*Basic Information -Name: Jungsuk Song~ -Address: 4-2-1, Nukui-Kitamachi, Koganei, Tokyo 184-8795, Japan~ -Tel: 042-327-6906 (hot line)~ -Fax: 042-327-6640~ -E-mail: song AT nict.go.jp~ //[[(Japanese Page):http://www.net.ist.i.kyoto-u.ac.jp/ja/index.php?%C1%D7%20%C3%E6%BC%E2]] //#ref(song.jpg,center) //*Photos //#ref(song1.jpg,noimg,left) //-[[My Public Gallery:http://picasaweb.google.co.jp/ZzabuTosS]] *Current Position -Title: Researcher (tenure-track) -Affiliation: National Institute of Information and Communications (NICT), Tokyo, Japan~ -Department: Network Security Incident Response Group, Information Security Research Center~ -Director: Koji Nakao *Research Topics and Interests -Spam and Malicious Web Sites Analysis -IPv6 Security Issues -Network Security -Data Mining, Machine Learning -Building Benchmark Data for IDS Evaluation (Visit for more detail [[http://www.takakura.com/kyoto_data:http://www.takakura.com/kyoto_data]]) *Work Experence -Oct. 2010 - Current~ Researcher (tenure-track), National Institute of Information and Communications Technology (NICT) -Apr. 2009 - Sep. 2010~ Expert Researcher (full-time), National Institute of Information and Communications Technology (NICT) -Apr. 2008 - Sep. 2008~ Part-time Instructor, Information Science and Technology, Osaka Institute of Technology -Apr. 2008 - Mar. 2009~ Part-time Instructor, Kyoto Prefectural University -Jun. 2006 - Dec. 2006~ Research Assistant, Department of Networking Research~ Academic Center for Computing and Media Studies , Kyoto University~ *Education -Apr. 2006 - Mar. 2009~ Ph.D. in Informatics, Kyoto University~ Thesis: Studies on High-Performance Network Intrusion Detection System Based on Unsupervised Machine Learning~ Advisor: Yasuo Okabe -Apr. 2005 - Mar. 2006~ Research student~ Department of Intelligence Science and Technology~ Graduate School of Informatics, Kyoto University -Mar. 2003 - Feb. 2005~ M.S. in Information, Korea Aerospace University~ Thesis: An RTSD System against Various Attacks for Low False Positive Rate Based on Patterns of Attacker’s Behaviors~ Advisor: Yongjin Kwon -Mar. 1998 - Feb. 2003~ B.S. in Telecommunication and Information, Korea Aerospace University *Professional Activities -Co-supervisor of Unitec (New Zealand) since Apr. 2011 -Visiting member of the board of directors of [[the Korea Institute of Information Security and Cryptology (KIISC):http://www.kiisc.or.kr/]] since Jan. 2011 -Organizing Chair of [[CDMC 2011 (The 2nd International Cybersecurity Data Mining Competition):http://www.csmining.org/cdmc2011/]] -Associate editor of IEICE Transactions on Communications since May. 2010 -Japanese delegate of [[ITU-T Study Group 17 (Security):http://www.itu.int/ITU-T/studygroups/com17/index.asp]] since Sep. 2009. -Member of IPv6 Technical Verification Consortium since Sep. 2010 -Session chair (Malware) and PC member of [[6th Workshop on Secure Network Protocols (NPSec 2010):http://webgaki.inf.shizuoka.ac.jp/~npsec2010/]] -PC member of [[SAINT Workshop - the First Workshop on Network Technologies for Security, Administration and Protection (NETSAP 2010):http://infonet.cse.kyutech.ac.jp/conf/saint10/workshop-CFPaper/ws-cfp-4.html]] *Awards and Scholarships -Apr. 2008 - Mar. 2009~ Honors Scholarship, Japan Student Services Organization (JASSO) -Second Prize at 2003 Goyang-city Software Contest, Korea *Technical Skills -Programming languages: C, C++, Perl, SQL, MATLAB, etc. *Languages -English -Japanese -Korean(native speaker) *Memberships -IEEE, IEICE *Publications **Book Chapters --Jungsuk Song, Hiroki Takakura, Yasuo Okabe and Yongjin Kwon, ''Correlation Analysis Between Honeypot Data and IDS Alerts Using One-class SVM,'' Intrusion Detection Systems, [[InTech Open Access Publisher:http://www.intechweb.org/]], pp.173-192, Mar. 2011.(pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/Intrusion_Detection_Systems.pdf]]) - ++Jungsuk Song, Hiroki Takakura, Yasuo Okabe and Yongjin Kwon, ''Correlation Analysis Between Honeypot Data and IDS Alerts Using One-class SVM,'' Intrusion Detection Systems, [[InTech Open Access Publisher:http://www.intechweb.org/]], pp.173-192, Mar. 2011.(pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/Intrusion_Detection_Systems.pdf]])~ +~ **Referred Journal Papers --Jungsuk Song, Daisuke Inoue, Masashi Eto, Hyung Chan Kim and Koji Nakao, ++Jungsuk Song, Daisuke Inoue, Masashi Eto, Hyung Chan Kim and Koji Nakao, ''O-means : An Optimized Clustering Method for Analyzing Spam Based Attacks'', -IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences (Special Section on Cryptography and Information Security), Vol.E94-A, No.1, pp.245-254, Jan. 2011.(pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/IEICE2011-EA%28O-means%20An%20Optimized%20Clustering%20Method%20for%20Analyzing%20Spam%20Based%20Attacks%29.pdf]]) - --Jungsuk Song, Hiroki Takakura, Yasuo Okabe, Daisuke Inoue, Masashi Eto, Koji Nakao, +IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences (Special Section on Cryptography and Information Security), Vol.E94-A, No.1, pp.245-254, Jan. 2011.(pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/IEICE2011-EA%28O-means%20An%20Optimized%20Clustering%20Method%20for%20Analyzing%20Spam%20Based%20Attacks%29.pdf]])~ +~ ++Jungsuk Song, Hiroki Takakura, Yasuo Okabe, Daisuke Inoue, Masashi Eto, Koji Nakao, ''A Comparative Study of Unsupervised Anomaly Detection Techniques Using Honeypot Data'', -IEICE Transactions on Information and Systems, Vol.E93-D,No.9,pp.2544-2554, Sep. 2010.(pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/IEICE2010%28A%20Comparative%20Study%20of%20Unsupervised%20Anomaly%20Detection%20Techniques%20Using%20Honeypot%20Data%29.pdf]]) - --Kenji Ohira, Jungsuk Song, Hiroki Takakura and Yasuo Okabe, +IEICE Transactions on Information and Systems, Vol.E93-D,No.9,pp.2544-2554, Sep. 2010.(pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/IEICE2010%28A%20Comparative%20Study%20of%20Unsupervised%20Anomaly%20Detection%20Techniques%20Using%20Honeypot%20Data%29.pdf]])~ +~ ++Kenji Ohira, Jungsuk Song, Hiroki Takakura and Yasuo Okabe, ''Construction and Operation of a Generic Honeypot System to Detect Attack Activities on Various Applications'', -[[IEICE Transactions on Information and Systems, Vol.J93-D, No.7, pp.1125-1134:http://search.ieice.org/bin/index.php?category=D&lang=J&curr=1]], Jul. 2010. (In Japanese, pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/IEICE2010-JD%28Construction%20and%20Operation%20of%20a%20Generic%20Honeypot%20System%20to%20Detect%20Attack%20Activities%20on%20Various%20Applications%29.pdf]]) - --Jungsuk Song, Hiroki Takakura, Yasuo Okabe and Yongjin Kwon, +[[IEICE Transactions on Information and Systems, Vol.J93-D, No.7, pp.1125-1134:http://search.ieice.org/bin/index.php?category=D&lang=J&curr=1]], Jul. 2010. (In Japanese, pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/IEICE2010-JD%28Construction%20and%20Operation%20of%20a%20Generic%20Honeypot%20System%20to%20Detect%20Attack%20Activities%20on%20Various%20Applications%29.pdf]])~ +~ ++Jungsuk Song, Hiroki Takakura, Yasuo Okabe and Yongjin Kwon, ''Unsupervised Anomaly Detection Based on Clustering and Multiple One-class SVM'', -[[IEICE Transactions on Communications, Vol.E92-B, No.6, pp.1981-1990:http://search.ieice.org/bin/summary.php?id=e92-b_6_1981&category=B&year=2009&lang=E&abst=]], Jun. 2009. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/IEICE2009%28Unsupervised%20Anomaly%20Detection%20Based%20on%20Clustering%20and%20Multiple%20One-class%20SVM%29.pdf]]) - --Jungsuk Song, Kenji Ohira, Hiroki Takakura, Yasuo Okabe and Yongjin Kwon, +[[IEICE Transactions on Communications, Vol.E92-B, No.6, pp.1981-1990:http://search.ieice.org/bin/summary.php?id=e92-b_6_1981&category=B&year=2009&lang=E&abst=]], Jun. 2009. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/IEICE2009%28Unsupervised%20Anomaly%20Detection%20Based%20on%20Clustering%20and%20Multiple%20One-class%20SVM%29.pdf]])~ +~ ++Jungsuk Song, Kenji Ohira, Hiroki Takakura, Yasuo Okabe and Yongjin Kwon, ''A Clustering Method for Improving Performance of Anomaly-based Intrusion Detection System'', -[[IEICE Transactions on Information and Systems (Special Section on Information and Communication System Security), Vol.E91-D, No.5, pp.1282-1291:http://search.ieice.org/bin/summary.php?id=e91-d_5_1282&category=D&year=2008&lang=E&abst=&auth=1]], May. 2008. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/IEICE2008%28A%20Clustering%20Method%20for%20Improving%20Performance%20of%20Anomaly-based%20Intrusion%20Detection%20System%29.pdf]]) - --J. Song and Y. Kwon, +[[IEICE Transactions on Information and Systems (Special Section on Information and Communication System Security), Vol.E91-D, No.5, pp.1282-1291:http://search.ieice.org/bin/summary.php?id=e91-d_5_1282&category=D&year=2008&lang=E&abst=&auth=1]], May. 2008. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/IEICE2008%28A%20Clustering%20Method%20for%20Improving%20Performance%20of%20Anomaly-based%20Intrusion%20Detection%20System%29.pdf]])~ +~ ++J. Song and Y. Kwon, ''An RTSD System against Various Attacks for Low False Positive Rate Based on Patterns of Attacker's Behaviors'', -[[IEICE Transactions on Information and Systems, Vol. E89-D, No. 10, pp. 2637-2643:http://search.ieice.org/bin/summary.php?id=e89-d_10_2637&category=D&year=2006&lang=E&abst=&auth=1]], Oct. 2006. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/IEICE2006%28An%20RTSD%20System%20against%20Various%20Attacks%20for%20Low%20False%20Positive%20Rate%20Based%20on%20Patterns%20of%20Attacker%27s%20Behaviors%29.pdf]]) - --J. Song and Y. Kwon, +[[IEICE Transactions on Information and Systems, Vol. E89-D, No. 10, pp. 2637-2643:http://search.ieice.org/bin/summary.php?id=e89-d_10_2637&category=D&year=2006&lang=E&abst=&auth=1]], Oct. 2006. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/IEICE2006%28An%20RTSD%20System%20against%20Various%20Attacks%20for%20Low%20False%20Positive%20Rate%20Based%20on%20Patterns%20of%20Attacker%27s%20Behaviors%29.pdf]])~ +~ ++J. Song and Y. Kwon, ''A Real Time Scan Detection System against Attacks based on Port Scanning Techniques'', Journal of KISS(Korea Information Science Society):Information Networking, Vol. 31, No. 2, pp. 171-178, Apr. 2004.(In Korean) ** Referred Symposium, Conference, and Workshop Papers --Jungsuk Song, Jumpei Shimamura, Masashi Eto, Daisuke Inoue, Koji Nakao, ++Jungsuk Song, Jumpei Shimamura, Masashi Eto, Daisuke Inoue, Koji Nakao, ''Correlation Analysis between Spamming Botnets and Malware Infected Hosts'', -[[SAINT 2011 Workshop on Network Technologies for Security, Administration and Protection (NETSAP):http://snowman.nagaokaut.ac.jp/saint/workshop-CFPaper/ws-4.html]], IEEE CS Press, pp.--, Munich, Germany, 18-22 July 2011. (to appear) - --Jungsuk Song, Hiroki Takakura, Yasuo Okabe, Masashi Eto, Daisuke Inoue and Koji Nakao, +[[SAINT 2011 Workshop on Network Technologies for Security, Administration and Protection (NETSAP):http://snowman.nagaokaut.ac.jp/saint/workshop-CFPaper/ws-4.html]], IEEE CS Press, pp.--, Munich, Germany, 18-22 July 2011. (to appear)~ +~ ++Jungsuk Song, Hiroki Takakura, Yasuo Okabe, Masashi Eto, Daisuke Inoue and Koji Nakao, ''Statistical Analysis of Honeypot Data and Building of Kyoto 2006+ Dataset for NIDS Evaluation'', -[[Workshop on development of large scale security-related data collection and analysis initiatives(BADGERS 2011):http://iseclab.org/badgers2011/]], ACM, pp.29-36, Salzburg, Austria, 10-13 April 2011.(pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/BADGERS2011%28Statistical%20Analysis%20of%20Honeypot%20Data%20and%20Building%20of%20Kyoto%202006%20Dataset%20for%20NIDS%20Evaluation%29.pdf]]) - --Masashi Eto, Daisuke Inoue, Jungsuk Song, Junji Nakazato, Kazuhiro Ohtaka, Koji Nakao, +[[Workshop on development of large scale security-related data collection and analysis initiatives(BADGERS 2011):http://iseclab.org/badgers2011/]], ACM, pp.29-36, Salzburg, Austria, 10-13 April 2011.(pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/BADGERS2011%28Statistical%20Analysis%20of%20Honeypot%20Data%20and%20Building%20of%20Kyoto%202006%20Dataset%20for%20NIDS%20Evaluation%29.pdf]])~ +~ ++Masashi Eto, Daisuke Inoue, Jungsuk Song, Junji Nakazato, Kazuhiro Ohtaka, Koji Nakao, ''nicter : A Large-Scale Network Incident Analysis System'', -[[Workshop on development of large scale security-related data collection and analysis initiatives(BADGERS 2011):http://iseclab.org/badgers2011/]], ACM, pp.37-45, Salzburg, Austria, 10-13 April 2011.(pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/BADGERS2011%28nicter%20-%20A%20Large-Scale%20Network%20Incident%20Analysis%20System%29.pdf]]) - --Jungsuk Song, Masashi Eto, Hyung Chan Kim, Daisuke Inoue and Koji Nakao, +[[Workshop on development of large scale security-related data collection and analysis initiatives(BADGERS 2011):http://iseclab.org/badgers2011/]], ACM, pp.37-45, Salzburg, Austria, 10-13 April 2011.(pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/BADGERS2011%28nicter%20-%20A%20Large-Scale%20Network%20Incident%20Analysis%20System%29.pdf]])~ +~ ++Jungsuk Song, Masashi Eto, Hyung Chan Kim, Daisuke Inoue and Koji Nakao, ''A Heuristic-based Feature Selection Method for Clustering Spam Emails'', -[[17th International Conference on Neural Information Processing(ICONIP 2010):http://cs.anu.edu.au/iconip2010/]], LNCS 6443, Part I, pp.290-297, Sydney, Australia, 22-25 November 2010. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/ICONIP2010%20%28A%20Heuristic-Based%20Feature%20Selection%20Method%20for%20Clustering%20Spam%20Emails%29.pdf]]) - --Junji Nakazato, Jungsuk Song, Masashi Eto, Daisuke Inoue and Koji Nakao, +[[17th International Conference on Neural Information Processing(ICONIP 2010):http://cs.anu.edu.au/iconip2010/]], LNCS 6443, Part I, pp.290-297, Sydney, Australia, 22-25 November 2010. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/ICONIP2010%20%28A%20Heuristic-Based%20Feature%20Selection%20Method%20for%20Clustering%20Spam%20Emails%29.pdf]])~ +~ ++Junji Nakazato, Jungsuk Song, Masashi Eto, Daisuke Inoue and Koji Nakao, ''A Malware Classification Method Based on Threaded Function Call Traces'', -[[The 5th Joint Workshop on Information Security (JWIS 2010):http://www2.nict.go.jp/y/y211/jwis2010/]], pp.52-66, Guangzhou, China, 5-6 August 2010. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/JWIS2010%28Nakazato%29.pdf]]) - --Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song and Koji Nakao, +[[The 5th Joint Workshop on Information Security (JWIS 2010):http://www2.nict.go.jp/y/y211/jwis2010/]], pp.52-66, Guangzhou, China, 5-6 August 2010. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/JWIS2010%28Nakazato%29.pdf]])~ +~ ++Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song and Koji Nakao, ''On the Applicability of a DBI-Based Generic Unpacking Implementation'', -[[The 5th Joint Workshop on Information Security (JWIS 2010):http://www2.nict.go.jp/y/y211/jwis2010/]], pp.331-345, Guangzhou, China, 5-6 August 2010. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/JWIS2010%28KIM%29.pdf]]) - --Jungsuk Song, Daisuke Inoue, Masashi Eto, Hyung Chan Kim and Koji Nakao, +[[The 5th Joint Workshop on Information Security (JWIS 2010):http://www2.nict.go.jp/y/y211/jwis2010/]], pp.331-345, Guangzhou, China, 5-6 August 2010. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/JWIS2010%28KIM%29.pdf]])~ +~ ++Jungsuk Song, Daisuke Inoue, Masashi Eto, Hyung Chan Kim and Koji Nakao, ''An Empirical Study of Spam : Analyzing Spam Sending Systems and Malicious Web Servers'', -[[SAINT 2010 Workshop on Network Technologies for Security, Administration and Protection (NETSAP):http://infonet.cse.kyutech.ac.jp/conf/saint10/workshop-CFPaper/ws-cfp-4.html]], IEEE CS Press, pp. 257-260, Seoul, Korea, 19-23 July 2010. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/SAINT2010%28An%20Empirical%20Study%20of%20Spam-Analyzing%20Spam%20Sending%20Systems%20and%20Malicious%20Web%20Servers%29.pdf]]) - --Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song and Koji Nakao, +[[SAINT 2010 Workshop on Network Technologies for Security, Administration and Protection (NETSAP):http://infonet.cse.kyutech.ac.jp/conf/saint10/workshop-CFPaper/ws-cfp-4.html]], IEEE CS Press, pp. 257-260, Seoul, Korea, 19-23 July 2010. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/SAINT2010%28An%20Empirical%20Study%20of%20Spam-Analyzing%20Spam%20Sending%20Systems%20and%20Malicious%20Web%20Servers%29.pdf]])~ +~ ++Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song and Koji Nakao, ''How to Locate a Target Binary Process and Its Derivatives in System Emulator'', -[[SAINT 2010 Workshop on Convergence Security and Privacy (CSnP):http://infonet.cse.kyutech.ac.jp/conf/saint10/workshop-CFPaper/ws-cfp-9.html]], IEEE CS Press, pp. 273-276, Seoul, Korea, 19-23 July 2010. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/SAINT2010%28How%20to%20Locate%20a%20Target%20Binary%20Process%20and%20Its%20Derivatives%20in%20System%20Emulator%29.pdf]]) - --Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song and Koji Nakao, +[[SAINT 2010 Workshop on Convergence Security and Privacy (CSnP):http://infonet.cse.kyutech.ac.jp/conf/saint10/workshop-CFPaper/ws-cfp-9.html]], IEEE CS Press, pp. 273-276, Seoul, Korea, 19-23 July 2010. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/SAINT2010%28How%20to%20Locate%20a%20Target%20Binary%20Process%20and%20Its%20Derivatives%20in%20System%20Emulator%29.pdf]])~ +~ ++Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song and Koji Nakao, ''Working Towards a Primary Binary Analysis System'', -[[The 2010 International Conference on Security and Management (SAM2010):http://www.world-academy-of-science.org/worldcomp10/ws/conferences/sam10]], pp. 459-465, Las Vegas, USA, 12-15 July 2010. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/SAM2010%28Working%20Towards%20a%20Primary%20Binary%20Analysis%20System%29.pdf]]) - --Jungsuk Song, Daisuke Inoue, Masashi Eto, Mio Suzuki, Satoshi Hayashi and Koji Nakao, +[[The 2010 International Conference on Security and Management (SAM2010):http://www.world-academy-of-science.org/worldcomp10/ws/conferences/sam10]], pp. 459-465, Las Vegas, USA, 12-15 July 2010. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/SAM2010%28Working%20Towards%20a%20Primary%20Binary%20Analysis%20System%29.pdf]])~ +~ ++Jungsuk Song, Daisuke Inoue, Masashi Eto, Mio Suzuki, Satoshi Hayashi and Koji Nakao, ''A Methodology for Analyzing Overall Flow of Spam-based Attacks'', -[[16th International Conference on Neural Information Processing(ICONIP 2009):http://www.iconip09.org/]], LNCS 5864, pp. 556-564, Bangkok, Thailand, 1-5 December 2009. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/ICONIP2009%28A%20Methodology%20for%20Analyzing%20Overall%20Flow%20of%20Spam-Based%20Attacks%29.pdf]]) - --Jungsuk Song, Hiroki Takakura and Yongjin Kwon, +[[16th International Conference on Neural Information Processing(ICONIP 2009):http://www.iconip09.org/]], LNCS 5864, pp. 556-564, Bangkok, Thailand, 1-5 December 2009. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/ICONIP2009%28A%20Methodology%20for%20Analyzing%20Overall%20Flow%20of%20Spam-Based%20Attacks%29.pdf]])~ +~ ++Jungsuk Song, Hiroki Takakura and Yongjin Kwon, ''A Generalized Feature Extraction Scheme to Detect 0-Day Attacks via IDS Alerts'', -[[The 2008 International Symposium on Applications and the Internet(SAINT2008):http://www.icta.ufl.edu/saint08/]], IEEE CS Press, pp. 51-56, Turku, FINLAND, 28 July - 1 Aug. 2008. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/SAINT%282008%29A%20Generalized%20Feature%20Extraction%20Scheme%20to%20Detect%200-Day%20Attacks%20via%20IDS%20Alerts.pdf]]) - --Jungsuk Song, Hiroki Takakura and Yasuo Okabe, +[[The 2008 International Symposium on Applications and the Internet(SAINT2008):http://www.icta.ufl.edu/saint08/]], IEEE CS Press, pp. 51-56, Turku, FINLAND, 28 July - 1 Aug. 2008. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/SAINT%282008%29A%20Generalized%20Feature%20Extraction%20Scheme%20to%20Detect%200-Day%20Attacks%20via%20IDS%20Alerts.pdf]])~ +~ ++Jungsuk Song, Hiroki Takakura and Yasuo Okabe, ''Cooperation of Intelligent Honeypots to Detect Unknown Malicious Codes'', -WOMBAT Workshop on Information Security Threat Data Collection and Sharing (WISTDCS 2008), IEEE CS Press, pp. 31-39, Amsterdam, Netherlands, 21-22 April 2008. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/Wombat2008%28Cooperation%20of%20Intelligent%20Honeypots%20to%20Detect%20Unknown%20Malicious%20Codes%29.pdf]]) - --Jungsuk Song, Hayato Ohba, Hiroki Takakura, Yasuo Okabe, Kenji Ohira and Yongjin Kwon, +WOMBAT Workshop on Information Security Threat Data Collection and Sharing (WISTDCS 2008), IEEE CS Press, pp. 31-39, Amsterdam, Netherlands, 21-22 April 2008. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/Wombat2008%28Cooperation%20of%20Intelligent%20Honeypots%20to%20Detect%20Unknown%20Malicious%20Codes%29.pdf]])~ +~ ++Jungsuk Song, Hayato Ohba, Hiroki Takakura, Yasuo Okabe, Kenji Ohira and Yongjin Kwon, ''A Comprehensive Approach to Detect Unknown Attacks via Intrusion Detection Alerts'', [[The twelfth Asian Computing Science Conference(ASIAN2007) Focusing on Computer and Network Security:http://www.qatar.cmu.edu/asian07/]], LNCS 4846, -pp. 247-253, Doha, Qatar, 9-11 December 2007. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/ASIAN2007%28A%20Comprehensive%20Approach%20to%20Detect%20Unknown%20Attacks%20Via%20Intrusion%20Detection%20Alerts%29.pdf]]) - --Jungsuk Song, Hiroki Takakura, Yasuo Okabe, Yongjin Kwon, +pp. 247-253, Doha, Qatar, 9-11 December 2007. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/ASIAN2007%28A%20Comprehensive%20Approach%20to%20Detect%20Unknown%20Attacks%20Via%20Intrusion%20Detection%20Alerts%29.pdf]])~ +~ ++Jungsuk Song, Hiroki Takakura, Yasuo Okabe, Yongjin Kwon, ''A Robust Feature Normalization Scheme and an Optimized Clustering Method for Anomaly-based Intrusion Detection System'', -[[Proc. 12th International Conference on Database Systems for Advanced Applications (DASFAA2007),(Lecture Notes in Computer Science 4443):http://www.dasfaa07.ait.ac.th/index.htm]], pp. 140-151, Bangkok, Thailand, 9-12 April 2007. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/DASFAA2007%28A%20Robust%20Feature%20Normalization%20Scheme%20and%20an%20Optimized%20Clustering%20Method%20for%20Anomaly-Based%20Intrusion%20Detection%20System%29.pdf]]) - --J. Song and Y. Kwon, +[[Proc. 12th International Conference on Database Systems for Advanced Applications (DASFAA2007),(Lecture Notes in Computer Science 4443):http://www.dasfaa07.ait.ac.th/index.htm]], pp. 140-151, Bangkok, Thailand, 9-12 April 2007. (pdf is available [[here:http://dl.dropbox.com/u/5408851/Published%20papers/DASFAA2007%28A%20Robust%20Feature%20Normalization%20Scheme%20and%20an%20Optimized%20Clustering%20Method%20for%20Anomaly-Based%20Intrusion%20Detection%20System%29.pdf]])~ +~ ++J. Song and Y. Kwon, ''A Visual RTSD System against Various Attacks for Low False Positive Rate Based on Patterns of Attacker's Behaviors'', Pre-Proceedings of the 5th International Workshop on Information Security Applications (WISA 2004), Vol. 5, pp. 695-704, Jeju-island, Korea, 23-25 August 2004. **Technical Reports and Oral Presentations --Jungsuk Song, Daisuke Inoue, Masashi Eto, Hyung Chan Kim, Koji Nakao, ''A Preliminary Investigation for Analyzing Network Incidents Caused by Spam'', -The Symposium on Cryptography and Information Security (SCIS2010), Takamatsu, Japan, Jan. 19-22, 2010. - --Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song, Koji Nakao, ++Jungsuk Song, Daisuke Inoue, Masashi Eto, Hyung Chan Kim, Koji Nakao, ''A Preliminary Investigation for Analyzing Network Incidents Caused by Spam'', +The Symposium on Cryptography and Information Security (SCIS2010), Takamatsu, Japan, Jan. 19-22, 2010.