi process by execution resource. In this paper, we report a result of an evaluation of our proposed mechanism by using Web server. We describe BSD/OS compatible system-call interface, and a result using the interface and Apache Web server. Also, we show that our proposed mechanism is able to regulate execution performance of multi process.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Evaluation of Execution Resource on Tender by Using Web server : A Mechanism of Regulating Execution Performance for Multi Process

    TABATA Toshihiro, NOGUCHI Naoki, NAKASHIMA Kohta, TANIGUCHI Hideo

    IEICE technical report. Computer systems   102 ( 153 )   33 - 40   2002.6

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Many services can be provided on a computer by improvement of computer performance. Also, each service requests different processing performance. Besides, one service is composed of many processes in many cases. Thus these processes need to be a unit for process scheduling. We proposed a mechanism of regulating execution performance for multi process by execution resource. In this paper, we report a result of an evaluation of our proposed mechanism by using Web server. We describe BSD/OS compatible system-call interface, and a result using the interface and Apache Web server. Also, we show that our proposed mechanism is able to regulate execution performance of multi process.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Tender における異種OS インタフェースの共存手法

    田端 利宏, 野口 直樹, 中島 耕太, 谷口 秀夫

    第64回全国大会講演論文集   2002 ( 1 )   5 - 6   2002.3

     More details

  • プロセッサの実行性能を示す尺度の提案

    田端 利宏, 谷口 秀夫

    第63回全国大会講演論文集   2001 ( 1 )   75 - 76   2001.9

     More details

  • Tender におけるプロセス変身機能の設計

    石井 陽介, 田端 利宏, 谷口 秀夫

    第63回全国大会講演論文集   2001 ( 1 )   83 - 84   2001.9

     More details

  • Execution Speed Control Mechanism of Process Group by Execution on Tender

    TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   88 ( 78(OS-88) )   3 - 10   2001.7

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    The various services, which use a computer, are provided. There are many cases the service, which is provided with a computer, is composed of multi procrsses. For example, in Web server, a child process processes a request from a client. We proposed speed control mechanism of program execution. The mechanism is able to regulate the execution speed of one process. However, execution speed of a service, which is composed of the multi processes, is unable to be regulated. Therefore, we propose the execution speed control mechanism of process group by using"execution"resource. This paper describes overview of Tender operating system, speed control mechanism of program execution and the guarantee mechanism of service processing time. Furthermore, it proposes execution speed control mechanism of process group by execution on Tender.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • 1.プログラムの実行速度を自由に操る : プログラム実行速度の調整制御法

    谷口 秀夫, 田端 利宏

    情報処理   42 ( 2 )   付録48   2001.2

     More details

    Language:Japanese   Publisher:一般社団法人情報処理学会  

    CiNii Article

    CiNii Books

    researchmap

  • Tender Operating System Based on Mechanism of Resource Independence

    TANIGUCHI Hideo, AOKI Yoshinori, GOTO Masataka, MURAKAMI Daisuke, TABATA Toshihiro

    Transactions of Information Processing Society of Japan   41 ( 12 )   3363 - 3374   2000.12

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    In this paper the objects to be controlled and managed by operating system are called resources. We propose the mechanism of resource independence. And this paper describes Tender, the operating system developing based on our proposed mechanism. Tender manages the resource by resource identifiers and resource names. Tender is composed of the program parts to control the resource and Table Program Structure, which has the pointers to them. And Tender has the Copy-on-Compile facility which makes to part program and avoids sharing the common program among program parts. Resource intarface controller manages call of the program part. As one of the functions of practical use of this mechanism, this paper describes the method of fast process creation and disappearance. The method is efficient by the evaluation.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00012122/

  • 複数プロセス制御におけるプログラム実行速度調整法の実現と評価

    田端 利宏, 谷口 秀夫, 牛島 和夫

    第61回全国大会講演論文集   2000 ( 1 )   37 - 38   2000.10

     More details

  • Implementation and evaluation of mechanism of restarting a process by initializing data segments

    Toshihiro Tabata, Hideo Taniguchi

    Research Reports on Information Science and Electrical Engineering of Kyushu University   5 ( 2 )   237 - 242   2000.9

