[
MWS2008 |
MWS2009 |
MWS2010 |
MWS2011 |
MWS2012
]
MWS 2013
October 21st - 23rd, 2013,
Kagawa International Conference Hall
and Sunport Hall Takamatsu, Kagawa, Japan.
Photo story of MWS 2013
These manuscripts have been published without reviewing and editing as received from the authors: posting the manuscript to MWS 2013 does not prevent future submissions to any journals or conferences with proceedings.
 |
Venue: Kagawa International Conference Hall / Sunport Hall Takamatsu. |
Award Ceremony
 |
MWS2013 Best Paper Award:
Analysis of massive amount of API call logs
collected from automated dynamic malware analysis systems,
Akinori Fujino and Tatsuya Mori (Waseda University). |
 |
MWS2013 Best Student Paper Award:
Observing RAT Server's Behavior Through Its Client GUI,
Yusuke Takahashi, Masaaki Kobayashi, Yuehting Chen, Kazuki Yonemochi,
Katsunari Yoshioka and Tsutomu Matsumoto (Yokohama National University). |
| MWS Cup 2013 Award Winner:
Team "GOTO Love and SHODAI-MORI Lab",
Ryo Sato, Nobuhiro Nagai, Tatsuya Furuoka, Kazuki Takahashi, Takanori Takebe,
Masaki Shimura, Akira Saso, Kento Takekoshi, Akinori Fujino (Waseda University). |
 |
MWS Cup 2013 Award Winner with Technical Component:
Team "JINKAI-SENJUTSU",
Shin-ya Kobayashi (Shizuoka University),
Yusuke Inoue (Tokyo University of Science),
Noriyuki Takahashi, Kazuya Kuwahara (Digital Arts Inc.),
Kazumi Ishibuchi, Masashi Fujiwara (HIRT, Hitachi, Ltd.),
Hiroaki Kikuchi (Meiji University). |
 |
MWS Cup 2013 Award Winner with Artistic Component:
Team "Enu",
Asuka Nakajima, Yuta Takata, Daiki Chiba, Yang Zhong,
Takafumi Harada (NTT Secure Platform Laboratories). |
 |
MWS Cup 2013 FFRI Special Award Winner:
Team "GOTO Love and SHODAI-MORI Lab",
Ryo Sato, Nobuhiro Nagai, Tatsuya Furuoka, Kazuki Takahashi,
Takanori Takebe, Masaki Shimura, Akira Saso, Kento Takekoshi,
Akinori Fujino (Waseda University). |
 |
MWS Cup 2013 TrendMicro Special Award Winner:
Team "SecCap Cheerful Fellows",
Yuta Onogi, Yoshihiro Ryugo, Hirotaka Fujiwara, Wataru Tsuda,
Yasuyuki Kobayashi, Naoya Sawada (Nara Institute of Science and Technology),
Yuji Manaka (Osaka University),
Koki Nagatani, Soichiro Oki, Kozue Nojiri, Hiroaki Horigome (Keio University),
and
Team "GANBARIMASU".
|
MWS Cup 2013
 |
Briefing from MWS general chair, before the technical session. |
 |
Commentary to the Preliminary Challenges from the authors (1). |
 |
Commentary to the Preliminary Challenges from the authors (2). |
 |
During the technical session. |
|
Presentation session. |
YouTube: MWS Cup 2013 highlights
MWS 2013 Manuscripts and Slides
- Symbols
- "*" : presenter
- "**" : student presenter
- All of manuscripts and slides here are in Japanese,
except for attached English titles and abstracts.
1A1: Special Session + Countermeasure against Information Leakage
(session chair: Mitsuhiro Hatada)
1A1-1: Datasets for Anti-Malware Research —MWS Datasets 2013—
- * Masaki Kamizono (National Institute of Information and Communications Technology / Securebrain Corporation)
- Mitsuhiro Hatada (NTT Communications Corporation)
- Masato Terada (Hitachi, Ltd.)
- Mitsuaki Akiyama (NTT Secure Platform Laboratories)
- Takahiro Kasama (National Institute of Information and Communications Technology)
- Jyunichi Murakami (FFRI, Inc.)
