講演抄録/キーワード |
講演名 |
2017-03-03 15:40
Struggling against New-Born Malwares Attached to Mails ○Motoyuki Ohmori・Naoki Miyata・Kiyoyuki Nakashima・Kenichi Takahashi(Tottori Univ.) SITE2016-70 IA2016-100 |
抄録 |
(和) |
We, Tottori University, have been experiencing targeted attacks using malicious mails especially since fiscal year 2016.
Those malicious mails contain {it malwares} such as viruses themselves or down-loaders.
While some of those malwares are well-known to anti-virus softwares, others are not even to the state-of-the-art next-generation Intrusion Detection System (IDS) and/or Intrusion Prevention System (IPS).
There is no reasonable way especially for small organizations like us, who cannot employ the state-of-the-art anti-virus equipment, to detect and prevent such new-born malwares.
Those malwares then reach at end users, and end users may excute them and get infected.
We then did not know what to do, and we thought that what all we could do was just to wait for our members to get infected.
We, however, have found that there are not so many mails attached files.
We have then decided to detect all attached files in mails, and been trying to quarantine malwares based upon empirical approaches.
This paper present our findings, experiences and efforts. |
(英) |
We, Tottori University, have been experiencing targeted attacks using malicious mails especially since fiscal year 2016.
Those malicious mails contain {it malwares} such as viruses themselves or down-loaders.
While some of those malwares are well-known to anti-virus softwares, others are not even to the state-of-the-art next-generation Intrusion Detection System (IDS) and/or Intrusion Prevention System (IPS).
There is no reasonable way especially for small organizations like us, who cannot employ the state-of-the-art anti-virus equipment, to detect and prevent such new-born malwares.
Those malwares then reach at end users, and end users may excute them and get infected.
We then did not know what to do, and we thought that what all we could do was just to wait for our members to get infected.
We, however, have found that there are not so many mails attached files.
We have then decided to detect all attached files in mails, and been trying to quarantine malwares based upon empirical approaches.
This paper present our findings, experiences and efforts. |
キーワード |
(和) |
セキュリティ / 標的型攻撃 / メール添付 / マルウェア / 異常検知 / / / |
(英) |
security / targeted attacks / mail attachment / malware / anomaly detection / / / |
文献情報 |
信学技報, vol. 116, no. 491, IA2016-100, pp. 51-56, 2017年3月. |
資料番号 |
IA2016-100 |
発行日 |
2017-02-24 (SITE, IA) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
著作権に ついて |
技術研究報告に掲載された論文の著作権は電子情報通信学会に帰属します.(許諾番号:10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
PDFダウンロード |
SITE2016-70 IA2016-100 |
|