XSSvulnerabilityisavulnerabilitythatallowsanattackertoexecutearbitraryJavaScriptviathe vulnerable implementation of a web application, and developers are required to reduce software vulnerabili- ties. In this paper, we propose a system that warns developers of DOM-Based XSS during the development stage. In the detection of DOM-Based XSS, flow analysis using abstract parse trees improves the detection rate and performance compared to existing dynamic analysis systems using taint propagation.

researchmap

SSH protocol is widely applied to UNIX-like operating systems because of the remote access method’s capability with authentication and encryption technology. However, its purpose is to operate the shell of the server directly, so the servers tend to become the target for the attackers who the company’s confidential information. To observe the SSH accesses with password authentication, we build the recording system for the authentication user name, password, RTT, authentication time, IP addresses and operate it in our laboratory. In this paper, we describe the system structure and operational thing. We also propose the attack detection method with this system under clearing the attacks’ characteristics for the SSH servers.

researchmap

researchmap

researchmap

researchmap

researchmap

The number of devices that can be accessed from the Internet is on the rise, and the possibility of being attacked / damaged is increasing. It seems that servers that are not well managed and devices operating with the default ID and password are speci cally targeted, and the administrator can grasp the trend as soon as possible and change the operation method of the server Measures are necessary. Our laboratory operates SSH honeypot, and we are working on research to prevent password brute force attack etc. In order to grasp a more detailed attack tendency, we analyzed the access log to Darknet and analyzed the correlation between access to Darknet and SSH honeypot. As a result, access to the SSH honeypot occurred within about 1 day after accessing Darknet, and most of it was found to be concentrated within 14 hours.

researchmap

Nowadays, it is difficult to analyze attacks on web applications due to the attacker's identity camouflage and the obfuscation of JavaScript. So far, we have developed an application to visualize the multistage redirecting caused by Drive-by Download attacks, as a tree. In this research, we add a function to highlight URLs with malignant quantities obtained by decision tree learning. We aim support for a more efficient analysis to by highlighting malignant URLs.

researchmap

パスワードリスト攻撃やブルートフォース攻撃などによるSSHサーバへのパスワードクラッキング攻撃を検知する手法として，キーボードによるパスワード入力が伴う通常の認証試行と，認証に必要な処理を自動化したツールによる認証試行との間に生じる認証時間の差異に基づいた検知手法を提案する．また，本提案手法による認証時間計測機能を実装したOpenSSHサーバを実際に運用し，その有効性を検証する．本提案手法では，単位時間あたりにおける認証試行数や，1コネクションにおけるパケット送受信回数を指標とした従来の検知手法では対応できない，分散型の攻撃の検知が可能である．

researchmap

researchmap

Language：English  

CiNii Books

researchmap

Other Link： http://hdl.handle.net/10112/11451

The automatic download of malware by Drive-by Download attacks becomes a big problem.It is necessary to clear the attack flow, however the analyzing work flow needsprofessional knowledges and massive time.We develop the application to support the analyzing workflows of Drive-by Download attacks,and all over the attack can be easier to understand by visualizing the relationshipamong the data as tree structure.We use the D3M datasets to evaluate the performance of this application.We can show the relationship of 80% traffic data of D3M datasets correctly.

researchmap

researchmap

researchmap

Nowadays, damage from a malware is increasing and cracker’s purpose is changing from pleasure to profit from attacking the computer. In such a situation, it seems that malware’s threat will become more serious. Hence we focus on the bot that is a kind of malware and IRC that is often used when bot communicate with C&C server. In this study, we propose the method to distinguish the command of legitimate IRC client from IRCbots by attaching an identifer to IRC client’s connection. Further, we show that the activities of IRCbots can be controlled by obstructing the bot’s connection using IPS.

researchmap

The remote login is essential to take advantage of computer resources deployoed at remote locations. SSH is the protocol which is generally used by the remote login. But it may be targeted in attackers because who can connect to computer if only to make authentication succeed for once. Accordingly, providing SSH service should carry out with the regorous security rules and it is always necessary to monitor access attempts logs. We analyzed attacker's features by analyzing attackers' access attempted date, IP address, hosted country and user name from access attempt log which attempted to IP address assigned to Kansai University. Moreover, we had observed attacker's activity and strategy by setting up honeypot. In this paper, we report the results of experimental and analysis.

