Cyber Security

Current Research Topics

Public-Key Infrastructure and it's application

Our theme is "authentication and access controls in distributed computing environment". We are focusing on adopting PKI on various systems in useful and secure manner.

Leveraging static probe instrumentation data for VMM-based Anomaly Detection System

Aside from its rapid development and decreasing cost, cloud computing has not been fully embraced by organizations and industries around the world because of their concern over security. One main security threat in virtualization environments of cloud computing is the guest VMs. The challenge for monitoring public IaaS is how to collect a clear view of the guest VM’s behavior without interfering guest OS’s operation.
In this research, we introduce a novel observation point, static instrumentation data, and study its applicability for VM-based Anomaly Detection System. (Click here for the dataset)

Memory Forensic

Memory forensics is a technique to analyze the volatility of data. In incident response, information such as "where was the infected PC communicating to", "which programs or threads were active?", or "what kind of data is mapped in memory?" often become important considerations. Through the good use of memory forensics, it is possible to extract these kinds of information.
However, the memory forensics technique requires a very high level of knowledge and experience in the analysis of infected PCs. In addition, the application of this technique can potentially cost anywhere from a few hundred thousand to several million yen just to investigate a single unit. Therefore, researching memory forensics can be challenging.
In this research, I aim to create an algorithm for the memory forensics of the experience of analysts and develop an easy-to-use tool that will detect infections in PCs.

Countermeasure for Targeted mail

A type of malicious e-mail called "targeted mail" which is used by targeted attacks causes significant infection damage to victims. Targeted mail becomes more advanced and infects the target’s environment by spoofing normal e-mails. In this study, in order to prevent the infection damage caused by targeted mail, I will research countermeasures against spoofing mail by targeted mail.

Countermeasures against phishing attacks

Phishing Attacks leed novice users to diclose their important personal information. Because Our group find that the fundamental cause of phishing attacks is novice users' misbehavior, we try to achieve the architecture which protects novice users from phishing attacks even if they have been deceived by phishing attacks.



Network-based Mimicry Anomaly Detection using Divergence Measures


Security Risk Quantification Mechanism for Infrastructure as a Service Cloud Computing Platforms


Risk Adaptive Authorization Mechanism(RAdAM) for Cloud Computing


IP Traceback : A mechanism to find attack paths