待ち行列推定に基づくパケットロス攻撃検知の᫔᫓強度依 存性

Vol.2013-DPS-154 No.28
Vol.2013-CSEC-60 No.28
2013/3/14
৘ใॲཧֶձ‫ڀݚ‬ใࠂ
IPSJ SIG Technical Report
଴ͪߦྻਪఆʹ‫ͮ͘ج‬ύέοτϩε߈ܸ‫ݕ‬஌ͷ᫔᫓‫౓ڧ‬ґ
ଘੑ
ࡉҪ ୖ࿕1,a)
দӜ ‫װ‬ଠ1,b)
֓ཁɿωοτϫʔΫ಺ͷϧʔλΛ৐ͬऔͬͯ௨৴Λૢ࡞͢Δ߈ܸͷҰͭʹɼͦͷϧʔλΛ௨ա͢Δ೚ҙͷ
ύέοτΛ࡟আ͠௨৴Λ๦֐͢Δɼύέοτϩε߈ܸ͕͋Δɽ᫔᫓ʹΑΔ௨ৗͷύέοτഇ‫͕͋غ‬ΔதͰ
͜ͷύέοτϩε߈ܸΛߴਫ਼౓Ͱ‫ݕ‬஌͢Δํ͕ࣜ Mizrak ΒʹΑͬͯఏҊ͞Ε͕ͨɼͦͷੑೳධՁ͸·ͩ
໢ཏ͞Ε͍ͯͳ͍ɽຊߘͰ͸൴ΒͷํࣜʹΑΔύέοτϩε߈ܸͷ‫ݕ‬஌ੑೳʹ͍ͭͯɼ᫔᫓ͷఔ౓ʹର͢
ΔґଘੑΛௐ΂ͨ݁ՌΛใࠂ͢Δɽ
HOSOI Takurou1,a)
1. ͸͡Ίʹ
Πϯλʔωοτͷ௨৴͸ɼωοτϫʔΫͷ݁અ఺Ͱ͋Δ
ϧʔλ͕ਖ਼͍͠‫ܦ‬࿏ʹಋ͘͜ͱͰ੒Γཱ͍ͬͯΔɽωοτ
Matsuura Kanta1,b)
ज़ʹൺ΂ͯࠔ೉ͳ໰୊ʹͳ͍ͬͯΔɽ·ͨɼύέοτͷഇ
‫ࣗغ‬ମ͸ɼΠϯλʔωοτϓϩτίϧͰ΋௨৴ͷࠞࡶʹର
Ԡ͢ΔͨΊʹਖ਼‫ߦʹن‬ΘΕΔɽύέοτϩε߈ܸ͸͜Εͱ
۠ผͯ͠‫ݕ‬஌͞Εͳ͚Ε͹ͳΒͳ͍ɽ
ϫʔΫʹ઀ଓ͞Εͨଞͷ‫ͱثػ‬ಉ༷ɼ͜ͷϧʔλ΋ωοτ
ॳ‫ظ‬ͷ‫ݕ‬஌ํ๏͸ɼૹ৴ଆ͔ΒૹΒΕΔύέοτͷૹ৴
ϫʔΫΛ௨ͨ͡߈ܸΛड͚ɼ৐ͬऔΒΕΔ͜ͱ͕͋Δɽ߈
਺ͱ࣮ࡍʹड͚औͬͨύέοτ਺ͷҧ͍͔Βύέοτͷഇ
ܸऀʹ৐ͬऔΒΕͨϧʔλ͸ɼͦ͜Λ௨ա͢ΔύέοτΛ
‫غ‬Λ‫ݕ‬஌͠ɼͦͷഇ‫غ‬ύέοτ਺͕͋Δᮢ஋Λ௒͑ͨ৔߹
ૢ࡞͢Δ͜ͱͰɼωοτϫʔΫ಺ͷ௨৴΁߈ܸΛ࢓ֻ͚Δ
ʹ߈ܸͱ൑அ͢Δ΋ͷͰ͋ͬͨɽ͜ͷํࣜ͸ద੾ͳᮢ஋ͷ
͜ͱ͕Ͱ͖Δɽ͜ͷ߈ܸํ๏ʹ͸େผͯ͠ɼωοτϫʔΫ
ઃఆ͕೉͍͚ͩ͠Ͱͳ͘ɼ߈ܸऀ͸͜ͷᮢ஋ະຬͰ͋Ε͹
੍‫ޚ‬໘Ͱͷ߈ܸͱɼωοτϫʔΫσʔλ໘Ͱͷ߈ܸͷೋͭ
߈ܸͱͯ͠‫ݕ‬஌͞ΕͣʹύέοτΛ࡟আ͢Δ͜ͱ͕Ͱ͖ͯ
͕͋Δɽલऀ͸ϧʔλͷϧʔςΟϯάςʔϒϧͷૢ࡞ͳ
͠·͏໰୊͕͋Δɽ
ͲɼഁյతͳӨ‫ݒ͕ڹ‬೦͞ΕΔ߈ܸΛ‫ؚ‬ΉͨΊɼͦΕΒʹ
ผͷରࡦઃ‫ํܭ‬਑ͱͯ͠ɼࠞࡶʹΑΔύέοτഇ‫غ‬ͷϞ
ର͢Δ‫͕͜ڀݚ‬Ε·Ͱଟ͘ͳ͞Ε͖͍ͯͯΔɽҰํ‫ऀޙ‬
σϧΛཱͯɼͦΕΛ‫ʹج‬ਖ਼‫ن‬ͷύέοτഇ‫ܸ߈ͱغ‬Λ۠ผ
͸ɼαʔϏε๦֐߈ܸ΍தؒऀ߈ܸɼϦϓϨΠ߈ܸͳͲΛ
͢Δํ๏΋͋Δɽ͔͠͠ɼ͜ͷํ๏Ͱ͸߈ܸ‫ݕ‬஌ʹे෼ͳ
‫ؚ‬ΉɽதͰ΋௨ա͢Δ೚ҙͷύέοτΛ࡟আ͢Δύέοτ
ਫ਼౓ͰࠞࡶʹΑΔύέοτഇ‫غ‬ΛϞσϧԽ͢Δͷ͸೉͍͠
ϩε߈ܸ͸ɼબ୒తʹߦ͏͜ͱͰ࡟আύέοτྔͷগͳ͞
ͱ͍͏໰୊͕͋ͬͨɽ
ʹରͯ͠େ͖ͳඃ֐Λ༩͑ΔೳྗΛ࣋ͭɽྫ͑͹ɼTCP ͷ
ͦͷ‫ ޙ‬Mizrak ΒʹΑͬͯɼϧʔλ಺ͷύέοτసૹͷ
ίωΫγϣϯཱ֬ͷͨΊʹ·ͣग़͞ΕΔ TCP SYN ύέο
଴ͪߦྻʢΩϡʔʣΛਪఆ͢Δ͜ͱͰɼߴ͍‫ݕ‬஌ੑೳΛ࣋
τΛ͋Δαʔό΁ͷ෼͚ͩ࡟আ͢Δ͜ͱͰɼ͜ͷαʔόΛ
ͭɼ‫࣮ݱ‬తͳύέοτϩε߈ܸ‫ݕ‬஌ํ͕ࣜఏҊ͞Εͨ [1] ɽ
