Kazuyoshi Furukawa scite author profile

Recently, cyber-attacks against governments and enterprises more intensified, these have already taken on "Cyber-warfare." Because the attack technics are more artful, it is too difficult to defend them perfectly. We began this research because super-slow port scannings are extracted from IDSs' log-data placed in our managed networks for 4 months. In order to extract similar scannings from large log-data, a systematical detection method is required. In this paper, we propose a detection method of scarcely collided super-slow port scannings. This method uses only-value of number of accesses per each port without relying on time rate of traffic count. And, we report that plural kinds of scarcely collided super-slow port scannings can be detected in the IDSs' log-data.  Index Terms-super-slow port scannings, detection method,-value. I. INTRODUCTION Recently, cyber-attacks against governments and enterprises more intensified, these have already taken on "Cyber-warfare." U.S. government security expert described cyberspace as "the fifth domain of warfare [1]." Many entities have been attacked, and system intrusion and information leakage have been caused. Especially in "targeted cyber-attacks," various attacks persist against specified targets. It is said that the attacks are sent sparsely mingling with normal traffics over the long term. Because the attack methods are more artful, it is too difficult to defend them perfectly. This research was begun because quizzical traffics are extracted from IDSs' log-data placed in our managed networks in 4 months. It has seemed that these traffics are super-slow vertical port scannings. (Here, 'vertical port scanning' is only described 'port scanning' for simplicity after this.) These scannings can be classified to into two types. One is "increment-type" we call, that is, accessed port number is used by incremental step. Another is "random-type" we call, accessed ports are randomly selected. These scannings were heuristic extracted by hand work. A heuristic extraction by hand work requires high skill and great care. Therefore, in order to be able to extract similar scannings from large log-data, a systematical detection method is required.

show abstract

High-Speed Forensic Technology Against Targeted Cyber Attacks (Extended Abstract)

Unno

Oikawa

Furukawa

et al. 2017

View full text Add to dashboard Cite

show abstract

Improving the Confidential Data Totalization

Furukawa

Takenaka

Izu

2013

View full text Add to dashboard Cite

With a rapid spread of the cloud computing, confidential data totalization technologies are becoming more important. In 2011, Ushida et al. proposed a confidential data totalization technique based on the value distortion, in which each data in a formulaic corss-tabulation table is randomized by a random data shared in a pre-provided random data table, and the cloud server is able to totalize the data by summing randomized data since the sum of the randomized table data is known to the server. So the cloud server does not require any specific functions for totalizing randomized data and no information is leaked to the cloud server. However, there are tow problems. The first problem is data leakage from randomized table data if the same random table is used twice or more. The second problem is the difficulty of appending new rows or columns to the random data table without reproviding them to the users. This paper introduces solutions for these problems: a table updating method for the random table and and a table extending method for the random table without any re-provisions. With the proposed solutions, the cost of the the secure table data analysis method for the update and the extension can be reduced extremely.

show abstract

Developing the Analysis Tool of Cyber-Attacks by Using CTI and Attributes of Organization

Kambara

Katayama

Oikawa

et al. 2019

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.