Design and Implementation of a Game with Network Traffic Visualization to Enhance Security Awareness



Similar documents
29 jjencode JavaScript

3_39.dvi

WebRTC P2P Web Proxy P2P Web Proxy WebRTC WebRTC Web, HTTP, WebRTC, P2P i

IP IP DHCP..

Web Web Web Web Web, i

Web Web Web Web i

11 Windows XP IP WEP (Web )

Web Basic Web SAS-2 Web SAS-2 i

許可したアプリケーションのレポート


,,,,., C Java,,.,,.,., ,,.,, i

P2P P2P peer peer P2P peer P2P peer P2P i

7,, i

WikiWeb Wiki Web Wiki 2. Wiki 1 STAR WARS [3] Wiki Wiki Wiki 2 3 Wiki 5W1H Wiki Web 2.2 5W1H 5W1H 5W1H 5W1H 5W1H 5W1H 5W1H 2.3 Wiki 2015 Informa

2 [2] Flow Visualizer 1 DbD 2. DbD [4] Web (PV) Web Web Web 3 ( 1) ( 1 ) Web ( 2 ) Web Web ( 3 ) Web DbD DbD () DbD DbD DbD 2.1 DbD DbD URL URL Google

2009 ( 21 ) Uni-Fi: UPnP DLNA Web Flikr YouTube IEEE802.11b/g i

shibasaki(印刷用)

ネットワークビデオレコーダー VK-64/VK-16/VK-Lite v2.2 セットアップガイド

TCP/IP Internet Week 2002 [2002/12/17] Japan Registry Service Co., Ltd. No.3 Internet Week 2002 [2002/12/17] Japan Registry Service Co., Ltd. No.4 2

07_伊藤由香_様.indd

Web ( ) [1] Web Shibboleth SSO Web SSO Web Web Shibboleth SAML IdP(Identity Provider) Web Web (SP:ServiceProvider) ( ) IdP Web Web MRA(Mail Retrieval

1 2 3 ( ) ( ) SNS SNS Facebook %[g]( %[ ]) [ ] IT LNS (Life Networking Service) LNS LNS LNS SNS SNS 3. LNS (Life Networking S

P2P P2P Winny 3 P2P P2P 1 P2P, i

12研究資料02.indd

25 About what prevent spoofing of misusing a session information

23 The Study of support narrowing down goods on electronic commerce sites

IT i

i

Si-R30取扱説明書

untitled

2004 SYN/ACK SYN Flood G01P014-6

Web Web ID Web 16 Web Web i

大学における原価計算教育の現状と課題

PC PDA SMTP/POP3 1 POP3 SMTP MUA MUA MUA i

22 Google Trends Estimation of Stock Dealing Timing using Google Trends

Virtual Window System Virtual Window System Virtual Window System Virtual Window System Virtual Window System Virtual Window System Social Networking

内閣官房情報セキュリティセンター(NISC)

情報科学研究 第19号

2015 ( 27 ) RFID RF RFID, 2., 3., 4. i

IPSJ SIG Technical Report * Wi-Fi Survey of the Internet connectivity using geolocation of smartphones Yoshiaki Kitaguchi * Kenichi Nagami and Yutaka

2 1: OSI OSI,,,,,,,,, 4 TCP/IP TCP/IP, TCP, IP 2,, IP, IP. IP, ICMP, TCP, UDP, TELNET, FTP, HTTP TCP IP

20 Method for Recognizing Expression Considering Fuzzy Based on Optical Flow

28 Horizontal angle correction using straight line detection in an equirectangular image

, IT.,.,..,.. i

ヤマハ ルーター ファイアウォール機能~説明資料~

28 Docker Design and Implementation of Program Evaluation System Using Docker Virtualized Environment

LAN

atama.dvi

今企業が取るべきセキュリティ対策とは策

24 LED A visual programming environment for art work using a LED matrix

集中講義 インターネットテクノロジー 第5回

ActionScript Flash Player 8 ActionScript3.0 ActionScript Flash Video ActionScript.swf swf FlashPlayer AVM(Actionscript Virtual Machine) Windows

paper.dvi

BLR3-TX4 ユーザーズガイド(3版)