[ Manuscript (PDF) | Slide (PDF) ]
1A1-2: Special Talk
- * Satoshi Murakami (Ministry of Internal Affairs and Communications, Japan)
1A1-3: Sanitizing Sensitive Contents from Document Malware for Accelerating Sample Sharing
- ** Shingo Saito (Yokohama National University)
- Katsunari Yoshioka (Yokohama National University)
- Masaki Kamizono (National Institute of Information and Communications Technology / Securebrain Corporation)
- Yuji Hoshizawa (Securebrain Corporation)
- Tsutomu Matsumoto (Yokohama National University)
1A1-4: Proposal of Attacker Investigation System Triggered Information Leakage
- ** Yuta Ikegami (Okayama University )
- Toshihiro Yamauchi (Okayama University)
[ Manuscript (PDF) | Slide (PDF) ]
1A2: Illegal Communication (1)
(session chair: Haruki Takeda, Masaki Kamizono)
1A2-1: A Study of Characteristic of Malignant Communication as Seen from the Packet Capture Data
- * Yasuyuki Tanaka (NTT Communications Corporation)
- Mitsuhiro Hatada (NTT Communications Corporation)
- Takanori Inazumi (NTT Communications Corporation)
1A2-2: Development of an Incident Analysis Method for Network Logs of Industrial Control System
- * Masaki Ishiguro (Mitsubishi Research Institute, Inc.)
- Takashi Matsumoto (Mitsubishi Research Institute, Inc.)
- Kazutaka Matsuzaki (Control System Security Center (CSSC))
- Naota Sawabe (Mitsubishi Research Institute, Inc.)
- Shingo Inoue (Mitsubishi Research Institute, Inc.)
- Shigeru Takahashi (Mitsubishi Research Institute, Inc.)
- Ichiro Murase (Mitsubishi Research Institute, Inc.)
- Yoshiaki Shimizu (Control System Security Center (CSSC))
- Makoto Kiuchi (Azbil Corporation)
- Hironobu Hirakawa (Azbil Corporation)
- Satoshi Kubo (Fuji Electric)
1A2-3: Extracting Malicious Website from DNS Log —Analysis Method and Anonymity—
- ** Kotaro Tanaka (Kobe University)
- Atsushi Nagao (Kobe University)
- Masakatu Morii (Kobe University)
1A2-4: Search Approach of a Herder and Infected Computers Using IRC Protocol
- ** Akira Aratani (Hosei University)
- Masahiro Homma (Hosei University)
- Atsushi Kanai (Hosei University)
- Noriaki Saitou (NTT Secure Platform Laboratories)
2A1: Illegal Communication (2)
(session chair: Tatsuya Mori)
2A1-1: Detection of Suspicious HTTP Communication Based on Cookie Insertion by HTTP Proxy
- * Masahiko Kato (Internet Initiative Japan Inc. / University of Tsukuba)
- Hiroshi Koide (Kyushu Institute of Technology)
- Akira Kanaoka (Toho University)
- Bakuei Matsukawa (Trend Micro Inc.)
- Norihiko Maeda (Kaspersky Lab ZAO)
- Eiji Okamoto (University of Tsukuba)
2A1-2: Tolerant Transparent Probabilistic Packet Marking System Using RSTP
- ** Nasato Goto (University of Tsukuba)
- Akira Kanaoka (Toho University)
- Masayuki Okada (Japan Network Information Center)
- Eiji Okamoto (University of Tsukuba)
2A1-3: Implementation of The System for Preventing Access to Malicious Web Site by Using Faked DNS Query Response
- * Kunio Miyamoto (NTT DATA Corporation)
[ Slide (PDF) ]
2A1-4: Observing RAT Server's Behavior Through Its Client GUI
- ** Yusuke Takahashi (Yokohama National University)
- Masaaki Kobayashi (Yokohama National University)
- Yuehting Chen (Yokohama National University)
- Kazuki Yonemochi (Yokohama National University)
- Katsunari Yoshioka (Yokohama National University)
- Tsutomu Matsumoto (Yokohama National University)
2B1: Log Analysis
(session chair: Takahiro Kasama)
2B1-1: Cyber Attack Detection System Using a Communication Log of the Enterprise Network
- * Hisamichi Ohtani (NTT DATA Corporation)
- Misa Kitano (NTT DATA Corporation)
- Masayoshi Shigeta (NTT DATA Corporation)
[ Slide (PDF) ]
2B1-2: Examination of Long Term IDS Log Analysis by Wavelet Transform
- ** Satoshi Kimura (Kyoto Institute of Technology)
- Hiroyuki Inaba (Kyoto Institute of Technology)
2B1-3: Detection of Novel-Type Brute Force Attacks Used Expendable Springboard IPs as Camouflage
- * Satomi Honda (FUJITSU LABORATORIES LTD.)
