Kondo, Takao

写真a

Affiliation

Research Centers and Institutes, Computer Security Incident Response Team (Mita)

Position

Assistant Professor (Non-tenured)/Research Associate (Non-tenured)/Instructor (Non-tenured)

Related Websites

Other Affiliation 【 Display / hide

  • KMD Research Institute, Keio University, Researcher

  • Keio Research Institute of SFC, Keio University, Senior Researcher

  • Cyber Security Research Center, Keio University, Researcher

Career 【 Display / hide

  • 2013.04
    -
    2017.03

    Graduate School of Science and Technology, Keio University., Project Researcher

  • 2017.04
    -
    2020.10

    Keio University, Headquarters of Information Technology Center, Assistant Professor

  • 2020.11
    -
    Present

    Keio University, Computer Security Incident Response Team, Assistant Professor

Academic Background 【 Display / hide

  • 2009.04
    -
    2013.03

    Keio University, Faculty of Science and Technology, Department of Information and Computer Science

    University, Graduated

  • 2013.04
    -
    2015.03

    Keio University, Graduate School of Science and Technology

    Graduate School, Completed, Master's course

  • 2015.04
    -
    2016.03

    Keio University, Graduate School of Medicine

    Graduate School, Completed, Master's course

 

Research Areas 【 Display / hide

  • Information network

  • Information security

Research Keywords 【 Display / hide

  • Internet, Distributed Systems

  • Cyber Security

 

Papers 【 Display / hide

  • Towards the Secured and Semantics-aware Internet Infrastructure

    Takao Kondo

    Proceedings of International Conference on Technology and Social Science 2020 (ICTSS 2020)  2020.12

    Research paper (international conference proceedings), Single Work

  • GAMPAL: Anomaly Detection for Internet Backbone Traffic by Flow Prediction with LSTM-RNN

    Wakui T., Kondo T., Teraoka F.

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics))  12081 LNCS   196 - 211 2020

    ISSN  9783030457778

     View Summary

    © 2020, IFIP International Federation for Information Processing. This paper proposes a general-purpose anomaly detection mechanism for Internet backbone traffic named GAMPAL (General-purpose Anomaly detection Mechanism using Path Aggregate without Labeled data). GAMPAL does not require labeled data to achieve a general-purpose anomaly detection. For scalability to the number of entries in the BGP RIB (Routing Information Base), GAMPAL introduces path aggregates. The BGP RIB entries are classified into the path aggregates, each of which is identified with the first three AS numbers in the AS_PATH attribute. GAMPAL establishes a prediction model of traffic throughput based on past traffic throughput. It adopts the LSTM-RNN (Long Short-Term Memory Recurrent Neural Network) model focusing on periodicity in weekly scale of the Internet traffic pattern. The validity of GAMPAL is evaluated using the real traffic information and the BGP RIB exported from the WIDE backbone network (AS2500), a nation-wide backbone network for research and educational organizations in Japan. As a result, GAMPAL successfully detects traffic increases due to events and DDoS attacks targeted to a stub organization.

  • LiON: A L3 protocol agnostic experimental network construction tool based on infrastructure as code

    Hayashi K., Watanabe H., Kondo T., Teraoka F.

    2019 6th International Conference on Software Defined Systems, SDS 2019 (2019 6th International Conference on Software Defined Systems, SDS 2019)     64 - 71 2019.06

    ISSN  9781728107226

     View Summary

    © 2019 IEEE. An experimental network environment plays an important role to examine new protocols and systems. This paper proposes an IaC (Infrastructure as Code) based tool called LiON (Lightweight On-demand Networking) for constructing virtual networks on the Internet for various experiments. For virtual nodes, various types of virtualization technologies such as network namespace, container, and virtual machine are supported. VXLAN is employed for virtual links between virtual nodes. JSON (JavaScript Object Notation) is adopted as the configuration file format, which enables the experimenter to intuitively design virtual network topologies. Layer-3 protocol agnostic experimental networks can be constructed, which enable to examine non-IP protocol stacks. LiON is implemented in Python and shell script. The time for constructing a virtual network slightly increases as the number of virtual nodes increases. TCP throughput of a virtual link is approximately 97 % of that of a physical link.

  • Moclis: A moving cell support protocol based on locator/ID split for 5G system

    Ochiai T., Matsueda K., Kondo T., Takano H., Kimura R., Sawai R., Teraoka F.

    IEICE Transactions on Communications (IEICE Transactions on Communications)  E102B ( 8 ) 1649 - 1659 2019

    ISSN  09168516

     View Summary

    Copyright © 2019 The Institute of Electronics, Information and Communication Engineers. In LTE (Long Term Evolution) / LTE-Advanced (LTE-A) system, the user-plane for a user equipment (UE) is provided by tunneling, which increases header overhead, processing overhead, and management overhead. In addition, the LTE-A system does not support moving cells which are composed of a mobile Relay Node (RN) and UEs attached to the mobile RN. Although there are several proposals for moving cells in the LTE-A system and the 5G system, all of them rely on tunneling for the user-plane, which means that none of them avoid the tunneling overheads. This paper proposes MocLis, a moving cell support protocol based on a Locator/ID split approach. MocLis does not use tunneling. Nested moving cells are supported. Signaling cost for handover of a moving cell is independent of the number of UEs and nested RNs in the moving cell. A MocLis prototype, implemented in Linux, includes user space daemons and modified kernel. Measurements show that the attachment time and handover time are short enough for practical use. MocLis has higher TCP throughput than the tunneling based approaches.

  • Inserting layer-5 to provide applications with richer functions through common API

    Watanabe H., Kondo T., Kaneko K., Teraoka F.

    IEICE Transactions on Communications (IEICE Transactions on Communications)  E101B ( 9 ) 1967 - 1981 2018.09

    ISSN  09168516

     View Summary

    © 2018 The Institute of Electronics, Information and Communication Engineers. Recently, application demands placed on the network have become more multifaceted. Highly functional application-to-application communication services such as bandwidth aggregation, fault tolerant communication, and delay/disruption tolerant networking (DTN) were developed independently in the network layer, the transport layer, and the application layer. As a result, protocol layering has become complicated. This paper proposes to insert Layer-5 (L5) between the application layer and the transport layer to separate communication policies and communication mechanisms to make protocol layering clearer. The transport layer (L4) provides end-to-end communication mechanisms such as reliable byte stream while L5 realizes communication policies such as bandwidth aggregation by combining the communication mechanisms in L4. This paper proposes five types of L5-paths as communication policies: (1) the L5 bundled path for bandwidth aggregation or fault tolerant communication, (2) the L5 spatially-spliced path for communication with middleboxes, (3) the L5 temporally-spliced path for DTN, (4) the L5 spliced-bundled path, and (5) the L5 bundled over spatially-spliced path. An application can select and use an appropriate L5-path depending on the network circumstances through a common API. A prototype of L5 is implemented in the Linux user space as a library to make deployment and maintenance easier. An evaluation shows that establishment time of L5-paths is short enough and performance of L5-paths is comparable or superior to existing technologies.

display all >>

 

Courses Taught 【 Display / hide

  • INCIDENT RESPONSE AND FORENSIC

    2021

  • DATA SECURITY

    2021