九州大学 研究者情報
研究者情報 (研究者の方へ)入力に際してお困りですか?
基本情報 研究活動 教育活動 社会活動
笠原 義晃(かさはら よしあき) データ更新日:2018.06.11



主な研究テーマ
安定した情報サービスのためのサーバ品質の監視・異常検知・品質改善
キーワード:情報システム、サーバ管理・運用、仮想化
2012.04.
ネットワーク監視に基づく侵入検知・異常検知
キーワード:インターネット, ネットワーク管理運用, 侵入検知, ネットワークセキュリティ
2001.04.
従事しているプロジェクト研究
次世代インターネット技術のための研究開発と実証実験
2003.04~2011.03, 代表者:安浦寛人, 九州大学, 九州大学(日本), 忠南大学(韓国)
本研究プロジェクトでは、次世代インターネットに関して基礎技術から、高度な応用まで幅広くカバーし、次のような研究テーマを日韓の研究者が取り組んでいます。

1. 高度マルチメディアデータ通信の研究開発とe-Learning・遠隔教育への応用
2. 次世代インターネット基盤技術の研究開発
3. デジタルライブラリのための次世代インターネット基盤技術の研究開発
4. 次世代インターネットを用いた遠隔医療の開発と臨床応用
5. インターネットにおける情報セキュリティ技術の研究開発
6. インターネットを介した仮想現実空間構築技術の研究開発
7. グリッドの基盤技術及びアプリケーションに関する研究.
研究業績
主要原著論文
1. Yoshiaki Kasahara, Takao Shimayoshi, Masahiro Obana, Naomi Fujimura, Our experience with introducing microsoft office 365 in Kyushu University, 45th ACM Annual SIGUCCS Conference, SIGUCCS 2017
SIGUCCS 2017 - Proceedings of the 2017 ACM Annual Conference on SIGUCCS
, 10.1145/3123458.3123491, Part F131713, 109-112, 2017.10, [URL], Information Infrastructure Initiative of Kyushu University started serving Office 365 Education for all students and staff members at Kyushu University in November 2016. Since 2007, the university had signed Microsoft EES (Enrollment for Education Solutions) including licenses for the latest Microsoft Windows and Office suite. The EES agreement includes an advantage to provide Office 365 Education to the university members with minimum investments, and there was a demand for Skype for Business which is included in Office 365. To deploy Office 365 for our users, we first needed to configure our on-premises user authentication infrastructure to coordinate with Office 365. During trials, we had a couple of difficulties attributed to some disagreements between Microsoft's and our policy on whether the user identifier, namely the user principal name in Active Directory, was open or private. Additionally, we had to consider which services should be applied to the users, because we have been operating an on-premises email service which is competing with Microsoft Exchange mail service. In this presentation, we share our experiences in Office 365 deployment..
2. Yoshiaki Kasahara, Takuya Kawatani, Eisuke Ito, Koichi Shimozono, An Analysis of Relationship between Storage Usage Distribution and Per-User Quota Value, SIGUCCS '16 (Proceedings of the 2016 ACM SIGUCCS Annual Conference on User Services Conference), 10.1145/2974927.2974936, 153-158, 2016.11, To prevent resource (especially storage) shortage, information systems such as storage services and email services usually impose an upper bound of resource consumption (quota) per user. In a conservative way, an administrator tends to set a quota value such as the storage capacity divided by the expected maximum number of users for safety and fairness, but it tends to leave large unused storage space, because the users’ storage usage pattern shows a long-tailed distribution. In this paper, we analyzed storage usage distribution of some email services to approximate the distribution using a power-law distribution, and proposed a method to calculate an optimal quota value from a target size of storage consumption to increase storage utilization. We applied an optimal quota value we calculated to a real email service and analyzed the effect of quota change. Then, we analyzed actual distributions further to find a better model to approximate the distribution, and found that a log-normal distribution explained the distribution better than power-law. We also analyzed two other universities’ email service to find similar distribution in these systems..
3. Yoshiaki Kasahara, Eisuke Ito, Naomi Fujimura, Masahiro Obana, Introduction of Unchanging Student User ID for Intra-Institutional Information Service, SIGUCCS '15 (Proceedings of the 2015 ACM SIGUCCS Annual Conference on User Services Conference), 10.1145/2815546.2815578, 141-144, 2015.11, In Kyushu University, a traditional "Student ID" based on student number assigned by Student Affairs Department had been used as the user ID of various IT services for a long time. There were some security and usability concerns using Student ID as a user ID. Since Student ID was used as the e-mail address of the student, it was easy to leak outside. Student ID is constructed based on a department code and a serial number, so guessing other ID strings from one ID is easy. Student ID is issued at the day of the entrance ceremony, so it is not usable for pre-entrance education. Student ID will change when the student moves to another department or proceeds from undergraduate to graduate school, so he/she loses personal data when Student ID changes. To solve these problems, Kyushu University decided to introduce another unchanging user ID independent from Student ID. This paper reports the design of new user ID, ID management system we are using, and the effect of introduction of new user ID..