ར༻͠Α͏ͱ͍ͯ͠ΔϢʔβʹλΠϜΞ΢τ·Ͱͷൺֱత
͜ͷํࣜ͸ɼ͋Δϧʔλʹ͓͍ͯύέοτϩε߈ܸ͕ߦΘ
௕͍࣌ؒ଴ͨͤΔ͜ͱΛ‫͍ڧ‬Δ߈ܸ͕Ͱ͖Δ [2] ɽ
Ε͔ͨͲ͏͔Λɼ௨৴ࠞࡶʹΑΔਖ਼‫ن‬ͷύέοτഇ‫۠ͱغ‬
͜ͷύέοτϩε߈ܸΛ‫ݕ‬஌͢Δʹ͸ɼ͋Δ͹ͣͷύ
ผͯ͠‫ݕ‬஌͢Δɽύέοτͷഇ‫͕غ‬௨৴ࠞࡶʹΑΔਖ਼‫ن‬ͷ
έοτ͕ແ͍͜ͱΛ‫ݕ‬஌͢Δඞཁ͕͋Γɼଞͷ߈ܸ‫ݕ‬஌ٕ
΋ͷ͔Ͳ͏͔ͷ۠ผ͸ɼྡ઀͢ΔϧʔλͰͷ௨৴ͷ‫؍‬ଌ৘
ใ͔Βύέοτసૹͷ଴ͪߦྻͷ࠹͕Γ۩߹Λਪଌͨ݁͠
1
a)
b)
౦‫ژ‬େֶ
The University of Tokyo
[email protected]
[email protected]
ⓒ 2013 Information Processing Society of Japan
ՌΛ༻͍ͯɼ౷‫ֶܭ‬తʹߦ͏ɽ
͜ͷ଴ͪߦྻਪఆʹ‫ͮ͘ج‬ύέοτϩε߈ܸ‫ݕ‬஌ํࣜ
1
Vol.2013-DPS-154 No.28
Vol.2013-CSEC-60 No.28
2013/3/14
৘ใॲཧֶձ‫ڀݚ‬ใࠂ
IPSJ SIG Technical Report
ର৅ͱ͢Δϧʔλͷ଴ͪߦྻͷ༰ྔͳͲ΋શͯͷϧʔλ͕
i
ri
஌͍ͬͯΔͱԾఆ͢Δɽ
rs1
s2
..
.
Q
- ri
-
- rdi
i
2.2 ௨৴ͷ‫؍‬ଌ৘ใ
ૹ৴ଆͷϧʔλ rs1 ɼrs2 ɼ. . . ɼrsn ͔Β͸ɼड৴ଆͷ
ϧʔλ rd ΁ɼૹ৴ͨ͠ύέοτͷ৘ใ͕ҎԼͷ૊ͰૹΒ
rsn
ΕΔɽ
ਤ 1 ωοτϫʔΫߏ੒ਤɽ
͸ɼ࣮ࡍͷ௨৴ʹରͯ͠ϦΞϧλΠϜʹ࣮ߦՄೳͰ͋Δ͜
ͱ͕࣮૷࣮‫͔֬Ͱݧ‬ΊΒΕ͓ͯΓɼগͳ͍௨৴ෛՙ૿ՃͰ
ߴ͍‫ݕ‬஌ਫ਼౓Λࣔͨ͠ɽ͔࣮͠͠૷࣮‫ݧ‬ͷͨΊɼͦͷੑೳ
ධՁ͸·ͩ໢ཏ͞Ε͍ͯͳ͍ɽ͜ͷํ͕ࣜ‫ؚ‬Ήௐ੔Մೳͳ
ύϥϝʔλ΍௨৴‫ڥ؀‬Λද͢ύϥϝʔλʹର͢Δ‫ݕ‬஌ੑೳ
ͷґଘੑͷௐࠪͷॳΊͱͯ͠ɼզʑ͸จ‫[ ݙ‬3] Ͱ‫͔ͭز‬ͷ
ࢦඪʹ͍ͭͯͦͷ‫ݕ‬஌ੑೳ΁ͷӨ‫ڹ‬Λ؆୯ʹௐ΂ͨɽͦͷ
݁Ռɼద౓ʹਖ਼‫ن‬ͷύέοτഇ‫͕͋غ‬Δ௨৴ঢ়‫گ‬ʢਖ਼‫ن‬ͷ
ύέοτഇ‫ૹ͕غ‬৴ύέοτ਺ͷ਺% ∼ े਺% ఔ౓ʣͰ
͸ɼ௨৴ଳҬ෯΍଴ͪߦྻͷ༰ྔΛมԽͤͯ͞΋‫ݕ‬஌ੑೳ
͸େ͖͘มΘΒͳ͍͜ͱ͕෼͔ͬͨɽ͔࣮͠͠ࡍʹ͸ɼ௨
৴ྔ͕গͳ͘ਖ਼‫ن‬ͷύέοτഇ‫͕غ‬શ͘ແ͍ঢ়‫͔گ‬Β௨৴
աଟͷͨΊʹଟ͘ͷύέοτ͕ਖ਼‫ʹن‬ഇ‫͞غ‬ΕΔঢ়‫Ͱ·گ‬ɼ
͞·͟·ͳ௨৴ঢ়‫͜ى͕گ‬Γ͏Δɽͦ͜ͰຊߘͰ͸ɼ͜ͷ
‫ݕ‬஌ํࣜʹΑΔύέοτϩε߈ܸͷ‫ݕ‬஌ੑೳʹ͍ͭͯɼ᫔
᫓ͷఔ౓ʹର͢ΔґଘੑΛௐ΂ͨ݁ՌΛใࠂ͢Δɽ
2. ߈ܸ‫ݕ‬஌ํࣜ
ຊઅͰ͸ɼMizrak ΒʹΑͬͯఏҊ͞Εͨ଴ͪߦྻਪఆ
ʹ‫ͮ͘ج‬ύέοτϩε߈ܸ‫ݕ‬஌ํࣜ [1] ʹ͍ͭͯɼͦͷ߈
ܸ‫ݕ‬஌ํ๏Λେ·͔ʹઆ໌͢Δɽ
2.1 ωοτϫʔΫϞσϧ
ύέοτϩε߈ܸΛߦ͍ͬͯΔ͔Ͳ͏͔Λௐ΂Δର৅ͷ
ϧʔλΛ r ͱ͢Δɽr ͸ɼྡ઀͢Δϧʔλ rs1 ɼrs2 ɼ. . . ɼ
rsn ͔Βɼྡ઀͢Δϧʔλ rd ΁ύέοτΛసૹ͢Δʢਤ
1ʣɽసૹ͞ΕΔύέοτ͸ɼϧʔλ r ಺ͷ଴ͪߦྻ Q ʹ
Ұ୴ೖΕΒΕɼͦͷઌ΁ͷసૹ͕ՄೳʹͳΔͱɼॱʹऔΓ
