近藤 賢郎 (コンドウ タカオ)

Kondo, Takao

写真a

所属(所属キャンパス)

研究所・センター等 情報セキュリティインシデント対応チーム (三田)

職名

助教(有期)

HP

その他の所属・職名 【 表示 / 非表示

  • 慶應義塾大学 サイバーセキュリティ研究センター, 所員

  • 慶應義塾大学 SFC 研究所, 上席所員

  • 慶應義塾大学 KMD 研究所, リサーチャー

  • 独立行政法人情報処理推進機構 (IPA) 産業サイバーセキュリティセンター, 研究員

経歴 【 表示 / 非表示

  • 2013年04月
    -
    2017年03月

    慶應義塾大学大学院理工学研究科, 研究員

  • 2017年04月
    -
    2020年10月

    慶應義塾, インフォメーションテクノロジーセンター本部, 助教

  • 2020年11月
    -
    継続中

    慶應義塾, 情報セキュリティインシデント対応チーム, 助教

学歴 【 表示 / 非表示

  • 2009年04月
    -
    2013年03月

    慶應義塾大学, 理工学部, 情報工学科

    大学, 卒業

  • 2013年04月
    -
    2015年03月

    慶應義塾大学, 大学院理工学研究科

    大学院, 修了, 博士前期

  • 2015年04月
    -
    2016年03月

    慶應義塾大学, 大学院医学研究科

    大学院, 修了, 博士前期

  • 2016年04月
    -
    2022年03月

    慶應義塾大学, 大学院理工学研究科

    大学, 修了, 博士

学位 【 表示 / 非表示

  • 博士(工学), 慶應義塾大学, 課程, 2022年03月

    ZINK: A Scalable and Secure Information Centric Networking Mechanism Utilizing Layered Network Architecture

免許・資格 【 表示 / 非表示

  • (ISC)2 Certified Information Systems Security Professional (CISSP), 2022年08月

 

研究分野 【 表示 / 非表示

  • 情報通信 / 情報ネットワーク

  • 情報通信 / 情報セキュリティ

研究キーワード 【 表示 / 非表示

  • インターネット,分散システム

  • サイバーセキュリティ

 

論文 【 表示 / 非表示

  • ContMEC: An Architecture of Multi-access Edge Computing for Offloading Container-Based Mobile Applications

    Watanabe H., Yasumori R., Kondo T., Kumakura K., Maesako K., Zhang L., Inagaki Y., Teraoka F.

    IEEE International Conference on Communications (IEEE International Conference on Communications)  2022-May   3647 - 3653 2022年

    ISSN  15503607

     概要を見る

    This paper proposes an architecture called Cont-MEC for enabling UEs (User Equipments) to offload a part of applications to MEC (Multi-access Edge Computing) servers. It is expected that a MEC infrastructure is composed of a small number of centralized data centers and geographically distributed edge stations, in each of which multiple edge servers are installed. It is also expected that applications on UEs are implemented as container clusters similar to cloud-native applications and they are deployed on computing clusters. ContMEC has the following three features: (i) constructing a computing cluster per edge station for scalability to the number of UEs, (ii) hierarchical resource management for scalability and efficient resource sharing among computing clusters, and (iii) overlapped computing clusters for efficient resource sharing. A PoC (Proof-of Concept) implementation of ContMEC employs Kubernetes as a container orchestration system without modifications although Kubernetes does not take account of the MEC infrastructure. The PoC implementation shows that advantage of offloading is larger than disadvantage of implementing applications as container clusters, control traffic is moderate against the number of UEs, and efficient resource sharing among computing clusters is achieved.

  • LiONv2: An Experimental Network Construction Tool Considering Disaggregation of Network Configuration and Device Configuration

    Nagai Y., Watanabe H., Kondo T., Teraoka F.

    Proceedings of the 2021 IEEE Conference on Network Softwarization: Accelerating Network Softwarization in the Cognitive Age, NetSoft 2021 (Proceedings of the 2021 IEEE Conference on Network Softwarization: Accelerating Network Softwarization in the Cognitive Age, NetSoft 2021)     171 - 175 2021年06月

    ISSN  9781665405225

     概要を見る

    An experimental network environment plays an important role to examine new systems and protocols. We have developed an experimental network construction tool called LiONv1 (Lightweight On-Demand Networking, ver.1). LiONv1 satisfies the following four requirements: programmer-friendly configuration file based on Infrastructure as Code, multiple virtualization technologies for virtual nodes, physical topology conscious virtual node placement, and L3 protocol agnostic virtual networks. None of existing experimental network environments satisfy all the four requirements. In this paper, we develop LiONv2 which satisfies three more requirements: diversity of available network devices, Internet-scale deployment, and disaggregation of network configuration and device configuration. LiONv2 employs NETCONF and YANG to achieve diversity of available network devices and Internet-scale deployment. LiONv2 also defines two YANG models which disaggregate network configuration and device configuration. LiONv2 is implemented in Go and C languages with public libraries for Go. Measurement results show that construction time of a virtual network is irrelevant to the number of virtual nodes if a single virtual node is created per physical node.

