Computer Security Symposium October ,a) API API API Alkanet IDA MWS API Proposal of static analysis assistance method utilizi
|
|
|
- うたろう こしの
- 6 years ago
- Views:
Transcription
1 Computer Security Symposium October ,a) API API API Alkanet IDA MWS API Proposal of static analysis assistance method utilizing the dynamic analysis log Shota Nakajima 1,a) Shuhei Aketa 1 Eiji Takimoto 1 Shoichi Saito 2 Koichi Mouri 1 Abstract: Malware analysis is important for anti-malware. General malware analysis is carried out in the order of dynamic analysis and static analysis. However, in the present circumstances, the results of dynamic analysis has not cooperate static analysis. We propose static analysis assistance method utilizing the dynamic analysis log. In the proposed method provide assistance information of static analysis. It includes the API call information and the code of the malware on the memory acquired by dynamic analysis. In this paper, we describe static analysis assistance method that cooperates the system call tracer Alkanet and disassembler IDA. Keywords: MWS malware dynamic analysis static analysis api trace 1. [1] [2] 3 [3] 1 Ritsumeikan University 2 Nagoya Institute of Technology a) [email protected] API
![[4] [5] API Alkanet [6] API IDA [7] API API](/docs-images/97/131964333/images/2-0.jpg "Alkanet API API API 動的解析によるログの取得 動的解析 解析システム")
2 [4] [5] API Alkanet [6] API IDA [7] API API Alkanet API API API 動的解析によるログの取得 動的解析 解析システム 動的解析ログ API 呼び出し情報 API 名 / 引数 返り値 / 呼び出し元 マルウェアに関するコード 動的解析ログの活用 1 静的解析の補助 静的解析 逆アセンブラ 静的解析範囲の絞り込み 実行時の API 呼び出し情報の参照 マルウェアに関するコード取得の自動化 API ( 1 ) ( 2 ) API ( 3 ) API API API API API
3 ユーザモード カーネルモード 動的解析部 Alkanet を用いた動的解析システムコールトレーススタックトレースマルウェアに関するコードの取得 マルウェア観測用 PC VM SystemCall Windows ロギング用 PC LogAnalyzer 解析 json 形式 静的解析部 Python スクリプトによる解析 API 呼び出し情報を動的解析ログから抽出 IDA プラグインを用いてマージ API 呼び出し情報を逆アセンブルコードと対応付け Python スクリプト API 情報抽出 ファイル API 情報コードダンプ IDAプラグインを用いてマージ No. Time Cid Name Type Ret SNo. Note StackTrace 1 Alkanet CPU PID TID sysenter sysexit (sysexit ) 保存 SystemCall Analyzer IEEE1394 ログログ Alkanet Logger IDA Disassembler BitVisor API 情報 IDAプラグイン API API API 2.1 (1)(2) API API CALL API API (3) Alkanet API python IDA Alkanet python Alkanet API API API IDA API 3.2 Alkanet Alkanet 3 3 Windows API WriteFile Alanet 1 Alkanet Alkanet [8] API API 1 SP StackBase StackLimit 2 API API API - Writable PTE( )
4 No.:3951 Time : Type:sysenter SNo.:112 (NtWriteFile) Cid :70c.2d8 Name:sample.exe Note: file_name: \Device\HarddiskVolume1\Documents and Settings\snakajima\Desktop\test.txt current_byteoffset:0 p_buffer:0x12fb48 length:0x4 byteoffset:0 buffer: raw: utf16:\u4141\u4141 StackTrace: SP: 12f5d0, StackBase: , StackLimit: [00] <- 7c94df6c (API: NtWriteFile+0xc, Writable: 0, Dirty: 0, VAD: {7c c9dc000, ImageMap: 1, File: "\WINDOWS\system32\ntdll.dll"}), SP: 12f5d0 [05] <- 7c (API: BaseProcessStart+0x23, Writable: 0, Dirty: 0, VAD: {7c c933000, ImageMap: 1, File: "\WINDOWS\system32\kernel32.dll"}), BP: 12ffc0 3 WriteFile Alanet x86 PTE 1 Dirty Writable PTE x86 PTE 6 VAD Windows VAD(Virtual Address Descriptor) [9] VAD VAD VAD VAD EPROCESS VAD VAD API Alkanet Alkanet NtWriteFile Dirty 1 Alkanet 3.3 python Alkanet API IDA Alknaet API API API API API MWS Datasets 2016 [10] BOS2014 Alkanet DLL c13.exe Alkanet starter.exe splash screen.dll starter.exe starter.exe splash screen.dll API Alkanet Alkanet API python Alkanet API Alkanet VAD