     More details

    Language:Japanese   Publisher:Kyushu University  

    Process creation and disappearance is a large load among processing of operating system. The research that speeds up process creation since before, is being done and sticky bit and vfork system call in the UNIX are materialized. For example, process creation and disappearance break out a repetition, because compiler is run many times in UNIX command of `make'. Because of this, it is important when it speeds up the processing of operating system, to speed up process creation and disappearance. We perceive to the processing that delete a process and create the same process newly. And we propose mechanism of restarting a process by initializing data segments. The mechanism is able to run the process that ran it once from the beginning once again. This paper describes mechanism of restarting process by initializing data segments and reports performance of the mechanism, comparison with established operating system and evaluation by a real application.

    DOI: 10.15017/1515706

    Scopus

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

    Other Link: http://hdl.handle.net/2324/1515706

  • Guarantee of Service Processing Time by Execution on Tender Operating System

    TABATA Toshihiro, TANIGUCHI Hideo

    Transactions of Information Processing Society of Japan   41 ( 6 )   1745 - 1754   2000.6

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    The objects to be controlled and managed by operating system are called resources on Tender. Resource execution has rate of processor utilization. There are two kinds of execution. One is to control speed of program execution. Another is scheduling processes by priority. To guarantee lowest performance of service is realized by attaching plural executions to process. This paper shows the mechanism of attaching plural executions to a process and describes the features of plural execution and reports the evaluation of speed control mechanism of program execution, guarantee of service processing time and influence on other processes.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00012265/

  • Evaluation of Multi Processes Control Mechanism for Regulating Program Execution Speed

    TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   84   229 - 236   2000.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    Computer user control speed of software running by using our mechanism of regulating program execution speed. We described mechanism for regulating process execution speed based by our suggested process schedule. But the mechanism targeted controlling one process. Therefore uniformity of processing is lower when we regulate multi processes execution speed. In this paper, we suggest the mechanism for controlling multi processes. And we report relation about uniformity of processing between evaluation of simulator and experimentation.

    CiNii Article

    CiNii Books

    researchmap

  • Evaluation of Multi Processes Control Mechanism for Regulating Program Execution Speed

    TABATA Toshihiro, TANIGUCHI Hideo

    IEICE technical report. Computer systems   100 ( 87 )   49 - 56   2000.5

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    Computer user can control speed of software running by using our mechanism of regulating program execution speed. We described mechanism for regulating process execution speed based by our suggested process schedule. But the mechanism targeted controlling one process. Therefore uniformity of processing is lower when we regulate multi processes execution speed. In this paper, we suggest the mechanism for controlling multi processes. And we report relation about uniformity of processing between evaluation of simulator and experimentation.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • データ部の初期化によるプロセスの再起動機構

    田端 利宏, 谷口 秀夫, 牛島 和夫

    第60回全国大会講演論文集   2000 ( 1 )   5 - 6   2000.3

     More details

  • Proposal and Evaluation of function for Restarting Process.

    田端利宏, 谷口秀夫

    情報処理学会シンポジウム論文集   2000 ( 13 )   2000

  • Method of Improving Uniformity of Processing on Program Speed Control Mechanism

    59 ( 0 )   143 - 144   1999.9

     More details

  • Implementation and Evaluation of Speed Control Mechanism of Program Execution on Resource Execution On Tender (Special Issue on New System Software)

    TABATA Toshihiro, TANIGUCHI Hideo

    Transactions of Information Processing Society of Japan   40 ( 6 )   2523 - 2533   1999.6

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    In this paper the objects to be controlled and managed by operating system are called resources. We proposed the mechanism of resource independence. This paper describes a new abstraction called "execution" in the Tender operating system. Tender separates elements of process into resources and the structure of programs is simple. Concretely Tender separates resource management programs and separates resource management tables. Execution is a available processor degree to run program on Tender. When the process gets execution, the process is executed. And timing to get and release execution doesn't have relation to process state. There are two scheduling mechanisms on execution management. One is to control speed of program execution and can control speed of process execution without modifying program. Another is scheduling by process priority. This paper shows functions of resource execution and reports evaluation of speed control mechanism of program execution and influence of interrupt mask.

