与那嶺 俊 | D, 中間発表 | サイバーレジリエンス構成学 | 門林 雄基, 林 優一, 笠原 正治, 妙中 雄三 |
title: A systematic approach in malware analysis for revealing the attacker's intent
abstract: In cybersecurity, malware is one of the threats and countermeasures against malware are widely been studied. Many of previous studies mainly focus on intrusion detection, prevention, that are oriented to prevent compromises. However, as well as preventing from external intrusion, a security countermeasure which considers the situations after being compromised is also needed. From the standpoint of the defender who deals with such situations, when analyzing malware is required, security analyst must understand how malware is functioning and identify the attacker's intention. In general, these kinds of tasks require manual effort on security analyst and it remains challenges to create a systematic approach that automates these tasks. In this presentation, we describe challenges in malware analysis to reveal malicious intention in a systematic manner. In addition, we describe our approaches to tackle these challenges. language of the presentation: Japanese | |||
高須賀 昌烈 | M, 2回目発表 | サイバーレジリエンス構成学 | 門林 雄基, 林 優一, 笠原 正治, 妙中 雄三 |
title: Proposal for Filtering Malicious DNS Queries by Expansion of Negative Caching
abstract: Domain Name Sysmtem(DNS) Tunneling is one of covert channels and is adapted widely by advanced malware for accomplishments data exfiltration or getting commands from c2 server covertly. Since DNS is common and provides the core function of name resolution, therefore it's rarely filtered by security equipments such as Intrusion Detection System(IDS). Additionally, for the sake of a protection of privacy information, DNS starts supporting encryption technology such as TLS, which is already standardalized. It helps for saving privacy risks, which however makes it harder to detect DNS Tunneling because it masks the payload of application layer contents. Thus, it is necessaly to detect or filter those covert tunneling queries. We propose mitigation mechanism to filter malicious DNS queries by expansion of negative caching. Our proposed method is effective not only plain DNS Tunneling but also encrypted DNS Tunneling. language of the presentation: Japanese | |||
西田 雄亮 | M, 2回目発表 | サイバーレジリエンス構成学 | 門林 雄基, 林 優一, 中島 康彦, 妙中 雄三 |
title: Proposal of Separete Method Between Evasive Code and Malicious Code in Evasive Malware
abstract: Evasive malware is a type of malware that does not execute malicious behavior on an analysis environment. To deal with these type of malware, researchers proposed the method how to hide analysis environment artifacts on previous research. However, these techniques can't handle malware which detects user activity related artifacts. The mitigation method differs for each evasive mechanism of malware. Therefore, we focus on how to exhibit malicious code on analysis environment. In this presentation, we proposed a method to separate between evasive code and malicious code on evasive malware. Evasive code will be useful for analyst to understand the environment malware wants to be in. language of the presentation: Japanese | |||
田中 雄基 | M, 2回目発表 | 生体医用画像 | 佐藤 嘉伸, 末次 志郎(BS), 金谷 重彦, 大竹 義人, スーフィー マーゼン |
title: Automated Approach for Assessment of Acetabular Coverage Rate of Diseased Hip Joint Based on CT Images by Using Convolutional Neural Network
Abstract: Acetabular dysplasia is an ageing-related disease, whose prevalence covers 80% among hip osteoarthritis cases in Japan. Acetabular dysplasia occurs when the acetabulum (hip socket) is shallow and does not provide sufficient coverage of the femoral head (ball), causing instability of the hip joint. Therefore, it is important to understand the acetabular coverage rate (ACR) for diagnosis, preoperative planning and post-operative evaluation of treatment outcomes. However, the acetabular coverage is usually performed on two-dimensional (2D) radiographs despite the effects of pelvic tilt that makes it difficult to compare between diseased and normal hip joints. The purpose of this study is to develop an automated approach for three-dimensional (3D) assessment of ACR of the femoral head based on CT images. In this presentation, I introduce an anatomical landmark detection approach using Convolutional Neural Network (CNN) with preliminary results on the estimation of the Center Edge Angle (CEA), which is clinically used as an indicator of ACR. language of the presentation: Japanese | |||
阪本 充輝 | M, 2回目発表 | 生体医用画像 | 佐藤 嘉伸, 別所 康全(BS), 向川 康博, 大竹 義人,スーフィー マーゼン |
title: Musculoskeltal modeling and analysis for post-operative assesment of total hip arthroplasty
abstract: In total hip arthroplasty (THA), analysis of postoperative CT images is important to evaluate surgical outcome. The segmentation method of musculoskeltal structure from pre-operative CT images has been proposed for personalization of a musculoskeltal model. However,the accuracy of segmentation especially in the vicinity of the implant is reduced due to the metal artifact caused by the metalic implant. Then, we proposed the method to combine the metal artifact reduction method and segmentation method using a convolutional neural network. In this presentation, we will report the results with simulational and clinical images and talk about the future perspective of this research. language of the presentation: Japanese | |||
尾﨑 諒介 | M, 2回目発表 | 自然言語処理学 | 松本 裕治, 作村 諭一(BS), 新保 仁, 進藤 裕之 |
title: Long-tail Relation Extraction using Hierarchical Relational Graph
abstract: Relation extraction is an important task in information extraction, aiming to extract the relation between two given entities based on their related context. Due to the capability of extracting textual information and benefiting many NLP applications (e.g., information retrieval, dialog generation, and question answering), relation extraction appeals to many researchers. But the dataset is imbalanced(long-taile) and it was difficult to predict the data-poor classes with conventional models. To solve this problem, we propose to leverage implicit relational knowledge among class labels from knowledge graph embeddings and learn explicit relational knowledge using graph convolution networks. language of the presentation: Japanese | |||
村重 哲史 | M, 2回目発表 | 数理情報学 | 池田 和司, 向川 康博, 久保 孝富 |
title: Multi-animal pose estimation for social behavior analysis
abstract: The social behavior analysis of animals is performed in various research fields such as neuroscience, pharmacology and ethology. To observe animal behavior under natural conditions, computer vision-based tracking methods are effective approach to avoid distraction to animals. Recently, such methods for single-animal have been proposed actively. However, few methods have been proposed for multi-animal tracking that is needed to analyze social behaviors. In this study, we address the problem by using Mask R-CNN, one of the object detection methods that can detect multi-targets in an image. In this presentation, I will report the multi-dog detection using Mask R-CNN with a quantitative performance evaluation and a video demonstration. language of the presentation: Japanese | |||
原 崇徳 | D, 中間発表 | 大規模システム管理 | 笠原 正治, 安本 慶一, 笹部 昌弘 |
title: Distributed Route Selection under Consideration of Time Dependency among Users' Road Usage
abstract: Traffic congestion has been studied in the field of congestion game in game theory. In the congestion game, each user can select one or more resources and the number of users selecting a resource determines its congestion level. In case of road networks, the resource can be a road segment and path selection can be regarded as the resource selection, i.e., selection of road segments included in the path. However, the conventional congestion game assumes that the selected resources are simultaneously used by the user while traveling along with a path uses each road in the path in this order. In this presentation, we propose distributed route selection under the consideration of time dependency among users' road usage. Through the simulation experiments, we show that the proposed scheme can improve the estimation accuracy by 82% and decrease the actual travel time by 5.1%, compared with the conventional scheme. In addition, we demonstrate that the proposed scheme can exponentially converge to the steady-state. language of the presentation: Japanese | |||