5 "580": {"proc_image_name": "c13.exe", "vad_end": "0x435000", "vad_start": "0x400000"}, (a) "812": { "proc_image_name": "starter.exe", "vad_file_info": [ (b) {"vad_filename": "\\ DOCUME 1\\ ADMINI 1\\ LOCALS 1\\ Temp\\ RarSFX0\\ starter.exe", "vad_file_end": "0x407000", "vad_file_start": "0x400000"}, {"vad_filename": "\\ DOCUME 1\\ ADMINI 1\\ LOCALS 1\\ Temp\\ RarSFX0\\ splash_screen.dll", "vad_file_end": "0x ", "vad_file_start": "0x "}], "dirty_memory": [ (c) {"dirty_memory_end": "0xa1b000", "dirty_memory_start": "0x9f0000"}, {"dirty_memory_end": "0x9f0000", "dirty_memory_start": "0x8f0000"}] 4 API 3 API API ( 1 ) ( 2 ) ( 3 ) VAD DLL WriteFile VAD Dirty (1) (3) Alkanet 4 (a) VAD VAD c13.exe (b) VAD VAD starter.exe starter.exe DLL (c) VAD Dirty 1 VAD stater.exe API (a) (c) API AP 5 (i) (a) (c) CALL API (ii) (ii) API (iii) sysenter sysexit API API API 3 (1) (2) API python Alkanet API IDA 6 API CALL API CALL API API
6 "0x4059b3": { (i) "CreateFileW+0x1b6": (ii) [ {"name": "NtCreateFile", "no": 3648, "type": "sysenter", (iii) "optional": { "file_name": "\\??\\C:\\c13.exe"}}, 5 API 6 API API Call MWS Datasets 2016 [10] BOS2014 BOS c13.exe API API API API c13.exe 7 8 API c13.exe 7 c13.exe 0x x ShellExecuteExW starter.exe ShellExecuteExW 0x40c673 c13.exe API API API API PE API API IDA API API API API API 6 API WriteFile WriteFile NtWriteFile splash screen.dll API API
7 c13.exe[0x x435000] starter.exe(create) File(\DOCUME 1\ADMINI 1\LOCALS 1\Temp\RarSFX0\splash_screen.dll)[0x x ] File(\DOCUME 1\ADMINI 1\LOCALS 1\Temp\RarSFX0\starter.exe)[0x x407000] dirty_memory [0x8f0000-0x9f0000] dirty_memory [0x9f0000-0xa1b000] svchost.exe(create) dirty_memory [0x8d0000-0x8fb000] dirty_memory [0x xad000] Created process {"ShellExecuteExW+0x67": { "0x40c673": { "systemcall": [ {"status": 0, "proc name": "starter.exe", "name": "NtCreateProcessEx", "proc_pid": 812 "file name": "\\ Device\\ HarddiskVolume1\\ DOCUME 1\\ ADMINI 1\\ LOCALS 1\\ Temp\\ RarSFX0\\ starter.exe", 8 API API API API API DLL API LoadDll API dll GetProcAddress DLL API API API API API API 9 Call API IDA API API API API 5. funcap [11] IDA splode [12] funcap IDA Debugger IDA splode Intel PIN IDA Alkanet egg [13] egg 1 API API egg API
![9 DLL API API Alkanet [14] API API 6. API API API API Windows10 Alkanet [15] [1] 2015 (online) https://app.trendmicro.co.jp/doc dl/select.asp?type=1&cid=161 (2016.07.05) [2] BLUE TERMITE.](/docs-images/97/131964333/images/8-0.jpg "APT (online) http://media.kaspersky.com/jp/kaspersky BlueTermite-PR- 1013.pdf (2016.07.05) [3] (2016) [4] Andreas Moser, Christopher Kruegel, and Engin Kirda.")
8 9 DLL API API Alkanet [14] API API 6. API API API API Windows10 Alkanet [15] [1] 2015 (online) dl/select.asp?type=1&cid=161 ( ) [2] BLUE TERMITE. APT (online) BlueTermite-PR pdf ( ) [3] (2016) [4] Andreas Moser, Christopher Kruegel, and Engin Kirda.: Limits of Static Analysis for Malware Detection, Computer Security Applications Conference, ACSAC Twenty- Third Annual, pp (2007) [5] Ilsun You, Kangbin Yim.: Malware Obfuscation Techniques: A Brief Survey, Broadband, Wireless Computing, Communication and Applications (BWCCA), 2010 International Conference, pp (2010) [6] : Vol. 55 No. 9 pp (2014) [7] Hex-Rays: IDA, ( ) [8] Alkanet 2013 Vol. 2013, No. 4, pp (2013) [9] B. Dolan-Gavitt: The VAD tree: A process-eye view of physical memory, Digital Investigation, Vol. 4, pp (2007) [10] MWS Datasets 2016 CSEC Vol.2016-CSEC-74, No.17, pp. 1-8, (2016) [11] ANDRZEJ DERESZOWSKI: funcap, GitHub, GitHub Inc., ( ) [12] ENDGAME: IDA-splode, GitHub, GitHub Inc., ( ) [13] Satoshi TANDA: egg - A Stealth fine grained code analyzer, Recon2011, (2011) [14] Vol. 29 No. 4 pp (2012) [15] Windows10 x Vol. 2015, No. 3, pp (2015)
Alkanet[1, 2] Alkanet CPU CPU 2 Alkanet Alkanet (VMM) VMM Alkanet Windows Alkanet 1 Alkanet VMM BitVisor[3] BitVisor OS ユーザモード カーネルモード マルウェア観測用 PC VM
![Alkanet[1, 2] Alkanet CPU CPU 2 Alkanet Alkanet (VMM) VMM Alkanet Windows Alkanet 1 Alkanet VMM BitVisor[3] BitVisor OS ユーザモード カーネルモード マルウェア観測用 PC VM](/thumbs/83/87880524.jpg "Alkanet[1, 2] Alkanet CPU CPU 2 Alkanet Alkanet (VMM) VMM Alkanet Windows Alkanet 1 Alkanet VMM BitVisor[3] BitVisor OS ユーザモード カーネルモード マルウェア観測用 PC VM")
Computer Security Symposium 2014 22-24 October 2014 525-8577 1-1-1 [email protected], {takimoto, mouri}@cs.ritsumei.ac.jp 466-8555 [email protected] Alkanet CPU Identifying of System Call