ग़͞Εɼϧʔλ rd ΁ૹ৴͞ΕΔɽQ ͕ॱ൪Λ଴͍ͬͯΔ
ύέοτͰຒ·͍ͬͯΔͱɼ৽ͨʹ౸ணͨ͠ύέοτ͸ೖ
{ʢύέοτͷϑΟϯΨʔϓϦϯτʣ,
ʢύέοτ௕ʣ
ʢ
, ൃ৴࣌ࠁʣ}
͜ͷ௨৴৘ใ͸ɼҰఆ࣌ؒຖʹ·ͱΊΒΕɼ֤ૹ৴ଆϧʔ
λ͔Βଗͬͯ rd ΁ૹΒΕΔɽ
͜ΕʹରԠͯ͠ɼड৴ଆͷϧʔλ rd Ͱ΋ಉ༷ʹ௨৴Λ
‫؍‬ଌ͠ɼૹ৴ଆͱಉ࣌͡ࠁʹಉ࣌ؒ͡ຖͰ·ͱΊ͓ͯ͘ɽ
͜ͷ৔߹͸ɼ(1) ࣜͷ࠷‫ʹޙ‬͸ʢड৴࣌ؒʣΛೖΕΔɽ
‫ݩ‬ͷ‫ݕ‬஌ख๏Ͱ͸ɼ͜ΕΒͷ௨৴৘ใ͸ॺ໊ͳͲΛࢪ͠
্ͨͰૹ৴͞ΕΔɽ͜ΕʹΑΓɼ͜ͷ‫ݕ‬஌ख๏ͷϓϩτί
ϧʹैΘͳ͍ϧʔλ͕͋ͬͯ΋ɼͦΕΛωοτϫʔΫ੍‫ޚ‬
໘Ͱͷ߈ܸͱͯ͠‫ݕ‬஌Ͱ͖ΔΑ͏ʹͳ͍ͬͯΔɽ͜ͷ෦෼
͸௨৴ࠞࡶʹΑΔύέοτഇ‫ͱغ‬ύέοτϩε߈ܸͷ۠ผ
ʹ͸ؔ܎͠ͳ͍ͨΊɼຊߘͰ͸ׂѪ͢Δɽ
2.3 ‫ݕ‬஌खॱ
ड৴ଆͷϧʔλ rd Ͱૹ৴ଆͷ௨৴৘ใͱड৴ଆͷ௨৴
৘ใ͕ू·ͬͨͱ͜ΖͰɼ͜ͷ࣌ؒ۠ؒʹ͓͚Δड৴ଆͷ
ϧʔλ r ͷ଴ͪߦྻ Q ΁ͷύέοτͷग़ೖΓ͔ΒɼQ ಺
ʹཷ·͍ͬͯΔύέοτͷ૯ྔͷਪଌ஋ qpred ΛҎԼͷख
ॱͰॱ࣍‫͢ࢉܭ‬Δɽ
( 1 ) ௨৴৘ใΛҰͭͷ഑ྻʹ·ͱΊɼૹड৴࣌ؒͷૣ͍ॱ
ʹฒ΂Δɽ
( 2 ) (1) ͷ഑ྻ͔ΒॱʹҰͭͣͭύέοτ৘ใΛऔΓग़͠ɼ
ҎԼͷํ๏Ͱ qpred Λߋ৽͢Δɽ
( a ) ͜ͷύέοτ৘ใ͕ड৴ଆͷ΋ͷͳΒɼ
qpred (tcurrent )
= qpred (tprior ) −ʢύέοτ௕ʣ
( b ) ͜ͷύέοτ৘ใ͕ૹ৴ଆͷ΋ͷͰɼड৴ଆʹ΋
ରԠ͢Δύέοτ৘ใ͕͋ΔͳΒɼ
qpred (tcurrent )
= qpred (tprior ) +ʢύέοτ௕ʣ
( c ) ͜ͷύέοτ৘ใ͕ૹ৴ଆͷ΋ͷͰɼड৴ଆʹ͸
Δ͜ͱ͕Ͱ͖ͣɼഇ‫͞غ‬ΕΔʢࠞࡶʹΑΔύέοτഇ‫غ‬ʣ
ɽ
ରԠ͢Δύέοτ৘ใ͕ͳ͍ͳΒɼ
֤ύέοτ্͕ྲྀଆͷϧʔλ rsx ͔Βதؒͷϧʔλ r Λ௨
qpred (tcurrent ) = qpred (tprior )
ΓԼྲྀଆͷϧʔλ rd ʹಧ͘·Ͱʹ͸ɼ଴ͪߦྻ Q Ͱͷॱ
(1)
͜Ε͕ύέοτഇ‫غ‬ͷ‫ݕ‬஌ʹ͋ͨΔɽ
൪଴ͪͰඅ΍࣌ؒ͢ͷଞʹɼதؒͷϧʔλͷૹड৴ॲཧͷ
(2c) ͷύέοτഇ‫͕غ‬௨৴ࠞࡶʹΑΔਖ਼‫ن‬ͷ΋ͷ͔ɼύ
࣌ؒͱɼύέοτ௕ͱճઢͷଳҬ෯ʹԠͨ͡ɼ֤ϧʔλؒ
έοτϩε߈ܸʹΑΔ΋ͷ͔͸ɼQ ͕ຬഋ͔Ͳ͏͔Λ qpred
Ͱͷసૹֻ͕͔࣌ؒΔɽ
Ͱਪଌͯ͠൑ఆ͢Δɽ͜Ε͹୯७ͳൺֱ
߈ܸ‫ݕ‬஌͸Ұఆ࣌ؒຖʹɼྡ઀͢ΔϧʔλͰͷ௨৴ͷ‫؍‬
ଌ৘ใΛরΒ͠߹Θͤͯߦ͏ɽͦͷͨΊɼ֤ϧʔλͷ࣌‫ܭ‬
͸શͯಉ‫͍ͯ͠ظ‬ΔͱԾఆ͢Δɽ·ͨɼ֤ճઢͷଳҬ෯΍
ⓒ 2013 Information Processing Society of Japan
ʢQ ͷ༰ྔʣ< qpred +ʢύέοτ௕ʣ
(2)
Ͱ΋൑ఆͰ͖Δ͕ɼͦͷ৔߹ qpred ͷਪఆͷෆਖ਼͔֬͞Β
2
Vol.2013-DPS-154 No.28
Vol.2013-CSEC-60 No.28
2013/3/14
৘ใॲཧֶձ‫ڀݚ‬ใࠂ
IPSJ SIG Technical Report
དྷΔ൑ఆؒҧ͍͕ଟ͘ग़͖ͯͯ͠·͏ɽ͜ΕΛ཈͑Δͨ