評論・社会科学 84号(よこ)(P)/3.金子

1 Web Web 1,,,, Web, Web : - i -

:

worm hoihoi

1. 2

2 The Bulletin of Meiji University of Integrative Medicine 3, Yamashita 10 11

3_23.dvi

(1) i NGO ii (2) 112

大学論集第42号本文.indb


NetLec17TCPIP1.ppt

9 1, , , 2002, 1998, 1988,

(a) (b) 1 JavaScript Web Web Web CGI Web Web JavaScript Web mixi facebook SNS Web URL ID Web 1 JavaScript Web 1(a) 1(b) JavaScript & Web Web Web Webji

Vol.54 No (Mar. 2013) 1,a) , A Case Study of the Publication of Information on the Japan Earthquake Naoto Matsumoto 1,a

untitled

第1回 ネットワークとは

Docodemo-Net (Q&A ) Web Web ( 1.1 WPA2 (WEP ) LAN WEP WPA2 WPA2 Docodemo-Net WEP 2 Docodemo-Net lab

21 A contents organization method for information sharing systems

Vol. 48 No. 4 Apr LAN TCP/IP LAN TCP/IP 1 PC TCP/IP 1 PC User-mode Linux 12 Development of a System to Visualize Computer Network Behavior for L

<95DB8C9288E397C389C88A E696E6462>

卒業論文2.dvi

計量国語学 アーカイブ ID KK 種別 特集 招待論文 A タイトル Webコーパスの概念と種類, 利用価値 語史研究の情報源としてのWebコーパス Title The Concept, Types and Utility of Web Corpora: Web Corpora as

soturon.dvi

TaskPit TaskPit TaskPit TaskPit 3 TaskPit Windows OS PC CPU 2 TaskPit TaskPit Windows OS CPU 1 10 TaskPit

Packet Tracer: 拡張 ACL の設定 : シナリオ 1 トポロジ アドレステーブル R1 デバイスインターフェイス IP アドレスサブネットマスクデフォルトゲートウェイ G0/ N/A G0/

知能と情報, Vol.30, No.5, pp


【人】②久米禎子先生【本文】/【人】②久米禎子先生【本文】

評論・社会科学 89号(よこ)(P)/3.森

Vol. 28 No. 2 Apr Web Twitter/Facebook UI Twitter Web Twitter/Facebook e.g., Web Web UI 1 2 SNS 1, 2 2

kut-paper-template.dvi

2013 Future University Hakodate 2013 System Information Science Practice Group Report biblive : Project Name biblive : Recording and sharing experienc

4.1 % 7.5 %

システム開発プロセスへのデザイン技術適用の取組み~HCDからUXデザインへ~


08-特集04.indd

21 Key Exchange method for portable terminal with direct input by user

1., 1 COOKPAD 2, Web.,,,,,,.,, [1]., 5.,, [2].,,.,.,, 5, [3].,,,.,, [4], 33,.,,.,,.. 2.,, 3.., 4., 5., ,. 1.,,., 2.,. 1,,

IP Windows Word Excel Web Web Word Excel XHTML CSS Web Windows Word Excel Web XHTML CSS

25 Removal of the fricative sounds that occur in the electronic stethoscope

untitled

23 Study on Generation of Sudoku Problems with Fewer Clues

LAN LAN LAN LAN LAN LAN,, i



R70_Software_Manual_JP1.3

Transcription:

2010 22 Rodney D. Van Meter III 23 2 13

- 2010 ( 22 ) : 1, 2., 3., 4,

Abstract of Bachelor s Thesis - Academic Year 2010 Network Traffic Visualization to Enhance Security Awareness For typical computer users these days, information security practice is considered as passive as users take necessary actions only when malicious software or attack attempts were detected. However, recent security breach due to continuous appearing of new malwares raised needs for users to recognize threats and to consider countermeasures against it. In this thesis, design and implementation of a computer game software that observes network traffic and uses it as game components to enhance end-users security awareness has been conducted. In addition to existing anti-virus software by using this software, a user would be able to monitor network traffic while improving awareness of information security autonomously. End-users can see the state of network traffic without technical knowledge, and recognize malwares and security incidents on his or her network simultaneously. Because this software replaces every technical term by a familiar object, it accelerates the user s understanding without requiring the user to know any technical languages. This thesis aims to bring enlightenment to end-users with a software, and to establish a beachhead to change their security consciousness. Keywords : 1. Packet Capturing, 2. Entertainment, 3. Internet Security, 4. Network Monitoring Keio University, Faculty of Policy Management Hideaki Fukuoka

1 1 1.1................................ 1 1.2.................................. 2 1.2.1............................... 2 1.2.2............................. 2 1.2.3............................... 2 1.3.................................. 3 2 4 2.1................................... 4 2.1.1.......................... 4 2.1.2................... 5 2.2...................................... 6 2.3...................... 6 2.4...................................... 6 3 7 3.1....................... 7 3.2......................... 8 3.3................. 8 3.4...................................... 9 4 10 4.1.............................. 10 4.1.1.......................... 10 4.1.2......................... 11 4.2........................... 11 4.2.1........................ 11 4.2.2................... 12 4.2.3....................... 13 4.3...................................... 14 iii

5 15 5.1................................. 15 5.1.1.................. 15 5.1.2......................... 15 5.1.3............................ 16 5.2................................... 16 5.2.1........................ 16 5.2.2.......................... 17 5.2.3........................ 18 5.2.4............................. 18 5.3............................ 19 5.3.1..................... 19 5.3.2.............................. 20 5.3.3......................... 21 5.4................................. 22 5.4.1............................ 22 5.4.2....................... 22 5.4.3.......................... 23 5.4.4................................. 23 5.5...................................... 23 6 24 6.1............................. 24 6.2.................................. 24 6.2.1............................. 24 6.2.2.............................. 26 6.2.3 SYN.......................... 28 6.3.................................. 29 6.3.1.............................. 29 6.3.2................................. 29 6.3.3................................... 32 6.3.4.......................... 33 6.3.5.............................. 35 6.4...................................... 37 7 39 7.1............................. 39 7.2......................... 39 7.2.1............................... 39 7.2.2................................... 41 iv

7.3................................ 41 7.3.1............... 41 7.3.2.................. 41 7.3.3 Web. 42 7.3.4.................. 42 7.3.5....................... 43 7.3.6........ 43 7.3.7................... 43 7.3.8................................... 44 7.4................................... 44 7.5...................................... 45 8 46 8.1................................. 46 8.2................................... 47 48 A 52 A.1.............................. 52 B 55 B.1................................ 55 B.2....................... 56 C 60 C.1......................... 60 C.2................................ 62

3.1 Packet Garden GIGAZINE[18]..................... 8 4.1....................... 11 4.2.................... 12 4.3........................... 13 5.1 PacketCapture........................... 16 5.2.................. 17 5.3...................... 19 5.4........................ 21 5.5................................. 22 6.1................... 25 6.2................................. 27 6.3 SYN.................................. 28 6.4................................... 29 6.5.................................. 30 6.6.................................. 32 6.7................................ 34 6.8.................................. 34 6.9................................. 35 6.10.............................. 36 6.11 1................................. 37 6.12 2................................. 37 7.1................... 42 7.2...................... 42 7.3...................... 43 7.4........................... 43 7.5............ 44 7.6....................... 44 C.1................... 62 C.2...................... 63 C.3...................... 63 vi