1 BitVisor [3] Alkanet[1] Alkanet (DLL) DLL 2 Alkanet 3 4 5 6 7 2 Alkanet Alkanet VMM VMM Alkanet Windows [2] マルウェア 観 測 用 VM SystemCall Windows System
![1 BitVisor [3] Alkanet[1] Alkanet (DLL) DLL 2 Alkanet 3 4 5 6 7 2 Alkanet Alkanet VMM VMM Alkanet Windows [2] マルウェア 観 測 用 VM SystemCall Windows System](/thumbs/40/20587794.jpg "1 BitVisor [3] Alkanet[1] Alkanet (DLL) DLL 2 Alkanet 3 4 5 6 7 2 Alkanet Alkanet VMM VMM Alkanet Windows [2] マルウェア 観 測 用 VM SystemCall Windows System")
Computer Security Symposium 2013 21-23 October 2013 Alkanet 525-8577 1-1-1 [email protected], {takimoto, mouri}@cs.ritsumei.ac.jp 466-8555 [email protected] BitVisor Alkanet API DLL A Method
今週の進捗
Virtualize APIC access による APIC フック手法 立命館大学富田崇詠, 明田修平, 瀧本栄二, 毛利公一 2016/11/30 1 はじめに (1/2) マルウェアの脅威が問題となっている 2015年に4 億 3000 万以上の検体が新たに発見されている マルウェア対策にはマルウェアが持つ機能 挙動の正確な解析が重要 マルウェア動的解析システム : Alkanet 仮想計算機モニタのBitVisorの拡張機能として動作
29 jjencode JavaScript
Kochi University of Technology Aca Title jjencode で難読化された JavaScript の検知 Author(s) 中村, 弘亮 Citation Date of 2018-03 issue URL http://hdl.handle.net/10173/1975 Rights Text version author Kochi, JAPAN http://kutarr.lib.kochi-tech.ac.jp/dspa
( 億 種 ) マルウェアが 急 速 に 増 加! 短 時 間 で 解 析 し, マルウェアの 意 図 や 概 略 を 把 握 したい マルウェアを 実 行 し, 挙 動 を 観 測 することで 解 析 する 動 的 解 析 が 有 効 しかし, マルウェアの 巧 妙 化 により, 観 測 自 体
大 月 勇 人, 瀧 本 栄 二, 毛 利 公 一 立 命 館 大 学 ( 億 種 ) マルウェアが 急 速 に 増 加! 短 時 間 で 解 析 し, マルウェアの 意 図 や 概 略 を 把 握 したい マルウェアを 実 行 し, 挙 動 を 観 測 することで 解 析 する 動 的 解 析 が 有 効 しかし, マルウェアの 巧 妙 化 により, 観 測 自 体 が 困 難 となっている アンチデバッグ:
& Vol.5 No (Oct. 2015) TV 1,2,a) , Augmented TV TV AR Augmented Reality 3DCG TV Estimation of TV Screen Position and Ro
TV 1,2,a) 1 2 2015 1 26, 2015 5 21 Augmented TV TV AR Augmented Reality 3DCG TV Estimation of TV Screen Position and Rotation Using Mobile Device Hiroyuki Kawakita 1,2,a) Toshio Nakagawa 1 Makoto Sato
IPSJ SIG Technical Report Vol.2012-CG-148 No /8/29 3DCG 1,a) On rigid body animation taking into account the 3D computer graphics came
3DCG 1,a) 2 2 2 2 3 On rigid body animation taking into account the 3D computer graphics camera viewpoint Abstract: In using computer graphics for making games or motion pictures, physics simulation is
1 Web [2] Web [3] [4] [5], [6] [7] [8] S.W. [9] 3. MeetingShelf Web MeetingShelf MeetingShelf (1) (2) (3) (4) (5) Web MeetingShelf
![1 Web [2] Web [3] [4] [5], [6] [7] [8] S.W. [9] 3. MeetingShelf Web MeetingShelf MeetingShelf (1) (2) (3) (4) (5) Web MeetingShelf](/thumbs/79/80104027.jpg "1 Web [2] Web [3] [4] [5], [6] [7] [8] S.W. [9] 3. MeetingShelf Web MeetingShelf MeetingShelf (1) (2) (3) (4) (5) Web MeetingShelf")
1,a) 2,b) 4,c) 3,d) 4,e) Web A Review Supporting System for Whiteboard Logging Movies Based on Notes Timeline Taniguchi Yoshihide 1,a) Horiguchi Satoshi 2,b) Inoue Akifumi 4,c) Igaki Hiroshi 3,d) Hoshi
大月勇人, 若林大晃, 瀧本栄二, 齋藤彰一, 毛利公一 立命館大学 名古屋工業大学
大月勇人, 若林大晃, 瀧本栄二, 齋藤彰一, 毛利公一 立命館大学 名古屋工業大学 1. 研究背景 2. Alkanet アプローチ Alkanet の構成 監視するシステムコール ログ解析 3. 解析検体内訳 4. サービスを起動する検体 5. まとめ 立命館大学 2 2012 年 10 月 30 日 ( 億種 ) マルウェアが急速に増加! 短時間で解析し, マルウェアの意図や概略を把握したい
,,.,.,,.,.,.,.,,.,..,,,, i
22 A person recognition using color information 1110372 2011 2 13 ,,.,.,,.,.,.,.,,.,..,,,, i Abstract A person recognition using color information Tatsumo HOJI Recently, for the purpose of collection of
Web Web Web Web Web, i
22 Web Research of a Web search support system based on individual sensitivity 1135117 2011 2 14 Web Web Web Web Web, i Abstract Research of a Web search support system based on individual sensitivity
17 Proposal of an Algorithm of Image Extraction and Research on Improvement of a Man-machine Interface of Food Intake Measuring System
1. (1) ( MMI ) 2. 3. MMI Personal Computer(PC) MMI PC 1 1 2 (%) (%) 100.0 95.2 100.0 80.1 2 % 31.3% 2 PC (3 ) (2) MMI 2 ( ),,,, 49,,p531-532,2005 ( ),,,,,2005,p66-p67,2005 17 Proposal of an Algorithm of
