MWS 2017
October 23 (Mon) - 25 (Wed), 2017
Yamagata Kokusai Hotel, Yamagata, Japan
Photo story of MWS2017 / MWS Cup 2017
Venue
Award Ceremony
Special Session (Session 1A4)
MWS Cup 2017
MWS 2017 Research Presentations
- Symbols
- * : presenter
- ** : student presenter
1B3: Attack Detection (1) (session chair: Tatsuya Mori)
1B3-1: A Detailed Examination of Cyber Attack Detection Method Using Attack Scenarios
- * Kazuhiro Ono (Mitsubishi Electric Corporation, Information Technology R & D Center)
- Hideaki Ijiro (Mitsubishi Electric Corporation, Information Technology R & D Center)
- Kiyoto Kawauchi (Mitsubishi Electric Corporation, Information Technology R & D Center)
1B3-2: Detections of Attacker's Behavior Using Graph Classification Based on Tensor Decomposition
- * Takuya Nishino (Artificial Intelligent Research Laboratory Fujitsu Laboratories Ltd.)
- Ryota Kikuchi (Artificial Intelligent Research Laboratory Fujitsu Laboratories Ltd.)
- Koji Maruhashi (Artificial Intelligent Research Laboratory Fujitsu Laboratories Ltd.)
- Daisuke Fukuda (Artificial Intelligent Research Laboratory Fujitsu Laboratories Ltd.)
- Satomi Saito (Security Research Laboratory, Fujitsu Laboratories Ltd.)
- Satoru Torii (Security Research Laboratory, Fujitsu Laboratories Ltd.)
- Tetsuya Izu (Security Research Laboratory, Fujitsu Laboratories Ltd.)
1B3-3: Detection Method What Suspicious Email is Based on Email Context
- * Hiroki Nishikawa (Mitsubishi Electric Corporation, Information Technology R & D Center)
- Takumi Yamamoto (Mitsubishi Electric Corporation, Information Technology R & D Center)
- Kiyoto Kawauchi (Mitsubishi Electric Corporation, Information Technology R & D Center)
1B3-4: Evaluation of Hybrid Intrusion Detection Method Combined with Random Forest and K-Means
- * Hisashi Takahara (University of NIIGATA PREFECTURE)
2A1: Dynamic Analysis (1) (session chair: Yoshihiro Oyama)
2A1-1: Survey Analysis of Anti Virtual Machine Functions in Malicious Software
- * Kazuki Iwamoto (SecureBrain Corporation)
- Kazuki Takada (SecureBrain Corporation)
- Yu Tsuda (National Institute of Information and Communications Technology)
- Takashi Tomine (National Institute of Information and Communications Technology)
- Daisuke Inoue (National Institute of Information and Communications Technology)
2A1-2: Development of Dynamic Analysis Tool that Avoid of Anti Virtual Machine Function on Malicious Software
- * Kazuki Takada (SecureBrain Corporation)
- Kazuki Iwamoto (SecureBrain Corporation)
- Yu Tsuda (National Institute of Information and Communications Technology)
- Takashi Tomine (National Institute of Information and Communications Technology)
- Daisuke Inoue (National Institute of Information and Communications Technology)
2A1-3: Easy Implementation of Bare-Metal Sandbox with Commercial System Recovery Software
- ** Wataru Ueno (Yokohama National University)
- Kou Ishii (Yokohama National University)
- Rui Tanabe (Yokohama National University)
- Katsunari Yoshioka (Graduate School of Environment and Information Sciences, Yokohama National University/Institute of Advanced Sciences, Yokohama National University)
- Tsutomu Matsumoto (Graduate School of Environment and Information Sciences, Yokohama National University/Institute of Advanced Sciences, Yokohama National University)
2A1-4: Sandbox: Proposal of Bootable System Snapshot for Physical Machine.
- * Ichiro Asomura (Mizuho Financial Group, Inc.)
- Yasuhiro Takeda (Mizuho Financial Group, Inc.)