4. Yoshiaki Kasahara, Takuya Kawatani, Eisuke Ito, Koichi Shimozono, Naomi Fujimura, Optimization of Storage Quota Based on User's Usage Distribution, Proceedings of the 2015 IEEE 39th Annual Computer Software and Applications Conference Workshops (COMPSACW 2015), 10.1109/COMPSAC.2015.221, 149-154, 2015.07, To prevent shortage of storage space in a service
system, an administrator usually set per-user quota as an upper
limit of usable space for each user. To avoid service failure
caused by resource exhaustion, the administrator tends to set
a conservative quota value such as the storage capacity divided
by the expected maximum number of users. In this research, we
analyzed long-term storage usage history of our email system
and file sharing system in Kyushu University. Mostly through
the analyzed period, the usage pattern showed a long-tailed
distribution similar to log-normal distribution. Also the overall
storage consumption slowly increased during the analyzed period.
Based on these analysis, we defined “storage utilization ratio” to
evaluate how the storage was effectively used. By approximating
a storage utilization pattern as a power-law distribution, we
proposed a method to calculate the optimal quota value to
maximize the utilization ratio..
5. Yoshiaki Kasahara, Eisuke Ito, Naomi Fujimura, Introduction of New Kyushu University Primary Mail Service for Staff Members and Students, SIGUCCS '14 (Proceedings of the 2014 ACM SIGUCCS Annual Conference on User Services Conference), 10.1145/2661172.2662965, 103-106, 2014.11, In the end of fiscal year 2013 (March 2014), Kyushu University Information Infrastructure Initiative introduced new Primary Mail Service for Staff Members and Students. The previous service for staff members had been built using proprietary mail and LDAP appliance, but tight user license and the nature of proprietary system caused several troubles. The previous service for students had been built using open source software (Postfix and Dovecot), but there were some issues with the old implementation of LDAP authentication. With these experiences, we decided to design a new system by merging both system using open source software including Postfix, Dovecot, OpenLDAP, and Squirrelmail. We also extended alias address setting service (previously available for students only) to all the members including staff members. In this paper, we explain the design and implementation, user migration, current status and future works of our new mail service. .
6. Yoshiaki Kasahara, Eisuke Ito, Naomi Fujimura, Gulliver's Toss: Google's Chronic Big Load to University Mail Server and Its Sudden Resolution, Proceedings of the 2013 ACM annual conference on Special interest group on university and college computing services, 10.1145/2504776.2504815, 169-174, 2013.11, Traditionally, Kyushu University has been providing email service internally using its own domain name for staff members and students of the university. Around January 2012, we noticed that the high load of the university authentication server, and we realized that one of causes was the access from the mail server for students (called Student Primary Mail Service). Detailed analysis showed that there was chronic big load produced by Gmail's Mail Fetcher, especially toward nonexistent accounts removed due to graduation. In this paper, we explain the situation and reasons of the big load induced by Google, its possible countermeasures, and its sudden resolution by Google's silent change. .
7. Eisuke Ito, Yoshiaki Kasahara, Naomi Fujimura, Implementation and operation of the Kyushu university authentication system, Proceedings of the 2013 ACM annual conference on Special interest group on university and college computing services, 10.1145/2504776.2504788, 137-142, 2013.11, Nowadays, a university needs to build and maintain a central ID database and authentication system for better ICT (information and communication technology) services. In 2008, the headquarters of Kyushu University had defined medium-range policy of ICT infrastructure preparation, and the policy had indicated construction of a central authentication system. According to the policy, the authors elaborated an installation plan of the Kyu(Q)shu University authentication system (QUAS, for short). Since 2009, Information Infrastructure Initiative of Kyushu University, to which the authors belong, has been issuing ID cards to all employees, and also operating LDAP servers. This paper introduces the action plan and outline of QUAS. This paper also describes two recent topics of QUAS. One is high load of LDAP servers because of rapid increase of mobile devices, and the other one is development of a multifactor authentication Shibboleth Identity Provider (IdP). .
8. Yoshiaki Kasahara, Eisuke Ito, A study of network issues for implementing large-scale academic cloud service, IEICE Technical Report, 113, 240, 35-40, 2013.10, The virtualization technology of computer resources has matured enough for production services, and cloud services became popular in various fields. Cloud services are also gradually incorporated in universities' research and education activities. There is a demand for cloud infrastructure suitable for academic activities. To implement practical and user-friendly services on private, community, or public cloud services, we need to consider about network design. This paper tries to clarify network issues for implementing cloud services considering use cases, the number of instances, utilization of IP addresses, virtual private network, client access networks, and so on..