WebRTC P2P Web Proxy P2P Web Proxy WebRTC WebRTC Web, HTTP, WebRTC, P2P i
26 WebRTC The data distribution system using browser cache sharing and WebRTC 1150361 2015/02/27 WebRTC P2P Web Proxy P2P Web Proxy WebRTC WebRTC Web, HTTP, WebRTC, P2P i Abstract The data distribution
論文9.indd
Recent topics in surround sound audio Masaki Sawaguchi Summary This paper will describe the recent trends in surround sound system based on the results of various investigations on this topic. According
1 Fig. 1 Extraction of motion,.,,, 4,,, 3., 1, 2. 2.,. CHLAC,. 2.1,. (256 ).,., CHLAC. CHLAC, HLAC. 2.3 (HLAC ) r,.,. HLAC. N. 2 HLAC Fig. 2
CHLAC 1 2 3 3,. (CHLAC), 1).,.,, CHLAC,.,. Suspicious Behavior Detection based on CHLAC Method Hideaki Imanishi, 1 Toyohiro Hayashi, 2 Shuichi Enokida 3 and Toshiaki Ejima 3 We have proposed a method for
28 Horizontal angle correction using straight line detection in an equirectangular image
28 Horizontal angle correction using straight line detection in an equirectangular image 1170283 2017 3 1 2 i Abstract Horizontal angle correction using straight line detection in an equirectangular image
& Vol.2 No (Mar. 2012) 1,a) , Bluetooth A Health Management Service by Cell Phones and Its Us
1,a) 1 1 1 1 2 2 2011 8 10, 2011 12 2 1 Bluetooth 36 2 3 10 70 34 A Health Management Service by Cell Phones and Its Usability Evaluation Naofumi Yoshida 1,a) Daigo Matsubara 1 Naoki Ishibashi 1 Nobuo
[2] OCR [3], [4] [5] [6] [4], [7] [8], [9] 1 [10] Fig. 1 Current arrangement and size of ruby. 2 Fig. 2 Typography combined with printing
![[2] OCR [3], [4] [5] [6] [4], [7] [8], [9] 1 [10] Fig. 1 Current arrangement and size of ruby. 2 Fig. 2 Typography combined with printing](/thumbs/93/112070099.jpg "[2] OCR [3], [4] [5] [6] [4], [7] [8], [9] 1 [10] Fig. 1 Current arrangement and size of ruby. 2 Fig. 2 Typography combined with printing")
1,a) 1,b) 1,c) 2012 11 8 2012 12 18, 2013 1 27 WEB Ruby Removal Filters Using Genetic Programming for Early-modern Japanese Printed Books Taeka Awazu 1,a) Masami Takata 1,b) Kazuki Joe 1,c) Received: November
IPSJ SIG Technical Report Vol.2017-CLE-21 No /3/21 e 1,2 1,2 1 1,2 1 Sakai e e e Sakai e Current Status and Challenges on e-learning T
e 1,2 1,2 1 1,2 1 Sakai e e 2012 2012 e Sakai e Current Status and Challenges on e-learning Support Service for Institution-wide and Department-wide Program at Kyoto University Shoji Kajita 1,2 Tamaki
1 1 tf-idf tf-idf i
14 A Method of Article Retrieval Utilizing Characteristics in Newspaper Articles 1055104 2003 1 31 1 1 tf-idf tf-idf i Abstract A Method of Article Retrieval Utilizing Characteristics in Newspaper Articles
2) TA Hercules CAA 5 [6], [7] CAA BOSS [8] 2. C II C. ( 1 ) C. ( 2 ). ( 3 ) 100. ( 4 ) () HTML NFS Hercules ( )
![2) TA Hercules CAA 5 [6], [7] CAA BOSS [8] 2. C II C. ( 1 ) C. ( 2 ). ( 3 ) 100. ( 4 ) () HTML NFS Hercules ( )](/thumbs/78/78162263.jpg "2) TA Hercules CAA 5 [6], [7] CAA BOSS [8] 2. C II C. ( 1 ) C. ( 2 ). ( 3 ) 100. ( 4 ) () HTML NFS Hercules ( )")
1,a) 2 4 WC C WC C Grading Student programs for visualizing progress in classroom Naito Hiroshi 1,a) Saito Takashi 2 Abstract: To grade student programs in Computer-Aided Assessment system, we propose
2 22006 2 e-learning e e 2003 1 4 e e e-learning 2 Web e-leaning 2004 2005 2006 e 4 GP 4 e-learning e-learning e-learning e LMS LMS Internet Navigware
2 2 Journal of Multimedia Aided Education Research 2006, Vol. 2, No. 2, 19 e 1 1 2 2 1 1 GP e 2004 e-learning 2004 e-learning 2005 e-learning e-learning e-learning e-learning 2004 e-learning HuWeb 2005
21 e-learning Development of Real-time Learner Detection System for e-learning
21 e-learning Development of Real-time Learner Detection System for e-learning 1100349 2010 3 1 e-learning WBT (Web Based training) e-learning LMS (Learning Management System) LMS WBT e-learning e-learning
