Scalable and fast hierarchical clustering of IoT malware using active data selection
The number of IoT malware specimens has in-creased rapidly and diversified in recent
years. To efficiently analyze a large number of malware specimens, we aim to reduce the …
years. To efficiently analyze a large number of malware specimens, we aim to reduce the …
Darknet Analysis-Based Early Detection Framework for Malware Activity: Issue and Potential Extension
C Han, A Tanaka, T Takahashi - 2022 IEEE International …, 2022 - ieeexplore.ieee.org
Most packets arriving in the darknet (or network telescope), which is unused IP address
space on the Internet, are related to indiscriminate scanning and attack activities. In recent …
space on the Internet, are related to indiscriminate scanning and attack activities. In recent …
Detecting Coordinated Internet-Wide Scanning by TCP/IP Header Fingerprint
A Tanaka, C Han, T Takahashi - IEEE Access, 2023 - ieeexplore.ieee.org
Adversaries perform port scanning to discover accessible and vulnerable hosts as a prelude
to cyber havoc. A darknet is a cyberattack observation network to capture these scanning …
to cyber havoc. A darknet is a cyberattack observation network to capture these scanning …
Towards Functional Analysis of IoT Malware Using Function Call Sequence Graphs and Clustering
K Oshio, S Takada, T He, C Han… - 2023 IEEE 47th …, 2023 - ieeexplore.ieee.org
The number of IoT malware variants infecting vulnerable IoT devices is growing. Many of
these are created by modifying parts of publicly available source codes and adding …
these are created by modifying parts of publicly available source codes and adding …
[PDF][PDF] Towards Long-Term Continuous Tracing of Internet-Wide Scanning Campaigns Based on Darknet Analysis.
C Han, A Tanaka, Jun'ichi Takeuchi, T Takahashi… - ICISSP, 2023 - scitepress.org
The darknet is an unused IP address space that can be an effective resource for observing
and analyzing global indiscriminate scanning attacks. Scanning traffic on the darknet has …
and analyzing global indiscriminate scanning attacks. Scanning traffic on the darknet has …
Poster: Flexible Function Estimation of IoT Malware Using Graph Embedding Technique
K Oshio, S Takada, C Han, A Tanaka… - … IEEE Symposium on …, 2022 - ieeexplore.ieee.org
Most IoT malware is variants generated by editing and reusing parts of the functions based
on publicly available source codes. In our previous study, we proposed a method to estimate …
on publicly available source codes. In our previous study, we proposed a method to estimate …
Malicious Packet Classification Based on Neural Network Using Kitsune Features
Network Intrusion Detection Systems (NIDSes) play an important role in security operations
to detect and defend against cyberattacks. As artificial intelligence (AI)-powered NIDSes are …
to detect and defend against cyberattacks. As artificial intelligence (AI)-powered NIDSes are …
能動学習に基づいたマルウェア階層的クラスタリング
何天祥, 韓燦洙, 高橋健志, 来嶋秀治… - … シンポジウム2021 論文 …, 2021 - ipsj.ixsq.nii.ac.jp
論文抄録 IoT マルウェア検体の数は, 近年急速に増加し, 多様化している. 大量なマルウェア検体を
効率的に分析するために, 我々はスケーラブルなクラスタリング手法を研究している …
効率的に分析するために, 我々はスケーラブルなクラスタリング手法を研究している …
異常同期性推定に基づくマルウェア活動の早期検知フレームワークの検討
韓燦洙, 竹内純一, 高橋健志… - … シンポジウム2021 論文集, 2021 - ipsj.ixsq.nii.ac.jp
論文抄録 グローバルにサイバー攻撃が蔓延する中, 攻撃傾向を迅速に捉え,
対策を講じることが求められている. マルウェアの感染が拡大する際には, ダークネットに時空間 …
対策を講じることが求められている. マルウェアの感染が拡大する際には, ダークネットに時空間 …
遺伝的アルゴリズムに基づいた広域スキャンのフィンガープリント特定技術の提案
田中智, 韓燦洙, 高橋健志, 藤澤克樹 - … シンポジウム2021 論文集, 2021 - ipsj.ixsq.nii.ac.jp
論文抄録 インターネット上の到達可能かつ未使用の IP アドレス空間 (ダークネット) を利用し,
新興のマルウェア活動を検知することは, 迅速なサイバーセキュリティ対策を行うために必要不可欠 …
新興のマルウェア活動を検知することは, 迅速なサイバーセキュリティ対策を行うために必要不可欠 …