A paper got accepted (ACSAC19)

Posted on 24th August 2019 by mori

Our paper on the automatic generation of IOC (indicator of compromise) submitted to the 35th Annual Computer Security Applications Conference (ACSAC2019) got accepted for publication. This is a joint work with NTT and UC Berkeley. Congratulations, Kurogome-san!

Yuma Kurogome, Yuto Otsuki, Yuhei Kawakoya, Makoto Iwamura, Syogo Hayashi, Tatsuya Mori, and Koushik Sen, “EIGER: Automated IOC Generation for Accurate and Interpretable Endpoint Malware Detection, ” Proceedings of the the 35th Annual Computer Security Applications Conference (ACSAC2019), pp. xx–xx, December 2019. (acceptance rate = 22.6%=60/266) (to appear)

A paper got accepted (IMC19)

Posted on 19th July 2019 by mori

Our paper on the IDN homograph attack detection submitted to the 19th ACM Internet Measurement Conference (IMC 2019) got accepted for publication. This is a joint work with JPRS and NTT Secure Platform Labs. Congratulations, Suzuki-kun!

H. Suzuki, D. Chiba, Y. Yoneya, T. Mori, and S. Goto, “ShamFinder: An Automated Framework for Detecting IDN Homographs,” Proceedings of the 19th ACM Internet Measurement Conference (IMC 2019), pp. xx-xx, October 2019 (acceptance rate = 19.3%=38/197) (to appear)

Preprint is available: https://arxiv.org/abs/1909.07539

Presented a talk at EuroUSEC2019

Posted on 21st June 2019 by mori

Mori-san presented a talk at the 4th IEEE European Workshop on Usable Security (EuroUSEC 2019), which is held in Stockholm, Sweden. This work is a joint work with NTT Secure Platform Laboratories.

K. Mori, T. Watanabe, Y. Zhou, A. Hasegawa, M. Akiyama, T. Mori, “Comparative Analysis of Three Language Spheres: Are Linguistic and Cultural Differences Reflected in Password Selection Habits?,” Proceedings of the 4th IEEE European Workshop on Usable Security (EuroUSEC 2019), pp. 159-171, June 2019 [PDF]

Tap ‘n Ghost has been covered by several news websites

Posted on 6th June 2019 by mori

Tap ‘n Ghost project has been covered by the following tech news websites. The original work was presented at IEEE S&P2019.

[1] 2019/6/1 New attack creates ghost taps on modern Android smartphones (ZDNet)
[2] 2019/6/3 Tap ‘n Ghost Attack Creatively Targets Android Devices (ThreatPost)
[3] 2019/6/4 Newly discovered Tap ‘n Ghost attack can be used to target Android devices (CYWARE)
[4] 2019/6/5 Tap ‘N Ghost Attack – To Target Touchscreen Devices (HackersOnlineClub)
[5] 2019/6/5 Newly Discovered Tap ’n Ghost Attack Let Hackers to Remotely Control Android Smartphone (GBHackers)
[6] 2019/6/5 Tap ‘n Ghost Attack discovered by Security Researchers at Waseda University, Tokyo (TechnoidHub)
[7] 2019/6/7 TAP ‘N GHOST: A NOVEL ATTACK AGAINST SMARTPHONE TOUCHSCREENS (HACKADAY)

A preview image displayed here was cited from [5]: https://gbhackers.com/tap-n-ghost-attack-remotely-smartphones/, which covered our research.

A preview image displayed here was cited from [2]: https://threatpost.com/tap-ghost-attack-android/145286/, which covered our research.

東京五輪公式サイトに類似したドメイン名の調査分析

Posted on 30th May 2019 by mori

https://www3.nhk.or.jp/news/html/20190530/k10011934931000.html

はじめに

東京五輪公式サイト(tokyo2020.org )に類似したドメイン名の調査分析に関して、NHKの取材に協力しました。取材に基づくニュースが2019/5/30のニュース7、および首都圏ニュースで放送されました。以下では放送内では紹介しきれなかった具体的な調査方法と得られた結果の一部をご紹介したいと思います（さしあたってIT系技術者向けに書いています）。このような調査分析の趣旨は、フィッシング攻撃に対する注意喚起が主目的です。東京オリンピックにちなんだビジネスや関連事業を営む方々が類似ドメイン名を正当な目的で使うことは十分に考えられ、決してそれらの営みに問題があるといった主張ではありません。どうぞご了承ください。

※以下に簡単な分析結果を示しますが、現在十分な時間がとれないため、徐々に更新していきます。

Continue reading →