C.4........................... 64 C.5............ 65 C.6....................... 65

6.1............................ 25 A.1 1........................... 53 A.2 2........................... 54

1 1.1 JNSA 2009 166 1539 [1] Winny[2] Antinny[3] XSS Scareware[4] 87.4% [5] 2009 IPA [5] 9 4 8 1

1 1.2 1.2.1 1.2.2 1.2.3 IP 2

1 1.3 8 2 3 2 5 6 5 7 6 8 3

2 3 2.1 2010 3 [6] 1.44 1 79.3 5.2 [5] 2.1.1 2 [7] 4

2 Security Tools[8] Scareware[4] Antinny[3] 1 Antinny [9] [10] 2009 2010 [11] 2010 9 Twitter[12] XSS [13] javascript Twitter 1 [5] 2.1.2 2009 IPA [5] 4 [14] 8 [5] 4-3-1-1. 80 2.1.1 5

2 2.2 2.3 2.4 1 1 3 6

3 3.1 [15] HTTP DNS ( )[16] 80 Packet Garden[17] 3.1 7

3 3.1: Packet Garden GIGAZINE[18] 3.2 [19] 3.3 [20] 1998 [21] [22] 1 8

3 1998 4 1 [23] 2007 Wii[24] Wii Fit[25] 2006 Nintendo DS[26] DS[27] 2005 DS [28] 3.4 9

4 2 4.1 4.1.1 2.2 2 4.1 10

4 4.1: 4.1.2 4.2 3 4.2.1 HTTP DNS IP 4.2 Web 11

4 4.2: Web 4.2.2 4.3 12

4 4.3: 4.2.3 13

4 4.3 3 3 3 5 14

5 4 3 3 5.1 3 5.1.1 1 5.1.2 2 15

5 5.1: PacketCapture 5.1.3 5.2 3 5.2.1 5.1 16

5 5.2: 1 5.2.2 5.2 17

5 5.2.3 3 5.2.4 18

5 5.3: 5.3 5.3 5.3.1 IP IP IP DDOS 1 IP 32bit 128bit IP IP 19

5 80 135 139 445 1 SYN SYN TCP SYN SYN 5.3.2 20

5 5.4: 5.3.3 HTTP 1024 Registered Port Number 5.4 SYN 6 IP 21

5 5.5: 5.4 5.5 5.4.1 5.4.2 22

5 1 5.4.3 HTTP Web 6 5.4.4 100 5.5 3 23

6 5 6.1 C++ Visual Studio 2008 DirectX9 C++ Windows Windows C++ Windows XP Windows OS Windows Windows OS 2010 12 90.19 [29] 6.2 SYN 6.1 6.2.1 3 1 FTP DNS HTTP WELL KNOWN PORT NUMBERS 1023 TCP UDP TCP UDP 24

6 6.1: 6.1: TCP UDP 1023 1024 6.1 A A.1 A.2 6.2.1 80 8080 HTTP SSL SMTP POP3 MSN AOL IRC P2P SSH DHCP NETBIOS 25

6 135 139 445 WELL KNOWN PORT NUMBERS REGISTERED PORT NUMBERS 1024 49151 DYNAMIC AND/OR PRIVATE PORTS 49152 65535 4 49152 12800 UDP TCP 6.2.2 6.2 5.3.3 IP 26

6 6.2: 4 6.1 M 0.3 1 L T otal L th C T otal C th L th 50000 C th 100 50000 100 ( 0.3 + min 0.35 L ) ( T otal, 0.35 + min 0.35 C ) T otal, 0.35 L th C th (6.1) 27

6 6.3: SYN 6.2.3 SYN SYN SYN SYN 6.3 SYN 1 SYN TCP SYN SYN 28

6 6.4: 6.3 6.4 6.3.1 1 1 5 6.3.2 1 9 2 2 29

6 6.5: 10 30 10 1 6.2 P 60 Hp Hp limit Ht Ht max Eq Eq max 0.2 ( ) Hplimit Hp 2 P = random(60) random 120 ( random(50) 0.5 Ht ) Ht ( max random(20) 0.5 Eq ) Eq max P = P 0.2 (6.2) 6.5 10 30