9. 溝口 誠一郎, 笠原 義晃, 堀 良彰, 櫻井 幸一, 機械的通信挙動モデルに基づくクラスタリングによるボット検知手法, 情報処理学会, 54, 3, 1087-1098, 2013.03, [URL], ネットワーク上に存在するボットに感染した端末を特定するために,ネットワークアプリケーションが送信するアプリケーションプロトコルメッセージの送信間隔に着目したボット検知手法を提案する.人間がアプリケーションを操作した場合,そのアプリケーションプロトコルメッセージの送信間隔はばらつくのに対し,ボットの場合はその挙動がコードによって規定されているため,アプリケーションプロトコルメッセージの送信間隔の分布に偏りが起きる.この分布の違いを利用して,人間とそうでないものを区別することで,ボットを発見する.はじめにネットワークアプリケーションに対する入力と出力の関係をモデル化し,IRCクライアントのIRCメッセージ送信間隔のモデル化を行う.続いて,提案モデルに従ったボット検知アルゴリズムを設計する.アルゴリズムでは,IRCメッセージの送信間隔の列に対して階層型クラスタリングを適用することで人間と機械のモデルの区別を行う.評価では,モデルに基づく擬似データを用いてアルゴリズムのパラメータを設定した後,実際の人間が操作するIRCクライアントで観測されたIRCトラフィックならびにIRCボットのトラフィックに対して提案手法を適用した.その結果,IRCボットのトラフィックは機械が生成したトラフィックとして正しく判定された. .
10. Naomi Fujimura, Tadatsugu Togawa, Yoshiaki Kasahara, Eisuke Ito, Introduction and Experience with the Primary Mail Service based on their Names for Students, ACM SIGUCCS'12, 10.1145/2382456.2382460, 11-14, 2012.10, Kyushu University provided mail service based on student IDs such as "1AB10123X" to the university students for many years. Using this model, we had problems communicating with the students who graduated from the University and enrolled in the graduate school. The students received new mail addresses based on their new student IDs such as "2AB12789Y". Faculty members were forced to change the student mail addresses in the mailing lists and in their mail client address book. Furthermore, students were forced to notify the e-mail address change to all of their existing contacts. We introduced a new mail system to provide addresses based on the student name, as well as student ID in April 2011. The new naming convention uses the following format: lastname.firstname.999 where 999 is a random number of 3 digits. Students can select some combination patterns of their first and last names for Japanese. We also consider the middle names for foreign students. In the system implementation, we did not have the formal information of alphabetical names for students. We generated alphabetical names from Japanese Katakana names. It is not easy for us to get the appropriate name in this manner. We implemented a confirmation stage of the alphabetical name at first use, and then students can select their mail addresses for their convenience. We paid much attention to the user interface in the system. Since April 2011, the number of users who use the mail address based on their own name has been increasing gradually. This paper will detail the usage status of the new system. .
11. 笠原 義晃, 伊東 栄典, 堀 良彰, 藤村 直美, Gmailが大学メールサーバへ与える負荷状況の分析, 情報処理学会 情処研報, 2012-EVA-39, 1-6, 2012.09, 九州大学では,従来から大学ドメインのメールサーバを学内に構築し,構成員へメールサービスを提供してきた.2012年1月頃より,学内の情報サービスに対し利用者認証機能等を提供する全学認証サーバの負荷の高さが問題となり,その原因の一つが学生向けメールサーバであることが明らかになった.詳細な分析の結果,Google社のGmailから本学のメールサーバへ持続的なアクセスがあり,中でも既に卒業などで消滅したアカウントへのアクセスが多数あることが分かった.本稿では,本学の学生メールサーバのアクセスログ解析に基づいて,Gmailがメールサーバへ与える負荷状況の分析とその理由について述べ,対応策について検討する. .
12. M. Nakakuni, E. Ito, Y.Kasahara, S. Inoue, H. Dozono, Construction and Use Examples of Private Electronic Notary Service in Educational Institutions, WSEAS Transactions on Advances in Engineering Education, Issue 10, Vol. 5, 2008.10, [URL].
13. C.S. Hong, Y. Kasahara, D.H. Lee, DDoS Attack Defense Architecture Using Active Network Technology, International Conference on Computational Science and Its Applications - ICCSA 2004, 3043, 915-923, LNCS 3043, pp. 915-923, 2004.05.
主要総説, 論評, 解説, 書評, 報告書等
1. 長谷川明生, 湯浅富久子, 吉田和幸, 笠原義晃, 武蔵泰雄, 只木進一, 三谷修, 山田久仁, 吉田真和, 須永知之, セキュリティマネージメントWG成果報告書, サイエンティフィックシステム研究会, 2009.01, [URL].
主要学会発表等
1. Yoshiaki Kasahara, Takao Shimayoshi, Masahiro Obana, Naomi Fujimura, Our experience with introducing microsoft office 365 in Kyushu University, 45th ACM Annual SIGUCCS Conference, SIGUCCS 2017, 2017.10, [URL], Information Infrastructure Initiative of Kyushu University started serving Office 365 Education for all students and staff members at Kyushu University in November 2016. Since 2007, the university had signed Microsoft EES (Enrollment for Education Solutions) including licenses for the latest Microsoft Windows and Office suite. The EES agreement includes an advantage to provide Office 365 Education to the university members with minimum investments, and there was a demand for Skype for Business which is included in Office 365. To deploy Office 365 for our users, we first needed to configure our on-premises user authentication infrastructure to coordinate with Office 365. During trials, we had a couple of difficulties attributed to some disagreements between Microsoft's and our policy on whether the user identifier, namely the user principal name in Active Directory, was open or private. Additionally, we had to consider which services should be applied to the users, because we have been operating an on-premises email service which is competing with Microsoft Exchange mail service. In this presentation, we share our experiences in Office 365 deployment..
