近藤 賢郎 (コンドウ タカオ)

Kondo, Takao

写真a

所属(所属キャンパス)

研究所・センター等 情報セキュリティインシデント対応チーム (三田)

職名

助教(有期)

HP
このページの先頭へ▲

その他の所属・職名 【 表示 / 非表示

  • 慶應義塾大学 サイバーセキュリティ研究センター, 所員

  • 慶應義塾大学 SFC 研究所, 上席所員

  • 慶應義塾大学 KMD 研究所, リサーチャー

  • 独立行政法人情報処理推進機構 (IPA) 産業サイバーセキュリティセンター, 研究員

このページの先頭へ▲

経歴 【 表示 / 非表示

  • 2013年04月
    -
    2017年03月

    慶應義塾大学大学院理工学研究科, 研究員

  • 2017年04月
    -
    2020年10月

    慶應義塾, インフォメーションテクノロジーセンター本部, 助教

  • 2020年11月
    -
    継続中

    慶應義塾, 情報セキュリティインシデント対応チーム, 助教

このページの先頭へ▲

学歴 【 表示 / 非表示

  • 2009年04月
    -
    2013年03月

    慶應義塾大学, 理工学部, 情報工学科

    大学, 卒業

  • 2013年04月
    -
    2015年03月

    慶應義塾大学, 大学院理工学研究科

    大学院, 修了, 博士前期

  • 2015年04月
    -
    2016年03月

    慶應義塾大学, 大学院医学研究科

    大学院, 修了, 博士前期

  • 2016年04月
    -
    2022年03月

    慶應義塾大学, 大学院理工学研究科

    大学, 修了, 博士

このページの先頭へ▲

学位 【 表示 / 非表示

  • 博士(工学), 慶應義塾大学, 課程, 2022年03月

    ZINK: A Scalable and Secure Information Centric Networking Mechanism Utilizing Layered Network Architecture

このページの先頭へ▲
 

研究分野 【 表示 / 非表示

  • 情報通信 / 情報ネットワーク

  • 情報通信 / 情報セキュリティ

このページの先頭へ▲

研究キーワード 【 表示 / 非表示

  • インターネット,分散システム

  • サイバーセキュリティ

このページの先頭へ▲
 

論文 【 表示 / 非表示

  • LiONv2: An Experimental Network Construction Tool Considering Disaggregation of Network Configuration and Device Configuration

    Nagai Y., Watanabe H., Kondo T., Teraoka F.

    Proceedings of the 2021 IEEE Conference on Network Softwarization: Accelerating Network Softwarization in the Cognitive Age, NetSoft 2021 (Proceedings of the 2021 IEEE Conference on Network Softwarization: Accelerating Network Softwarization in the Cognitive Age, NetSoft 2021)     171 - 175 2021年06月

    ISSN  9781665405225

     概要を見る

    An experimental network environment plays an important role to examine new systems and protocols. We have developed an experimental network construction tool called LiONv1 (Lightweight On-Demand Networking, ver.1). LiONv1 satisfies the following four requirements: programmer-friendly configuration file based on Infrastructure as Code, multiple virtualization technologies for virtual nodes, physical topology conscious virtual node placement, and L3 protocol agnostic virtual networks. None of existing experimental network environments satisfy all the four requirements. In this paper, we develop LiONv2 which satisfies three more requirements: diversity of available network devices, Internet-scale deployment, and disaggregation of network configuration and device configuration. LiONv2 employs NETCONF and YANG to achieve diversity of available network devices and Internet-scale deployment. LiONv2 also defines two YANG models which disaggregate network configuration and device configuration. LiONv2 is implemented in Go and C languages with public libraries for Go. Measurement results show that construction time of a virtual network is irrelevant to the number of virtual nodes if a single virtual node is created per physical node.

  • Management and network orchestration for edge/fog-based distributed data processing

    Watanabe H., Hayashi K., Sato T., Kondo T., Teraoka F.

    Journal of Information Processing (Journal of Information Processing)  29   640 - 648 2021年

    ISSN  03875806

     概要を見る

    In the age of edge/fog computing, it is important to consider not only computing resources but also network resources when hosting services. Since service is composed of multiple small functions in the microservice architecture, we treat a service as a set of BFs (basic functions) that fulfill a single task. It is required to place BFs at edge/fog nodes considering the computing resources and network requirements within a practical time. This paper proposes a MANO (Management and Network Orchestration) for deploying services composed of multiple BFs with requirements to computing and network resources of distributed nodes. The proposed MANO considers the computing resources of edge/fog/cloud as well as the network delay and the bandwidth between them. This paper proposes an optimal method and a heuristic method for calculating the placement of BFs. The evaluation results show that the placement calculation time for a service composed of four BFs is about 10 seconds with the optimal method and about 20 seconds with the heuristic method. The calculation time is within the practical range.