    CiNii Article

    CiNii Books

    researchmap

    Other Link: http://id.nii.ac.jp/1001/00012606/

  • Implementation and Evaluation of Inter Process Communication on Tender

    TABATA Toshihiro, TANIGUCHI Hideo

    IEICE technical report. Computer systems   99 ( 37 )   95 - 100   1999.5

     More details

    Language:Japanese   Publisher:The Institute of Electronics, Information and Communication Engineers  

    We describe inter process communication on Tender operating system. Heterogeneous Virtual Storage(HVS) of Tender is integrated both single virtual storage and multiplc virtual storage. HVS has multiple virtual spaces. And there are over zero processes on a virtual space. And a process can migrate between virtual spaces. So that, processes can cooperat with other processes in processing. We create new resources"container","container box" and "event" to realize efficient inter process communication. This paper describes mechanism of inter process communication and shows evaluation of inter process communication.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Implementation and Evaluation of Inter Process Communication on Tender

    TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   81 ( 32(OS-81) )   95 - 100   1999.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    We describe inter process communication on Tender operating system. Heterogeneous Virtual Storage (HVS) of Tender is integrated both single virtual storage and multiple virtual storage. HVS has multiple virtual spaces. And there are over zero processes on a virtual space. And a process can migrate between virtual spaces. So that, processes can cooperate with other processes in processing. We create new resources "container," "container box" and "event" to realize efficient inter process communication. This paper describes mechanism of inter process communication and shows evaluation of inter process communication.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Inter Process Communication on Tender

    58 ( 0 )   89 - 90   1999.3

     More details

  • Guarantee of Service Processing Time by execution on Tender.

    田端利宏, 谷口秀夫

    情報処理学会シンポジウム論文集   99 ( 16 )   1999

  • Design and Implementation of Speed Control Mechanism of Program Execution on Tender

    田端利宏, 谷口秀夫, 牛島和夫

    情報処理学会全国大会講演論文集   57 ( 0 )   95 - 96   1998.10

     More details

  • Implementation of Heterogeneous Virtual Storage coexisted of Single Virtual Storage and Multiple Virtual Storage

    TANIGUCHI Hideo, NAGASHIMA Naoki, TABATA Toshihiro

    IPSJ SIG Notes   78 ( 39 )   87 - 94   1998.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    We suggest function of Heterogeneous Virtual Storage(HVS) that is fused both single virtual storage and multiple virtual storage. HVS has multiple virtual storage spaces. And there are over zero processes on a space. And a process can migrate between virtual storage spaces. Therefore, HVS has both single virtual storage's advantages and multiple virtual storage's advantages. We implemented and evaluated HVS on Tender operating system. To use existed virtual storage space reduce the time of creating process and deleting process. And the time of process migration is not influence from the size of process, and is about 0.7 millisecond.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Fast Process Creation and Disappearance by Recycling Process Elements

    TABATA Toshihiro, TANIGUCHI Hideo

    IPSJ SIG Notes   78 ( 39 )   79 - 86   1998.5

     More details

    Language:Japanese   Publisher:Information Processing Society of Japan (IPSJ)  

    We suggest the mechanism of fast process creation and disappearance by recycling process elements. Process elements of Tender are separated and independent. Therefore process elements are able to exist without process existence. Fast process creation is realized by creating resources beforehand or recycling resources. And fast process disappearance is realized by remaining resources of process. We implemented this mechanism of resource recycling on Tender and evaluated it. As the result, the time of process creation and disappearance is fast more than 15 millisecond.

    CiNii Article

    CiNii Books

    J-GLOBAL

    researchmap

  • Design and Implementation of Process Control Mechanism on Tender

    田端利宏, 谷口秀夫

    情報処理学会全国大会講演論文集   56 ( 0 )   72 - 73   1998.3

     More details

  • Implementation of Heterogeneous Virtual Storage coexisted of Single Virtual Storage and Multiple Virtual Storage.

    谷口秀夫, 長嶋直希, 田端利宏

    電子情報通信学会技術研究報告   98 ( 39(CPSY98 27-38) )   1998

  • Implementation and Evaluation of Process Execution Mechanism on Tender.