researchmap

強制アクセス制御機能を含む従来のセキュアOSは，システム内部がどのような状態にあっても常に同一のアクセス制御を行なう．これはシステムが乗っ取られた場合には非常に有効に働くが，一般的なOS環境では，システムが安定している状態や高負荷にある状態等といった多種多様な状態を定義することができる．従来のセキュアOSは，これらの状態に着目した強制アクセス制御を行なう術を持たない．そこで本稿は，システムの状態が多様に変遷する場合において，それぞれの状態に適応可能な強制アクセス制御手法を提案する．そして，Linuxカーネル上に独自の強制アクセス制御システムを実装し，それの性能評価の結果を報告する．

researchmap

Web上の数多くのサービスは利用するためにパスワードが必要なことが多い．しかし，数多くのサービスですべて異なるパスワードにすることは難しく，パスワードの使いまわしが発生し，ユーザアカウントが乗っ取られたときの被害は大きくなりがちである． 本研究では，コンピュータについての高度な知識を有していないユーザでも利用でき，なおかつ人間が記憶しやすい"画像"を鍵として認証方式を提案し，その画像を認証のたびに劣化させることで鍵情報が認証のたびに変更されるようにした．また，提案手法の検証を行った結果，利用者はパスワードと比較してより多くの認証情報を記憶できることを確認した．

researchmap

researchmap

researchmap

Although the administrator checked the log of IDS and has added a new rule to therewall in theconventional system, the administrator's burden increases as the log of IDS becomes huge. So, in this research,the log of IDS is checked instead of an administrator, the system which rewrites the con gurationle of arewallautomatically is proposed, and the evaluation is performed. The keyword which expresses the danger of an IPaddress and an attack with the system to propose from the log of IDS is extracted, and the program which adds arule for it to origin automatically at arewall is mounted.

researchmap

The keystroke dynamics use time to need it for key input such as time from pushing to separating thekey as a characteristic to identify an individual. However, the keystroke dynamics is behavioral characteristics, andthe value input everytrial is not constant. Therefore, when uses this technique for a personal identi cation system,it becomes important to appropriate characteristic extraction, and personal identi cation to realize higher precisioncerti cation. In this study, We pay atention at time from pushing to separating one key said to that unevenness ishard to occur even the person that key input is unripe in keystroke dynamics, and let a neural network learn thischaracteristic, and suggest certi cation technique extracting a characteristic, and show the evaluation result by theexperiment.

researchmap

The number of servers is decided depending on the amount of the loads of services in the case of tradi-tional load balancing system, then the distributed system is con gured. However, the administrator have to adjustthe number of servers depending on the assumed amount of the loads, and it is not able to treat immediately againstthe varying or unexpected loads. In addition, if the system is con gured so as to treat the maximum load of theservice, it will cause the extra, unnecessary resources. Currently, in the cloud environment, there is the systemthat increase or decrease the number of instances depending on the varying loads. However, such cloud system isnot able to increase or decrease the number of instances based on the load of the each contents. In this paper, weimplement the dynamic load balancing system based on the load status of each contents and propose the methodfor maintaining the load balance of the whole system.

researchmap

Distributed File System is one of the system that consist of many computers. In a Distributed File System, it is possible to use total amount of storage which each computer has as one storage. In this system, storage capacity can be changed by perfoming an addition and removal of a computer. A Distributed File System implemented in this research dose not have a management computer which becomes a single failure point in a system. Distributed File System implemented in this research,form a P2P network between computers. Therefore the system dose not have a single failure point. And the system could keep runnning, even if a computer drops out from the network.

researchmap

The rapid growth of the Internet has caused issues concerning SPAM messages. As a result of this being a widespread social problem, many Mail User Agents (MUAs) are facilitated with SPAM filters. Unfortunately, the most of those filters use probability-based methods that concern only their contents such as word frequencies, thus do not properly perform SPAM filtering based on their intrinsic structure. Moreover, hardly any SPAM filters are sensitive to change in attributes over time. This paper introduces our anticipation toward their time-sensitive structure analysis. Taking a data miningapproach on both headers and contents of mail messages, we analyze significance, validity and utility for SPAM filtering. Attributes are selected from their header fields as well as various summarization of their contents. Such a data mining approach is then taken in consecutive time periods in order to study timesensitivity, i.e. change of significant attributes over time. Some cross validation is conducted in order to show validity. Decision Tree Learning (DTL) is currently deployed for its advantage of identifying significance based on Information Entropy. Finally, we present results throughout experiments using mail messages sent to an actual site.

researchmap

The development of the Internet has become a widespread social problem of spam. As a result, many mail user agent software are developed that have the function of spam filtering. However, in these filters, they only have the probabilistic selection methods, and the distinction methods are not based on the kind and structure of spam mail.In this paper, we propose an analysis model that estimate the distinction class of spam mail by various input properties. These properties are picked out by extracting the header fields and body text of spam mails. Then, we classify time-seriesed mail dataset by using data mining methods, and verify the classification by n-fold cross validation method. Finally, we make a study of its usefulness by actually received mail.