  • GAMPAL: an anomaly detection mechanism for Internet backbone traffic by flow size prediction with LSTM-RNN

    Wakui T., Kondo T., Teraoka F.

    Annales des Telecommunications/Annals of Telecommunications (Annales des Telecommunications/Annals of Telecommunications)  2021年

    ISSN  00034347

     概要を見る

    This paper proposes a general-purpose anomaly detection mechanism for Internet backbone traffic named GAMPAL (General-purpose Anomaly detection Mechanism using Prefix Aggregate without Labeled data). GAMPAL does not require labeled data to achieve general-purpose anomaly detection. For scalability to the number of entries in the BGP RIB (Border Gateway Protocol Routing Information Base), GAMPAL introduces prefix aggregate. The BGP RIB entries are classified into prefix aggregates, each of which is identified with the first three AS (Autonomous System) numbers in the AS_PATH attribute. GAMPAL establishes a prediction model for traffic sizes based on past traffic sizes. It adopts a LSTM-RNN (Long Short-Term Memory Recurrent Neural Network) model that focuses on the periodicity of the Internet traffic patterns at a weekly scale. The validity of GAMPAL is evaluated using real traffic information, BGP RIBs exported from the WIDE backbone network (AS2500), a nationwide backbone network for research and educational organizations in Japan, and the dataset of an ISP (Internet Service Provider) in Spain. As a result, GAMPAL successfully detects anomalies such as increased traffic due to an event, DDoS (Distributed Denial of Service) attacks targeted at a stub organization, a connection failure, an SSH (Secure Shell) scan attack, and anomaly spam.

  • Verification of the Effectiveness to Monitor Darknet across Multiple Organizations

    Nishijima K., Kondo T., Hosokawa T., Shigemoto T., Kawaguchi N., Hasegawa H., Honda H., Suzuki Y., Kaji T., Nakamura O.

    Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021 (Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021)     346 - 351 2021年

    ISSN  9781665428354

     概要を見る

    Researchers and network operators regularly monitor unused Internet address space called the darknet to understand malicious activities on the Internet such as malware infections, DDoS, and scanning to find vulnerable systems. The purpose of this study is to demonstrate the effectiveness of darknet monitoring across multiple organizations by conducting a detailed similarity analysis. In this paper, we analyze darknet data observed in two organizations in different industries and the first octet subnet range. We compared the results of the similarity analysis between intra-organization and inter-organization calculations by dividing the address space into multiple blocks so that one organization conducts similarity analysis in an intra-organization manner. The results show that the similarity of the source hosts is lower in the inter-organization calculation than in the intra-organization calculation. In addition, we monitor more source hosts in inter-organization. Moreover, this work also reports that the results differ depending on the destination ports/protocols. From the results obtained, we clarified the effectiveness of distributing the monitoring points of the darknet across multiple organizations.

  • AFC: A Mechanism for Distributed Data Processing in Edge/Fog Computing

    Watanabe H., Sato T., Kondo T., Teraoka F.

    2021 IEEE Global Communications Conference, GLOBECOM 2021 - Proceedings (2021 IEEE Global Communications Conference, GLOBECOM 2021 - Proceedings)  2021年

     概要を見る

    A service in cloud computing is executed in a data center, which may result in large communication delay. To host applications requiring low latency, edge/fog computing has attracted great attention. This paper proposes a mechanism called AFC (Application Function Chaining) for realizing distributed edge/fog computing. In AFC, an application is defined as a Chained-AF, which is composed of one or more AFs (Application Functions) with control structures such as conditional branches. An AF basically fulfills a single task similar to a UNIX command. Thus, a Chained-AF looks like a distributed shell script and the networks look like a single computer from users' viewpoint. A MANO (Management and Network Orchestration) mechanism in AFC places AFs on optimal edge/fog servers which satisfy Chained-AF's requirements when it is launched. Evaluation results of a prototype implementation show that it takes 0.5 seconds and 3 seconds to launch a Chained-AF composed of two and six AFs, respectively, and that the throughput of a Chained-AF is more than 90 % of the line speed, which is independent of the number of AFs. The throughput of an AFC depends on processing performance of AFs, not on the AFC mechanism.

全件表示 >>

このページの先頭へ▲
 

担当授業科目 【 表示 / 非表示

  • インシデントレスポンス・フォレンジック

    2022年度

  • インシデントレスポンス・フォレンジック

    2021年度

  • データセキュリティ

    2021年度

  • データセキュリティ

    2020年度

  • インシデントレスポンス・フォレンジック

    2020年度

このページの先頭へ▲
 

委員歴 【 表示 / 非表示

  • 2018年03月
    -
    継続中

    運営協議会委員, WIDEプロジェクト

このページの先頭へ▲