  • Verification of the Effectiveness to Monitor Darknet across Multiple Organizations

    Nishijima K., Kondo T., Hosokawa T., Shigemoto T., Kawaguchi N., Hasegawa H., Honda H., Suzuki Y., Kaji T., Nakamura O.

    Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021 (Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021)     346 - 351 2021年

    ISSN  9781665428354

     概要を見る

    Researchers and network operators regularly monitor unused Internet address space called the darknet to understand malicious activities on the Internet such as malware infections, DDoS, and scanning to find vulnerable systems. The purpose of this study is to demonstrate the effectiveness of darknet monitoring across multiple organizations by conducting a detailed similarity analysis. In this paper, we analyze darknet data observed in two organizations in different industries and the first octet subnet range. We compared the results of the similarity analysis between intra-organization and inter-organization calculations by dividing the address space into multiple blocks so that one organization conducts similarity analysis in an intra-organization manner. The results show that the similarity of the source hosts is lower in the inter-organization calculation than in the intra-organization calculation. In addition, we monitor more source hosts in inter-organization. Moreover, this work also reports that the results differ depending on the destination ports/protocols. From the results obtained, we clarified the effectiveness of distributing the monitoring points of the darknet across multiple organizations.

  • Management and network orchestration for edge/fog-based distributed data processing

    Watanabe H., Hayashi K., Sato T., Kondo T., Teraoka F.

    Journal of Information Processing (Journal of Information Processing)  29   640 - 648 2021年

    ISSN  03875806

     概要を見る

    In the age of edge/fog computing, it is important to consider not only computing resources but also network resources when hosting services. Since service is composed of multiple small functions in the microservice architecture, we treat a service as a set of BFs (basic functions) that fulfill a single task. It is required to place BFs at edge/fog nodes considering the computing resources and network requirements within a practical time. This paper proposes a MANO (Management and Network Orchestration) for deploying services composed of multiple BFs with requirements to computing and network resources of distributed nodes. The proposed MANO considers the computing resources of edge/fog/cloud as well as the network delay and the bandwidth between them. This paper proposes an optimal method and a heuristic method for calculating the placement of BFs. The evaluation results show that the placement calculation time for a service composed of four BFs is about 10 seconds with the optimal method and about 20 seconds with the heuristic method. The calculation time is within the practical range.

  • GAMPAL: an anomaly detection mechanism for Internet backbone traffic by flow size prediction with LSTM-RNN

    Wakui T., Kondo T., Teraoka F.

    Annales des Telecommunications/Annals of Telecommunications (Annales des Telecommunications/Annals of Telecommunications)  77 ( 5-6 ) 437 - 454 2021年

    ISSN  00034347

     概要を見る

    This paper proposes a general-purpose anomaly detection mechanism for Internet backbone traffic named GAMPAL (General-purpose Anomaly detection Mechanism using Prefix Aggregate without Labeled data). GAMPAL does not require labeled data to achieve general-purpose anomaly detection. For scalability to the number of entries in the BGP RIB (Border Gateway Protocol Routing Information Base), GAMPAL introduces prefix aggregate. The BGP RIB entries are classified into prefix aggregates, each of which is identified with the first three AS (Autonomous System) numbers in the AS_PATH attribute. GAMPAL establishes a prediction model for traffic sizes based on past traffic sizes. It adopts a LSTM-RNN (Long Short-Term Memory Recurrent Neural Network) model that focuses on the periodicity of the Internet traffic patterns at a weekly scale. The validity of GAMPAL is evaluated using real traffic information, BGP RIBs exported from the WIDE backbone network (AS2500), a nationwide backbone network for research and educational organizations in Japan, and the dataset of an ISP (Internet Service Provider) in Spain. As a result, GAMPAL successfully detects anomalies such as increased traffic due to an event, DDoS (Distributed Denial of Service) attacks targeted at a stub organization, a connection failure, an SSH (Secure Shell) scan attack, and anomaly spam.

全件表示 >>

 

担当授業科目 【 表示 / 非表示

  • インシデントレスポンス・フォレンジック

    2022年度

  • インシデントレスポンス・フォレンジック

    2021年度

  • データセキュリティ

    2021年度

  • データセキュリティ

    2020年度

  • インシデントレスポンス・フォレンジック

    2020年度

 

委員歴 【 表示 / 非表示

  • 2018年03月
    -
    継続中

    運営協議会委員, WIDEプロジェクト