In recent years, cyber attacks against infrastructure have become more serious. Unfortunately, infrastructures with vulnerable remote management devices, which allow attackers to control the infrastructure, have been reported. Targeted attacks against infrastructure are conducted manually by human attackers rather than automated scripts. Here, open questions are how often the attacks against such infrastructure happen and what attackers do after intrusions. In this empirical study, we observe the accesses, including attacks and security investigation activities, using the customized infrastructure honeypot. The proposed honeypot comprises (1) a platform that easily deploys real devices as honeypots, (2) a mechanism to increase the number of fictional facilities by changing the displayed facility names on the WebUI for each honeypot instance, (3) an interaction mechanism with visitors to infer their purpose, and (4) tracking mechanisms to identify visitors for long-term activities. We implemented and deployed the honeypot for 31 months. Our honeypot observed critical operations, such as changing configurations of a remote management device. We also observed long-term access to WebUI and Telnet service of the honeypot.
{"title":"Observation of Human-operated Accesses using Remote Management Device Honeypot","authors":"Takayuki SASAKI, Mami KAWAGUCHI, Takuhiro KUMAGAI, Katsunari YOSHIOKA, Tsutomu MATSUMOTO","doi":"10.1587/transfun.2023cip0018","DOIUrl":"https://doi.org/10.1587/transfun.2023cip0018","url":null,"abstract":"In recent years, cyber attacks against infrastructure have become more serious. Unfortunately, infrastructures with vulnerable remote management devices, which allow attackers to control the infrastructure, have been reported. Targeted attacks against infrastructure are conducted manually by human attackers rather than automated scripts. Here, open questions are how often the attacks against such infrastructure happen and what attackers do after intrusions. In this empirical study, we observe the accesses, including attacks and security investigation activities, using the customized infrastructure honeypot. The proposed honeypot comprises (1) a platform that easily deploys real devices as honeypots, (2) a mechanism to increase the number of fictional facilities by changing the displayed facility names on the WebUI for each honeypot instance, (3) an interaction mechanism with visitors to infer their purpose, and (4) tracking mechanisms to identify visitors for long-term activities. We implemented and deployed the honeypot for 31 months. Our honeypot observed critical operations, such as changing configurations of a remote management device. We also observed long-term access to WebUI and Telnet service of the honeypot.","PeriodicalId":55003,"journal":{"name":"Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135501212","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The war between cyber attackers and security analysts is gradually intensifying. Owing to the ease of obtaining and creating support tools, recent malware continues to diversify into variants and new species. This increases the burden on security analysts and hinders quick analysis. Identifying malware families is crucial for efficiently analyzing diversified malware; thus, numerous low-cost, general-purpose, deep-learning-based classification techniques have been proposed in recent years. Among these methods, malware images that represent binary features as images are often used. However, no models or architectures specific to malware classification have been proposed in previous studies. Herein, we conduct a detailed analysis of the behavior and structure of malware and focus on PE sections that capture the unique characteristics of malware. First, we validate the features of each PE section that can distinguish malware families. Then, we identify PE sections that contain adequate features to classify families. Further, we propose an ensemble learning-based classification method that combines features of highly discriminative PE sections to improve classification accuracy. The validation of two datasets confirms that the proposed method improves accuracy over the baseline, thereby emphasizing its importance.
{"title":"Ensemble Malware Classifier considering PE Section Information","authors":"Ren TAKEUCHI, Rikima MITSUHASHI, Masakatsu NISHIGAKI, Tetsushi OHKI","doi":"10.1587/transfun.2023cip0024","DOIUrl":"https://doi.org/10.1587/transfun.2023cip0024","url":null,"abstract":"The war between cyber attackers and security analysts is gradually intensifying. Owing to the ease of obtaining and creating support tools, recent malware continues to diversify into variants and new species. This increases the burden on security analysts and hinders quick analysis. Identifying malware families is crucial for efficiently analyzing diversified malware; thus, numerous low-cost, general-purpose, deep-learning-based classification techniques have been proposed in recent years. Among these methods, malware images that represent binary features as images are often used. However, no models or architectures specific to malware classification have been proposed in previous studies. Herein, we conduct a detailed analysis of the behavior and structure of malware and focus on PE sections that capture the unique characteristics of malware. First, we validate the features of each PE section that can distinguish malware families. Then, we identify PE sections that contain adequate features to classify families. Further, we propose an ensemble learning-based classification method that combines features of highly discriminative PE sections to improve classification accuracy. The validation of two datasets confirms that the proposed method improves accuracy over the baseline, thereby emphasizing its importance.","PeriodicalId":55003,"journal":{"name":"Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135501215","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.1587/transfun.2023tap0016
Kengo HASHIMOTO, Ken-ichi IWATA
The class of k-bit delay decodable codes, source codes allowing decoding delay of at most k bits for k ≥ 0, can attain a shorter average codeword length than Huffman codes. This paper discusses the general properties of the class of k-bit delay decodable codes with a finite number of code tables and proves two theorems which enable us to limit the scope of codes to be considered when discussing optimal k-bit delay decodable codes.