2B1: Web Attack Analysis (session chair: Mamoru Mimura)
2B1-1: (Japanese version only)
2B1-2: (Japanese version only)
2B1-3: (Japanese version only)
2B1-4: A Study on Classification of Malicious JavaScript Based on Source Code Similarity
- * Takeshi Misu (SecureBrain Corporation)
- Kazuo Makishima (SecureBrain Corporation)
- Kouichirou Okada (SecureBrain Corporation)
- Kazuki Iwamoto (SecureBrain Corporation)
2A2: Dynamic Analysis (2) (session chair: Atsuo Inomata)
2A2-1: STARDUST: Large-Scale Infrastructure for Luring Cyber Adversaries
- * Yu Tsuda (National Institute of Information and Communications Technology)
- Takashi Tomine (National Institute of Information and Communications Technology)
- Nobuyuki Kanaya (National Institute of Information and Communications Technology)
- Daisuke Makita (National Institute of Information and Communications Technology)
- Hayato Ushimaru (National Institute of Information and Communications Technology)
- Masato Jingu (National Institute of Information and Communications Technology)
- Yuuki Takano (National Institute of Information and Communications Technology)
- Shingo Yasuda (National Institute of Information and Communications Technology)
- Ryosuke Miura (National Institute of Information and Communications Technology)
- Satoshi Ohta (National Institute of Information and Communications Technology)
- Toshiyuki Miyachi (National Institute of Information and Communications Technology)
- Masaki Kamizono (National Institute of Information and Communications Technology)
- Masashi Eto (National Institute of Information and Communications Technology)
- Daisuke Inoue (National Institute of Information and Communications Technology)
- Koji Nakao (National Institute of Information and Communications Technology)
2A2-2: Preserving Tool for Process Behavior Using Kernel Mode Device Driver
- * Tatsuya Takehisah (National Institute of Information and Communications Technology / Nissin inc.)
- Daisuke Makita (National Institute of Information and Communications Technology)
- Masato Jingu (National Institute of Information and Communications Technology /Hitachi Systems, Ltd.)
- Hayato Ushimaru (National Institute of Information and Communications Technology / Cyber Defense Institute, Inc.)
- Daiki Fukumori (National Institute of Information and Communications Technology / Cyber Defense Institute, Inc.)
- Yu Tsuda (National Institute of Information and Communications Technology)
- Takashi Tomine (National Institute of Information and Communications Technology)
- Daisuke Inoue (National Institute of Information and Communications Technology)
2A2-3: A Method of Shortening Sleep Duration in Dynamic Malware Analysis
- * Yoshihiro Oyama (University of Tsukuba)
2A2-4: Implementation of Stack Trace on Windows 10 x64 Using Virtual Machine Monitor
- ** Yuya Yamashita (Ritsumeikan University)
- Shuhei Aketa (Ritsumeikan University)
- Eiji Takimoto (Ritsumeikan University)
- Shoichi Saito (Nagoya Institute of Technology)
- Koichi Mouri (Ritsumeikan University)
2B2: Threat Analysis / Dataset (session chair: Ayumu Kubota)
2B2-1: Investigation of Cyber Threat Analysis Method Using OSINT and Deep Reinforcement Learning
- * Masaru Kawakita (Security Research Laboratories, NEC Corporation)
- Shigeyoshi Shima (Security Research Laboratories, NEC Corporation)
2B2-2: Proposal of a Framework to Share Information on Cyberattack and Countermeasures among Multiple Organizations and within a Company Effective to Reduce Damage
- * Tatsuya Hirai (Hitachi Systems, Ltd.)
- Yuji Motokawa (Hitachi Systems, Ltd.)
- Shinichi Sasaki (Hitachi Systems, Ltd.)
- Shinichi Tankyo (Hitachi Systems, Ltd.)
2B2-3: Evaluation of Multiple WannaCry Reports from Various Organizations
- * Hiroki Kuzuno (SECOM Co., Ltd., Japan)
- Shun Inagaki (Intelligent Systems Laboratory, SECOM Co., Ltd., Japan)
- Kenichi Magata (Intelligent Systems Laboratory, SECOM Co., Ltd., Japan)
2B2-4: Overview of Research Data Set "Behavior Observable System 2017"
- * Masato Terada (Hitachi Ltd.)
- Takayuki Sato (Hitachi Ltd.)
- Sho Aoki (Hitachi Ltd.)
- Satoshi Kamekawa (Trend Micro Incorporated.)
- Tsutomu Shimizu (Trend Micro Incorporated.)