~ +~ ++Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song, Koji Nakao, ''An Extended QEMU Emulator for Primary Binary Analysis'', -The Symposium on Cryptography and Information Security (SCIS2010), Takamatsu, Japan, Jan. 19-22, 2010. - --Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song, Koji Nakao, +The Symposium on Cryptography and Information Security (SCIS2010), Takamatsu, Japan, Jan. 19-22, 2010.~ +~ ++Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song, Koji Nakao, ''An Implementation of a Generic Unpacking Method on Bochs Emulator'', -[[Proc. of the Computer Security Symposium 2009 (CSS2009):http://www.iwsec.org/css/2009/index.html]], vol. 2, pp. 997-1002, 26-28 October 2009. - --Hiroki Takakura, Jungsuk Song, Takayuki Ito, +[[Proc. of the Computer Security Symposium 2009 (CSS2009):http://www.iwsec.org/css/2009/index.html]], vol. 2, pp. 997-1002, 26-28 October 2009.~ +~ ++Hiroki Takakura, Jungsuk Song, Takayuki Ito, ''How 77DDoS attack observed in the Japanese Internet'', -[[International Workshop on DDoS Attacks and Defenses:http://caislab.kaist.ac.kr/77ddos/index.html]], KAIST-ICC, Daejeon, Korea, September 29-30, 2009. - --Jungsuk Song, Hiroki Takakura, Yasuo Okabe, +[[International Workshop on DDoS Attacks and Defenses:http://caislab.kaist.ac.kr/77ddos/index.html]], KAIST-ICC, Daejeon, Korea, September 29-30, 2009.~ +~ ++Jungsuk Song, Hiroki Takakura, Yasuo Okabe, ''A Network Intrusion Detection System Based on Clustering and Multiple One-class SVM'', -12th Core University Program Seminar on Next Generation Internet Technologies, Beppu, Japan, Feb. 2009. - --Jungsuk Song, Hiroki Takakura, Yasuo Okabe, +12th Core University Program Seminar on Next Generation Internet Technologies, Beppu, Japan, Feb. 2009.~ +~ ++Jungsuk Song, Hiroki Takakura, Yasuo Okabe, ''Performance Evaluation of Unsupervised Machine Learning Techniques for Intrusion Detection'', -11th Core University Program Seminar on Next Generation Internet Technologies, Busan, Korea, Aug. 2008. - --Hiroki Takakura and Jungsuk Song, ''Situation of Zero-Day Attacks on the Internet and their Detection Method'',[[SIG-FPAI-A801-05:http://www-ikn.ist.hokudai.ac.jp/sigfpai/next.html]], July 4, 2008.(in Japanese). - --Jungsuk Song, Hiroki Takakura, Yasuo Okabe, +11th Core University Program Seminar on Next Generation Internet Technologies, Busan, Korea, Aug. 2008.~ +~ ++Hiroki Takakura and Jungsuk Song, ''Situation of Zero-Day Attacks on the Internet and their Detection Method'',[[SIG-FPAI-A801-05:http://www-ikn.ist.hokudai.ac.jp/sigfpai/next.html]], July 4, 2008.(in Japanese).~ +~ ++Jungsuk Song, Hiroki Takakura, Yasuo Okabe, ''Data Mining and Visualization of IDS Alerts to Extract Malicious Activities'', 9th Core University Program Seminar on Next Generation Internet Technologies, -Oct. 2007. - --Jungsuk Song, Hiroki Takakura, Yasuo Okabe, -''A Proposal of New Benchmark Data to Evaluate Mining Algorithms for Intrusion Detection'', [[23th APAN Meeting in Manila:http://www.apan.net/meetings/manila2007/]], Jan. 2007. - --Hayato Ohba, Jungsuk Song, Hiroki Takakura and Yasuo Okabe, +Oct. 2007.~ +~ ++Jungsuk Song, Hiroki Takakura, Yasuo Okabe, +''A Proposal of New Benchmark Data to Evaluate Mining Algorithms for Intrusion Detection'', [[23th APAN Meeting in Manila:http://www.apan.net/meetings/manila2007/]], Jan. 2007.~ +~ ++Hayato Ohba, Jungsuk Song, Hiroki Takakura and Yasuo Okabe, ''Analysis and Visualization of Network IDS Data Using Machine Learning'', -[[IEICE Technical Report:http://www.ieice.org/ken/program/index.php?layout=&tgs_regid=1545c1b774b71e42087ebaa183b62577550e92ac1626328f20ef04a7777f6cf7&cmd=show_form&form_code=AAqi]], vol. 106, no. 465, IA2006-36, pp. 31-36, Jan. 2007.