2. Yoshiaki Kasahara, Takuya Kawatani, Eisuke Ito, Koichi Shimozono, An Analysis of Relationship between Storage Usage Distribution and Per-User Quota Value, 2016 ACM SIGUCCS Annual Conference on User Services Conference (SIGUCCS '16), 2016.11, [URL], To prevent resource (especially storage) shortage, information systems such as storage services and email services usually impose an upper bound of resource consumption (quota) per user. In a conservative way, an administrator tends to set a quota value such as the storage capacity divided by the expected maximum number of users for safety and fairness, but it tends to leave large unused storage space, because the users’ storage usage pattern shows a long-tailed distribution. In this paper, we analyzed storage usage distribution of some email services to approximate the distribution using a power-law distribution, and proposed a method to calculate an optimal quota value from a target size of storage consumption to increase storage utilization. We applied an optimal quota value we calculated to a real email service and analyzed the effect of quota change. Then, we analyzed actual distributions further to find a better model to approximate the distribution, and found that a log-normal distribution explained the distribution better than power-law. We also analyzed two other universities’ email service to find similar distribution in these systems..
3. Yoshiaki Kasahara, Eisuke Ito, Naomi Fujimura, Masahiro Obana, Introduction of Unchanging Student User ID for Intra-Institutional Information Service, 2015 ACM SIGUCCS Annual Conference on User Services Conference (SIGUCCS '15), 2015.11, [URL], In Kyushu University, a traditional "Student ID" based on student number assigned by Student Affairs Department had been used as the user ID of various IT services for a long time. There were some security and usability concerns using Student ID as a user ID. Since Student ID was used as the e-mail address of the student, it was easy to leak outside. Student ID is constructed based on a department code and a serial number, so guessing other ID strings from one ID is easy. Student ID is issued at the day of the entrance ceremony, so it is not usable for pre-entrance education. Student ID will change when the student moves to another department or proceeds from undergraduate to graduate school, so he/she loses personal data when Student ID changes. To solve these problems, Kyushu University decided to introduce another unchanging user ID independent from Student ID. This paper reports the design of new user ID, ID management system we are using, and the effect of introduction of new user ID..
4. Yoshiaki Kasahara, POODLE and related SSL vulnerabilities, Network Security Workshop in APAN 39th Meeting, 2015.03, [URL], In October 2014, Google Security Team discovered and published yet-another SSL vulnerability called POODLE (Padding Oracle On Downgraded Legacy Encryption), which allows a man-in-the-middle attacker to decipher an encrypted text without knowing the encryption key (one byte per 256 requests). It induced urged action to exterminate SSLv3 support from various services in the Internet, but it also caused troubles with some users. In this talk, Ill try to summarize what is POODLE attack, how it works, its workaround, and influence on ordinary users..
5. Yoshiaki Kasahara, Eisuke Ito, Naomi Fujimura, Introduction of New Kyushu University Primary Mail Service for Staff Members and Students
, 2014 ACM SIGUCCS Annual Conference on User Services Conference (SIGUCCS '14), 2014.11, [URL], In the end of fiscal year 2013 (March 2014), Kyushu University Information Infrastructure Initiative introduced new Primary Mail Service for Staff Members and Students. The previous service for staff members had been built using proprietary mail and LDAP appliance, but tight user license and the nature of proprietary system caused several troubles. The previous service for students had been built using open source software (Postfix and Dovecot), but there were some issues with the old implementation of LDAP authentication. With these experiences, we decided to design a new system by merging both system using open source software including Postfix, Dovecot, OpenLDAP, and Squirrelmail. We also extended alias address setting service (previously available for students only) to all the members including staff members. In this paper, we explain the design and implementation, user migration, current status and future works of our new mail service..
6. Yoshiaki Kasahara, OpenSSL Heartbleed and aftermath, Network Security Workshop in APAN 38th Meeting, 2014.08, [URL], Recently revealed OpenSSL's "Heartbleed" vulnerability had shaken various parts of the Internet community abruptly. In this talk, I'll (re-)introduce some recent vulnerabilities including "Heartbleed," and some interesting events around them..
7. Yoshiaki Kasahara, DNS Amp and its mitigation, Network Security Workshop in APAN 37th Meeting, 2014.01, [URL], DNS is one of the fundamental and indispensable services in the Internet. Almost all the services rely on it. Because DNS is (basically) UDP based protocol, there are some security issues such as poisoning and amplification attack. In this talk, I'll explain DNS Amp attack and its mitigation with some experience in Kyushu University campus network..