- Kenta Hagihara (Trend Micro Incorporated.)
2A3: Malware Analysis (session chair: Hiroki Hada)
2A3-1: Analysis of Ransomware Characteristics for Detection
- ** Takanari Shigeta (Graduate School of Engineering, Kobe University)
- Ryoichi Isawa (National Institute of Information and Communications Technology)
- Masakatu Morii (Graduate School of Engineering, Kobe University)
- Daisuke Inoue (National Institute of Information and Communications Technology)
- Koji Nakao (National Institute of Information and Communications Technology)
2A3-2: A Study on Steganography for Malware
- ** Yudai Nagamine (Osaka University)
- Naoto Yanai (Osaka University)
- Shingo Okamura (National Institute of Technology, Nara College)
- Toru Fujiwara (Osaka University)
2A3-3: Taint-Assisted Forensics for IAT Reconstruction
- * Yuhei Kawakoya (NTT Secure Platform Laboratories)
- Makoto Iwamura (NTT Secure Platform Laboratories)
- Jun Miyoshi (NTT Secure Platform Laboratories)
2A3-4: A Study for Malware Similarity Evaluation Method by Structural Entropy
- * Yuka Higashi (Trend Micro Incorporated)
2B3: Vulnerability and Security Evaluation (session chair: Masayuki Okada)
2B3-1: Understanding the Vulnerability Responses by Mobile App Developers
- ** Tatsuhiko Yasumatsu (Waseda University)
- Fumihiro Kanei (NTT Secure Platform Laboratories)
- Takuya Watanabe (NTT Secure Platform Laboratories)
- Eitaro Shioji (NTT Secure Platform Laboratories)
- Mitsuaki Akiyama (NTT Secure Platform Laboratories)
- Tatsuya Mori (Waseda University)
2B3-2: Proposal on Test Platform for Efficient Penetration Testing
- * KEISUKE KITO (Information Technology R&D Center, Mitsubishi Electric Corporation)
- HIROKI NISHIKAWA (Information Technology R&D Center, Mitsubishi Electric Corporation)
- TAKUMI YAMAMOTO (Information Technology R&D Center, Mitsubishi Electric Corporation)
- KIYOTO KAWAUCHI (Information Technology R&D Center, Mitsubishi Electric Corporation)
2B3-3: Study on Automating a Penetration Test Based on an Attack State Transition
- * Hiroya Miura (National Deffence Academy)
- Mamoru Mimura (National Deffence Academy)
- Hidema Tanaka (National Deffence Academy)
2B3-4: Security Evaluation of Memory Access Pattern Protection against Active Adversaries
- * Yuto Nakano (Information Security Laboratory, KDDI Research / Faculty of Information Science and Electrical Engineering, Kyushu University)
- Seira Hidano (Information Security Laboratory, KDDI Research)
- Shinsaku Kiyomoto (Information Security Laboratory, KDDI Research)
- Kouichi Sakurai (Faculty of Information Science and Electrical Engineering, Kyushu University)
2A4: IoT / System Security (session chair: Takeshi Okamoto)
2A4-1 A Method to Find IoT Devices Based on Image Features of Their WebUI
- ** Keisuke Uchida (Yokohama National University)
- Hiroshi Mori (Yokohama National University)
- Akira Fujita (Institute of Advanced Sciences, Yokohama National University)
- Katsunari Yoshioka (Institute of Advanced Sciences, Yokohama National University / Graduate School of Environment and Information Sciences, Yokohama National University)
- Tsutomu Matsumoto (Institute of Advanced Sciences, Yokohama National University / Graduate School of Environment and Information Sciences, Yokohama National University)
2A4-2: Analysis of Factors for Persistent Infection of IoT Malware and Their Substantiation Using Real Devices
- * Satoshi Hara (FUJI SOFT INCORPORATED / Yokohama National University )
- Tsuyufumi Watanabe (FUJI SOFT INCORPORATED / Yokohama National University )
- Kazuki Tamiya (Yokohama National University )
- Katsunari Yoshioka (Institute of Advanced Sciences, Yokohama National University / Graduate School of Environment and Information Sciences, Yokohama National University)
- Tsutomu Matsumoto (Institute of Advanced Sciences, Yokohama National University / Graduate School of Environment and Information Sciences, Yokohama National University)
2A4-3: (Japanese version only)
2A4-4: Reduction of Arbitrary Code Execution Resources by Deleting Unnecessary Execution Binary Code
- * Yuta Ikegami (The Chugoku Electric Power Co., Inc.)