researchmap

In MIP6, that is a mobile technology for IPv6, the mobile nodes (MNs) can continue their communications after moving, so that MNs use the triangle route through Home Agent (HA). On the communications of triangle route if the number of MNs managed by HA, the load of HA will increase. And when some troubles of HA will happen, MNs cannot continue their connections, so the redundant system of HAs is needed. We proposed the Hybrid node that has the functions of both of MN and HA, and inspected the usefulness of it to achieve the efficiently redundant system. And the redundant system by Hybrid nodes achieves to reduce the unnecessary resources and the cost of new HAs deployment. However, HA and Hybrid nodes cannot distinguish from other nodes because the Hybrid nodes use Anycast Address same as HA. Therefore, there is a possibility of increasing the MNs managed by Hybrid nodes, and the Hybrid node itself may not be able to communicate using mobile connection. In this paper, we will discuss the implementation of the function of load balancing of when the imbalance of load among Hybrid nodes and HA exceeds the threshold value.

researchmap

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：Fuji Technology Press  

Although wireless LAN is useful in its small size and mobility, the connection region of transmitted radio wave is strongly affected by other electric devices, consumer products, and differences in size and type of the room. Besides, wireless LAN points (APs) must exclude a personal computers without permitting to connect to the Internet. Therefore, how optimally APs are located is important. In this paper, we propose the APs' optimal location method. The proposed algorithm integrates fuzzy rules acquired by fuzzy ID3 with knowledge of security experts, and estimates the connection region for AP. We discuss how to formulate the method for setting AP optimal location and show the effectiveness of this method by illustrating the examples of AP optimal locations.

DOI： 10.20965/jaciii.2009.p0128

Scopus

researchmap

It accompanies the spread of the internet, and a lot of service use internet. Not only the computer but also a lot of terminals use internet. Many terminal that can move especially comes to participate in the internet, and the technology of mobility becomes important. However, there is problem in the technology of Mobile IPv6 developed for mobile communications. The home agent concentrates the load easily in Mobile IPv6. Moreover, if the home agent doesn't function due to accident, the mobile node cannot be mobile communicated. Therefore, the maintenance of home agent's function is important in Mobile IPv6. If more home agent is aranged in the home network, and it achieves the redundancy of home agents but it costs to maintain more home agents.In this paper, we propose hybrid node for redundancy of home agent and effectiveness is evaluted．

researchmap

Recently, the ubiquitous society for using IPv6 next-generation network (NGN) is attracting much attention. It is necessary to improve the information management function of every terminal of P2P networks because a variety of multimedia services is expected to deploy on an NGN. In this study, Chord algorithm is used, that is one of the distributed hash algorithms which is the most popular algorithms on P2P systems. The number of hop to the following node in the node list is investigated using the hop limit in the header of IPv6, and the route optimization in Chord based on the number of hop is performed.

researchmap

researchmap

researchmap

Language：Japanese  

Researches on Grid computing and P2P systems are gaining focuses recently. This paper proposes a PC grid platform in P2P settings. In this platform, PC's are managed distributively in a P2P manner by the resource management mechanism proposed in this paper. Peers on the platform register their resource information to this mechanism, and share their resources. We consider Processing Grid and Distributed Storage as services in this platform. When the services request the resources, the resource managemtn mechanism assigns the services to peers according to the registered information. The authors have constructed a prototype, and have simulated to observe the effects on the resource management mechanism.

CiNii Books

researchmap

Other Link： http://hdl.handle.net/10112/2247

researchmap

What should be the nature of moral education in information technology (IT) ? In this paper, we discuss it from the view poitn of the philosophy of social morals. It is shown that the scientific comprehension of IT constitutes the fundamentals. Then, the reason why a laboratory session for IT education might be required is discussed. Finally, the laboratory syllabi of computer security education at the Department of Informatics is explained as it is a unique precedent among Japanese colleges.

researchmap

Language：English   Publishing type：Research paper (scientific journal)   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

In this paper, we focus on how to correct address mapping violation, in which an attacker rewrites the address mapping table of a victim to perform a Man-in-the-Middle (MITM) attack. We propose a technique for preventing MITM attacks in which a malicious user intercepts and possibly alters the data transmitted between two hosts. MITM attack is hard for legitimate users to notice during their normal communication, because each user believes they are communicating directly. Address mapping violation can occur because of vulnerability of address resolution protocols, Address Resolution Protocol (ARP) in IPv4 and Neighbor Discovery (ND) protocol in IPv6. Accordingly, a good method to prevent MITM attack by address mapping violation is essential for both current and future communications, i.e. wireless networks with roaming users and an interconnected world. Hence, our proposal mainly aims to have high usability in future applications such as embedded devices.