ϛϡϨʔγϣϯͰ͸؆୯ͷͨΊʹɼશͯͷύέοτ͸ಉҰ
Ίɼจ‫[ ݙ‬1] Ͱ͸౷‫͍ͨͮجʹֶܭ‬൑ఆΛߦ͏ɽ
ͷύέοτ௕ʢ1500 bytesʣΛ࣋ͭ΋ͷͱ͢Δɽ
µ =ʢqpred ͷਅ஋͔ΒͷͣΕͷฏ‫ۉ‬ʣ
(3)
σ =ʢqpred ͷਅ஋͔ΒͷͣΕͷඪ४ภࠩʣ
(4)
ૹ৴ଆ͔Βͷύέοτͷૹ৴͸؆୯ͷͨΊɼຌͦҰఆؒ
ִʢ୯Ґ࣌ؒ౰ͨΓ 1 ύέοτʣͰߦ͏͜ͱͱ͢Δɽͨͩ
͠‫ࢹ؂‬ର৅ͱ͢Δϧʔλ r Ͱͷ଴ͪߦྻͷ࠹͕Γ۩߹ʹม
͜ͷ࣌ؒ۠ؒ಺ʹ n ‫ݸ‬ͷύέοτഇ‫͢ͱ͔ͨͬͭݟ͕غ‬
ԽΛ༩͑ΔͨΊɼ͜ͷִؒ͸ཚ਺ʹΑΓૹ৴ຖʹ͋Δఔ౓
Δɽ֤ഇ‫غ‬ύέοτʹ͍ͭͯɼҎԼͷํ๏Ͱ‫ͨ͠ࢉܭ‬৴པ
༳Β͕ͤΔɽ
஋ͱ༧Ίઃఆͨ͠༗ҙਫ४ͷൺֱΛߦ͍ɼύέοτϩε߈
ܸ͔Ͳ͏͔Λ൑ఆ͢Δɽ
ʢQ ͷ༰ྔʣ− qpred −ʢύέοτ௕ʣ− µ
y=
σ
√
1 + erf(y/ 2)
c=
2
c < ssingle ͳΒ͹ɼࠞࡶʹΑΔഇ‫غ‬
c ≥ ssingle
ͳΒ͹ɼύέοτϩε߈ܸ
௨৴ͷ᫔᫓͸ɼ௨৴ྔʹରͯ͠ճઢͷଳҬ෯ͷେ͖͕͞
খ͍͞৔߹ɼ·ͨ͸௨৴ͷ਺ʹରͯ͠ϧʔλͷॲཧೳྗ͕
খ͍͞৔߹ʹ‫͜ى‬ΔɽճઢͷଳҬ෯Λখ͘͢͞Δͱύέο
(5)
(6)
(7)
(8)
τసૹͷ஗Ԇ͕૿͑ɼಉ‫ͯ͠ظ‬ಈ࡞͢Δ͜ͷ‫ݕ‬஌ํࣜʹ༨
‫ͳܭ‬ෆ౎߹Λ༩͑ΔɽͦͷͨΊຊߘͰ͸ɼதؒͷϧʔλ r
ͷసૹॲཧೳྗʢ୯Ґ࣌ؒ౰ͨΓʹૹ৴Ͱ͖Δύέοτ਺ʣ
Λม͑Δ͜ͱͰ᫔᫓Λൃੜͤͨ͞ɽ
ύέοτϩε߈ܸ͸ɼ‫ࢹ؂‬ର৅ͱ͢Δϧʔλ r Ͱదٓద
‫ݸ‬ʑͷഇ‫غ‬ύέοτʹ͍ͭͯͷ൑ఆͰ͢΂ͯ߈ܸͰͳ͍ͱ
౰ͳύέοτΛͦͷઌ΁ૹΒͣʹ࡟আ͢Δ͜ͱͰߦͬͨɽ
൑ఆ͞Εͨ৔߹͸ɼͦΕʹଓ͚ͯɼ͜ͷ࣌ؒ۠ؒ಺ͷ n ‫ݸ‬
௨৴ࠞࡶʹΑΔਖ਼‫ن‬ͷύέοτഇ‫۠ͱغ‬ผͯ͠ɼ͜ΕΛ‫ݟ‬
ͷύέοτഇ‫غ‬શମʹ͍ͭͯ΋ύέοτϩε߈ܸʹΑΔύ
ಀͣ͞ʹൃ‫͖Ͱݟ‬Ε͹‫ݕ‬஌͸੒ޭͱͳΔɽҰํɼ͜ΕΛ‫ݟ‬
έοτ࡟আ͕‫·ؚ‬Ε͍ͯΔ͔Ͳ͏͔Λ൑ఆ͢Δɽ͜͜Ͱ΋
ಀ͢ͱِӄੑൃੜʹͳΔɽ·ͨɼ͜ΕҎ֎ͷՕॴΛ߈ܸͱ
ҎԼͷํ๏Ͱ৴པ஋Λ‫͠ࢉܭ‬ɼ͜Εͱ༧Ίઃఆͨ͠༗ҙਫ
ͯ͠൑ఆ͢Δͱِཅੑͱͯ͠਺͑Δɽ
γϛϡϨʔγϣϯ͸଴ͪߦྻ͕ۭͷঢ়ଶͰ࢝Ίɼ‫ݕ‬஌ͷ
४Λൺֱͯ͠߈ܸͷ൑ఆΛߦ͏ɽ
࣌ؒ۠ؒͰ 10 ۠ؒ෼ਐΊΔ෼ΛҰճͷ࣮ߦͱ͢ΔɽҰͭ
ʢQ ͷ༰ྔʣ−ʢqpred ͷฏ‫ۉ‬ʣ
−ʢύέοτ௕ͷฏ‫ۉ‬ʣ− µ
√
σ n
z=
c=
√
1 + erf(z/ 2)
2
c < scomb
(10)
(11)
ͳΒ͹ɼ
ύέοτϩε߈ܸΛ‫ؚ‬Ή
ͯ͠ੑೳධՁΛߦ͏ɽ
4. ༧උ࣮‫ݧ‬
͜ͷύέοτϩε‫ݕ‬஌ํࣜ͸౷‫ֶܭ‬తͳ‫ݕ‬஌ํࣜͰ͋Γɼ
ͳΒ͹ɼ
શͯࠞࡶʹΑΔഇ‫غ‬
c ≥ scomb
ͷύϥϝʔλઃఆʹ෇͖ 10 ճͷ࣮ߦΛߦͬͨ݁ՌΛू‫ܭ‬
(9)
଴ͪߦྻ Q ͷਪఆ஋ qpred ͷ‫ࠩޡ‬ͷ෼෍ͷඪ४ภࠩΛ࢖ͬ
ͯ‫ݕ‬஌Λߦ͏ʢ(8) ࣜɼ(12) ࣜࢀরʣ
ɽͦ͜ͰຊߘͰ΋‫ݕ‬஌
࣮‫ݧ‬Λߦ͏લʹɼ͜ͷඪ४ภࠩͷ஋Λ࣮‫ʹݧ‬ΑΓಋ͘ɽ
(12)
͜ͷ࣮‫ݧ‬͸ɼύέοτϩε߈ܸ‫ݕ‬஌࣮‫ͱݧ‬ಉ͡γϛϡ