8. Yoshiaki Kasahara, Eisuke Ito, Naomi Fujimura, Gulliver's Toss: Google's Chronic Big Load to University Mail Server and Its Sudden Resolution, 2013 ACM SIGUCCS Annual Conference on User Services Conference (SIGUCCS '13), 2013.11, [URL], Traditionally, Kyushu University has been providing email service internally using its own domain name for staff members and students of the university. Around January 2012, we noticed that the high load of the university authentication server, and we realized that one of causes was the access from the mail server for students (called Student Primary Mail Service). Detailed analysis showed that there was chronic big load produced by Gmail's Mail Fetcher, especially toward nonexistent accounts removed due to graduation. In this paper, we explain the situation and reasons of the big load induced by Google, its possible countermeasures, and its sudden resolution by Google's silent change..
9. Yoshiaki Kasahara, Eisuke Ito, A Study of Network Issues for Implementing Large-scale Academic Cloud Service, IEICE Workshop on Internet Architecture 2013 (IA2013), 2013.10, The virtualization technology of computer resources has matured enough for production services, and cloud services became popular in various fields. Cloud services are also gradually incorporated in universities' research and education activities. There is a demand for cloud infrastructure suitable for academic activities. To implement practical and user-friendly services on private, community, or public cloud services, we need to consider about network design. This paper tries to clarify network issues for implementing cloud services considering use cases, the number of instances, utilization of IP addresses, virtual private network, client access networks, and so on..
10. Yoshiaki Kasahara, Yasuichi Kitamura, APAN CIF Server Update, Network Security Workshop in APAN 36th Meeting, 2013.08, From 2012, APAN Security WG is working with REN-ISAC (Research and Education Networking Information Sharing and Analysis Center) for a test pilot of federated sharing of security intelligence information over Collective Intelligence Framework (CIF) developed by REN-ISAC. Until recently we were running CIFv0, but due to underlying OS upgrade/reinstall, now we need to migrate to CIFv1, which is still in testing stage. In this talk, we will introduce the current status of APAN CIF server and its software upgrade experience..
11. 笠原 義晃, 伊東 栄典, IaaSクラウド型教育情報システムの実現可能性調査, 情報処理学会 第22回インターネットと運用技術研究会(IPSJ IOT), 2013.08, 仮想化技術の普及により,IaaS型のクラウドサービスが普及している。IaaSクラウド基盤を使うことにより,大学での教育情報システムを外部へアウトソースすることが可能である。アウトソースできれば,維持コストの削減が可能である。我々は,現在のPC教室型教育情報システムの,IaaSクラウド基盤上での実現について調査している。本稿では,仮想マシンを遠隔利用する場合の問題点と,実用する場合の通信帯域およびRDP性能について調査した結果を報告する。.
12. 伊東 栄典, 堀 良彰, 笠原 義晃, 井上 弘士, 情報系大学院でのVCL活用, 情報処理学会 第9回教育学習支援情報システム研究会(IPSJ CLE), 2013.02, [URL], 近年,大学における情報機器を援用する教育活動や,情報科学技術の教育で,仮想化システムやクラウドシステムの利用が進んでいる.筆者らが所属する九州大学では, 2010年度末に九州大学システム情報科学研究院が同院内の教育用にVCLをベースとするシステムを導入した.また,2011年度末,九州大学情報基盤研究開発センターでは,主に大学院での教育に用いるための情報システムとしてVCLシステムを導入した.本稿では,導入したVCLシステムの構成と講義での利用事例を述べる.またVCLシステムの運用で得た様々な問題点について考察する..
13. Kevin Benton, Gabriel Iovino, Yoshiaki Kasahara, Yasuichi Kitamura, International Collaboration for Security Event Information Sharing , Tech in Paradise 2013, 2013.01, [URL], At the Summer 2009 JointTechs, the REN-ISAC Security Event System (SES) was introduced. SES provides for collection of security event data from participating institutions, data correlation, and output of threat indicators. Participants use the indicators in local protections, such as IDS and sinkholes, and in incident analysis. SES is a production tool serving the REN-ISAC community.

SES continues to evolve, as the Collective Intelligence Framework (CIF), receiving National Science Foundation support. CIF provides additional capabilities, including a broader base of data from public, private, and participant sources, additional data types, scaling, improved API, and inter-federated sharing. Core indicator sharing occurs within a multi-institutional trust community, such as within the community of REN-ISAC members. In CIF inter-federated, data collected in one trust community can be exchanged, through policy, with other communities. Among TransPAC3 project deliverables, linking APAN and US networks, is to engage the respective communities to address security threats and incidents. In that context, US and APAN researchers established pilot inter-federation sharing of security event information among CIF systems, one operated by REN-ISAC at Indiana University, and another by researchers at Kyushu University and APAN-JP. This presentation provides background on CIF, and details the APAN-US international security information sharing pilot. .
14. 笠原 義晃, 伊東 栄典, 大学向けクラウド基盤におけるVMテンプレートの多様化, 第1回地域間インタークラウドワークショップ, 2012.11, 学内の情報系学部向けIaaS型プライベートクラウドサービスにおいて,サービス充実のため,多様なOSおよび多様なPaaS型のテンプレート充実を検討している。組織内だけでテンプレートを充実させるのは困難であるため,全国的な協力体制について議論したい。.