    田端利宏, 谷口秀夫

    情報処理学会シンポジウム論文集   98 ( 15 )   1998

  • Fast Process Creation and Disappearance by Recycling Process Elements.

    田端利宏, 谷口秀夫

    電子情報通信学会技術研究報告   98 ( 39(CPSY98 27-38) )   1998

▼display all

Presentations

  • FIT2021 イベント企画「B-3:IoTが拓く未来:~アフターコロナ社会に向けたIoTの将来像を探る~」パネル

    山内利宏

    FIT2021  2021.8.26 

     More details

    Event date: 2021.8.26

    Language:Japanese   Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • IoT機器のソフトウェアの現状とIoTマルウェアの感染方法と影響について Invited

    山内 利宏

    岡山県情報セキュリティ協議会 令和3年度秋期セミナー  2021.11.30 

     More details

    Language:Japanese   Presentation type:Public lecture, seminar, tutorial, course, or other speech  

    researchmap

  • 組み込み機器に使われるオープンソースの現状 ~ソフトウェアバージョンとセキュリティ機能適用率の調査から~

    山内利宏

    ET & IoT 2021,CCDS IoTセキュリティ ホットトピック  2021.11.19 

     More details

    Presentation type:Public lecture, seminar, tutorial, course, or other speech  

    researchmap

  • パネル討論「実践的教育の普及、持続、浸透に向けて」

    enPiT第8回シンポジウム  2020.1.23 

     More details

    Language:Japanese   Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • 基盤ソフトウェアにおけるセキュリティ技術

    山内 利宏

    第1回ATR-KDDI総合研究所セキュリティ技術セミナー  2019.6.21 

     More details

    Language:Japanese   Presentation type:Oral presentation (invited, special)  

    researchmap

  • システムソフトウェアによるセキュリティ技術の研究 Invited

    山内利宏

    2018 IEEE SMC Hiroshima Chapter 若手研究会  2018.7.28 

     More details

    Language:Japanese   Presentation type:Oral presentation (keynote)  

    researchmap

  • パネルディスカッション「OSSセキュリティ技術における学術とコミュニティの連携について」

    CSS2017,企画セッション「オープンソースソフトウェア(OSS)のセキュリティ技術について」  2017.10 

     More details

    Language:Japanese   Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • Recent Topics on Smartphone Security Invited

    Workshop on Bigdata and Cybersecurity  2017.9.10 

     More details

    Language:English   Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • Proposal of a Method to Prevent Privilege Escalation Attacks for Linux Kernel

    Yuichi Nakamura, Toshihiro Yamauchi

    2017.9 

     More details

    Language:English   Presentation type:Oral presentation (general)  

    researchmap

  • スマートシティ・スマートハウスセキュリティ ~組み込み機器とクラウドサービスにおける、サービス連携における脆弱性をどう考えていくのか?サービス展開における現状を議論する。~

    荻野 司, 南 裕介, 山内利宏

    ET & IoT 2021,CCDS IoTセキュリティ ホットトピック,パネルディスカッション  2021.11.19 

     More details

    Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • サイバーセキュリティ研究相談

    秋山 満昭, 高田 雄太,山内 利宏,白石 善明

    マルウェア対策研究人材育成ワークショップ 2021,MWS企画セッション②  2021.10.28 

     More details

    Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • Privilege Escalation Attack Prevention Method Based on System Call Processing

    SCIS & CSS Award Session of the 12th International Workshop on Security (IWSEC 2017)  2017.9 

     More details

    Language:English   Presentation type:Oral presentation (invited, special)  

    researchmap

  • Recent Topics on Use-after-free Exploitation and Mitigation Techniques Invited

    3rd International Workshop on Information and Communication Security (WICS'16)  2016.11 

