One of the main issues of Mobile IPv6 is handover latency that causes service disruption time. Although plenty of proposals significantly reduce the service disruption time, they suffer from redundant routing that causes packet misordering and bandwidth consumption during the process of inter-domain handover. In this paper, we propose a new scheme that minimizes the redundant routing during the process of inter-domain handover by utilizing forwarding routers for each correspondent node. Our proposed scheme consists of forwarding router discovery and proactive handover. We evaluate our proposed scheme in the view of packet misordering and bandwidth consumption, and clarify the efficiency of our proposed scheme. We also evaluate the impact of the forwarding routers' capacity since routers have limited resources. By strategically locating forwarding routers, e.g. next to the router that has peering to another domain, the redundant routing caused by inter-domain handover will be efficiently suppressed.

Characteristics of a class of stepped-impedance resonators (SIRs) which is loaded with two dielectric rods, are investigated by a Finite-Difference Time-Domain (FDTD) method. Dielectric rods to be inserted between a strip conductor and the ground plane have higher relative permittivity than that of the substrate. When a tapped half-wavelength (λ/2) microstrip resonator is loaded with two dielectric rods, the electric length of a loaded λ/2 resonator becomes longer than λ/2, which makes its fundamental resonant frequency () to be generated on the region lower than that of an unloaded λ/2 resonator (fr) and its first spurious response (fsp1) is generated on the region higher than 2. Therefore, to shift back to fr, the resonator's length is to be reduced, and this, in turns, suppress the spurious responses. Then, the resonant characteristics of an SIR employing the proposed method has also been investigated, and it is found that this is capable of suppressing the spurious responses in wideband together with an attenuation pole in the stopband, and of further reducing the resonator's length. Therefore, wide exploitation of the presented method can be expected in the filter design based on the LTCC technique.

System administrators and security officials of an organization need to deal with vulnerable IT assets, especially those with severe vulnerabilities, to minimize the risk of these vulnerabilities being exploited. The Common Vulnerability Scoring System (CVSS) can be used as a means to calculate the severity score of vulnerabilities, but it currently requires human operators to choose input values. A word-level Convolutional Neural Network (CNN) has been proposed to estimate the input parameters of CVSS and derive the severity score of vulnerability notes, but its accuracy needs to be improved further. In this paper, we propose a character-level CNN for estimating the severity scores. Experiments show that the proposed scheme outperforms conventional one in terms of accuracy and how errors occur.

With the rapid evolution and increase of cyberthreats in recent years, it is necessary to detect and understand it promptly and precisely to reduce the impact of cyberthreats. A darknet, which is an unused IP address space, has a high signal-to-noise ratio, so it is easier to understand the global tendency of malicious traffic in cyberspace than other observation networks. In this paper, we aim to capture global cyberthreats in real time. Since multiple hosts infected with similar malware tend to perform similar behavior, we propose a system that estimates a degree of synchronizations from the patterns of packet transmission time among the source hosts observed in unit time of the darknet and detects anomalies in real time. In our evaluation, we perform our proof-of-concept implementation of the proposed engine to demonstrate its feasibility and effectiveness, and we detect cyberthreats with an accuracy of 97.14%. This work is the first practical trial that detects cyberthreats from in-the-wild darknet traffic regardless of new types and variants in real time, and it quantitatively evaluates the result.

In this paper, we developed the latest IoT honeypots to capture IoT malware currently on the loose, analyzed IoT malware with new features such as persistent infection, developed malware removal methods to be provided to IoT device users. Furthermore, as attack behaviors using IoT devices become more diverse and sophisticated every year, we conducted research related to various factors involved in understanding the overall picture of attack behaviors from the perspective of incident responders. As the final stage of countermeasures, we also conducted research and development of IoT malware disabling technology to stop only IoT malware activities in IoT devices and IoT system disabling technology to remotely control (including stopping) IoT devices themselves.