15. 笠原 義晃, 伊東 栄典, 堀 良彰, 藤村 直美, Gmailが大学メールサーバへ与える負荷状況の分析, 第19回IOT・第39回EVA合同研究会, 2012.09, [URL], 九州大学では,従来から大学ドメインのメールサーバを学内に構築し,構成員へメールサービスを提供してきた.2012年1月頃より,学内の情報サービスに対し利用者認証機能等を提供する全学認証サーバの負荷の高さが問題となり,その原因の一つが学生向けメールサーバであることが明らかになった.詳細な分析の結果,Google社のGmailから本学のメールサーバへ持続的なアクセスがあり,中でも既に卒業などで消滅したアカウントへのアクセスが多数あることが分かった.本稿では,本学の学生メールサーバのアクセスログ解析に基づいて,Gmailがメールサーバへ与える負荷状況の分析とその理由について述べ,対応策について検討する.
.
16. Yoshiaki Kasahara, Yasuichi Kitamura, Toward federated sharing of security intelligence information over Collective Intelligence Framework (CIF), Network Security Workshop in APAN 34th Meeting, 2012.08, [URL], REN-ISAC (Research and Education Networking Information Sharing nd Analysis Center - http://www.ren-isac.net/) has been working for SES (Security Event System) Project. CIF (Collective Intelligence Framework) is a framework developed through the project as an open source tool/framework to collect intelligence concerning malicious actors and reputation of Internet elements. As SESv3, they started to explore inter-federation information sharing, and APAN Security WG is involved as one of counterparts. In this talk, I'll (re)introduce CIF, explain the current status of the cooperation, and call for more participants from APAN community..
17. 伊東 栄典, 笠原 義晃, 藤村 直美, 九州大学における職員向け電子メールサービスの現状, 平成21年度情報教育研究集会, 2009.11, [URL].
18. 阿部 英司, 伊東 栄典, 笠原 義晃, 要認証サイトのマッシュアップについての考察, 第62回電気関係学会九州支部連合大会, 2009.09, [URL].
19. Yoshiaki Kasahara, Yoshiaki Hori, and Kouichi Sakurai, Detecting Abusive Email Senders by SMTP Traffic Monitoring, Joint Workshop on Information Security, 2009.08.
20. 小野 昂, 阿部 英司, 中國 真教, 笠原 義晃,伊東 栄典, 分散SSO機構を用いたコミュニティ認可に関する考察, 情報処理学会火の国情報シンポジウム2009, 2009.03, [URL].
21. 笠原義晃, 堀良彰, 櫻井幸一, SMTPトラヒック観測を利用したSPAM送信者の検出, SCIS2009, 2009.01, [URL].
22. 釘崎裕司, 笠原義晃, 堀良彰, 櫻井幸一, データ送信間隔に着目した挙動の観測に基づくボット検知手法, SCIS2009, 2009.01, [URL].
23. Masanori Nakakuni, Eisuke Ito, Yoshiaki Kasahara and Horoshi Dozono, Private Electronic Notary Service in Universities and Its Utilization in Education, 4th WSEAS/IASME Int. Conf. on EDUCATIONAL TECHNOLOGIES (EDUTE'08), 2008.10.
24. 阿部 英司, 伊東 栄典, 笠原義晃, 中國真教, 認証つきサービスにおける組織間連携のためのPKIとOpenIDの融合, 情報処理学会第二回インターネットと運用技術研究会, 2008.09.
25. 釘崎裕司、笠原義晃、堀良彰、櫻井幸一, データ送信時間間隔に基づくボット検知手法, 情報通信システムセキュリティ研究会, 2008.09.
26. Yoshiaki Kasahara, Confidentiality and Anonymity over the network, APII Workshop 2008, 2008.03, [URL].
27. Eisuke Ito, Yoshiaki Kasahara, Megumi Nogita and Takahiko Suzuki, Institutional authentication platform for trustful inter/intra-institutional ubiquitous services, the 2nd International Conference of Ubiquitous Information Technology (2nd ICUT), 2007.12.
28. Yuji Kugisaki, Yoshiaki Kasahara, Yoshiaki Hori, Kouichi Sakurai, Bot Detection based on Traffic Analysis, 2007 International Conference on Intelligent Pervasive Computing (IPC-07), 2007.10.
29. 伊東 栄典, のぎ田 めぐみ, 笠原 義晃, 鈴木 孝彦, 認証連携による無線LANローミング環境 −九州大学におけるUPKI・eduroamの連携−, 情報処理学会 研究会報告 2007-DPS-132/2007-GN-65/2007-EIP-37, 2007.09.
30. のぎ田めぐみ, 笠原義晃, 伊東栄典, 鈴木孝彦, 利用者認証に用いる識別子の決定方法に関する考察, 電子情報通信学会 情報セキュリティ研究会(ISEC), 2006.12.
学会活動
所属学会名
情報処理学会
電子情報通信学会
学会大会・会議・シンポジウム等における役割
2018.03.27~2018.03.27, Network Security Workshop in 45th Asia Pacific Advanced Network, 座長(Chairmanship).
