Cyber Security

Current Research Topics

Public-Key Infrastructure and it's application

Our theme is "authentication and access controls in distributed computing environment". We are focusing on adopting PKI on various systems in useful and secure manner.

Leveraging static probe instrumentation data for VMM-based Anomaly Detection System

Aside from its rapid development and decreasing cost, cloud computing has not been fully embraced by organizations and industries around the world because of their concern over security. One main security threat in virtualization environments of cloud computing is the guest VMs. The challenge for monitoring public IaaS is how to collect a clear view of the guest VM’s behavior without interfering guest OS’s operation.
In this research, we introduce a novel observation point, static instrumentation data, and study its applicability for VM-based Anomaly Detection System. (Click here for the dataset)

Memory Forensic

Memory forensics is a technique to analyze the volatility of data. In incident response, information such as "where was the infected PC communicating to", "which programs or threads were active?", or "what kind of data is mapped in memory?" often become important considerations. Through the good use of memory forensics, it is possible to extract these kinds of information.
However, the memory forensics technique requires a very high level of knowledge and experience in the analysis of infected PCs. In addition, the application of this technique can potentially cost anywhere from a few hundred thousand to several million yen just to investigate a single unit. Therefore, researching memory forensics can be challenging.
In this research, I aim to create an algorithm for the memory forensics of the experience of analysts and develop an easy-to-use tool that will detect infections in PCs.

Countermeasure for Targeted mail

A type of malicious e-mail called "targeted mail" which is used by targeted attacks causes significant infection damage to victims. Targeted mail becomes more advanced and infects the target’s environment by spoofing normal e-mails. In this study, in order to prevent the infection damage caused by targeted mail, I will research countermeasures against spoofing mail by targeted mail.

Countermeasures against phishing attacks

Phishing Attacks leed novice users to diclose their important personal information. Because Our group find that the fundamental cause of phishing attacks is novice users' misbehavior, we try to achieve the architecture which protects novice users from phishing attacks even if they have been deceived by phishing attacks.

悪用された飛行UAVの探知技術に関する研究

ドローンは様々な分野での利活用が期待されている一方で、不適切な使用による危険性が指摘されている。このような不適切な使用による危険性を防ぐためにもドローンの探知技術は重要である。これまで、映像・熱・音によるドローンの探知が提案されているが、環境(映像の背景や雑音)によっては探知が困難となる。そこで、本研究では、これらの探知指標に加えてドローン探知の可能性を向上させるために、ドローンが発信しているWi-Fiビーコンフレームの取得による飛行中のドローン探知の可能性を調査する。

Network-based Mimicry Anomaly Detection using Divergence Measures

.

Security Risk Quantification Mechanism for Infrastructure as a Service Cloud Computing Platforms

.

Risk Adaptive Authorization Mechanism(RAdAM) for Cloud Computing

.

IP Traceback : A mechanism to find attack paths