(in Japanese) - --Kenji Ohira, Jungsuk Song, Hiroki Takakura and Yasuo Okabe, +[[IEICE Technical Report:http://www.ieice.org/ken/program/index.php?layout=&tgs_regid=1545c1b774b71e42087ebaa183b62577550e92ac1626328f20ef04a7777f6cf7&cmd=show_form&form_code=AAqi]], vol. 106, no. 465, IA2006-36, pp. 31-36, Jan. 2007.(in Japanese)~ +~ ++Kenji Ohira, Jungsuk Song, Hiroki Takakura and Yasuo Okabe, ''A Construction Method of a Honeypot System to Safely Collect Unknown alicious Codes'', -[[IEICE Technical Report:http://www.ieice.org/ken/program/index.php?layout=&tgs_regid=83500c5ef710462682c5a5a75f1cfbc30f915a70abaa549a430f17f19aab1c17&cmd=show_form&form_code=VAkp]], vol. 106, no.62, IA2006-1, pp. 1-6, May 2006.(in Japanese) +[[IEICE Technical Report:http://www.ieice.org/ken/program/index.php?layout=&tgs_regid=83500c5ef710462682c5a5a75f1cfbc30f915a70abaa549a430f17f19aab1c17&cmd=show_form&form_code=VAkp]], vol. 106, no.62, IA2006-1, pp. 1-6, May 2006.(in Japanese)~ +~ ++J. Song, H. Takakura, Y. Okabe, Y. Kwon, ''A Study on Accuracy Improvement of Intrusion Detection System Based on Data Mining'', In Proceedings of KISS (Korea Information Science Society) Korea Computer Congress 2005 , Vol.32, No.1, pp.208-210, July 6-8, 2005. --J. Song, H. Takakura, Y. Okabe, Y. Kwon, ''A Study on Accuracy Improvement of Intrusion Detection System Based on Data Mining'', In Proceedings of KISS (Korea Information Science Society) Korea Computer Congress 2005 , Vol.32, No.1, pp.208-210, July 6-8, 2005. - *Hobbies -Watching Computer Games, Especially [[Starcraft:http://en.wikipedia.org/wiki/StarCraft]] -Playing and Watching Soccer -Watching Baseball *Dreams Song Microsystems CEO *Links -[[Okabe Lab.:http://www.net.ist.i.kyoto-u.ac.jp/ja/index.php?%B2%AC%C9%F4%B8%A6%B5%E6%BC%BC]] -[[IEICE Review Process:https://review.ieice.org/index_j.aspx]] -[[Journal Search SCI:http://scientific.thomsonreuters.com/cgi-bin/jrnlst/jloptions.cgi?PC=K]] -[[Journal Search SCIE:http://scientific.thomsonreuters.com/cgi-bin/jrnlst/jloptions.cgi?PC=D]] -[[ACM Transactions on Information and System Security(SCIE):http://tissec.acm.org/]] -[[ACM Transactions on Information Systems(SCI):http://tois.acm.org/]] -[[The IEEE/ACM Transactions on Networking(SCI):http://www.ton.cs.umass.edu/]] -[[IEEE Security & Privacy(Magazine, SCIE):http://www.computer.org/portal/site/security/]] -[[IEEE Network(Magazine, SCI):http://www.comsoc.org/livepubs/ni/]] -[[IEEE Transactions on Dependable and Secure Computing(SCIE):http://www.computer.org/portal/web/tdsc]] -[[IEEE Transactions on Computers(SCI):http://www.computer.org/portal/web/tc]] -[[IEEE Transactions on Visualization and Computer Graphics(SCI):http://www.computer.org/portal/web/tvcg]] -[[ELSEVIER Computers & Security(SCIE):http://www.elsevier.com/wps/find/journaldescription.cws_home/405877/description#description]] -[[ELSEVIER Computer Networks(SCIE):http://www.elsevier.com/wps/find/journaldescription.cws_home/505606/description#description]] -[[ELSEVIER Computer Communications(SCIE):http://www.elsevier.com/wps/find/journaldescription.cws_home/525440/description#description]] -[[ELSEVIER Information Sciences(SCI):http://www.elsevier.com/wps/find/journaldescription.authors/505730/description]] -[[IEEE Computer Society's Technical Committee on Security and Privacy:http://www.ieee-security.org/]] -[[Computer Security Foundations Symposium:http://www.ieee-security.org/CSFWweb/]] -[[Journal of Computer Security:http://www.mitre.org/public/jcs/]] -[[ACM/SIGCOMM:http://www.sigcomm.org/]] -[[RAID2008:http://www.ll.mit.edu/RAID2008/index.html]] -[[USENIX:http://www.usenix.org/]] -[[DASFAA2007:http://www.dasfaa07.ait.ac.th/index.htm]] -[[ASIAN2007:http://www.qatar.cmu.edu/asian07/]] -[[ICONIP2009:http://www.iconip09.org/]] -[[SAINT:http://www.saintconference.org/]] -[[NPSec2010:http://webgaki.inf.shizuoka.ac.jp/~npsec2010/]] -[[NETSAP2010:http://infonet.cse.kyutech.ac.jp/conf/saint10/workshop-CFPaper/ws-cfp-4.html]]