{"title":"Properties of <i>k</i>-bit Delay Decodable Codes","authors":"Kengo HASHIMOTO, Ken-ichi IWATA","doi":"10.1587/transfun.2023tap0016","DOIUrl":"https://doi.org/10.1587/transfun.2023tap0016","url":null,"abstract":"The class of k-bit delay decodable codes, source codes allowing decoding delay of at most k bits for k ≥ 0, can attain a shorter average codeword length than Huffman codes. This paper discusses the general properties of the class of k-bit delay decodable codes with a finite number of code tables and proves two theorems which enable us to limit the scope of codes to be considered when discussing optimal k-bit delay decodable codes.","PeriodicalId":55003,"journal":{"name":"Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134966845","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.1587/transfun.2023eal2053
Guang LI, Ren TOGO, Takahiro OGAWA, Miki HASEYAMA
In this study, we propose a novel dataset distillation method based on parameter pruning. The proposed method can synthesize more robust distilled datasets and improve distillation performance by pruning difficult-to-match parameters during the distillation process. Experimental results on two benchmark datasets show the superiority of the proposed method.
{"title":"Dataset Distillation Using Parameter Pruning","authors":"Guang LI, Ren TOGO, Takahiro OGAWA, Miki HASEYAMA","doi":"10.1587/transfun.2023eal2053","DOIUrl":"https://doi.org/10.1587/transfun.2023eal2053","url":null,"abstract":"In this study, we propose a novel dataset distillation method based on parameter pruning. The proposed method can synthesize more robust distilled datasets and improve distillation performance by pruning difficult-to-match parameters during the distillation process. Experimental results on two benchmark datasets show the superiority of the proposed method.","PeriodicalId":55003,"journal":{"name":"Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134889656","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Spatial modulation (SM) is a type of multiple-input multiple-output (MIMO) technology that provides several benefits over traditional MIMO systems. SM-MIMO is characterized by its unique transmission principle, which results in lower costs, enhanced spectrum utilization, and reduced inter-channel interference. To optimize channel estimation performance over frequency-selective channels in the spatial modulation system, cross Z-complementary pairs (CZCPs) have been proposed as training sequences. The zero correlation zone (ZCZ) properties of CZCPs for auto-correlation sums and cross-correlation sums enable them to achieve optimal channel estimation performance. In this paper, we systematically construct CZCPs based on binary Gary complementary pairs and binary Gary complementary pairs via Turyn's method. We employ a special matrix operation and concatenation method to obtain CZCPs with new lengths 2M + N and 2(M + L), where M and L are the lengths of binary GCP, and N is the length of binary GCP via Turyn's method. Further, we obtain the perfect CZCP with new length 4N and extend the lengths of CZCPs.