Web of Science

researchmap

researchmap

researchmap

Computer moral education is one of the biggest problems in IT educational courses for university students. This paper includes the report of annual construction plans of computer network infrastructure by the Information Processing Center of Kansai University. Moreover, we discuss about the implementation of a digital identification method that was introduced in the Faculty of Informatics in 2001. The biometrics used in this new tool might be unusual for university student, but it is now a common tool in business applications. The abuse of computers by novice students with cracking software was dramatically decreased since this finger print identification tool had been implemented.

researchmap

researchmap

researchmap

Language：Japanese  

Kansai University Special Research Fund 20020401-20030331

CiNii Books

researchmap

Web上の仮想共有空間として実現されているディジタルキャンパスは、個人ごとに空間をカスタマイズし情報を共有したり、仮想空間への個人情報の蓄積、既存の教育情報資源やアプリケーションの組み込み利用等が可能である。本論文では、このディジタルキャンパスの構成と特徴、プロトタイプシステムを示し、IPv6ブロードバンドインターネットを基盤とした遠隔授業について述べる。

researchmap

Language：Japanese   Publisher：Kansai University  

CiNii Books

researchmap

Other Link： http://hdl.handle.net/10112/6722

人々の生活への脅威である自然災害を予測のためには、さまざまな要素を考慮する必要がある。しかし、どれだけの要素を考慮すれば良いかという問題には、それぞれの要素の貢献度を考慮する必要がある。そこで、考慮する必要があると考えられている要素と災害の発生のレベルの間に写像関係があると考え、写像関係を実現できるGMDHネットワークにより考慮すべき要素を選択することができることを示す。

researchmap

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：A A BALKEMA PUBLISHERS  

Slope-failure is caused by complex working of various factors such as geology, topography, ground, vegetation, rainfall, etc. If the fuzzy theory is applied to all of these factors, results will often be of short reliability. In this paper, we present a method to acquire, removing inconsistencies, the minimum knowledge necessary to deduce reliable results from actual cases where engineers of long experience diagnosed the danger levels of slope-failure. Next comes a method of constructing a knowledge base for an expert system, such acquired knowledge used. Then, described is a method to check the accuracy and reliability of acquired knowledge and evaluate the knowledge base.

Web of Science

researchmap

researchmap

researchmap

消費者が自動車を購入する場合には、燃費、安全性、デザインなど多数の項目を評価基準として購入するかどうかの意思決定がなされるが、これらのうちデザイン、安全性などは燃費のように定量的に把握することが難しい。本研究ではデザインの問題を検討し、ラフ集合論、遺伝的アルゴリズム、ファジィ理論を適用した自動車ボディの色の決定支援システムの構想を立案した。

researchmap

researchmap

researchmap

社会のインフラストラクチャである土木構造物は、モニュメント性を度外視した中小規模のものがほとんどである。そのため中小規模の土木構造物は、人間が生活する周辺の環境と調和するように設計することが望ましい。そこで本研究では周辺の環境に土木構造物が調和するといった様相を”エコ・フレンドリー”という用語で議論する。この概念を明確にするためにラフ集合論、遺伝的アルゴリズムを適用する。

researchmap

本書では、WindowsやMacintoshなどのGUI環境に慣れたユーザを対象に、Linux入門者に一番の難関である「OSインストール後の環境整備と活用」を徹底的にサポートしている。WindowsやMacintoshで使用されているアプリケーションと比べても遜色のないアプリケーションを紹介することで、他のOSと比べても見劣りしないデスクトップ環境を整えることを目的としている。

researchmap

大学学部生を主対象にしたプログラミングの教科書として執筆した。言語としてC言語を取り上げて、各種演算子、ポインタ、構造体、ライブラリなどのプログラムを構成する要素技術、およびそれらを集約した実用的な応用プログラムであるCGプログラミングについて解説している。セメスタ制に対応した構成と、基本的なポイントを的確におさえた分かりやすい内容を特徴としている。

researchmap

プログラミング言語Javaは１台のコンピュータで動かすことはもちろん、インターネット上のWebページに埋め込まれてこそ、その威力を発揮する言語である。この言語について本書では、１２時間を目処に学習を行うことができるような構成で、言語の文法、機能の解説、プログラム例を掲載する。最終章には、本文中で利用した関数、パッケージなどの簡単な説明も掲載している。本文中で使用するJava開発環境はJava2（jdk1.2）である。