This paper describes a new approach to detect a fingerprint core location using the extended relational graph, which is generated by the segmentation of the ridge directional image. The extended relational graph presents the adjacency between segments of the directional image and the boundary information between segments of the directional image. The boundary curves generated by the boundary information in the extended relational graph is approximated to the straight lines. The fingerprint core location is calculated as center of the gravity in the points of intersection of these approximated lines. Experimental results show that 90.8% of the 130 fingerprint samples are succeeded to detect the core location.

An improvement of Q evaluation is discussed. The Resonance Curve Area method was confirmed to give a deviation in the order of 6104. The result was three times more accurate than the widely known Q evaluating method which utilizes the cursor function installed in a network analyzer. A discussion is also made on the physical validity of the RCA method. It is shown that the application of the RCA method improves the accuracy of the cavity perturbation method. Actual measurements have shown that the deviation of dielectric constant is less than 1% and that of the loss tangent is less than 3%, in the order of 104. The accuracy of the RCA method was estimated to be three times that of the conventional cavity perturbation technique. The consistency of the perturbation with other methods has also confirmed. The accuracy comparison to more accurate formulae derived from a rigorous solution have shown that the difference is sufficiently small.

This paper presents a new method to improve the resonant characteristics of a microstrip resonator. The improved characteristics have been achieved by inserting two dielectric rods between strip conductor and the ground plane. Dielectric rods to be inserted have higher relative permittivity than that of the substrate. Therefore, it is suitable to realize by Low-Temperature Cofired Ceramics (LTCC) technique. Several model of microstrip resonators employing the proposed method are analyzed by a Finite-Difference Time-Domain (FDTD) method, and their resonant characteristics are discussed. One of the advantages of the proposed method is that an attenuation pole (fl or fh) in each side of the fundamental resonant frequency (fr) and improved-spurious responses can be realized together by a capacitive-coupling tapped resonator loaded with dielectric rods. The proposed method is also effective to achieve sharp skirt characteristics and wide stopband of a direct-coupling tapped resonator which can be used either as a wideband lowpass filter or a band-elimination filter. Another interesting feature of the analyzed resonators is that about 60% reduction in resonator's length has been obtained compared to a basic half-wavelength (λ/2) microstrip resonator. Therefore, wide exploitation of the proposed method can be expected in the filter design based on the LTCC technique.

Analyzing a malware sample requires much more time and cost than creating it. To understand the behavior of a given malware sample, security analysts often make use of API call logs collected by the dynamic malware analysis tools such as a sandbox. As the amount of the log generated for a malware sample could become tremendously large, inspecting the log requires a time-consuming effort. Meanwhile, antivirus vendors usually publish malware analysis reports (vendor reports) on their websites. These malware analysis reports are the results of careful analysis done by security experts. The problem is that even though there are such analyzed examples for malware samples, associating the vendor reports with the sandbox logs is difficult. This makes security analysts not able to retrieve useful information described in vendor reports. To address this issue, we developed a system called AMAR-Generator that aims to automate the generation of malware analysis reports based on sandbox logs by making use of existing vendor reports. Aiming at a convenient assistant tool for security analysts, our system employs techniques including template matching, API behavior mapping, and malicious behavior database to produce concise human-readable reports that describe the malicious behaviors of malware programs. Through the performance evaluation, we first demonstrate that AMAR-Generator can generate human-readable reports that can be used by a security analyst as the first step of the malware analysis. We also demonstrate that AMAR-Generator can identify the malicious behaviors that are conducted by malware from the sandbox logs; the detection rates are up to 96.74%, 100%, and 74.87% on the sandbox logs collected in 2013, 2014, and 2015, respectively. We also present that it can detect malicious behaviors from unknown types of sandbox logs.

The Topics over Time (TOT) model allows users to be aware of changes in certain topics over time. The proposed method inputs the divided dataset of security blog posts based on a fixed period using an overlap period to the TOT. The results suggest the extraction of topics that include malware and attack campaign names that are appropriate for the multi-labeling of cyber threat intelligence reports.