(a) 1 (b) 3. Gilbert Pernicka[2] Treibitz Schechner[3] Narasimhan [4] Kim [5] Nayar [6] [7][8][9] 2. X X X [10] [11] L L t L s L = L t + L s
![(a) 1 (b) 3. Gilbert Pernicka[2] Treibitz Schechner[3] Narasimhan [4] Kim [5] Nayar [6] [7][8][9] 2. X X X [10] [11] L L t L s L = L t + L s](/thumbs/75/72066128.jpg "(a) 1 (b) 3. Gilbert Pernicka[2] Treibitz Schechner[3] Narasimhan [4] Kim [5] Nayar [6] [7][8][9] 2. X X X [10] [11] L L t L s L = L t + L s")
1 1 1, Extraction of Transmitted Light using Parallel High-frequency Illumination Kenichiro Tanaka 1 Yasuhiro Mukaigawa 1 Yasushi Yagi 1 Abstract: We propose a new sharpening method of transmitted scene
7,, i
23 Research of the authentication method on the two dimensional code 1145111 2012 2 13 7,, i Abstract Research of the authentication method on the two dimensional code Karita Koichiro Recently, the two
2). 3) 4) 1.2 NICTNICT DCRA Dihedral Corner Reflector micro-arraysdcra DCRA DCRA DCRA 3D DCRA PC USB PC PC ON / OFF Velleman K8055 K8055 K8055
1 1 1 2 DCRA 1. 1.1 1) 1 Tactile Interface with Air Jets for Floating Images Aya Higuchi, 1 Nomin, 1 Sandor Markon 1 and Satoshi Maekawa 2 The new optical device DCRA can display floating images in free
スライド 1
FFRI Dataset 2014 のご紹介 株式会社 FFRI http://www.ffri.jp Ver 2.00.01 1 Agenda FFRI Dataset 2014 概要 Cuckoo Sandbox 具体的なデータ項目 FFR yarai analyzer Professional 具体的なデータ項目 データの利用例 2 FFRI Dataset 2014 の概要 FFRIで収集したマルウェアの動的解析ログ
258 5) GPS 1 GPS 6) GPS DP 7) 8) 10) GPS GPS 2 3 4 5 2. 2.1 3 1) GPS Global Positioning System
Vol. 52 No. 1 257 268 (Jan. 2011) 1 2, 1 1 measurement. In this paper, a dynamic road map making system is proposed. The proposition system uses probe-cars which has an in-vehicle camera and a GPS receiver.
28 Docker Design and Implementation of Program Evaluation System Using Docker Virtualized Environment
28 Docker Design and Implementation of Program Evaluation System Using Docker Virtualized Environment 1170288 2017 2 28 Docker,.,,.,,.,,.,. Docker.,..,., Web, Web.,.,.,, CPU,,. i ., OS..,, OS, VirtualBox,.,
IPSJ SIG Technical Report Vol.2011-EC-19 No /3/ ,.,., Peg-Scope Viewer,,.,,,,. Utilization of Watching Logs for Support of Multi-
1 3 5 4 1 2 1,.,., Peg-Scope Viewer,,.,,,,. Utilization of Watching Logs for Support of Multi-View Video Contents Kosuke Niwa, 1 Shogo Tokai, 3 Tetsuya Kawamoto, 5 Toshiaki Fujii, 4 Marutani Takafumi,
IPSJ SIG Technical Report Pitman-Yor 1 1 Pitman-Yor n-gram A proposal of the melody generation method using hierarchical pitman-yor language model Aki
Pitman-Yor Pitman-Yor n-gram A proposal of the melody generation method using hierarchical pitman-yor language model Akira Shirai and Tadahiro Taniguchi Although a lot of melody generation method has been
スライド 1
FFRI Dataset 2016 のご紹介 株式会社 FFRI http://www.ffri.jp Ver 2.00.01 1 Agenda FFRI Dataset 2016 概要 Cuckoo Sandbox 具体的なデータ項目 データの利用例 2 FFRI Dataset 2016 の概要 FFRIで収集したマルウェアの動的解析ログ 2016/1~2016/3に収集された検体 計 8,243
2. CABAC CABAC CABAC 1 1 CABAC Figure 1 Overview of CABAC 2 DCT 2 0/ /1 CABAC [3] 3. 2 値化部 コンテキスト計算部 2 値算術符号化部 CABAC CABAC
![2. CABAC CABAC CABAC 1 1 CABAC Figure 1 Overview of CABAC 2 DCT 2 0/ /1 CABAC [3] 3. 2 値化部 コンテキスト計算部 2 値算術符号化部 CABAC CABAC](/thumbs/92/108208872.jpg "2. CABAC CABAC CABAC 1 1 CABAC Figure 1 Overview of CABAC 2 DCT 2 0/ /1 CABAC [3] 3. 2 値化部 コンテキスト計算部 2 値算術符号化部 CABAC CABAC")
H.264 CABAC 1 1 1 1 1 2, CABAC(Context-based Adaptive Binary Arithmetic Coding) H.264, CABAC, A Parallelization Technology of H.264 CABAC For Real Time Encoder of Moving Picture YUSUKE YATABE 1 HIRONORI
IPSJ SIG Technical Report Vol.2009-DPS-141 No.20 Vol.2009-GN-73 No.20 Vol.2009-EIP-46 No /11/27 1. MIERUKEN 1 2 MIERUKEN MIERUKEN MIERUKEN: Spe
1. MIERUKEN 1 2 MIERUKEN MIERUKEN MIERUKEN: Speech Visualization System Based on Augmented Reality Yuichiro Nagano 1 and Takashi Yoshino 2 As the spread of the Augmented Reality(AR) technology and service,