2017.08.29~2017.08.29, Network Security Workshop in 44th Asia Pacific Advanced Network, 座長(Chairmanship).
2017.08.28~2017.08.28, APAN Research Workshop 2017, Editor-in-Chief, Reviewer, Workshop Co-Chair, and Technical Program Committee Co-Chair.
2017.08.24~2017.08.26, The 20th International Conference on Network-Based Information Systems (NBiS-2017), Technical Program Committee.
2017.07.04~2017.07.08, COMPSAC 2017 Symposium on Security, Privacy and Trust in Computing (SEPT), Program Committee.
2017.02.14~2017.02.14, Network Security Workshop in 43rd Asia Pacific Advanced Network, 座長(Chairmanship).
2016.08.02~2016.08.02, Network Security Workshop in 42nd Asia Pacific Advanced Network, 座長(Chairmanship).
2016.08.01~2016.08.01, APAN Research Workshop 2016, Editor-in-Chief, Reviewer, Workshop Co-Chair, and Technical Program Committee Co-Chair.
2016.08.01~2016.08.01, APAN Research Workshop 2016, 座長(Chairmanship).
2016.07.06~2016.07.08, The 10th International Conference on Complex, Intelligent, Intensive Systems (CISIS-2016), Program Committee.
2016.06.10~2016.06.14, COMPSAC 2016 Symposium on Security, Privacy and Trust in Computing (SEPT), Program Committee.
2016.01.26~2016.01.26, Network Security Workshop in 41st Asia Pacific Advanced Network , 座長(Chairmanship).
2015.08.11~2015.08.11, Network Security Workshop in 40th Asia Pacific Advanced Network , 座長(Chairmanship).
2015.08.10~2015.08.10, 12th APAN Network Research Workshop 2015, Editor-in-Chief, Reviewer, Workshop Co-Chair, and Technical Program Committee Co-Chair.
2015.08.10~2015.08.10, 12th APAN Network Research Workshop 2015, 座長(Chairmanship).
2015.07.08~2015.07.10, The 9th International Conference on Complex, Intelligent, Intensive Systems (CISIS-2015), Program Committee.
2015.07.01~2015.07.05, COMPSAC Symposium on Security, Privacy and Trust in Computing (SEPT), Reviewer.
2015.03.03~2015.03.03, Network Security Workshop in 39th Asia Pacific Advanced Network , 座長(Chairmanship).
2014.08.12~2014.08.12, Network Security Workshop in 38th Asia Pacific Advanced Network , 座長(Chairmanship).
2014.01.21~2014.01.21, Network Security Workshop in 37th Asia Pacific Advanced Network , 座長(Chairmanship).
2013.08.20~2013.08.20, Network Security Workshop in 36th Asia Pacific Advanced Network , 座長(Chairmanship).
2012.08.27~2012.08.27, Network Security Workshop in 34th Asia Pacific Advanced Network , 座長(Chairmanship).
2012.07.16~2012.07.20, The 3rd Workshop on Network Technologies for Security, Administration and Protection (NETSAP 2011) , Program Committee.
2012.02.14~2012.02.14, Network Security Workshop in 33rd Asia Pacific Advanced Network , 座長(Chairmanship).
2011.08.23~2011.08.23, Network Security Workshop in 32nd Asia Pacific Advanced Network , 座長(Chairmanship).
2011.07.18~2011.07.22, The 11th Annual International Symposium on Applications and the Internet (SAINT 2011), Program Committee.
2011.07.18~2011.07.18, The 2nd Workshop on Network Technologies for Security, Administration and Protection (NETSAP 2011) , Program Committee.
2011.06.30~2011.07.02, Third International Workshop on Virtual Environment and Network-Oriented Applications (VENOA 2011), Program Committee.
2011.02.22~2011.02.22, Network Security Workshop in 31st Asia Pacific Advanced Network , 座長(Chairmanship).
2010.11.04~2010.11.06, 5th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC-2010), Program Committee.
2010.08.13~2010.08.13, Network Security Workshop in 30th Asia Pacific Advanced Network , 座長(Chairmanship).
2010.07.23~2010.07.23, The First Workshop on Network Technologies for Security, Administration and Protection (NETSAP), Program Committee.
2010.07.19~2010.07.23, The 10th Annual International Symposium on Applications and the Internet (SAINT 2010), Program Committee.
2010.02.15~2010.02.18, Second International Workshop on Virtual Environment and Network-Oriented Applications (VENOA 2010), Program Committee.
2010.02.11~2010.02.11, Network Security Workshop in 29th Asia Pacific Advanced Network , 座長(Chairmanship).
2009.07.23~2009.07.23, Network Security Workshop in 28th Asia Pacific Advanced Network , 座長(Chairmanship).
2009.03.04~2009.03.04, Network Security Workshop in 27th Asia Pacific Advanced Network , 座長(Chairmanship).