     More details

    Language:English   Presentation type:Oral presentation (keynote)  

    researchmap

  • Use-After-Free Prevention Method Using Memory Reuse Prohibited Library Invited

    The 10th International Workshop on Security (IWSEC 2015)  2015.8 

     More details

    Language:English   Presentation type:Oral presentation (invited, special)  

    researchmap

  • 計算機の機密情報の漏洩防止とログの確実な保存を実現する方式の研究

    第16回岡山リサーチパーク研究・展示発表会  2011 

     More details

  • プログラム記述とプロセッサの高性能化機構の関係

    夏のプログラミング・シンポジウム2011  2011 

     More details

  • Linuxのセキュリティ機能特集

    山内 利宏ほか

    パネルディスカッション,情報処理学会第51回コンピュータセキュリティ研究発表会  2010.12 

     More details

    Language:Japanese   Presentation type:Symposium, workshop panel (nominated)  

    researchmap

  • ファイルの使用頻度に基づくバッファキャッシュ制御法の評価

    Joint Symposium for Advanced System Software 2008 (JSASS2008)  2008 

     More details

  • Design and Evaluation of a Bayesian-filter-based Image Spam Filtering Method

    Japan-Taiwan Joint Research on Cryptography and Information Security towards Next IT-society  2008 

     More details

  • オペレーティングシステムのセキュリティ技術の動向

    田端 利宏

    平成17年度 IT(情報技術)ソリューション研究交流会,中国技術振興センター  2005.11 

     More details

    Language:Japanese   Presentation type:Oral presentation (invited, special)  

    researchmap

  • Access Control Issues in Database Service Provider Model

    電子情報通信学会 2005年総合大会 学生ポスターセッション  2005 

     More details

  • Outsourced Access Control Model for Outsourced Databases

    2nd Japan/U.S. Workshop on Critical Information Infrastructure Protection  2005 

     More details

  • セキュリティ面からのプラットフォームへの期待と課題

    ECOM 情報セキュリティ最新技術セミナー,第1回 セキュリティ面からのOSやDBMSへの期待と課題(パネルデスカッション)  2004 

     More details

  • プログラムの実行速度を自由に制御できるプロセススケジュール法

    情報処理学会九州支部若手の会セミナー2002  2002 

     More details

▼display all

Awards

  • CSS2021優秀論文賞(情報処理学会コンピュータセキュリティシンポジウム2021)

    2021.10  

    藤井 翔太, 川口 信隆, 重本 倫宏, 山内 利宏

     More details

  • IWSEC2021 Best Paper Award

    2021.9  

    Hiroki Kuzuno, Toshihiro Yamauchi

     More details

  • 情報処理学会 研究会活動貢献賞

    2021.3  

    山内 利宏

     More details

  • FIT論文賞(FIT2020 第19回情報科学技術フォーラム)

    2020.11  

    葛野 弘樹, 山内 利宏

     More details

  • MWS2020学生論文賞(情報処理学会マルウェア対策研究人材育成ワークショップ(MWS)2020)

    2020.10  

    市岡秀一, 川島千明, 佐藤将也, 山内利宏

     More details

  • CSS2020優秀論文賞(情報処理学会コンピュータセキュリティシンポジウム2020)

    2020.10  

    白石周碁, 福本淳文, 吉元亮太, 塩治榮太朗, 秋山満昭, 山内利宏

     More details

  • 特選論文

    2020.9   情報処理学会   KVM上のゲストOSにおける権限の変更に着目した権限昇格攻撃防止手法

    福本淳文, 山内 利宏

     More details

  • 研究功績賞

    2021.3   岡山大学工学部  

    山内 利宏

     More details

  • CSS2020学生論文賞(情報処理学会コンピュータセキュリティシンポジウム2020)

    2020.10  

    折戸凜太郎, 佐藤将也, 梅本 俊, 中嶋 淳, 山内利宏

     More details

  • FIT論文賞(FIT2019 第18回情報科学技術フォーラム)

    2019.12  

    葛野 弘樹, 山内 利宏

     More details

  • CSS2019優秀論文賞(情報処理学会コンピュータセキュリティシンポジウム2019)

    2019.10  

    福本淳文, 山内 利宏

     More details

  • 情報・システムソサイエティ功労賞

    2019.6   電子情報通信学会情報・システムソサイエティ  

    山内 利宏

     More details

  • 特選論文

    2019.2   情報処理学会   可用性を考慮したプロセスの複製によるライブフォレンジック手法

    山内利宏, 時松勇介, 谷口秀夫