(a) (b) 1 JavaScript Web Web Web CGI Web Web JavaScript Web mixi facebook SNS Web URL ID Web 1 JavaScript Web 1(a) 1(b) JavaScript & Web Web Web Webji
Webjig Web 1 1 1 1 Webjig / Web Web Web Web Web / Web Webjig Web DOM Web Webjig / Web Web Webjig: a visualization tool for analyzing user behaviors in dynamic web sites Mikio Kiura, 1 Masao Ohira, 1 Hidetake
IPSJ SIG Technical Report Vol.2014-EIP-63 No /2/21 1,a) Wi-Fi Probe Request MAC MAC Probe Request MAC A dynamic ads control based on tra
1,a) 1 1 2 1 Wi-Fi Probe Request MAC MAC Probe Request MAC A dynamic ads control based on traffic Abstract: The equipment with Wi-Fi communication function such as a smart phone which are send on a regular
大学等における社会人の受け入れ状況調査
1 1 2 3 4 - - - - - - 6 8 6 2001 30 7 6 3 30 8 6 1 4 3,6,9,12 4 1 1 E 1 3 13 15 4 3 1 ( ) 8. 6 14 8 6 2002 8 8 3 7 60 1 4 4 32 100 12
Vol. 23 No. 4 Oct. 2006 37 2 Kitchen of the Future 1 Kitchen of the Future 1 1 Kitchen of the Future LCD [7], [8] (Kitchen of the Future ) WWW [7], [3
![Vol. 23 No. 4 Oct. 2006 37 2 Kitchen of the Future 1 Kitchen of the Future 1 1 Kitchen of the Future LCD [7], [8] (Kitchen of the Future ) WWW [7], [3](/thumbs/41/22750638.jpg "Vol. 23 No. 4 Oct. 2006 37 2 Kitchen of the Future 1 Kitchen of the Future 1 1 Kitchen of the Future LCD [7], [8] (Kitchen of the Future ) WWW [7], [3")
36 Kitchen of the Future: Kitchen of the Future Kitchen of the Future A kitchen is a place of food production, education, and communication. As it is more active place than other parts of a house, there
2 [2] Flow Visualizer 1 DbD 2. DbD [4] Web (PV) Web Web Web 3 ( 1) ( 1 ) Web ( 2 ) Web Web ( 3 ) Web DbD DbD () DbD DbD DbD 2.1 DbD DbD URL URL Google
![2 [2] Flow Visualizer 1 DbD 2. DbD [4] Web (PV) Web Web Web 3 ( 1) ( 1 ) Web ( 2 ) Web Web ( 3 ) Web DbD DbD () DbD DbD DbD 2.1 DbD DbD URL URL Google](/thumbs/39/20194526.jpg "2 [2] Flow Visualizer 1 DbD 2. DbD [4] Web (PV) Web Web Web 3 ( 1) ( 1 ) Web ( 2 ) Web Web ( 3 ) Web DbD DbD () DbD DbD DbD 2.1 DbD DbD URL URL Google")
Drive-by Download 1,a) 1,b) Web Drive-by Download(DbD) DbD Web DbD HTTP DbD Web DbD, Drive-by Download The Network Visualization Tool for detecting the Drive-by Download attacks. Amako Katsuhiro 1,a) Takada
IPSJ SIG Technical Report * Wi-Fi Survey of the Internet connectivity using geolocation of smartphones Yoshiaki Kitaguchi * Kenichi Nagami and Yutaka
* Wi-Fi Survey of the Internet connectivity using geolocation of smartphones Yoshiaki Kitaguchi * Kenichi Nagami and Yutaka Kikuchi With the rapid growth in demand of smartphone use, the development of
Vol.55 No (Jan. 2014) saccess 6 saccess 7 saccess 2. [3] p.33 * B (A) (B) (C) (D) (E) (F) *1 [3], [4] Web PDF a m
![Vol.55 No (Jan. 2014) saccess 6 saccess 7 saccess 2. [3] p.33 * B (A) (B) (C) (D) (E) (F) *1 [3], [4] Web PDF a m](/thumbs/92/108648363.jpg "Vol.55 No (Jan. 2014) saccess 6 saccess 7 saccess 2. [3] p.33 * B (A) (B) (C) (D) (E) (F) *1 [3], [4] Web PDF a m")
Vol.55 No.1 2 15 (Jan. 2014) 1,a) 2,3,b) 4,3,c) 3,d) 2013 3 18, 2013 10 9 saccess 1 1 saccess saccess Design and Implementation of an Online Tool for Database Education Hiroyuki Nagataki 1,a) Yoshiaki
( ) [1] [4] ( ) 2. [5] [6] Piano Tutor[7] [1], [2], [8], [9] Radiobaton[10] Two Finger Piano[11] Coloring-in Piano[12] ism[13] MIDI MIDI 1 Fig. 1 Syst
![( ) [1] [4] ( ) 2. [5] [6] Piano Tutor[7] [1], [2], [8], [9] Radiobaton[10] Two Finger Piano[11] Coloring-in Piano[12] ism[13] MIDI MIDI 1 Fig. 1 Syst](/thumbs/91/107597950.jpg "( ) [1] [4] ( ) 2. [5] [6] Piano Tutor[7] [1], [2], [8], [9] Radiobaton[10] Two Finger Piano[11] Coloring-in Piano[12] ism[13] MIDI MIDI 1 Fig. 1 Syst")
情報処理学会インタラクション 2015 IPSJ Interaction 2015 15INT014 2015/3/7 1,a) 1,b) 1,c) Design and Implementation of a Piano Learning Support System Considering Motivation Fukuya Yuto 1,a) Takegawa Yoshinari 1,b) Yanagi
