日本酒ゴーアラウンドは，日本酒卍固めが中心になって10月1日の「日本酒の日」に開催しているはしご酒イベントである．このイベントには多くの飲食店が参加するために，参加者は事前に公開される飲食店と酒蔵に関する情報を閲覧して巡回プランを作成しておき，当日はその時の状況に合わせてプランを修正しながら飲食店を巡回する必要がある．本稿では，NGA 2015に参加する飲食店と酒蔵に関する事前の情報収集とイベント当日の回遊行動を支援するために作成したシステムであるNGAナビについて紹介すると共に，実際に2015年9月24日からイベント当日の10月1日までの8日間運用して収集した利用履歴を情報閲覧と回遊行動の観点から分析した結果について報告する．さらに，作成したシステムと収集したデータの妥当性や問題点について考察する．

抄録全体を表示

I present a new text mining approach combined with network analysis to quantify the distribution patterns of the associated geographical names on a transportation network. extract geographical names from user's search queries recorded in search engine query logs and compare the similarities of any pair of geographical names using Jaccard coefficient. I found that a set of associated geographical names for each geographical name shows a specific spatial distribution pattern on transportation network and define a measure for quantifying such characteristics. Furthermore, I discuss its characteristics and application for information navigation.

抄録全体を表示

Privacy issues due to web tracking are a continuously evolving problem. One tracking method utilizes third-party cookies. This method analyzes user behavior and interest on the Web by sharing cookies with third-party vendors such as analytics and advertising brokers. Several regulations on third-party cookies have been considered by countries and browser vendors to address privacy issues due to such excessive web tracking. However, third-party vendors continue to track users with new technologies such as link decoration that embeds cookies in URLs and CNAME cloaking which tricks browsers into treating third-party cookies as a first-party. In this paper, we analyze cookie sharing by link decoration and CNAME cloaking and reveal their privacy issues. In addition, we reveal new security risks emerging from these technologies.

抄録全体を表示

In the face of constant malicious attacks to network-connected software systems, software vulnerabilities need to be discovered early in the development phase. In this paper, we present AspFuzz, a state-aware protocol fuzzer based on the specifications of application-layer protocols. AspFuzz automatically generates anomalous messages that exploit possible vulnerabilities. The key observation behind AspFuzz is that most attack messages violate the strict specifications of application-layer protocols. For example, they do not conform to the rigid format or syntax required of each message. In addition, some attack messages ignore the protocol states and have incorrect orders of messages. AspFuzz automatically generates a large number of anomalous messages that deliberately violate the specifications of application-layer protocols. To demonstrate the effectiveness of AspFuzz, we conducted experiments with POP3 and HTTP servers. With AspFuzz, we can discover 20 reported and 1 previously unknown vulnerabilities for POP3 servers and 25 reported vulnerabilities for HTTP servers. Two vulnerabilities among these can be discovered by the state-awareness of AspFuzz. It can also find a SIP state-related vulnerability.

抄録全体を表示

Web tracking sites or Web bugs are potential but serious threats to users' privacy during Web browsing. Web sites and their associated advertising sites surreptitiously gather the profiles of visitors and possibly abuse or improperly expose them, even if visitors are unaware their profiles are being utilized. In order to prevent such sites in a corporate network, most companies employ filters that rely on blacklists, but these lists are insufficient. In this paper, we propose Web tracking sites detection and blacklist generation based on temporal link analysis. Our proposal analyzes traffic at the network gateway so that it can monitor all tracking sites in the administrative network. The proposed algorithm constructs a graph between sites and their visited time in order to characterize each site. Then, the system classifies suspicious sites using machine learning. We confirm that public black lists contain at most 22-70% of the known tracking sites respectively. The machine learning can identify the blacklisted sites with true positive rate, 62-73%, which is more accurate than any single blacklist. Although the learning algorithm falsely identified 15% of unlisted sites, 96% of these are verified to be unknown tracking sites by means of a manual labeling. These unknown tracking sites can serve as good candidates for an entry of a new backlist.