6 10 1 5 6.3 I Ec Ec limit P opulation T x (0.7) 0 0 I = Ec P opulation T x 0.7; (6.3) Ec limit 100 6.4 Ec Ec amp 10 MerchantP ower P opulation Ec middle 800 P opulation (100 )P opulation th 69200 70000 Ec middle Ec limit 2 Ec (10000) 6.5 Hp Hp rnd 10 Hp rnd 0 MerchantP ower Ec = Ec amp + Ec amp + Ec middle P opulation ( Ec amp = min 800 + P opulation ) 69200, 70000 P opulation th Ec middle = Ec limit 2 Ec 10000 (6.4) 31

6 Hp = 10 + random(hp rnd ) Hp rnd = 0 > 1000 + 20 100 + 5 10% + 5 (6.5) 10 6.3.3 1 6.6 6.6: 1 6.6 32

6 Amount T ech T ech max Demand 3 Supply 3 1 3 Ec = Amount 100 T ech ( ) Demand 3 min 0.98, 1.0 2.2 (6.6) T ech max Supply 3 1 700 3 3 6.7 Duty 100G IX amount Amount 1/2 0G 1 5000G 0 3 IX amount = Amount 1 2 Duty 100 (6.7) 6.3.4 6.7 5.4.3 6.8 33

6 6.7: 6.8: / 34

6 6.9: 9 6.9 6.3.5 35

6 6.10: 6.10 6.116.12 36

6 6.11: 1 6.12: 2 6.4 37

6 B 38

7 6 7.1 WindowsXP SP3 7.2 6 0 4 12 10 7.2.1 C.1 39

7 4.17 6 5 4.17 3 4 5 4 4.08 4 5 3 4 3.58 4.08 4 40

7 4.75 7.2.2 6 5 5 7.3 6 Web 35 10 Google Docs[30] C.2 Google Docs[30] 7.3.1 C.1 7.3.2 C.2 35 27 5 4 3 41

7 7.1: 7.2: 7.3.3 Web C.2 35 29 29 82.8% 6 17.2% 7.3.4 C.3 27 4 3 42

7 7.3: 7.3.5 C.4 2 7.4: 7.3.6 C.5 2 7.3.7 C.6 5 3 35 34 43

7 7.5: 7.6: 7.3.8 3 7.4 2 70% 44

7 7.5 45

8 8.1 35 70% 88% 46

8 8.2 47

Rodney D.Van Meter III Doan Viet Tung 4 22 48

[1] NPO. ver.1.1. http://www.jnsa.org/result/incident/data/ 2009incident_survey_v1.1.pdf, 9 2010. [2] 47. Winny. http://www.geocities.co.jp/siliconvalley/2949/, 11 2003. [3] Antinny - / / / it. http://e-words. jp/w/antinny.html, 8 2003. [4] - wikipedia. http://ja.wikipedia.org/wiki/%e5%81% BD%E8%A3%85%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3% 83%84%E3%83%BC%E3%83%AB, 12 2010. [5] IPA. 2009. http://www.ipa.go.jp/security/fy21/reports/ishiki/documents/ 2009-ishiki.pdf, 4 2009. [6]. 2010 3. http://www.mcafee.com/ japan/about/prelease/pr_10b.asp?pr=10/11/17-1, 11 2010. [7] Symantec. bloodhound. http: //www.symantec.com/region/jp/avcenter/reference/heuristc.pdf, 5 1998. [8] GIGAZINE. security tool - gigazine. http://gigazine.net/news/20100927_ security_tool/, 9 2010. [9] Internet Watch. 1 winny pc. http://internet.watch.impress.co.jp/cda/news/2007/06/13/16027.html, 5 2007. [10] Internet Security Knowledge. Winny. http://is702.jp/news/130/partner/34_i/, 3 2008. 49