Windows7 OS Focus Follows Click, FFC FFC focus follows mouse, FFM Windows Macintosh FFC n n n n ms n n 4.2 2
1 1, 2 A Mouse Cursor Operation for Overlapped Windowing 1 Shota Yamanaka 1 and Homei Miyashita 1, 2 In this paper we propose an operation method for overlapped windowing; a method that the user slides
MAC root Linux 1 OS Linux 2.6 Linux Security Modules LSM [1] Security-Enhanced Linux SELinux [2] AppArmor[3] OS OS OS LSM LSM Performance Monitor LSMP
![MAC root Linux 1 OS Linux 2.6 Linux Security Modules LSM [1] Security-Enhanced Linux SELinux [2] AppArmor[3] OS OS OS LSM LSM Performance Monitor LSMP](/thumbs/92/108755579.jpg "MAC root Linux 1 OS Linux 2.6 Linux Security Modules LSM [1] Security-Enhanced Linux SELinux [2] AppArmor[3] OS OS OS LSM LSM Performance Monitor LSMP")
LSM OS 700-8530 3 1 1 [email protected] [email protected] 242-8502 1623 14 [email protected] OS Linux 2.6 Linux Security Modules LSM LSM Linux 4 OS OS LSM An Evaluation of Performance
ActionScript Flash Player 8 ActionScript3.0 ActionScript Flash Video ActionScript.swf swf FlashPlayer AVM(Actionscript Virtual Machine) Windows
ActionScript3.0 1 1 YouTube Flash ActionScript3.0 Face detection and hiding using ActionScript3.0 for streaming video on the Internet Ryouta Tanaka 1 and Masanao Koeda 1 Recently, video streaming and video
Input image Initialize variables Loop for period of oscillation Update height map Make shade image Change property of image Output image Change time L
1,a) 1,b) 1/f β Generation Method of Animation from Pictures with Natural Flicker Abstract: Some methods to create animation automatically from one picture have been proposed. There is a method that gives
マルウェア対策のための研究用データセット ~ MWS Datasets 2013 ~.pptx
1 2 3 4 5 6 MWS Datasets 2013 MWS Datasets 2013 感染 PC 群 PRACTICE Dataset 2013 サーバ型ハニーポット CCC Dataset 2013 NICTER Darknet Dataset 2013 Darknet scan ボット ワーム クライアント型ハニーポット SandBox D3M 2013 FFRI Dataset 2013
1., 1 COOKPAD 2, Web.,,,,,,.,, [1]., 5.,, [2].,,.,.,, 5, [3].,,,.,, [4], 33,.,,.,,.. 2.,, 3.., 4., 5., ,. 1.,,., 2.,. 1,,
![1., 1 COOKPAD 2, Web.,,,,,,.,, [1]., 5.,, [2].,,.,.,, 5, [3].,,,.,, [4], 33,.,,.,,.. 2.,, 3.., 4., 5., ,. 1.,,., 2.,. 1,,](/thumbs/50/25936361.jpg "1., 1 COOKPAD 2, Web.,,,,,,.,, [1]., 5.,, [2].,,.,.,, 5, [3].,,,.,, [4], 33,.,,.,,.. 2.,, 3.., 4., 5., ,. 1.,,., 2.,. 1,,")
THE INSTITUTE OF ELECTRONICS, INFORMATION AND COMMUNICATION ENGINEERS TECHNICAL REPORT OF IEICE.,, 464 8601 470 0393 101 464 8601 E-mail: [email protected], {ide,murase,hirayama}@is.nagoya-u.ac.jp,
大学における原価計算教育の現状と課題
1 1.1 1.2 1.3 2 2.1 2.2 3 3.1 3.2 3.3 2014a 50 ABC Activity Based Costing LCC Lifecycle Costing MFCA Material Flow Cost Accounting 2 2 2016 9 1 2 3 2014b 2005 2014b 2000 1 2 1962 5 1 3 2 3 4 5 50 2012
untitled
2007 55 2 235 254 c 2007 1 2 3 3 2007 6 12 2007 11 1 20 8 2 1. 2004 Sakata et al. 2004 1 610 0394 1 3 2 176 8525 2 42 1 3 525 8577 1 1 1 236 55 2 2007 2003 2004 Camurri et al. 1999 2002 2005 CG 1987 1
1 DHT Fig. 1 Example of DHT 2 Successor Fig. 2 Example of Successor 2.1 Distributed Hash Table key key value O(1) DHT DHT 1 DHT 1 ID key ID IP value D
P2P 1,a) 1 1 Peer-to-Peer P2P P2P P2P Chord P2P Chord Consideration for Efficient Construction of Distributed Hash Trees on P2P Systems Taihei Higuchi 1,a) Masakazu Soshi 1 Tomoyuki Asaeda 1 Abstract:
Vol. 44 No. SIG 12(TOD 19) Sep MF MF MF Content Protection Mechanism Based on Media Framework and an Implementation for Autonomous Information C
Vol. 44 No. SIG 12(TOD 19) Sep. 2003 MF MF MF Content Protection Mechanism Based on Media Framework and an Implementation for Autonomous Information Container Takehito Abe, Noburou Taniguchi, Kunihiro
3D UbiCode (Ubiquitous+Code) RFID ResBe (Remote entertainment space Behavior evaluation) 2 UbiCode Fig. 2 UbiCode 2. UbiCode 2. 1 UbiCode UbiCode 2. 2