͜ΕʹΑΓɼ͜ͷ࣌ؒ۠ؒ಺ʹର৅ͱ͢Δϧʔλ r ͕ύ
Ϩʔγϣϯ࣮‫ݧ‬Λύέοτϩε߈ܸ͕ແ͍ঢ়ଶͰ࣮ߦ͢Δ
έοτϩε߈ܸΛ͓͜ͳ͔ͬͨͲ͏͔͕൑ఆͰ͖Δɽ
͜ͱͰ਱ߦ͢Δɽதؒͷϧʔλ r ͷసૹॲཧೳྗʢ୯Ґ࣌
3. ௐࠪํ๏
จ‫[ ݙ‬1] Ͱ͸ɼఏҊ͞Εͨ଴ͪߦྻਪఆʹ‫ͮ͘ج‬ύέο
ؒ౰ͨΓʹૹ৴Ͱ͖Δύέοτ਺ʣ
ɼ‫ݕ‬஌ͷ࣌ؒ۠ؒɼதؒ
ͷϧʔλ r ͷ଴ͪߦྻͷ༰ྔΛม͑ͨͱ͖ͷ͜ͷඪ४ภࠩ
ͷ஋͸ਤ 2 ɼਤ 3 ͷΑ͏ʹͳͬͨɽࠓճͷ࣮‫Ͱݧ‬͸ύέο
τϩε߈ܸ‫ݕ‬஌ํࣜͷੑೳΛɼ࣮‫΁ػ‬ͷ࣮૷Λ࢖࣮ͬͨ‫ݧ‬
τ͸্ྲྀଆͷϧʔλҰͭʹ෇͖୯Ґ࣌ؒ౰ͨΓҰ‫ૹݸ‬ΒΕ
ͰධՁ͍ͯͨ͠ɽ͜ͷධՁํ๏͸࣮࣌ؒͰͷॲཧͷ‫͕ূݕ‬
ͯདྷΔɽ্ྲྀଆͷϧʔλ͸ೋͭ͋ΔͨΊɼ͜ΕΒͷਤʹ͓
ՄೳͰ͋ΔͳͲͷར఺Λ͕࣋ͭɼํ͕ࣜ‫ؚ‬Ήύϥϝʔλʹ
͍ͯԣ࣠ͷ஋͕ 2 Λ௒͑Δͱ΄΅᫔᫓͸ແ͘ͳΔɽҰํԣ
ର͢ΔৼΔ෣͍Λ‫͢ূݕ‬Δ͜ͱ͸ଟ͘ͷ৔߹ࠔ೉Ͱ͋Δɽ
࣠ͷ஋͕ 2 ΛԼճΔͱ᫔᫓͸ඞͣ‫͜ى‬ΔΑ͏ʹͳΔɽ
ͦ͜ͰຊߘͰ͸จ‫[ ݙ‬3] ͱಉ༷ʹγϛϡϨʔγϣϯ࣮‫ʹݧ‬
ΑΓੑೳධՁΛߦ͏ɽ
ωοτϫʔΫͷߏ੒͸จ‫[ ݙ‬1] ͷ࣮૷࣮‫ʹݧ‬฿͍ɼਤ 1
ͷߏ੒Ͱɼૹ৴ଆͷϧʔλΛೋͭͱͨ͠ɽ
͜ͷ࣮‫݁ݧ‬ՌͰ͸ɼ଴ͪߦྻͷ༰ྔ͕খ͍͞ʢύέοτ
͕ೋ‫͔͠ݸ‬ೖΒͳ͍ʣ৔߹͸‫ࠩޡ‬෼෍ͷඪ४ภࠩ͸தؒͷ
ϧʔλ r ͷసૹॲཧೳྗʹ͋·Γґଘ͠ͳ͍͕ɼ଴ͪߦྻ
ͷ༰ྔ͕େ͖͍ʢύέοτ͕ 20 ‫ݸ‬Ҏ্ೖΔʣ৔߹͸ԣ࣠
จ‫[ ݙ‬1] ͷ࣮૷࣮‫͍͓ͯʹݧ‬ɼ௨৴ࠞࡶʹΑΔਖ਼‫ن‬ͷύ
ͷ஋͕ 2 Λ௒͑Δͱ͜ΖͰ͸༰ྔ͕খ͍͞৔߹ͱಉ༷ͷ஋
έοτഇ‫غ‬Λൃੜͤ͞ΔͨΊʹେ͖ͳσʔλͷμ΢ϯϩʔ
ʹͳΓɼԣ࣠ͷ஋͕ 2 ΛԼճΔͱҰܻఔ౓େ͖ͳ஋ʹͳͬ
υΛओͳ௨৴ʹͨ͠ͱ͜Ζɼ΄ͱΜͲͷύέοτ͕࠷େύ
͍ͯΔɽ͜Ε͸᫔᫓͕‫͖ى‬ଓ͚͍ͯΔ௨৴ঢ়‫Ͱگ‬͸ɼ଴ͪ
έοτ௕ͷ΋ͷʹͳΔ͜ͱ͕෼͔ͬͨɽͦ͜Ͱࠓճͷγ
ߦྻͰ଴ͨ͞ΕΔ͕࣌ؒ༰ྔͷେ͖͚ͩ͞௕͘ͳΓɼ଴ͪ
ⓒ 2013 Information Processing Society of Japan
3
Vol.2013-DPS-154 No.28
Vol.2013-CSEC-60 No.28
2013/3/14
৘ใॲཧֶձ‫ڀݚ‬ใࠂ
IPSJ SIG Technical Report
ϯ࣮‫ݧ‬Λߦͬͯௐ΂ͨɽγϛϡϨʔγϣϯͷҰճͷ࣮ߦ͸
standard deviation
interval = 10 unit time
interval = 100 unit time
interval = 1000 unit time
‫ݕ‬஌ͷ࣌ؒ۠ؒ 10 ‫͔ݸ‬Β੒ΓɼҰͭͷύϥϝʔλઃఆʹ
෇͖ 10 ճͷ࣮ߦΛߦ͍ɼͦͷ݁ՌΛू‫ͯ͠ܭ‬ੑೳධՁͱ
1000
ͨ͠ɽ
ύέοτ௕͸શͯ 1500 bytes ͱҰఆʹ͠ɼ্ྲྀଆͷೋ
100
ͭͷϧʔλ͔Β୯Ґ࣌ؒʹ໿Ұ‫ૹݸ‬৴ͨ͠ɽ͜ΕΛதؒ
ͷϧʔλͰूΊɼԼྲྀଆͷϧʔλ΁సૹ͢Δɽͦͷࡍɼύ
10
έοτϩε߈ܸͱͯ͠ೋͭͷ࣌ؒ۠ؒͰͦΕͧΕҰ‫ݸ‬ͷύ
έοτΛ࡟আͨ͠ɽ
1
0
1
2
3
packets / unit time
4
5
ਤ 2 ଴ͪߦྻਪఆͷ‫ࠩޡ‬ͷඪ४ภࠩʢ༰ྔ͕ 4000 bytes ͷ৔߹ʣ