researchmap

VRMLは、こういったハードウェア・プラットフォームを意識することなく、普通のパーソナル・コンピュータ上で利用することができる、コンピュータ・グラフィックス用の言語である。この言語は、コンピュータ・グラフィックスの構成要素とその値の組み合わせによって、１つのモデルを構成する非常にポータビリティの高い言語である。 本書では、VRML 2.0規格について、基本的な部品の作成から大規模な仮想空間の作成まで順を追って掲載している。後半部分ではWebページに埋め込むための基本的な記述方法についても解説しているので、本書の理解のみでWebページに仮想空間を構築することも可能である。

researchmap

スクリプト型言語Perlについて、１２時間で本書の内容を理解できるような構成をとっており、この範囲内で言語の文法、機能の解説、プログラム例を掲載している。最終章では、本文中で利用した関数の簡単な機能解説も掲載している。本書は単なるリファレンス解説書という位置づけではなく、実用レベルにある例題を掲載することで、より深い理解を得ることができるようになっている。

researchmap

数多くあるプログラミング言語の中から、最も歴史が古く、ソフトウェア資産も多く存在するFORTRAN言語について、従来からの文法書のような難解なものではなく、例題、演習を交えながら、プログラミング初心者にとって学びやすい解説書を目指している。１２回分の内容としており、理解に時間を要する箇所は２回分に分割して、より深い理解を得られるような配慮を行っている。

researchmap

researchmap

道路交通を制御している交通信号は、従来から時間帯・交通量を集中管理し、ある一定のスケジュールに従って行われてきた。しかし、慢性的な渋滞が日常的に発生し、突発的な渋滞への対応も満足のいくものではない。本論文では、交通信号群をエージェントの集まり、すなわちポリ・エージェントと考えて、それぞれのエージェントの自律的な行動によって渋滞を回避する手法について述べる。

researchmap

一般的に用いられる階層型ニューラルネットワークでは、中間層のすべての処理要素は入力および出力層の処理要素と完全結合している構成となっている。本論文では計算モデルとして、ある処理要素が不応期に入っている状態を想定しながら、ネットワークの応答出力の計算および学習を行うモデルを構築した。対象とする問題をパターン認識とすることによって、このモデルの性能を測定して従来のモデルとの比較を行った。

researchmap

関西大学総合情報学部では、入学当初より”コンピュータ・リテラシー”を修得できる教育を行っており、学部内にコンピュータネットワーク（KUTC-NET）を設置してそれを支援している。このネットワークは高性能ワークステーション群とそれらを接続するコンピュータ・ネットワークであり、教育・研究用の分散処理環境を構築したものである。この教育支援システムの概要および利用できるソフトウェア等について、ワークステーション環境を中心に解説する。

researchmap

これまで演奏者独自の解釈及び演奏者の無意識な弾き癖等の演奏者独自の特徴を演奏者情報として抽出し自動演奏システムに組み込むことを試みてきた。具体的には前者をエキスパートシステムにより処理し、後者をニューラルネットワークにより処理し特徴を抽出している。本稿では演奏者の個人的弾き癖抽出の従来方法を改良した改良抽出法による効果的な抽出について報告する。

researchmap

人間的な演奏を特徴づける要素として、リズムの揺らぎ及び音の変化を「局所メトロノーム速度」、「ベロシティ」として捉えている。人間らしい演奏の基になる「揺らぎ」には「一般的または個人的解釈による揺らぎ」と「弾き癖などの演奏者の意志に依らない揺らぎ」に大別できる。本研究では後者の揺らぎの要素に関して「ベロシティ」について検討し，ニューラルネットワークを用いて抽出・学習を行った。

researchmap

コンピュータによる自動演奏において、楽譜を自動認識し、音楽情報を抽出することは、用意に音楽データベースを構築できるという意味で有用であり、従来から種々の方法が考案されている。一方、五線は他の記号と重なっており、記号認識の際にノイズ成分となり認識に影響を与えるため、ニューラルネットワークを用いて、記号の分断を極力減らした五線の消去について実験を行った。

researchmap

ＢＰ型学習法を用いた階層型ニューラルネットワークの学習法には、ローカルミニマムが多数存在し、また中間層ユニット数をいくつに設定すればよいかある程度のシミュレーションを行わないと解らないといった問題を抱えている。本報告では松永のモデルと比較しながら、中間層ユニット数を学習時に動的に変化させてネットワークの規模の縮小、及びローカルミニマムを回避する学習法を提案する。

researchmap

researchmap

researchmap

researchmap

researchmap

researchmap