- Yuki Unno (FUJITSU LABORATORIES LTD.)
- Koji Maruhashi (FUJITSU LABORATORIES LTD.)
- Masahiko Takenaka (FUJITSU LABORATORIES LTD.)
- Satoru Torii (FUJITSU LABORATORIES LTD.)
2B1-4: A Log Analysis of IDS Alert Events Using Holt-Winters Method
- ** Shoji Yonei (Kyoto Institute of Technology)
- Satoshi Kimura (Kyoto Institute of Technology)
- Hiroyuki Inaba (Kyoto Institute of Technology)
2A2: Illegal Communication (3)
(session chair: Katsunari Yoshioka)
2A2-1: Analysis of Botnets Using Malware Infection Attacks on Websites
- * Takeshi Yagi (NTT Secure Platform Laboratories)
- Takeo Hariu (NTT Secure Platform Laboratories)
- Hiroyuki Ohsaki (Kwansei Gakuin University)
- Masayuki Murata (Osaka University)
2A2-2: A Study on the Effectiveness of Black List Use Based on Long-Term Observations of Malignant Site Domain
- * Toshiaki Sudoh (NTT Communications Corporation)
[ Manuscript (PDF) | Slide (PDF) ]
2A2-3: A Study on Light-Weight URL Blacklist Generation Based on Sandbox Analysis
- * Mitsuhiro Hatada (NTT Communications Corporation)
- Yasuyuki Tanaka (NTT Communications Corporation)
- Takanori Inazumi (NTT Communications Corporation)
[ Manuscript (PDF) | Slide (PDF) ]
2B2: Honeypot
(session chair: Koichi Mouri)
2B2-1: Network Monitoring Method with Dynamic Honeypots for Unconnected IP Addresses
- ** Tatsuya Ito (Nihon University)
- Kouya Tochikubo (Nihon University)
2B2-2: Multi-Environment Analysis for Detecting Malicious Web Sites Changing Their Behavior
- ** Takayuki Yoshinori (Nagoya Institute of Technology)
- Masaki Kamizono (National Institute of Information and Communications Technology / Securebrain Corporation)
- Masanori Hirotomo (Saga University)
- Masami Mohri (Gifu University)
- Yoshiaki Shiraishi (Nagoya Institute of Technology)
2B2-3: A Study of the Dynamic Internet Threat Monitoring for Preventing Localization Attacks to Each Sensor
- ** Masaki Narita (Iwate Prefectural University)
- Kanayo Ogura (Iwate Prefectural University)
- Bhed BahadurBista (Iwate Prefectural University)
- Toyoo Takata (Iwate Prefectural University)
2B2-4: A Study of Malicious Traffic Analysis to Honeypots in a Darknet
- ** Yoshihiro Sasabuchi (Kobe University)
- Naoto Sone (Naruto University of Education)
- Masakatsu Morii (Kobe University)
2A3: MWS Cup Presentation Session
3A1: Illegal Communication (4)
(session chair: Takurou Hosoi)
3A1-1: Detection of Drive-by-Download Attack Using Qualitative Characteristics and Transitions
- * Misa Kitano (NTT DATA Corporation)
- Hisamichi Ohtani (NTT DATA Corporation)
- Kunio Miyamoto (NTT DATA Corporation)
[ Slide (PDF) ]
3A1-2: Drive-by-Download Attack Detection Based on Characteristics of Exploit Kit
- * Takahiro Kasama (National Institute of Information and Communications Technology)
- Masaki Kamizono (National Institute of Information and Communications Technology / Securebrain Corporation)
- Daisuke Inoue (National Institute of Information and Communications Technology)
3A1-3: A Study of the Detection Method Based on Trend Analysis of Falsificated Web Site
- * Sachio Ohnishi (MC Security Co., Ltd.)