抄録全体を表示

Web tracking sites or Web bugs are potential but serious threats to users' privacy during Web browsing. Web sites and their associated advertising sites surreptitiously gather the profiles of visitors and possibly abuse or improperly expose them, even if visitors are unaware their profiles are being utilized. In order to prevent such sites in a corporate network, most companies employ filters that rely on blacklists, but these lists are insufficient. In this paper, we propose Web tracking sites detection and blacklist generation based on temporal link analysis. Our proposal analyzes traffic at the network gateway so that it can monitor all tracking sites in the administrative network. The proposed algorithm constructs a graph between sites and their visited time in order to characterize each site. Then, the system classifies suspicious sites using machine learning. We confirm that public black lists contain at most 22-70% of the known tracking sites respectively. The machine learning can identify the blacklisted sites with true positive rate, 62-73%, which is more accurate than any single blacklist. Although the learning algorithm falsely identified 15% of unlisted sites, 96% of these are verified to be unknown tracking sites by means of a manual labeling. These unknown tracking sites can serve as good candidates for an entry of a new backlist.

抄録全体を表示

POSデータに代表される，稠密なマーケットデータは，これまでの集計データでは把握できなかった個人の行動を測定できるようになった．これに伴い，マーケティング分野における分析範囲を大きく広げ，さまざまなマーケティング戦略策定のための分析を可能にしてきた．本報告では，最近のマーケティング分析にかかわる話題を整理し，分析事例を含めながら解説する．

抄録全体を表示

年に軍事目的で開発されたインターネットが, 商用利用され始めてから約10年の間に電子商取引は目覚しい進展を遂げており, さらに発展すると予想されている。電子商取引は, 様々な情報関連技術に支えられて, 企業間の取引だけでなく, 個人的な買い物の手段として利用されている。
そこで本稿では, 電子商取引を支える関連技術について調査するとともに電子商取引の今後の課題について考察する。

抄録全体を表示

In anonymous reputation systems, where after an interaction between anonymous users, one of the users evaluates the peer by giving a rating. Ratings for a user are accumulated, which becomes the reputation of the user. By using the reputation, we can know the reliability of an anonymous user. Previously, anonymous reputation systems have been proposed, using an anonymous e-cash scheme. However, in the e-cash-based systems, the bank grasps the accumulated reputations for all users, and the fluctuation of reputations. These are private information for users. Furthermore, the timing attack using the deposit times is possible, which makes the anonymity weak. In this paper, we propose an anonymous reputation system, where the reputations of users are secret for even the reputation manager such as the bank. Our approach is to adopt an anonymous credential certifying the accumulated reputation of a user. Initially a user registers with the reputation manager, and is issued an initial certificate. After each interaction with a rater, the user as the ratee obtains an updated certificate certifying the previous reputation summed up by the current rating. The update protocol is based on the zero-knowledge proofs, and thus the reputations are secret for the reputation manager. On the other hand, due to the certificate, the user cannot maliciously alter his reputation.

抄録全体を表示

本研究では橋梁目視検査の効率化を目指し, 熟練した検査員の専門的知識・経験を補完し, 意志決定に対していくつかの代替案を提示することにより支援を行うシステムを構築した. 本システムは, クライアント (検査者) 端末の負担軽減, 処理の高速化・情報の大容量化, 情報の一元管理を実現するためクライアント/サーバ形式を採用し, サーバ側ではオープンソースのソフトウェアを用いてデータベース連携によるWebアプリケーションの構築を行った. なお, クライアント端末には携帯性に優れたウェアラブルコンピュータを採用した. また, 移動通信端末を用いることでサーバとインタラクティブな情報交換を実現した.

抄録全体を表示

　学術論文等の評価指標として，従来は論文の被引用数が用いられてきたが，近年ではオルトメトリクス（Altmetrics）などのソーシャルメディア上の反応を用いる方法も提案されている．本論文では，オルトメトリクスに用いられるような，インターネット上の論文に関するユーザの行動から求める論文検索サービス上の閲覧人数やソーシャルメディア上の言及人数などの論文の重要性を表す基本指標とは別に，論文がどの程度普遍的なものとして扱われているかを示す普遍度を用いて，論文の特性を分析する手法を提案する．実際に，2 年間のCiNii Articles の検索ログとソーシャルメディア上の論文の言及データを用いて，同一の論文集合に対する論文の閲覧と言及の違いや特性を分析すると同時に，提案指標の妥当性を検証する．

抄録全体を表示