ɽ
standard deviation
interval = 10 unit time
interval = 100 unit time
interval = 1000 unit time
‫ݕ‬஌ͷ࣌ؒ۠ؒ͸ 100 ୯Ґ࣌ؒͱͨ͠ɽதؒͷϧʔλʹ
ಧ͘ύέοτ͸‫ݕ‬஌ͷ࣌ؒ۠ؒ౰ͨΓ໿ 200 ‫ͳͱݸ‬Δɽ଴
ͪߦྻͷେ͖͞͸༧උ࣮‫ͱݧ‬ಉ͘͡ 4000 bytes ͱ 40000
bytes ͷೋ௨ΓͰ࣮‫ݧ‬Λߦͬͨɽ‫ݕ‬஌ͷࡍʹ࢖͏଴ͪߦྻ
ਪఆͷ‫ࠩޡ‬෼෍ͷඪ४ภࠩʹ͍ͭͯ͸ɼ༧උ࣮‫ݧ‬ͷ݁Ռ͔
Β 12 ͱ 160 ͷೋͭͷ஋ʹ͍ͭͯͦΕͧΕ࣮‫ݧ‬Λߦͬͨɽ
1000
‫ݕ‬஌ʹ༻͍Δೋͭͷ༗ҙਫ४͸จ‫[ ݙ‬1] ͱಉ͡஋ʹͨ͠ɽ
100
10
ssingle = 0.999
(13)
scomb = 0.9
(14)
᫔᫓͸தؒͷϧʔλͷసૹॲཧೳྗʢ୯Ґ࣌ؒ౰ͨΓʹ
ૹ৴Ͱ͖Δύέοτ਺ʣΛม͑Δ͜ͱͰൃੜͤͨ͞ɽ্ྲྀ
1
0
1
2
3
packets / unit time
4
5
ਤ 3 ଴ͪߦྻਪఆͷ‫ࠩޡ‬ͷඪ४ภࠩʢ༰ྔ͕ 40000 bytes ͷ৔߹ʣ
ɽ
ଆ͔Β͸୯Ґ࣌ؒ౰ͨΓ໿ೋ‫ݸ‬ͷύέοτ͕ૹ৴͞ΕΔͷ
Ͱɼ͜ͷసૹॲཧೳྗ͕୯Ґ࣌ؒ౰ͨΓ 2 ΛԼճΔͱ᫔᫓
͕ඞͣൃੜ͢Δɽ
௨৴ঢ়‫گ‬͸᫔᫓͕͋Δ৔߹΋ແ͍৔߹΋͋ΔͨΊɼ‫ݕ‬஌ੑ
ද 1 ‫ݕ‬஌݁Ռʢ༰ྔɿ 4000 bytes ɼඪ४ภࠩɿ 12.0 ʣ
ɽ
ύέοτసૹೳྗ
1.00
1.33
1.67
2.00
4.00
ʢ‫ݸ‬ʗ୯Ґ࣌ؒʣ
ೳͷධՁ࣮‫Ͱݧ‬͸͜ͷ྆ํͷඪ४ภࠩͷ஋ʹ͍ͭͯͦΕͧ
૯ύέοτ਺
20030 19896 19972 20052 19961
Ε࣮‫ݧ‬Λߦͬͨɽ
ࠞࡶʹΑΔഇ‫਺غ‬
10012
6551
3348
750
0
߈ܸʹΑΔ࡟আ਺
20
20
20
20
20
100
100
100
100
100
20
20
20
20
20
ߦྻͷਪఆͷͣΕ͕େ͖͘ͳΔͨΊͱߟ͑ΒΕΔɽ࣮ࡍͷ
‫ݕ‬஌ͷ࣌ؒ۠ؒͷ௕͕͞௕͘ͳΔͱɼ଴ͪߦྻਪఆͷ‫ޡ‬
ࠩ෼෍ͷඪ४ภࠩͷ஋͸খ͘͞ͳ͍ͬͯΔɽ͜Ε͸ඪຊ਺
૯۠ؒ਺
߈ܸ‫ݕ‬஌੒ޭ۠ؒ਺
͕૿͑Δ͜ͱͰฏ‫ۉ‬஋ʹऩଋ͍ͯ͘͜͠ͷछͷ‫؍‬ଌ஋ͷੑ
߈ܸແ͠൑ఆ੒ޭ۠ؒ਺
0
3
5
20
72
࣭Λ൓өͨ͠΋ͷͰ͋Δɽ
‫ݕޡ‬஌ʢೞΕҥʣ۠ؒ਺
80
77
75
60
8
‫ݕޡ‬஌ʢ‫ݟ‬ಀ͠ʣ۠ؒ਺
0
0
0
0
0
͜ͷ༧උ࣮‫͔ݧ‬Βɼ͜ͷύϥϝʔλઃఆͷลΓͰ͸ 100
ύέοτఔ౓ͷ௨৴͕ߦΘΕΕ͹ωοτϫʔΫͷঢ়‫گ‬͸ॆ
෼ʹ҆ఆ͢Δ͜ͱ͕෼͔ͬͨɽͦ͜Ͱ࣮‫ݧ‬ͷखؒ΋ߟ͑ɼ
ؒʹͯ͠ߦ͏͜ͱʹͨ͠ɽύέοτ͸্ྲྀଆϧʔλͷͦΕ
ද 2 ‫ݕ‬஌݁Ռʢ༰ྔɿ 40000 bytes ɼඪ४ภࠩɿ 160.0 ʣ
ɽ
ύέοτసૹೳྗ
1.00
1.33
1.67
2.00
4.00
ʢ‫ݸ‬ʗ୯Ґ࣌ؒʣ
ͧΕ͔Β୯Ґ࣌ؒʹҰ‫ݸ‬ఔ౓ൃ৴͞ΕΔͷͰɼ‫ݕ‬஌ͷ֤࣌
૯ύέοτ਺
‫ݕ‬஌ੑೳͷධՁ࣮‫ݧ‬͸‫ݕ‬஌ͷ࣌ؒ۠ؒͷ௕͞Λ 100 ୯Ґ࣌
ؒ۠ؒʹ͓͍ͯதؒͷϧʔλ r ʹ 200 ‫ݸ‬ఔ౓ͷύέοτ
͕ಧ͘ɽύέοτϩε߈ܸͷ‫ݕ‬஌ʹ͸͜ͷఔ౓ͷύέοτ
