IEICE Technical Committee Submission System
Conference Paper's Information
Online Proceedings
[Sign in]
Tech. Rep. Archives
 Go Top Page Go Previous   [Japanese] / [English] 

Paper Abstract and Keywords
Presentation 2017-07-14 13:25
A Forensic Support System for Reproduction of Incidents Caused by Drive-by Download
Yuki Okuda, Youji Fukuta (Kindai Univ.), Yoshiaki Shiraishi (Kobe Univ.), Nobukazu Iguchi (Kindai Univ.) ISEC2017-18 SITE2017-10 ICSS2017-17 EMM2017-21
Abstract (in Japanese) (See Japanese page) 
(in English) In this research, we have developed a system that supports investigation of malware infections and activities in Drive-by Download attack which is one of the dominant tool of sending malware to terminals. This system reproduces HTTP requests, responses and behavior of malicious website related to the Drive-by Download attack from the raw packets of the communication at the time of the incident occurs. As a malicious website is disappeared in a short period, when malware installed in the terminal disappears after the activity or an attacker erases/disturbs the evidence, it becomes difficult to investigation. By using this system at the initial stage and investigation of incident handling, the process of malware infection caused by Drive-by Download attack can be reproduced. Using of this system in an environment where the incident can observe and record, it supports to collect the malware infection process and its activity.
Keyword (in Japanese) (See Japanese page) 
(in English) Incident response / Drive-by download attack / Communication packets / Reproducing malicious website / / / /  
Reference Info. IEICE Tech. Rep., vol. 117, no. 127, ICSS2017-17, pp. 81-86, July 2017.
Paper # ICSS2017-17 
Date of Issue 2017-07-07 (ISEC, SITE, ICSS, EMM) 
ISSN Print edition: ISSN 0913-5685    Online edition: ISSN 2432-6380
Copyright
and
reproduction
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034)
Download PDF ISEC2017-18 SITE2017-10 ICSS2017-17 EMM2017-21

Conference Information
Committee SITE EMM ISEC ICSS IPSJ-CSEC IPSJ-SPT  
Conference Date 2017-07-14 - 2017-07-15 
Place (in Japanese) (See Japanese page) 
Place (in English)  
Topics (in Japanese) (See Japanese page) 
Topics (in English)  
Paper Information
Registration To ICSS 
Conference Code 2017-07-SITE-EMM-ISEC-ICSS-CSEC-SPT 
Language Japanese 
Title (in Japanese) (See Japanese page) 
Sub Title (in Japanese) (See Japanese page) 
Title (in English) A Forensic Support System for Reproduction of Incidents Caused by Drive-by Download 
Sub Title (in English)  
Keyword(1) Incident response  
Keyword(2) Drive-by download attack  
Keyword(3) Communication packets  
Keyword(4) Reproducing malicious website  
Keyword(5)  
Keyword(6)  
Keyword(7)  
Keyword(8)  
1st Author's Name Yuki Okuda  
1st Author's Affiliation Kindai University (Kindai Univ.)
2nd Author's Name Youji Fukuta  
2nd Author's Affiliation Kindai University (Kindai Univ.)
3rd Author's Name Yoshiaki Shiraishi  
3rd Author's Affiliation Kobe University (Kobe Univ.)
4th Author's Name Nobukazu Iguchi  
4th Author's Affiliation Kindai University (Kindai Univ.)
5th Author's Name  
5th Author's Affiliation ()
6th Author's Name  
6th Author's Affiliation ()
7th Author's Name  
7th Author's Affiliation ()
8th Author's Name  
8th Author's Affiliation ()
9th Author's Name  
9th Author's Affiliation ()
10th Author's Name  
10th Author's Affiliation ()
11th Author's Name  
11th Author's Affiliation ()
12th Author's Name  
12th Author's Affiliation ()
13th Author's Name  
13th Author's Affiliation ()
14th Author's Name  
14th Author's Affiliation ()
15th Author's Name  
15th Author's Affiliation ()
16th Author's Name  
16th Author's Affiliation ()
17th Author's Name  
17th Author's Affiliation ()
18th Author's Name  
18th Author's Affiliation ()
19th Author's Name  
19th Author's Affiliation ()
20th Author's Name  
20th Author's Affiliation ()
Speaker Author-1 
Date Time 2017-07-14 13:25:00 
Presentation Time 25 minutes 
Registration for ICSS 
Paper # ISEC2017-18, SITE2017-10, ICSS2017-17, EMM2017-21 
Volume (vol) vol.117 
Number (no) no.125(ISEC), no.126(SITE), no.127(ICSS), no.128(EMM) 
Page pp.81-86 
#Pages
Date of Issue 2017-07-07 (ISEC, SITE, ICSS, EMM) 


[Return to Top Page]

[Return to IEICE Web Page]


The Institute of Electronics, Information and Communication Engineers (IEICE), Japan