2008.08.05~2008.08.05, SIP and Network Security Joint Workshop in 26th Asia Pacific Advanced Network, 座長(Chairmanship).
2008.01.23~2008.01.23, Network Security Workshop in 25th Asia Pacific Advanced Network, 座長(Chairmanship).
2007.08.29~2007.08.29, Network Security Workshop in 24th Asia Pacific Advanced Network, 座長(Chairmanship).
2007.01.25~2007.01.25, Joint Workshop of Security and Network Engineering in 23rd APAN Meeting, 座長(Chairmanship).
2006.10.04~2006.10.06, ITRC meet 20, ローカルアレンジメント.
2006.07.20~2006.07.20, Network Security Workshop in 22nd Asia Pacific Advanced Network, 座長(Chairmanship).
2006.01.24~2006.01.24, Security Workshop in 21st Asia Pacific Advanced Network, 座長(Chairmanship).
2004.07.04~2004.07.04, 15th G-H/APII Meeting, 座長(Chairmanship).
2003.01.22~2003.01.24, APAN 2003 Conference in Fukuoka, Local Arrangement Committee Member.
学会誌・雑誌・著書の編集への参加状況
2017.03~2017.09, Proceedings of APAN Research Workshop 2017 (ISBN 978-4-9905448-7-4), 国際, 編集委員長.
2016.03~2016.08, Proceedings of APAN Research Workshop 2016 (ISBN 978-4-9905448-6-7), 国際, 編集委員長.
2015.03~2015.08, Proceedings of 12th APAN Network Research Workshop (ISBN 978-4-9905448-5-0), 国際, 編集委員長.
学術論文等の審査
年度 外国語雑誌査読論文数 日本語雑誌査読論文数 国際会議録査読論文数 国内会議録査読論文数 合計
2017年度  
2016年度 11    13 
2015年度
2014年度 10 
2013年度
2012年度
2011年度    
2010年度    
2009年度  
2008年度    
2007年度  
2006年度    
2005年度    
2004年度      
2003年度      
その他の研究活動
海外渡航状況, 海外での教育研究歴
ハワイ大学, UnitedStatesofAmerica, 2013.01~2013.01.
APAN, SriLanka, 2012.08~2012.08.
APAN, Thailand, 2012.02~2012.02.
APAN, India, 2011.08~2011.08.
APAN, Hong Kong , 2011.02~2011.02.
忠南大学, SouthKorea, 2011.01~2011.01.
APAN, Vietnam, 2010.08~2010.08.
APAN, Australia, 2010.02~2010.02.
慶州教育文化会館, Korea, 2009.08~2009.08.
国立中山大学, Taiwan, 2009.08~2009.08.
APAN, Malaysia, 2009.07~2009.07.
スイス工科大学チューリヒ校, Switzerland, 2009.03~2009.03.
APAN, Taiwan, 2009.03~2009.03.
ソウル大学, Korea, 2008.12~2008.12.
SC08, UnitedStatesofAmerica, 2008.11~2008.11.
済州大学, Korea, 2008.09~2008.10.
忠南大学, Korea, 2008.09~2008.09.
APAN, NewZealand, 2008.08~2008.08.
KT研究所, Korea, 2008.03~2008.03.
全南大学, Korea, 2008.03~2008.03.
ハワイ大学, UnitedStatesofAmerica, 2008.01~2008.01.
SC07, UnitedStatesofAmerica, 2007.11~2007.11.
淑明女子大学, Korea, 2007.11~2007.11.
釜慶大学, Korea, 2007.08~2007.08.
KT研究所, Korea, 2007.09~2007.09.
APAN, China, 2007.08~2007.08.
キョンヒ大学, Korea, 2007.03~2007.03.
APIIワークショップ, Korea, 2007.03~2007.03.
APAN, Philippines, 2007.01~2007.01.
忠南大学, Korea, 2007.01~2007.01.
研究資金
科学研究費補助金の採択状況(文部科学省、日本学術振興会)
2005年度~2007年度, 基盤研究(C), 分担, 遠隔地にある計算資源を同時利用する広域分散連成シミュレーション技法の開発.
2003年度~2005年度, 基盤研究(B), 分担, 大規模データストリームからの超高速データマイニングの研究.
日本学術振興会への採択状況(科学研究費補助金以外)
2003年度~2010年度, 二国間交流, 分担, 次世代インターネット技術のための研究開発と実証実験.
共同研究、受託研究(競争的資金を除く)の受入状況
2017.10~2018.03, 代表, 軽量コンテナに基づく柔軟なホスティング・クラウド基盤の研究開発と大規模・高負荷テスト環境の構築
【研究の全体内容】
次世代型のホスティングシステムの実現のために、新しいシステムソフトウェアやセキュリティに強いアプリケーションの研究開発を、実証研究に基づいて行なう。
【研究分担内容(甲)】
実証実験に基づいて次世代型のホスティングシステムの評価、改善を行なう。
【研究分担内容(乙)】
次世代型のホスティングシステムのための新しいシステムソフトウェアやセキュリティに強いアプリケーションの研究開発を行なう。
.

九大関連コンテンツ