8 [11] IPA. 11. http://www.ipa.go.jp/security/txt/2010/ 12outline.html, 12 2010. [12] Twitter. twitter. http://twitter.com, 9 2009. [13] IT media. Twitter xss - itmedia. http://www.itmedia.co.jp/enterprise/articles/1009/24/news023.html, 9 2010. [14]. 80. http://www.secomtrust.net/infomeasure/rouei/column1.html, 12 2010. [15],,,, and.. 57, pages 47 52, 3 2009. [16] and. ( ).. OIS, 104(714), pages 7 12, 3 2005. [17] Packet Garden. Packet garden : Main - home page title. http://www.selectparks. net/~julian/pg/pmwiki.php?n=main.homepage, 7 2007. [18] GIGAZINE. packet garden - gigazine. http://gigazine.net/news/20070117_packetgarden/, 1 2007. [19] and. :., Vol.41, No.12, pages 3265 3275, 12 2000. [20].. http://www.nintendo.co.jp/, 11 1947. [21].. http://www.nintendo.co.jp/n09/pokepika/index. html, 3 1998. [22] BANDAI.. http://tamagotch.channel.or.jp/, 11 1996. [23] JATY ( ). wiki - (jaty 1998 ). http://wiki.fdiary.net/animesales/, 12 2010. [24]. Wii. http://www.nintendo.co.jp/wii/, 11 2006. [25].. http://www.nintendo.co.jp/wii/rfnj/, 12 2007. [26]. Nintendo ds. http://www.nintendo.co.jp/ds/, 11 2004. 50

[27] and. ds. http://www.rocketcompany.co.jp/kanken/, 9 2006. [28]. ds. http://www.nintendo.co.jp/ds/andj/, 5 2005. [29] Net Applications. Os market share. http://marketshare.hitslink.com/ os-market-share.aspx?qprid=11#, 12 2010. [30] Google. Google docs. https://docs.google.com/, 1 2011.

A A.1 52

A A.1: 1 HTTP HTTPS SMTPS NNTPS SMTP POP3 IMAP IMAPS POP3S MESSANGER CD FTP P2P IRC SSH Telnet DNS DCHP NNTP NETBIOS UPnP WELL KNOWN PORT (SEND) WELL KNOWN PORT (RECV) RPC File Sharing NON TCP and NON UDP Registered by User DropBox 53

A A.2: 2 TCP (SEND) Registered Port Number TCP (RECV) Registered Port Number TCP (SEND) Dynamic Port Number TCP (RECV) Dynamic Port Number UDP (SEND) Registered Port Number with Port 12800 UDP (RECV) Registered Port Number with Port 12800 UDP (SEND) Registered Port Number with Port = 12800 UDP (RECV) Registered Port Number with Port = 12800 UDP (SEND) Dynamic Port Number UDP (RECV) Dynamic Port Number 54

B B.1 Windows XP SP3 C++ WinPCap DirectX 147,965 UI 55

B B.2 56

57 B

58 B

59 B

C C.1 5 6 4 3 3 2 2 1 1 0 5 5 4 4 3 3 2 0 1 0 5 4 4 5 3 3 2 0 1 0 60

C 5 2 4 4 3 5 2 1 1 0 5 6 4 2 3 3 2 1 1 0 5 9 4 3 3 0 2 0 1 0 61

C C.2 5 5 4 20 3 TXT 9 2 1 1 0 C.1: 5 10 4 17 3 6 2 2 1 0 62

C C.2: Web 29 82.8% 6 17.2% 5 4 4 15 3 12 2 4 1 0 C.3: 63

C 5 8 4 8 3 18 2 1 1 0 C.4: 5 13 4 11 3 8 2 2 1 1 64

C C.5: 5 19 4 8 3 7 2 1 1 0 C.6: 65

2024 © docsplayer.net プライバシー | 利用規約 | フィードバック