- Naoki Tsunematsu (MC Security Co., Ltd.)
- Manabu Eitsuka (MC Security Co., Ltd.)
- Masaya Noguchi (MC Security Co., Ltd.)
3A1-4: Analysis of Massive Amount of API Call Logs Collected from Automated Dynamic Malware Analysis Systems
- ** Akinori Fujino (Waseda University )
- Tatsuya Mori (Waseda University )
[ Manuscript (PDF) | Slide (PDF) ]
3B1: Endpoint (1)
(session chair: Kazuki Iwamoto)
3B1-1: Applying Data Management Infrastructure to Malware Analysis
- * Hideyuki Kawashima (University of Tsukuba)
[ Manuscript (PDF) | Slide (PDF) ]
3B1-2: Proposal of a Method Detecting Malicious Process
- * Takumi Yamamoto (Mitsubishi Electric Corporation)
- Kiyoto Kawauchi (Mitsubishi Electric Corporation)
- Shoji Sakurai (Mitsubishi Electric Corporation)
3B1-3: Evaluation of Methods to Detect Malicious MS Document File Using File Structure Inspection
- * Yuhei Otsubo (National Information Security Center)
- Mamoru Mimura (Institute of Information Security)
- Hidehiko Tanaka (Institute of Information Security)
[ Manuscript (PDF) | Slide (PDF) ]
3B1-4: Methods to Detect Malicious PDF File Using PDF Structure Inspection
- * Yuhei Otsubo (National Information Security Center)
- Mamoru Mimura (Institute of Information Security)
- Hidehiko Tanaka (Institute of Information Security)
[ Manuscript (PDF) | Slide (PDF) ]
3A2: Illegal Communication (5)
(session chair: Norihiko Maeda)
3A2-1: Geographical Classification of Malicious Packets Using Self-Organization Map
- * Koji Okino (University of Toyama)
- Ruo Ando (National Institute of Information and Communications Technology)
- Masaki Katayama (Magi System Co., Ltd.)
3A2-2: A Study on Vulnerability Inspection of Internet Subnets by Darknet Traffic Data Analysis
- ** Hironori Nishikaze (Kobe University)
- Tao Ban (National Institute of Information and Communications Technology)
- Seiichi Ozawa (Kobe University)
[ Manuscript (PDF) | Slide (PDF) ]
3A2-3: Darknet Traffic Analysis by Using Source Host Classification
- ** Akira Saso (Waseda University)
- Tatsuya Mori (Waseda University)
- Shigeki Goto (Waseda University)
[ Manuscript (PDF) | Slide (PDF) ]
3A2-4: Realtime Detection Method to Malicious Traffic in Livenet
- * Ichiro Shimada (National Institute of Information and Communications Technology)
- Yu Tsuda (National Institute of Information and Communications Technology)
- Masaki Kamizono (National Institute of Information and Communications Technology / Securebrain Corporation)
- Daisuke Inoue (National Institute of Information and Communications Technology)
- Koji Nakao (National Institute of Information and Communications Technology)
3B2: Endpoint (2)
(session chair: Takahiro Matsuki)
3B2-1: Identifying the Contents of Malware Communication Using Data Dependency Between API Calls
- * Yuhei Kawakoya (NTT Secure Platform Laboratories)
- Eitaro Shioji (NTT Secure Platform Laboratories)
- Makoto Iwamura (NTT Secure Platform Laboratories)
- Takeo Hariu (NTT Secure Platform Laboratories)
3B2-2: A Method for Identifying System Call Invoker in Dynamic Link Library
- ** Yuto Otsuki (Ritsumeikan University)
- Eiji Takimoto (Ritsumeikan University)
- Shoichi Saito (Nagoya Institute of Technology)
- Koichi Mouri (Ritsumeikan University)
3B2-3: Network Control of Multiple Sandboxes Corresponding to Port Listening States of Malware
- ** Ying Tie (Yokohama National University)
- Katsunari Yoshioka (Yokohama National University)