- Tatsuya Shoriki (K-Opticom Co., Inc.)
2B4: Attack Detection (2) (session chair: Daisuke Makita)
2B4-1: Evaluation of Detection Items against Drive-By-Download Attacks
- ** Masashi Takada (Graduate School of Sustinability Science, Tottori University)
- Kenichi Takahashi (Graduate School of Engineering, Tottori University)
- Takao Kawamura (Graduate School of Engineering, Tottori University)
- Kazunori Sugahara (Graduate School of Engineering, Tottori University)
2B4-2: Proposal to Support Analysis of Drive-by Download Attack by Highlighting Malicious URL
- ** Koya Ozaki (Kansai University)
- Shinya Ueyama (Kansai University)
- Tatsuya Konishi (Kansai University)
- Masato Yamazaki (Kansai University)
- Tsubasa Bando (Kansai University Graduate School)
- Takashi Kobayashi (Kansai University)
2B4-3: Discovering New Type of Network Scan in Early Stage by Change-Point Detection
- * Natsuru Yamamura (National Police Academy)
- Atsutoshi Kumagai (NTT Secure Platform Laboratories)
- Kazunori Kamiya (NTT Secure Platform Laboratories)
- Hiroshi Kurakami (NTT Secure Platform Laboratories)
2B4-4: Proposal of an Enhancement Technique for Detection Systems
- * Takumi Yamamoto (Mitsubishi Electric Corporation)
- Hiroki Nishikawa (Mitsubishi Electric Corporation)
- Keisuke Kito (Mitsubishi Electric Corporation)
- Kiyoto Kawauchi (Mitsubishi Electric Corporation)
3A1: Malware Detection / Data Analysis (session chair: Nobuyuki Kanaya)
3A1-1: Malware Detection Method Based on API Call Patterns, Elapsed Time and System Load between API Calls
- ** Junko Sato (Graduate School of Informatics, Tokyo University of Information Sciences)
- Masaki Hanada (Department of Information Sciences, Tokyo University of Information Sceinces)
- Kazumasa Omote (Graduate School of Systems and Information Engineering, University of Tsukuba)
- Tatakachi Yamaguti (Department of Information Sciences, Tokyo University of Information Sceinces)
- Hideno Suzuki (Department of Information Sciences, Tokyo University of Information Sceinces)
- Eiji Nunohiro (Department of Information Sciences, Tokyo University of Information Sceinces)
- Akira Orita (Hitachi Systems, Ltd. Cyber Security Research Center)
- Tatsuya Sekiguchi (Hitachi Systems, Ltd. Cyber Security Research Center)
3A1-2: Research on Detection of Unknown Malware Focusing on Registry Change
- ** Kento Kono (Kyushu University)
- Koji Okamura (Kyushu University)
3A1-3: A Malicious Code Extraction Method for PDF Files Based on DBI
- ** Kengo Kon (Graduate School of Science and Technology, Hirosaki University)
- Tomoyuki Nagase (Graduate School of Science and Technology, Hirosaki University)
3A1-4: Detecting Mimikatz by Sysmon
- * Wataru Matsuda (The University of Tokyo, Secure information society research group)
- Mariko Fujimoto (The University of Tokyo, Secure information society research group)
- Takuho Mitsunaga (The University of Tokyo, Secure information society research group)
3B1: Incident Response (session chair: Masaki Kamizono)
3B1-1: Automated System for Information Sharing and Incident Response with SDN and STIX
- * Takuho Mitsunaga (Interfaculty Initiative in Information Studies)
- Wataru Matsuda (Interfaculty Initiative in Information Studies)
- Mariko Fujimoto (Interfaculty Initiative in Information Studies)
3B1-2: Minimum Requirements of CSIRT
- * Kenta Hagihara (Trend Micro Incorporated)
- Yoshiki Sugiura (NTT Data Intellilink Corporation)
3B1-3: A Case Study of Effective Cyberattack-Exercises for Leading Infrastructure Providers
- * Miki Miyachi (CHUBU Electric Power Co., Inc.)
