{"created":"2023-05-15T12:00:33.842900+00:00","id":7445,"links":{},"metadata":{"_buckets":{"deposit":"1a753df9-70d9-4ab2-b953-433c04dba2a1"},"_deposit":{"created_by":3,"id":"7445","owners":[3],"pid":{"revision_id":0,"type":"depid","value":"7445"},"status":"published"},"_oai":{"id":"oai:kyutech.repo.nii.ac.jp:00007445","sets":["8:24"]},"author_link":["32157","20772"],"item_21_biblio_info_6":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicIssueDates":{"bibliographicIssueDate":"2021-07-13","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"1","bibliographicPageEnd":"7","bibliographicPageStart":"1","bibliographicVolumeNumber":"2021-OS-153","bibliographic_titles":[{"bibliographic_title":"情報処理学会研究報告. [システムソフトウェアとオペレーティング・システム]"}]}]},"item_21_description_4":{"attribute_name":"抄録","attribute_value_mlt":[{"subitem_description":"インターネットに接続されたシステムへの攻撃を検知するために，侵入検知システム（IDS）が用いられている．しかし，システムの状態を監視して異常を検知するホストベースIDSは監視対象ホスト上で動作するため，安全に実行するのは容易ではない．例えば，システムが攻撃を受けた後にはそのシステムから正しい情報を取得できるとは限らない．また，IDSが改ざんされると無力化されてしまい，それ以降の攻撃を検知できなくなる．これまでに汎用CPUの機能を用いてIDSを安全に実行する手法が提案されてきたが，安全性や性能などの面で問題があった．本稿では，Intel CPUの機能であるSGXとシステムマネジメントモード（SMM）を組み合わせることで，安全にIDSを実行することが可能なシステムSSdetectorを提案する．SSdetectorはSGXのエンクレイヴ内でIDSを安全に実行し，SMMプログラムを用いてシステムのメモリデータの安全な取得を行う．エンクレイヴとSMMプログラム間でメモリデータを暗号化することで，取得したメモリデータからの情報漏洩を防ぐ．我々はSGX仮想化をサポートしたKVMを用いてVMのUEFI BIOSを変更することでSSdetectorを実装し，IDSによるOSデータの取得時間を調べた．","subitem_description_type":"Abstract"}]},"item_21_description_5":{"attribute_name":"内容記述","attribute_value_mlt":[{"subitem_description":"2021年並列／分散／協調処理に関するサマー・ワークショップ (SWoPP2021), 2021年7月19日- 21日, オンライン開催","subitem_description_type":"Other"}]},"item_21_description_60":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"subitem_description":"Journal Article","subitem_description_type":"Other"}]},"item_21_publisher_7":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会"}]},"item_21_relation_14":{"attribute_name":"情報源","attribute_value_mlt":[{"subitem_relation_name":[{"subitem_relation_name_text":"http://id.nii.ac.jp/1001/00211753/"}],"subitem_relation_type_id":{"subitem_relation_type_id_text":"http://id.nii.ac.jp/1001/00211753/","subitem_relation_type_select":"URI"}}]},"item_21_rights_13":{"attribute_name":"権利","attribute_value_mlt":[{"subitem_rights":"Copyright (c) 2021 Information Processing Society of Japan. ここに掲載した著作物の利用に関する注意 本著作物の著作権は情報処理学会に帰属します。本著作物は著作権者である情報処理学会の許可のもとに掲載するものです。ご利用に当たっては「著作権法」ならびに「情報処理学会倫理綱領」に従うことをお願いいたします。 / Notice for the use of this material The copyright of this material is retained by the Information Processing Society of Japan (IPSJ). This material is published on this web site with the agreement of the author (s) and the IPSJ. Please be complied with Copyright Law of Japan and the Code of Ethics of the IPSJ if any users wish to reproduce, make derivative work, distribute or make available to the public any part or whole thereof. All Rights Reserved, Copyright (C) Information Processing Society of Japan. Comments are welcome. Mail to address editj＠ipsj.or.jp, please."}]},"item_21_select_59":{"attribute_name":"査読の有無","attribute_value_mlt":[{"subitem_select_item":"no"}]},"item_21_source_id_10":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN10444176","subitem_source_identifier_type":"NCID"}]},"item_21_source_id_8":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8795","subitem_source_identifier_type":"ISSN"}]},"item_21_subject_16":{"attribute_name":"日本十進分類法","attribute_value_mlt":[{"subitem_subject":"547","subitem_subject_scheme":"NDC"}]},"item_21_text_36":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"九州工業大学"},{"subitem_text_value":"九州工業大学"}]},"item_21_text_63":{"attribute_name":"連携ID","attribute_value_mlt":[{"subitem_text_value":"9788"}]},"item_21_version_type_58":{"attribute_name":"著者版フラグ","attribute_value_mlt":[{"subitem_version_resource":"http://purl.org/coar/version/c_970fb48d4fbd8a85","subitem_version_type":"VoR"}]},"item_creator":{"attribute_name":"著者","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"古賀,  吉道"}],"nameIdentifiers":[{}]},{"creatorAffiliations":[{"affiliationNameIdentifiers":[],"affiliationNames":[{"affiliationName":""}]}],"creatorNames":[{"creatorName":"Kourai, Kenichi","creatorNameLang":"en"},{"creatorName":"光来, 健一","creatorNameLang":"ja"},{"creatorName":"コウライ, ケンイチ","creatorNameLang":"ja-Kana"}],"familyNames":[{},{},{}],"givenNames":[{},{},{}],"nameIdentifiers":[{},{},{},{},{}]}]},"item_files":{"attribute_name":"ファイル情報","attribute_type":"file","attribute_value_mlt":[{"accessrole":"open_date","date":[{"dateType":"Available","dateValue":"2021-12-08"}],"displaytype":"detail","filename":"RECN_2021-06.pdf","filesize":[{"value":"1.2 MB"}],"format":"application/pdf","licensetype":"license_note","mimetype":"application/pdf","url":{"label":"RECN_2021-06.pdf","url":"https://kyutech.repo.nii.ac.jp/record/7445/files/RECN_2021-06.pdf"},"version_id":"12fe86fa-5b9e-488d-93a0-fcc489713988"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"オフロード","subitem_subject_scheme":"Other"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourcetype":"journal article","resourceuri":"http://purl.org/coar/resource_type/c_6501"}]},"item_title":"Intel SGXとSMMの組み合わせによるIDSの安全な実行機構","item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"Intel SGXとSMMの組み合わせによるIDSの安全な実行機構"}]},"item_type_id":"21","owner":"3","path":["24"],"pubdate":{"attribute_name":"公開日","attribute_value":"2021-12-08"},"publish_date":"2021-12-08","publish_status":"0","recid":"7445","relation_version_is_last":true,"title":["Intel SGXとSMMの組み合わせによるIDSの安全な実行機構"],"weko_creator_id":"3","weko_shared_id":3},"updated":"2023-10-25T08:59:08.646429+00:00"}