Takeshi Takahashi Takeshi Takahashi
English Page 日本語のページ
Research Activities

Here are the overview of my major researches until now.

  1. Security Evaluation of Android Applications
  2. Reference Ontology for Cybersecurity Operational Information
  3. Security Information Discovery Mechanism
  4. Automated Techniques for Notifying Vulnerability Information in Real-Time

Security Evaluation of Android Applications

The number of security incidents faced by Android users is growing, along with the surge in malware targeting Android terminals. Such malware arrives at the Android terminals in the form of Android Packages (APKs). Assorted techniques for protecting Android users from such malware have been reported, but most of them focus on the APK files themselves. Different from these approaches, we use metadata, such as web information obtained from the online APK markets, to improve the accuracy of malware identification. In this paper, we introduce malware detection schemes using metadata, which includes categories and descriptions of APKs. We introduce two types of schemes: statistical scheme and support vector machine-based scheme. Finally, we analyze and discuss the performance and usability of the schemes, and confirm the usability of web information for the purpose of identifying malware.

See the following publications for the details.

TitleThe use of APK metadata for risk level quantification and malware detection
JournalInternational Data Mining and Cybersecurity Workshop
AuthorTakeshi Takahashi, Tao Ban, Daisuke Inoue, Koji Nakao,
Publication date2016.10

Reference Ontology for Cybersecurity Operational Information

Cyber threats come beyond the border of countries. However, most organizations are currently coping with them individually without global collaboration mainly due to the lack of global standard for cybersecurity information exchange format and framework. Albeit some countries pos- sess their local standards to solve this problem, these standards are not orchestrated in order for each organization to fully collaborate each other. In order to build the basis of cybersecurity information exchange framework, this paper proposes an ontology of cybersecurity operational information. Based on the proposed ontology, it discusses on the coverage of existing cybersecurity information standards.

See the following publications for the details.

TitleReference Ontology for Cybersecurity Operational Information
JournalThe Computer Journal
AuthorTakeshi Takahashi, Youki Kadobayashi,
Publication date2015.10
Resorces[Published PDF][bibtex]

Security Information Discovery Mechanism

To cope with the increasing amount of cyber threats, cyber security information must be shared beyond organization borders. Assorted organizations have already started to provide publicly-available repositories that store XML-based cyber security information on the Internet, but users are unaware of all of them. Cyber security information must be identified and located across such repositories by the parties who need that, and then should be transported to them to advance information sharing. This paper proposes a discovery mechanism, which identifies and locates various types of cyber security information and exchanges the information over networks. The mechanism generates RDF-based metadata to manage the list of cyber security information, and the metadata structure is based on an ontology of cyber security information, which absorbs the differences of the assorted schemata of the information and incorporates them. The mechanism is also capable of propagating any information updates such that entities with obsolete information do not suffer from emerging security threats. This paper also introduces a prototype of the mechanism to demonstrate its feasibility. It then analyzes the mechanism's extensibility, scalability, and information credibility. Through this work, we wish to expedite information sharing beyond organization borders and contribute to global cyber security.

See the following publications for the details.

TitleMechanism for Linking and Discovering Structured Cybersecurity Information over Networks
JournalIEEE International Conference on Semantic Computing
AuthorTakeshi Takahashi, Youki Kadobayashi,
Publication date2014.6
venueNewport Beach

Automated Techniques for Notifying Vulnerability Information in Real-Time

To maintain acceptable levels of security, organizations must manage their IT assets and related vulnerabilities. However, this can be a considerable burden because their resources are often limited. This paper introduces a technique and system architecture that monitor the vulnerability of the IT assets on an organization's administrative networks. We use open information and standardized, non-proprietary tools in order to bolster cybersecurity capability for a wide range of organizations. In the proposed system, an agent module installed on each IT asset sends information to its server, while the server also probes the network to collect information on agentless IT assets. The server then converts the information into standard identifiers, which are used to query open repositories to obtain vulnerability information. The system provides an alert when vulnerability information pertaining to the IT asset is identified. This paper also introduces a prototype system, with which we analyze and discuss the proposed technique and system and clarify issues to be solved in our future work.

See the following publications for the details.

TitleToward Automated Vulnerability Monitoring using Open Information and Standardized Tool
JournalIEEE International Conference on Pervasive Computing and Communications
AuthorTakeshi Takahashi, Daisuke Miyamoto, Koji Nakao,
Publication date2016.3

Takeshi Takashi's page footer