- Hiroyuki Hasegawa (CHUBU Electric Power Co., Inc.)
- Yukihiko Sawai (CHUBU Electric Power Co., Inc.)
- Tomomi Nukaya (ChudenCTI Co., Ltd.)
- Keisuke Nakata (ChudenCTI Co., Ltd.)
- Kenjiro Nagano (ChudenCTI Co., Ltd.)
3B1-4: (Japanese version only)
3A2: Malware Classification (session chair: Takahiro Matsuki)
3A2-1: Malware Type Classification Method Based on Network Communication Behavior
- * Seigo Terada (PFU Limited)
- Takashi Kobayashi (PFU Limited)
- Mugen Setoguchi (PFU Limited)
- Keiji Michine (PFU Limited)
- Kouichi Yamashita (PFU Limited)
3A2-2: Malware Classification Based on Data Compression Algorithm
- ** Sohei Takechi (Graduate School of Science and Engineering, Ehime University)
- Hiroshi Kai (Graduate School of Science and Engineering, Ehime University)
- Masakatu Morii (Graduate School of Engineering, Kobe University)
3A2-3: Proposal of Method for Malware Classification Using Malware Analysis Report of Multiple Analysis Environment
- * SHOTA FUJII (Hitachi Ltd.)
- TETSURO KITO (Hitachi Ltd.)
- TOMOHIRO SHIGEMOTO (Hitachi Ltd.)
- YASUHIRO FUJII (Hitachi Ltd.)
3A2-4: Detecting Android PUAs and Classifying Its Variants with Analysis of DNS Queries
- * Mitsuhiro Hatada (Waseda University / NTT Communications Corporation)
- Tatsuya Mori (Waseda University)
3B2: Web Security (session chair: Yoshinori Takesako)
3B2-1: Classification Method of Unknown Websites Based on Distribution Information of Malicious IP Addresses
- ** Shihori Kanazawa (Graduate School of Systems Information Science, Future University Hakodate)
- Yoshitaka Nakamura (School of Systems Information Science, Future University Hakodate)
- Hiroshi Inamura (School of Systems Information Science, Future University Hakodate)
- Osamu Takahashi (School of Systems Information Science, Future University Hakodate)
3B2-2: A Study on URL of Malicious Websites Built by Exploit Kit
- ** Yuya Nishio (Graduate school of Science and Engineering, Saga University)
- Masanori Hirotomo (Graduate school of Science and Engineering, Saga University)
- Masaki Kamizono (PwC Cyber Services LLC.)
- Youji Fukuta (Faculty of Science and Engineering, Kindai University)
- Masami Mohri (Graduate School of Engineering, Gifu University)
- Yoshiaki Shiraishi (Graduate School of Engineering, Kobe University)
3B2-3: Study on Combination of Features in Browser Fingerprinting
- ** Kazuhisa Tanabe (Graduate School of Meiji University)
- Kazushi Takahashi (Graduate School of Meiji University)
- Koki Yasuda (Graduate School of Meiji University)
- Masayuki Taneoka (Graduate School of Meiji University)
- Ryohei Hosoya (Graduate School of Meiji University)
- Rikita Koshiba (Meiji University)
- Yuta Saito (Meiji University)
- Takamichi Saito (Meiji University)
3B2-4: An Efficient Method to Extract Malicious Websites from Massive End-User Access Log
- ** Shuta Morishima (Yokohama National University)
- Hiroki Nakano (Yokohama National University)
- Katsunari Yoshioka (Graduate School of Environment and Information Sciences, Yokohama National University/Institute of Advanced Sciences, Yokohama National University)
- Tsutomu Matsumoto (Graduate School of Environment and Information Sciences, Yokohama National University/Institute of Advanced Sciences, Yokohama National University)
- Hiroyuki Hujiwara (Totec Amenity Corporation)
3A3: Malware and AI / Machine Learning (1) (session chair: Tomohiro Shigemoto)
3A3-1: Is Emulating "Binary Grep in Eyes" Possible with Machine Learning?