{"title":"Novel Constructions of Cross Z-Complementary Pairs with new lengths","authors":"Longye WANG, Chunlin CHEN, Xiaoli ZENG, Houshan LIU, Lingguo KONG, Qingping YU, Qingsong WANG","doi":"10.1587/transfun.2023eap1075","DOIUrl":"https://doi.org/10.1587/transfun.2023eap1075","url":null,"abstract":"Spatial modulation (SM) is a type of multiple-input multiple-output (MIMO) technology that provides several benefits over traditional MIMO systems. SM-MIMO is characterized by its unique transmission principle, which results in lower costs, enhanced spectrum utilization, and reduced inter-channel interference. To optimize channel estimation performance over frequency-selective channels in the spatial modulation system, cross Z-complementary pairs (CZCPs) have been proposed as training sequences. The zero correlation zone (ZCZ) properties of CZCPs for auto-correlation sums and cross-correlation sums enable them to achieve optimal channel estimation performance. In this paper, we systematically construct CZCPs based on binary Gary complementary pairs and binary Gary complementary pairs via Turyn's method. We employ a special matrix operation and concatenation method to obtain CZCPs with new lengths 2M + N and 2(M + L), where M and L are the lengths of binary GCP, and N is the length of binary GCP via Turyn's method. Further, we obtain the perfect CZCP with new length 4N and extend the lengths of CZCPs.","PeriodicalId":55003,"journal":{"name":"Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136053322","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.1587/transfun.2023gcp0004
Satoshi Tanaka, Takeshi Yoshida, Minoru Fujishima
L-type LC/CL matching circuits are well known for their simple analytical solutions and have been applied to many radio-frequency (RF) circuits. When actually constructing a circuit, parasitic elements are added to inductors and capacitors. Therefore, each L and C element has a self-resonant frequency, which affects the characteristics of the matching circuit. In this paper, the parallel parasitic capacitance to the inductor and the series parasitic inductor to the capacitance are taken up as parasitic elements, and the details of the effects of the self-resonant frequency of each element on the S11, voltage standing wave ratio (VSWR) and S21 characteristics are reported. When a parasitic element is added, each characteristic basically tends to deteriorate as the self-resonant frequency decreases. However, as an interesting feature, we found that the combination of resonant frequencies determines the VSWR and passband characteristics, regardless of whether it is the inductor or the capacitor.
{"title":"Effects of parasitic elements on L-type LC/CL matching circuits","authors":"Satoshi Tanaka, Takeshi Yoshida, Minoru Fujishima","doi":"10.1587/transfun.2023gcp0004","DOIUrl":"https://doi.org/10.1587/transfun.2023gcp0004","url":null,"abstract":"L-type LC/CL matching circuits are well known for their simple analytical solutions and have been applied to many radio-frequency (RF) circuits. When actually constructing a circuit, parasitic elements are added to inductors and capacitors. Therefore, each L and C element has a self-resonant frequency, which affects the characteristics of the matching circuit. In this paper, the parallel parasitic capacitance to the inductor and the series parasitic inductor to the capacitance are taken up as parasitic elements, and the details of the effects of the self-resonant frequency of each element on the S11, voltage standing wave ratio (VSWR) and S21 characteristics are reported. When a parasitic element is added, each characteristic basically tends to deteriorate as the self-resonant frequency decreases. However, as an interesting feature, we found that the combination of resonant frequencies determines the VSWR and passband characteristics, regardless of whether it is the inductor or the capacitor.","PeriodicalId":55003,"journal":{"name":"Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135447067","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.1587/transfun.2023eal2055
Chao HE, Xiaoqiong RAN, Rong LUO
Cyclic codes are a subclass of linear codes and have applications in consumer electronics, data storage systems, and communication systems as they have efficient encoding and decoding algorithms. Let C(t,e) denote the cyclic code with two nonzero αt and αe, where α is a generator of 𝔽*3m. In this letter, we investigate the ternary cyclic codes with parameters [3m-1, 3m-1-2m, 4] based on some results proposed by Ding and Helleseth in 2013. Two new classes of optimal ternary cyclic codes C(t,e) are presented by choosing the proper t and e and determining the solutions of certain equations over 𝔽3m.
{"title":"Two classes of optimal ternary cyclic codes with minimum distance four","authors":"Chao HE, Xiaoqiong RAN, Rong LUO","doi":"10.1587/transfun.2023eal2055","DOIUrl":"https://doi.org/10.1587/transfun.2023eal2055","url":null,"abstract":"Cyclic codes are a subclass of linear codes and have applications in consumer electronics, data storage systems, and communication systems as they have efficient encoding and decoding algorithms. Let C(t,e) denote the cyclic code with two nonzero αt and αe, where α is a generator of 𝔽*3m. In this letter, we investigate the ternary cyclic codes with parameters [3m-1, 3m-1-2m, 4] based on some results proposed by Ding and Helleseth in 2013. Two new classes of optimal ternary cyclic codes C(t,e) are presented by choosing the proper t and e and determining the solutions of certain equations over 𝔽3m.","PeriodicalId":55003,"journal":{"name":"Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136367970","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.1587/transfun.2023map0006
Fuma MOTOYAMA, Koichi KOBAYASHI, Yuh YAMASHITA
Control of complex networks such as gene regulatory networks is one of the fundamental problems in control theory. A Boolean network (BN) is one of the mathematical models in complex networks, and represents the dynamic behavior by Boolean functions. In this paper, a solution method for the finite-time control problem of BNs is proposed using a BDD (binary decision diagram). In this problem, we find all combinations of the initial state and the control input sequence such that a certain control specification is satisfied. The use of BDDs enables us to solve this problem for BNs such that the conventional method cannot be applied. First, after the outline of BNs and BDDs is explained, the problem studied in this paper is given. Next, a solution method using BDDs is proposed. Finally, a numerical example on a 67-node BN is presented.