19733 19729 19695 19891 20024
ࠞࡶʹΑΔഇ‫਺غ‬
9718
6384
3016
4
0
߈ܸʹΑΔ࡟আ਺
20
20
20
20
20
100
100
100
100
100
20
20
20
20
20
૯۠ؒ਺
਺͕͋Ε͹े෼Ͱ͋Δɽ·ͨ͜ͷ࣌ؒ۠ؒͷ௕͞͸୹͍΄
߈ܸ‫ݕ‬஌੒ޭ۠ؒ਺
͏͕ɼ‫ݕ‬஌Λૉૣ͘ɼ·ͨࡉ͔͘ߦ͏͜ͱ͕Ͱ͖ɼηΩϡ
߈ܸແ͠൑ఆ੒ޭ۠ؒ਺
0
0
0
5
78
ϦςΟٕज़ͱͯ͠౎߹͕ྑ͍ɽ
‫ݕޡ‬஌ʢೞΕҥʣ۠ؒ਺
80
80
80
75
2
‫ݕޡ‬஌ʢ‫ݟ‬ಀ͠ʣ۠ؒ਺
0
0
0
0
0
5. ݁Ռ
จ‫[ ݙ‬1] ͷ‫ݕ‬஌ํࣜʹΑΔύέοτϩε߈ܸͷ‫ݕ‬஌ੑೳ
ͦΕͧΕͷ࣮‫݁ݧ‬Ռ͸ද 1 ɼද 2 ͷΑ͏ʹͳͬͨɽͳ
͕᫔᫓ͷఔ౓ʹΑΓͲΕ͚ͩมΘΔͷ͔ΛγϛϡϨʔγϣ
͓ɼͦΕͧΕͷύϥϝʔλઃఆͰඪ४ภࠩͷ஋͕ҟͳΔ࣮
ⓒ 2013 Information Processing Society of Japan
4
Vol.2013-DPS-154 No.28
Vol.2013-CSEC-60 No.28
2013/3/14
৘ใॲཧֶձ‫ڀݚ‬ใࠂ
IPSJ SIG Technical Report
‫ݧ‬ʢ༰ྔ͕ 4000 bytes Ͱඪ४ภࠩͷ஋Λ 160.0 ͱͨ͠΋
ͷ࣌ؒ۠ؒͷඈͼӽ͕͑ൃੜ͠ɼͦΕ͕‫ݕޡ‬஌ʢೞΕҥʣ
ͷͱɼ༰ྔ͕ 40000 bytes Ͱඪ४ภࠩͷ஋Λ 12.0 ͱͨ͠
ʹ‫͕ܨ‬Δͱ͍͏໰୊఺͕෼͔͍ͬͯΔɽ্‫ه‬ͷ՝୊఺ͷ‫ݪ‬
΋ͷʣͷ݁Ռ͸ɼͦΕͧΕ͜ΕΒͷදͱ‫׬‬શʹಉ͡΋ͷʹ
Ҽ͕͜ͷ໰୊఺ʹ͋Δ৔߹ɼͦͷղফʹ͸ɼୈ 2.3 અͰઆ
ͳͬͨɽ͜Ε͸ࠓճͷੑೳධՁͷൣғͰ͸͜ͷఔ౓ͷඪ४
໌ͨ͠ύέοτഇ‫غ‬ͷ‫ݕ‬஌ʹ͓͍ͯྡ઀͢Δ࣌ؒ۠ؒͷύ
ภࠩͷ஋ͷҧ͍͕‫ݕ‬஌݁ՌʹӨ‫ͱ͍͜ͳ͠ڹ‬Λࣔ͢ɽຊདྷ
έοτ৘ใ΋ར༻͢Δ͜ͱ΍ɼԼྲྀଆͷϧʔλͰͷ௨৴‫؍‬
Ͱ͋Ε͹ɼ଴ͪߦྻਪఆ‫ࠩޡ‬෼෍ͷඪ४ภࠩͷ஋͕Ұܻେ
ଌ৘ใ࡞੒ͷࡍʹ଴ͪߦྻͰͷ஗Ԇ΋ਖ਼֬ʹਪఆ͢Δͳ
͖͘ͳΔͱɼ༗ҙਫ४ͱͷൺֱʹ༻͍Δ৴པ஋ͷ‫͓ʹࢉܭ‬
Ͳɼ‫ݕ‬஌ํࣜͷେ෯ͳվྑ͕ඞཁʹͳΔɽ
͍ͯ‫਺ؔࠩޡ‬ͷҾ਺͕Ұܻখ͘͞ͳΓɼͦΕʹରԠͯ͠৴
པ஋͕খ͘͞ͳΔɽͦͷͨΊ‫ݕ‬஌ͷͨΊͷ൑ఆ͕‫ͳ͘؁‬
ࢀߟจ‫ݙ‬
Γɼ‫ݕޡ‬஌ʢ‫ݟ‬ಀ͠ʣ͕૿͑Δ͸ͣͰ͋Δɽ͔͠͠ࠓճͷ
[1]
࣮‫݁ݧ‬ՌͰ͸શͯͷγϛϡϨʔγϣϯ࣮ߦʹ͓͍ͯ‫ݕޡ‬஌
ʢ‫ݟ‬ಀ͠ʣ͸ແ͔ͬͨɽ͜ͷ৯͍ҧ͍ͷղ໌ͷͨΊʹ͸֤
[2]
൑ఆΛৄࡉʹௐ΂Δඞཁ͕͋Δɽ
ͦΕͧΕͷ‫ݕ‬஌݁Ռʹ͍ͭͯ͸ɼ·ͣύέοτϩε߈ܸ
͕͋ͬͨશͯͷ࣌ؒ۠ؒΛਖ਼͘͠߈ܸͷ͋ͬͨ۠ؒͱ൑ఆ
͠ɼ‫ݕޡ‬஌ʢ‫ݟ‬ಀ͠ʣ͸Ұ݅΋ແ͔ͬͨɽ͜ͷ݁Ռ͸଴ͪ
ߦྻͷ༰ྔ΍ύέοτͷసૹॲཧೳྗɼଈͪ᫔᫓ͷఔ౓ʹ
ґଘ͠ͳ͍݁Ռͱͳͬͨɽ
[3]
A. Mizrak, S. Savage, and K. Marzullo, “Detecting Malicious Packet Losses”, In IEEE Transactions on Parallel
and Distributed Systems, Vol.20, No.2 (February 2009).