- * Mamoru Mimura (National Defense Academy / Institute of Information Security)
- Yuhei Otsubo (National Police Agency / Institute of Information Security)
- Hidema Tanaka (National Defense Academy)
- Atsuhiro Goto (Institute of Information Security)
3A3-2: Intuitive Binary Classification and Visualization with Machine Learning
- * Yuhei Otsubo (National Police Agency / Institute of Information Security)
- Mamoru Mimura (National Defense Academy / Institute of Information Security)
- Takeshi Sakaki (University of Tokyo
- Atsuhiro Goto (Institute of Information Security)
3A3-3: Semi-Supervised Machine Learning Approach for Detecting Malware Infected Host by Analyzing HTTP Traffic
- * Taishi Nishiyama (Nippon Telegraph and Telephone Corporation, Secure Platform Laboratories)
- Atsutoshi Kumagai (Nippon Telegraph and Telephone Corporation, Secure Platform Laboratories)
- Kazunori Kamiya (Nippon Telegraph and Telephone Corporation, Secure Platform Laboratories)
- Masaki Tanikawa (Nippon Telegraph and Telephone Corporation, Secure Platform Laboratories)
3A3-4: (Japanese version only)
3B3: Network Observation Technology (1) (session chair: Takashi Koide)
3B3-1: Proposal and Evaluation for a Classification Method of Cyber Attack Programs in the Initial Stage
- * Yuki Ashino (Cyber Security Factory, National Security Solution Division, NEC Corporation)
- Yasuhiro Nakamura (Department of Computer Science, School of Electrical and Computer Engineering, National Defense Academy)
- Yukiko Yano (Cyber Security Factory, National Security Solution Division, NEC Corporation)
- Shigeyoshi Shima (Cyber Security Factory, National Security Solution Division, NEC Corporation)
3B3-2: (Japanese version only)
3B3-3: An Evaluation on Reduction of Traffic Amount and Influence by Network Patrol Monitoring
- * Hirokazu Hasegawa (Information Strategy Office, Nagoya University)
- Yukiko Yamaguchi (Information Technology Center, Nagoya University)
- Hajime Shimada (Information Technology Center, Nagoya University)
- Hiroki Takakura (National Institute of Informatics)
3B3-4: Association Rule Analysis for Darknet Traffic Data
- ** Naoki Hashimoto (Graduate School of Engineering, Kobe University, JAPAN)
- Seiichi Ozawa (Graduate School of Engineering, Kobe University, JAPAN)
- Tao Ban (National Institute of Information and Communications Technology)
- Junji Nakazato (National Institute of Information and Communications Technology)
- Jumpei Shimamura (clwit Inc.)
3A4: Malware and AI / Machine Learning (2) (session chair: Satomi Saito)
3A4-1: Applied Online Learning with Kernel for Intrusion Detection System
- ** Kouki Takahata (Graduate Scool of Systems Information Science, Future University Hakodate)
- Ayahiko Niimi (School of Systems Information Science, Future University Hakodate)
3A4-2: (Japanese version only)
3A4-3: Malicious Process Estimation Method Using Seq2Seq Model
- ** Shun Tobiyama (Nagoya University)
- Yukiko Yamaguchi (Nagoya University)
- Hirokazu Hasegawa (Nagoya University)
- Hajime Shimada (Nagoya University)
- Mitsuaki Akiyama (NTT Secure Platform Laboratories)
- Takeshi Yagi (NTT Secure Platform Laboratories)
3B4: Network Observation Technology (2) (session chair: Kousetsu Kayama)
3B4-1: (Japanese version only)
3B4-2: Prediction of Malicious Access by Event Dependent Model
- ** Korehito Kashiki (Kobe University)
- Naoto Sone (Naruto University of Education)
- Masakatu Morii (Kobe University)
3B4-3: Investigation of Long-Term Attacker Host's Behaviour with IP Address Attribution
- * Masayoshi Mizutani (Tokyo Research. IBM, Japan)
- Yuji Watanabe (Tokyo Research. IBM, Japan)
3B4-4: Leaving All Proxy Server Logs to Pragraph Vector
- * Mamoru Mimura (National Defense Academy)
- Hidema Tanaka (National Defense Academy)
Sponsors
Supporters
Personal Information Protection Commission, Government of Japan
The Information Network Law Association
Copyright 2017
The IPSJ, Information Processing Society of Japan,
and MWS Organizing Committee,
All rights reserved.