- 【Updated on May 12, 2025】 Integration of CiNii Dissertations and CiNii Books into CiNii Research
- Trial version of CiNii Research Automatic Translation feature is available on CiNii Labs
- Suspension and deletion of data provided by Nikkei BP
- Regarding the recording of “Research Data” and “Evidence Data”
Implementation of an Environment for Reproducing Targeted Attacks
-
- Yu Tsuda
- Cybersecurity Research Center, National Institute of Information and Communications Technology
-
- Masaki Kamizono
- Cybersecurity Research Center, National Institute of Information and Communications Technology | Advanced Research Laboratory, SecureBrain Corporation
-
- Takashi Tomine
- Cybersecurity Research Center, National Institute of Information and Communications Technology
-
- Shingo Yasuda
- Cybersecurity Research Center, National Institute of Information and Communications Technology
-
- Ryosuke Miura
- Cybersecurity Research Center, National Institute of Information and Communications Technology
-
- Toshiyuki Miyachi
- Cybersecurity Research Center, National Institute of Information and Communications Technology
-
- Masashi Eto
- Cybersecurity Research Center, National Institute of Information and Communications Technology
-
- Daisuke Inoue
- Cybersecurity Research Center, National Institute of Information and Communications Technology
-
- Koji Nakao
- Cybersecurity Research Center, National Institute of Information and Communications Technology
Bibliographic Information
- Other Title
-
- 標的型攻撃のシナリオ再現環境の構築
Search this article
Description
Targeted attacks which aimed at a specific orgnization or company become an object of public concern. Targeted attacks have some attacking phases, for instance reconnaissance, installation exploitation and so on. According to some analyzing reports, attackers use various tools. Most of analyzing reports have results which include attacking tools and malwares individually. Therefore, relevances among the individual results are complemented of scenarios which analysts suppose, because analysts can not obtain attaking environments and harmful environments substantially. In this paper, we implement an environment for reproducing whole scenarios of targeted attacks in order to observing attackers' activities precisely. The environment has some attaking tools and a simulated C&C server as an attacker's zone. Also, we implement a victim's zone like a company's computing environment which is targeted from attackers. In addition, the environment has supporting zone which is used for reproducing attacking scenarios easily. At last, we produce a scenario of a targeted attack in this environment and discuss this environment with some logs such as Windows event logs, some server logs and network traffic data on the victim's zone.
Journal
-
- IPSJ SIG Technical Reports
-
IPSJ SIG Technical Reports 2014 (18), 1-6, 2014-05-15
Information Processing Society of Japan (IPSJ)
- Tweet
Keywords
Details 詳細情報について
-
- CRID
- 1570009752925178624
-
- NII Article ID
- 110009772698
-
- NII Book ID
- AA12326962
-
- ISSN
- 09196072
-
- Text Lang
- ja
-
- Data Source
-
- CiNii Articles