A. Kuzmanovic and E.W. Knightly, “Low-rate TCPtargeted Denial of Service Attacks: the Shrew versus
the Mice and Elephants”, Proceedings of ACM SIGCOMM’03, pp.75-86 (August 2003)
ࡉҪ ୖ࿕, দӜ ‫װ‬ଠ, “଴ͪߦྻਪఆʹ‫ͮ͘ج‬ύέοτϩ
ε߈ܸ‫ݕ‬஌ํࣜͷύϥϝʔλґଘੑʹ͍ͭͯ”, ίϯϐϡʔ
ληΩϡϦςΟγϯϙδ΢Ϝ 2012ʢCSS2012ʣ࿦จू, ൃ
ද 2B3-1 ʢCD-ROMʣʢ2012 ೥ 10 ݄ʣ
Ұํɼ‫ݕޡ‬஌ʢೞΕҥʣͷ۠ؒ਺͸ύέοτͷసૹॲཧ
ೳྗʢ୯Ґ࣌ؒ౰ͨΓʹૹ৴Ͱ͖Δύέοτ਺ʣɼ͕ 2 Λ
ԼճͬͯԼ͕Δʹै͍େ͖͘ͳͬͨɽͦͷఔ౓͸଴ͪߦྻ
ͷ༰ྔ͕େ͖͍΄͏͕‫ݦ‬ஶͰ͋Δɽଈͪ᫔᫓ʹΑΓ‫ݕޡ‬஌
ʢೞΕҥʣ͕ൃੜ͍ͯ͠Δ͜ͱ͕෼͔Δɽಛʹ᫔᫓͕‫͍ڧ‬
ʢύέοτసૹೳྗ͕খ͍͞ʣͱύέοτϩε߈ܸ͕ແ͔ͬ
ͨ࣌ؒ۠ؒΛશͯ‫ݕޡ‬஌ʢೞΕҥʣͯ͠͠·͍ͬͯΔɽ͜
ͷ෦෼Ͱ͸ɼ߈ܸ͕͋ͬͨ۠ؒ΋ਖ਼͘͠߈ܸͱͯ͠‫ݕ‬஌͞
Ε͍ͯΔ݁Ռ͔Βߟ͑Δͱɼ᫔᫓͕‫͍ͨڧ‬Ί߈ܸͷ༗ແʹ
܎ΘΒͣશͯͷ࣌ؒ۠ؒΛ߈ܸ͕͋ͬͨ΋ͷͱ൑ఆ͍ͯ͠
ΔΑ͏ʹ‫͑ݟ‬Δɽ͜ΕΛ͔֬ΊΔʹ͸ɼҰ݅ʑʑͷ൑ఆ͕
ͲͷΑ͏ʹͳ͞Εͨͷ͔ৄࡉʹௐ΂Δඞཁ͕͋Δɽ
᫔᫓͕ແ͘ɼ‫ݕޡ‬஌ʢೞΕҥʣ͕গͳ͘཈͑ΒΕ͍ͯΔ
࣮‫݁ݧ‬Ռ͔Β͸ɼ᫔᫓͕ແ͍ͱ͜ΖͰ΋͜ͷ‫ݕ‬஌ํ͕ࣜਖ਼
͘͠ಈ࡞͢Δ͜ͱ͕෼͔Δɽ
6. ·ͱΊ
ຊߘͰ͸ɼจ‫[ ݙ‬1] ͰఏҊ͞Εͨ଴ͪߦྻਪఆʹ‫ͮ͘ج‬
ύέοτϩε߈ܸ‫ݕ‬஌ํࣜʹ͍ͭͯɼ᫔᫓ͷఔ౓ʹର͢Δ
‫ݕ‬஌ੑೳͷมԽΛௐ΂ͨɽͦͷ݁Ռɼ᫔᫓ͷ༗ແ͸‫ݕ‬஌ͷ
ࡍͷ൑ఆࣜʹ༻͍Δ଴ͪߦྻਪఆ‫ࠩޡ‬෼෍ͷඪ४ภࠩͷ஋
Λม͑Δ͕ͦͷൣғͰඪ४ภࠩͷ஋Λม͑ͯ΋‫ݕ‬஌݁Ռ͕
มΘΒͳ͍͜ͱɼ߈ܸͷ͋Δ࣌ؒ۠ؒͷ‫ݕ‬஌͸᫔᫓ʹؔ܎
ͳ͘ਖ਼͘͠ߦ͑Δ͜ͱɼ᫔᫓͕ແ͍ͱ‫ݕޡ‬஌΋গͳ͍Ұํɼ
᫔᫓͕ੜ͡Δͱ߈ܸͷແ͍࣌ؒ۠ؒͷ‫ݕޡ‬஌ʢೞΕҥʣ͕
ଟ͘ൃੜ͢Δ͜ͱ͕෼͔ͬͨɽ
᫔᫓͕‫͘ڧ‬શͯͷ࣌ؒ۠ؒΛ߈ܸ͋Γͱ൑ఆͯ͠͠·͏
͜ͷ໰୊ͷղ໌ʹ͸ɼͦΕͧΕͷ൑ఆΛৄࡉʹௐ΂Δඞཁ
͕͋Γɼࠓ‫ޙ‬ͷ՝୊ͱͯ͠࢒Δɽจ‫[ ݙ‬3] Ͱͷ࣮‫͔ݧ‬Β͸ɼ
‫ݕ‬஌ͷ࣌ؒ۠ؒͷ‫ڥ‬քʹ͓͍ͯ௨৴ͷ஗ԆʹΑΔύέοτ
ⓒ 2013 Information Processing Society of Japan
5