サイバー戦の現在と未来 / Present and Future of Cyber Warfare

Transcript

1. Hardening for cyber security — generated by Stable Diffusion XL

   v1.0 2024 9-10 (WBS) 2024 9-10 — 2024-07-08 – p.1/29

2. https://speakerdeck.com/ks91/collections/cyber-security-2024-summer 2024 9-10 — 2024-07-08 – p.2/29

3. ( ) 1 6 10 (1) • 2 6 10

   (2) • 3 6 17 • 4 6 17 • 5 6 24 I ( ) • 6 6 24 I ( ) • 7 7 1 • 8 7 1 • 9 7 8 • 10 7 8 • 11 7 15 II ( ) 12 7 15 II ( ) 13 7 22 14 7 22 W-IOI / ( ) 2024 9-10 — 2024-07-08 – p.3/29

4. ( 20 ) 1 • 2 • 3 • 4

   (TCP/IP ) • 5 • 6 • 7 • 8 • 9 • 10 World Wide Web • 11 Web API • 12 • 13 git GitHub • 14 • SSH • (6/24 ) / (2 ) OK / 2024 9-10 — 2024-07-08 – p.4/29

5. ( ) + I ( ) + 2024 9-10 —

   2024-07-08 – p.5/29

6. 7 6 2013 Winny P2P P2P 2024 9-10 — 2024-07-08

   – p.6/29

7. (1) Winny 7 (2020) Winny WIDE ( ) 2024 9-10

   — 2024-07-08 – p.7/29

8. + + 2024 9-10 — 2024-07-08 – p.8/29

9. 2024 9-10 — 2024-07-08 – p.9/29

10. 4. (1) ( ) (2) 2024 7 4 ( )

    23:59 JST Waseda Moodle (Q & A ) 2024 9-10 — 2024-07-08 – p.10/29

11. . . . . . . 12 9 (7/6( )

    ) ( ) ( ) National Treasure 2 / (zansin) / 2 / / ( ) / @Deep / ( . . . ) 4.0 ( Live Free or Die Hard) 2024 9-10 — 2024-07-08 – p.11/29

12. A tor john ⇒ Wireshark . . . ( (or

    ) ) LAN HTTPS VPN nmap . . . ( ) Hydra . . . sqlmap . . . SQL metasploit . . . nessus . . . . . . 2024 9-10 — 2024-07-08 – p.12/29

13. M ⇒ ( ) 2024 9-10 — 2024-07-08 – p.13/29

14. (1) : ( ) 3 (14 ) . . .

    TV 2024 9-10 — 2024-07-08 – p.14/29

15. regreSSHion 2023 2024 9-10 — 2024-07-08 – p.15/29

16. regreSSHion CVE-2024-6387 (2024 7 1 ) ( X ← )

    OpenSSH (<4.4p1, ≥8.5p1 <9.8p1) root CVE-2006-5051 2020 (regression) ^^; OK 2024 9-10 — 2024-07-08 – p.16/29

17. (2) IPA ( ) 10 2023 (2023) https://www.ipa.go.jp/security/10threats/10threats2023.html 1 2

    3 4 5 6 ( ) 7 8 9 10 ( ) NEW! 2024 9-10 — 2024-07-08 – p.17/29

18. ( bitcoin) ( ) ( ← ) ( ) ←

    ( ) ← ( ) DoS (Denial of Service; ) ( ) ← ( ) ← ↑ 2024 9-10 — 2024-07-08 – p.18/29

19. (3) (13) (2014) (warfare) 2024 9-10 — 2024-07-08 – p.19/29

20. (warfare) . . . . . . ⇒ ( )

    2024 9-10 — 2024-07-08 – p.20/29

21. 24 365 2024 9-10 — 2024-07-08 – p.21/29

22. . . . ( ) (sabotage) (espionage) (subversion) 3 .

    . . 2024 9-10 — 2024-07-08 – p.22/29

23. – AI LLM( ) C&C 2024 9-10 — 2024-07-08 –

    p.23/29

24. AI 2024 9-10 — 2024-07-08 – p.24/29

25. (2) : OvenAI OvenAI OvenAI 2024 9-10 — 2024-07-08 –

    p.25/29

26. (3) : OvenAI OvenAI OvenAI 2024 9-10 — 2024-07-08 –

    p.26/29

27. 2024 9-10 — 2024-07-08 – p.27/29

28. 5. (1) ( ) (2) I OvenAI CEO 2024 7

    11 ( ) 23:59 JST Waseda Moodle (Q & A ) 2024 9-10 — 2024-07-08 – p.28/29

29. 2024 9-10 — 2024-07-08 – p.29/29