THE INSTITUTE OF ELECTRONICS, INFORMATION AND COMMUNICATION ENGINEERS HCG HUMAN COMMUNICATION GROUP SYMPOSIUM. UbiCode 243 0292 1030 E-mail: {ubicode,koide}@shirai.la, {otsuka,shirai}@ic.kanagawa-it.ac.jp
fiš„v5.dvi
(2001) 49 2 293 303 VRML 1 2 3 2001 4 12 2001 10 16 Web Java VRML (Virtual Reality Modeling Language) VRML Web VRML VRML VRML VRML Web VRML VRML, 3D 1. WWW (World Wide Web) WWW Mittag (2000) Web CGI Java
1 2 4 5 9 10 12 3 6 11 13 14 0 8 7 15 Iteration 0 Iteration 1 1 Iteration 2 Iteration 3 N N N! N 1 MOPT(Merge Optimization) 3) MOPT 8192 2 16384 5 MOP
10000 SFMOPT / / MOPT(Merge OPTimization) MOPT FMOPT(Fast MOPT) FMOPT SFMOPT(Subgrouping FMOPT) SFMOPT 2 8192 31 The Proposal and Evaluation of SFMOPT, a Task Mapping Method for 10000 Tasks Haruka Asano
[2] 1. 2. 2 2. 1, [3] 2. 2 [4] 2. 3 BABOK BABOK(Business Analysis Body of Knowledge) BABOK IIBA(International Institute of Business Analysis) BABOK 7
![[2] 1. 2. 2 2. 1, [3] 2. 2 [4] 2. 3 BABOK BABOK(Business Analysis Body of Knowledge) BABOK IIBA(International Institute of Business Analysis) BABOK 7](/thumbs/40/22240274.jpg "[2] 1. 2. 2 2. 1, [3] 2. 2 [4] 2. 3 BABOK BABOK(Business Analysis Body of Knowledge) BABOK IIBA(International Institute of Business Analysis) BABOK 7")
32 (2015 ) [2] Projects of the short term increase at present. In order to let projects complete without rework and delays, it is important that request for proposals (RFP) are written by reflecting precisely
農研機構 食品総合研究所 研究報告 77号
Rep. Natl Food Res. InstNo 技 術 報 告 食 品 害 虫 サイトの 長 期 間 アクセス 解 析 --- A Long-Term Analysis of Access Trend to Food-Insect Site Yukio Magariyama, Kumiko Shichiri, Akihiro Miyanoshita, Taro Imamura, Satoshi
A Study on Traffic Characteristics in Multi-hop Wireless Networks 2010 3 Yoichi Yamasaki ( ) 21 Local Area Network (LAN) LAN LAN LAN (AP, Access Point) LAN AP LAN AP AP AP (MWN, Multi-hop Wireless Network)
1 3DCG [2] 3DCG CG 3DCG [3] 3DCG 3 3 API 2 3DCG 3 (1) Saito [4] (a) 1920x1080 (b) 1280x720 (c) 640x360 (d) 320x G-Buffer Decaudin[5] G-Buffer D
![1 3DCG [2] 3DCG CG 3DCG [3] 3DCG 3 3 API 2 3DCG 3 (1) Saito [4] (a) 1920x1080 (b) 1280x720 (c) 640x360 (d) 320x G-Buffer Decaudin[5] G-Buffer D](/thumbs/91/105248386.jpg "1 3DCG [2] 3DCG CG 3DCG [3] 3DCG 3 3 API 2 3DCG 3 (1) Saito [4] (a) 1920x1080 (b) 1280x720 (c) 640x360 (d) 320x G-Buffer Decaudin[5] G-Buffer D")
3DCG 1) ( ) 2) 2) 1) 2) Real-Time Line Drawing Using Image Processing and Deforming Process Together in 3DCG Takeshi Okuya 1) Katsuaki Tanaka 2) Shigekazu Sakai 2) 1) Department of Intermedia Art and Science,
DPA,, ShareLog 3) 4) 2.2 Strino Strino STRain-based user Interface with tacticle of elastic Natural ObjectsStrino 1 Strino ) PC Log-Log (2007 6)
1 2 1 3 Experimental Evaluation of Convenient Strain Measurement Using a Magnet for Digital Public Art Junghyun Kim, 1 Makoto Iida, 2 Takeshi Naemura 1 and Hiroyuki Ota 3 We present a basic technology
ISSN NII Technical Report Patent application and industry-university cooperation: Analysis of joint applications for patent in the Universit
ISSN 1346-5597 NII Technical Report Patent application and industry-university cooperation: Analysis of joint applications for patent in the University of Tokyo Morio SHIBAYAMA, Masaharu YANO, Kiminori
%,, % %......
Purchase Decision Process of Earthquake Insurance and Policy Sales Methodologies in Japan Hiroyuki NOZAKI * and Akiyoshi TAKAGI ** Abstract The purpose of this study is to investigate how fire insurance
i
21 Fault-Toleranted Authentication Data Distribution Protocol for Autonomous Distributed Networks 1125153 2010 3 2 i Abstract Fault-Toleranted Authentication Data Distribution Protocol for Autonomous Distributed
Microsoft Word - deim2011_new-ichinose-20110325.doc
DEIM Forum 2011 B7-4 252-0882 5322 E-mail: {t08099ai, kurabaya, kiyoki}@sfc.keio.ac.jp A Music Search Database System with a Selector for Impressive-Sections of Continuous Data Aya ICHINOSE Shuichi KURABAYASHI