- Tsutomu Matsumoto (Yokohama National University)
3B2-4: SaaR: Sandbox as a Request
- ** Junya Kani (Shizuoka University)
- Shinya Kobayashi (Shizuoka University)
- Takehisa Kato (IPA)
- Fumihiko Magata (NTT Secure Platform Laboratories)
- Yoshimi Teshigawara (Tokyo Denki University)
- Ryoichi Sasaki (Tokyo Denki University)
- Masakatsu Nishigaki (Shizuoka University)
3A3: Illegal Communication (6) + Modeling
(session chair: Satoru Torii)
3A3-1: A Malware Damage Analysis Based on Modeling Data of Local Network in an Organization and Malwares
- * Akira Kanaoka (Toho University)
- Masahiko Katoh (University of Tsukuba)
- Hiroshi Koide (Kyushu Institute of Technology)
- Eiji Okamoto (University of Tsukuba)
3A3-2: Time Series Analysis of Malware Using NONSTOP Data
- ** Yuki Kashii (Kobe University)
- Masakatu Morii (Kobe University)
- Daisuke Inoue (National Institute of Infomation and Communications Technology)
- Kouji Nakao (National Institute of Infomation and Communications Technology)
3A3-3: An Analysis of Endemic Threshold and Steady State for Multi-Virus Propagation Model for Multi Devices
- * Sumiko Miyata (Kanagawa University)
- Hirotsugu Kinoshita (Kanagawa University)
- Tetsuya Morizumi (Toyo Networks & System Integration Co.,Ltd.)
3A3-4: Proposal of P2P Network Filter Sharing Method in Clustering Using Virtual Peers
- ** Masahiro Sakuma (Kanagawa Institute of Technology)
- Yoshihiro Kita (Kanagawa Institute of Technology)
- Mirang Park (Kanagawa Institute of Technology)
- Naonobu Okazaki (University of Miyazaki)
3B3: Endpoint (3)
(session chair: Kenji Aiko, Makoto Iwamura)
3B3-1: Improving Accuracy of Malware Detection by Filtering Evaluation Dataset Based on Its Similarity
- * Junichi Murakami (FFRI, Inc.)
- Yuji Ukai (FFRI, Inc.)
3B3-2: Identification of Subspecific Malware by Utilizing Kullback-Leibler Divergences
- ** Ryota Nakamura (The University of Electro-Communications)
- Ryo Matsumiya (The University of Electro-Communications)
- Kazushi Takahashi (The University of Electro-Communications)
- Yoshihiro Oyama (The University of Electro-Communications)
[ Manuscript (PDF) | Slide (PDF) ]
3B3-3: Compiler and Optimization Level Estimation for Improving Anti-Malware Technologies
- ** Toshinori Usui (The University of Tokyo)
- Kanta Matsuura (The University of Tokyo)
3A4: DoS
(session chair: Masahiko Kato)
3A4-1: Effectiveness of a Change in TCP Retransmission Timer Management for Low-Rate DoS Attack Mitigation
- * Takurou Hosoi (The University of Tokyo)
- Kanta Matsuura (The University of Tokyo)
[ Manuscript (PDF) | Slide (PDF) ]
3A4-2: An Investigation on Kolmogorov Complexity Targeting Using It as a Measure to Detect DoS Attack
- ** Teppei Takagi (The University of Tokyo)
- Kanta Matsuura (The University of Tokyo)
3A4-3: DNS Traffic Analysis by Darknet Monitoring
- * Junji Nakazato (National Institute of Information and Communications Technology)
- Jumpei Shimamura (clwit, Inc.)
- Masashi Eto (National Institute of Information and Communications Technology)
- Daisuke Inoue (National Institute of Information and Communications Technology)
- Koji Nakao (National Institute of Information and Communications Technology)
Contact us
If you have any questions, please contact: csecreg 
sdl.hitachi.co.jp
Published: 2013/08/29 22:00
Last Update: 2014/09/03 16:00
Copyright 2013 The IPSJ, Information Processing Society of Japan, All rights reserved.