{"title":"A BDD-Based Approach to Finite-Time Control of Boolean Networks","authors":"Fuma MOTOYAMA, Koichi KOBAYASHI, Yuh YAMASHITA","doi":"10.1587/transfun.2023map0006","DOIUrl":"https://doi.org/10.1587/transfun.2023map0006","url":null,"abstract":"Control of complex networks such as gene regulatory networks is one of the fundamental problems in control theory. A Boolean network (BN) is one of the mathematical models in complex networks, and represents the dynamic behavior by Boolean functions. In this paper, a solution method for the finite-time control problem of BNs is proposed using a BDD (binary decision diagram). In this problem, we find all combinations of the initial state and the control input sequence such that a certain control specification is satisfied. The use of BDDs enables us to solve this problem for BNs such that the conventional method cannot be applied. First, after the outline of BNs and BDDs is explained, the problem studied in this paper is given. Next, a solution method using BDDs is proposed. Finally, a numerical example on a 67-node BN is presented.","PeriodicalId":55003,"journal":{"name":"Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135104550","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.1587/transfun.2023eap1062
Wenjian WANG, Zhi GU, Avik RANJAN ADHIKARY, Rong LUO
The auto-correlation property of Huffman sequence makes it a good candidate for its application in radar and communication systems. However, high peak-to-average power ratio (PAPR) of Huffman sequence severely limits its application value. In this paper, we propose a novel algorithm to construct Huffman sequences with low PAPR. We have used the roots of the polynomials corresponding to Huffman sequences of length M + 1 to construct Huffman sequences of length 2M + 1, with low PAPR.
{"title":"A Novel Approach to Construct Huffman Sequences With Low PAPR","authors":"Wenjian WANG, Zhi GU, Avik RANJAN ADHIKARY, Rong LUO","doi":"10.1587/transfun.2023eap1062","DOIUrl":"https://doi.org/10.1587/transfun.2023eap1062","url":null,"abstract":"The auto-correlation property of Huffman sequence makes it a good candidate for its application in radar and communication systems. However, high peak-to-average power ratio (PAPR) of Huffman sequence severely limits its application value. In this paper, we propose a novel algorithm to construct Huffman sequences with low PAPR. We have used the roots of the polynomials corresponding to Huffman sequences of length M + 1 to construct Huffman sequences of length 2M + 1, with low PAPR.","PeriodicalId":55003,"journal":{"name":"Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135260759","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.1587/transfun.2023mai0001
Kotaro NAGAE, Toshimitsu USHIO
We address a path planning problem for heterogeneous multi-robot systems under specifications consisting of temporal constraints and routing tasks such as package delivery services. The robots are partitioned into several groups based on their dynamics and specifications. We introduce a concise description of such tasks, called a work, and extend counting LTL to represent such specifications. We convert the problem into an ILP problem. We show that the number of variables in the ILP problem is fewer than that of the existing method using cLTL+. By simulation, we show that the computation time of the proposed method is faster than that of the existing method.
{"title":"Extension of Counting LTL and Its Application to a Path Planning Problem for Heterogeneous Multi-Robot Systems","authors":"Kotaro NAGAE, Toshimitsu USHIO","doi":"10.1587/transfun.2023mai0001","DOIUrl":"https://doi.org/10.1587/transfun.2023mai0001","url":null,"abstract":"We address a path planning problem for heterogeneous multi-robot systems under specifications consisting of temporal constraints and routing tasks such as package delivery services. The robots are partitioned into several groups based on their dynamics and specifications. We introduce a concise description of such tasks, called a work, and extend counting LTL to represent such specifications. We convert the problem into an ILP problem. We show that the number of variables in the ILP problem is fewer than that of the existing method using cLTL+. By simulation, we show that the computation time of the proposed method is faster than that of the existing method.","PeriodicalId":55003,"journal":{"name":"Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135843896","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: