*Basic Information
-Name: Jungsuk Song~

-Address: 4-2-1, Nukui-Kitamachi, Koganei, Tokyo 184-8795, Japan~

-Tel: 042-327-6906 (hot line)~

-Fax: 042-327-6640~

-E-mail: song AT nict.go.jp~
//[[(Japanese Page):http://www.net.ist.i.kyoto-u.ac.jp/ja/index.php?%C1%D7%20%C3%E6%BC%E2]]
//#ref(song.jpg,center)
//*Photos
//#ref(song1.jpg,noimg,left)
//-[[My Public Gallery:http://picasaweb.google.co.jp/ZzabuTosS]]

*Current Position
-Title: Researcher (tenure-track)

-Affiliation: National Institute of Information and Communications (NICT), Tokyo, Japan~

-Department: Network Security Incident Response Group, Information Security Research Center~

-Director: Koji Nakao

*Research Topics and Interests
-Spam and Malicious Web Sites Analysis

-IPv6 Security Issues

-Network Security

-Data Mining, Machine Learning

-Building Benchmark Data for IDS Evaluation (Visit for more detail [[http://www.takakura.com/kyoto_data:http://www.takakura.com/kyoto_data]])


*Work Experence
-Oct. 2010 - Current~
Researcher (tenure-track), National Institute of Information and Communications Technology (NICT)

-Apr. 2009 - Sep. 2010~
Expert Researcher (full-time), National Institute of Information and Communications Technology (NICT)

-Apr. 2008 - Sep. 2008~
Part-time Instructor, Information Science and Technology,
Osaka Institute of Technology

-Apr. 2008 - Mar. 2009~
Part-time Instructor, Kyoto Prefectural University

-Jun. 2006 - Dec. 2006~
Research Assistant, Department of Networking Research~
Academic Center for Computing and Media Studies , Kyoto University~



*Education
-Apr. 2006 - Mar. 2009~
Ph.D. in Informatics, Kyoto University~
Thesis: Studies on High-Performance Network Intrusion Detection System Based on Unsupervised Machine Learning~
Advisor: Yasuo Okabe

-Apr. 2005 - Mar. 2006~
Research student~
Department of Intelligence Science and Technology~
Graduate School of Informatics, Kyoto University

-Mar. 2003 - Feb. 2005~
M.S. in Information, Korea Aerospace University~
Thesis: An RTSD System against Various Attacks for Low False Positive Rate Based on Patterns of Attacker”Ēs Behaviors~
Advisor: Yongjin Kwon

-Mar. 1998 - Feb. 2003~
B.S. in Telecommunication and Information, Korea Aerospace University

*Professional Activities
-Co-supervisor of Unitec (New Zealand) since Apr. 2011

-Visiting member of the board of directors of [[the Korea Institute of Information Security and Cryptology (KIISC):http://www.kiisc.or.kr/]] since Jan. 2011

-Organizing Chair of [[CDMC 2011 (The 2nd International Cybersecurity Data Mining Competition):http://www.csmining.org/cdmc2011/]]

-Associate editor of IEICE Transactions on Communications since May. 2010

-Japanese delegate of [[ITU-T Study Group 17 (Security):http://www.itu.int/ITU-T/studygroups/com17/index.asp]] since Sep. 2009.

-Member of IPv6 Technical Verification Consortium since Sep. 2010

-Session chair (Malware) and PC member of [[6th Workshop on Secure Network Protocols (NPSec 2010):http://webgaki.inf.shizuoka.ac.jp/~npsec2010/]]

-PC member of [[SAINT Workshop - the First Workshop on Network Technologies for Security, Administration and Protection (NETSAP 2010):http://infonet.cse.kyutech.ac.jp/conf/saint10/workshop-CFPaper/ws-cfp-4.html]]


*Awards and Scholarships
-Apr. 2008 - Mar. 2009~
Honors Scholarship, Japan Student Services Organization (JASSO)
-Second Prize at 2003 Goyang-city Software Contest, Korea


*Technical Skills
-Programming languages:  C, C++, Perl, SQL, MATLAB, etc. 
*Languages
-English
-Japanese
-Korean(native speaker)


*Memberships
-IEEE, IEICE


*Publications
**Book Chapters
  • Jungsuk Song, Hiroki Takakura, Yasuo Okabe and Yongjin Kwon, Correlation Analysis Between Honeypot Data and IDS Alerts Using One-class SVM, Intrusion Detection Systems, InTech Open Access Publisher, pp.173-192, Mar. 2011.(pdf is available here)
    1. Jungsuk Song, Hiroki Takakura, Yasuo Okabe and Yongjin Kwon, Correlation Analysis Between Honeypot Data and IDS Alerts Using One-class SVM, Intrusion Detection Systems, InTech Open Access Publisher, pp.173-192, Mar. 2011.(pdf is available here)
  1. **Referred Journal Papers
    • Jungsuk Song, Daisuke Inoue, Masashi Eto, Hyung Chan Kim and Koji Nakao,
    1. Jungsuk Song, Daisuke Inoue, Masashi Eto, Hyung Chan Kim and Koji Nakao, 
      ''O-means : An Optimized Clustering Method for Analyzing Spam Based Attacks'',
  • IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences (Special Section on Cryptography and Information Security), Vol.E94-A, No.1, pp.245-254, Jan. 2011.(pdf is available here)
    • Jungsuk Song, Hiroki Takakura, Yasuo Okabe, Daisuke Inoue, Masashi Eto, Koji Nakao,
  1. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences (Special Section on Cryptography and Information Security), Vol.E94-A, No.1, pp.245-254, Jan. 2011.(pdf is available here)
    1. Jungsuk Song, Hiroki Takakura, Yasuo Okabe, Daisuke Inoue, Masashi Eto, Koji Nakao, 
      ''A Comparative Study of Unsupervised Anomaly Detection Techniques Using Honeypot Data'',
  • IEICE Transactions on Information and Systems, Vol.E93-D,No.9,pp.2544-2554, Sep. 2010.(pdf is available here)
    • Kenji Ohira, Jungsuk Song, Hiroki Takakura and Yasuo Okabe,
  1. IEICE Transactions on Information and Systems, Vol.E93-D,No.9,pp.2544-2554, Sep. 2010.(pdf is available here)
    1. Kenji Ohira, Jungsuk Song, Hiroki Takakura and Yasuo Okabe, 
      ''Construction and Operation of a Generic Honeypot System to Detect Attack Activities on Various Applications'',
  1. IEICE Transactions on Information and Systems, Vol.J93-D, No.7, pp.1125-1134, Jul. 2010. (In Japanese, pdf is available here)
    1. Jungsuk Song, Hiroki Takakura, Yasuo Okabe and Yongjin Kwon, 
      ''Unsupervised Anomaly Detection Based on Clustering and Multiple One-class SVM'',
  1. IEICE Transactions on Communications, Vol.E92-B, No.6, pp.1981-1990, Jun. 2009. (pdf is available here)
    1. Jungsuk Song, Kenji Ohira, Hiroki Takakura, Yasuo Okabe and Yongjin Kwon, 
      ''A Clustering Method for Improving Performance of Anomaly-based Intrusion Detection System'',
  1. IEICE Transactions on Information and Systems (Special Section on Information and Communication System Security), Vol.E91-D, No.5, pp.1282-1291, May. 2008. (pdf is available here)
    1. J. Song and Y. Kwon, 
      ''An RTSD System against Various Attacks for Low False Positive Rate Based on Patterns of Attacker's Behaviors'',
  1. IEICE Transactions on Information and Systems, Vol. E89-D, No. 10, pp. 2637-2643, Oct. 2006. (pdf is available here)
    1. J. Song and Y. Kwon, 
      ''A Real Time Scan Detection System against Attacks based on Port Scanning Techniques'',
Journal of KISS(Korea Information Science Society):Information Networking, Vol. 31, No. 2, pp. 171-178, Apr. 2004.(In Korean)





** Referred Symposium, Conference, and Workshop Papers
    • Jungsuk Song, Jumpei Shimamura, Masashi Eto, Daisuke Inoue, Koji Nakao,
    1. Jungsuk Song, Jumpei Shimamura, Masashi Eto, Daisuke Inoue, Koji Nakao, 
      ''Correlation Analysis between Spamming Botnets and Malware Infected Hosts'',
  1. SAINT 2011 Workshop on Network Technologies for Security, Administration and Protection (NETSAP), IEEE CS Press, pp.--, Munich, Germany, 18-22 July 2011. (to appear)
    1. Jungsuk Song, Hiroki Takakura, Yasuo Okabe, Masashi Eto, Daisuke Inoue and Koji Nakao, 
      ''Statistical Analysis of Honeypot Data and Building of Kyoto 2006+ Dataset for NIDS Evaluation'',
  1. Workshop on development of large scale security-related data collection and analysis initiatives(BADGERS 2011), ACM, pp.29-36, Salzburg, Austria, 10-13 April 2011.(pdf is available here)
    1. Masashi Eto, Daisuke Inoue, Jungsuk Song, Junji Nakazato, Kazuhiro Ohtaka, Koji Nakao, 
      ''nicter : A Large-Scale Network Incident Analysis System'',
  1. Workshop on development of large scale security-related data collection and analysis initiatives(BADGERS 2011), ACM, pp.37-45, Salzburg, Austria, 10-13 April 2011.(pdf is available here)
    1. Jungsuk Song, Masashi Eto, Hyung Chan Kim, Daisuke Inoue and Koji Nakao, 
      ''A Heuristic-based Feature Selection Method for Clustering Spam Emails'',
  1. 17th International Conference on Neural Information Processing(ICONIP 2010), LNCS 6443, Part I, pp.290-297, Sydney, Australia, 22-25 November 2010. (pdf is available here)
    1. Junji Nakazato, Jungsuk Song, Masashi Eto, Daisuke Inoue and Koji Nakao, 
      ''A Malware Classification Method Based on Threaded Function Call Traces'',
  1. The 5th Joint Workshop on Information Security (JWIS 2010), pp.52-66, Guangzhou, China, 5-6 August 2010. (pdf is available here)
    1. Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song and Koji Nakao, 
      ''On the Applicability of a DBI-Based Generic Unpacking Implementation'',
  1. The 5th Joint Workshop on Information Security (JWIS 2010), pp.331-345, Guangzhou, China, 5-6 August 2010. (pdf is available here)
    1. Jungsuk Song, Daisuke Inoue, Masashi Eto, Hyung Chan Kim and Koji Nakao, 
      ''An Empirical Study of Spam : Analyzing Spam Sending Systems and Malicious Web Servers'',
  1. SAINT 2010 Workshop on Network Technologies for Security, Administration and Protection (NETSAP), IEEE CS Press, pp. 257-260, Seoul, Korea, 19-23 July 2010. (pdf is available here)
    1. Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song and Koji Nakao, 
      ''How to Locate a Target Binary Process and Its Derivatives in System Emulator'',
  1. SAINT 2010 Workshop on Convergence Security and Privacy (CSnP), IEEE CS Press, pp. 273-276, Seoul, Korea, 19-23 July 2010. (pdf is available here)
    1. Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song and Koji Nakao, 
      ''Working Towards a Primary Binary Analysis System'',
  1. The 2010 International Conference on Security and Management (SAM2010), pp. 459-465, Las Vegas, USA, 12-15 July 2010. (pdf is available here)
    1. Jungsuk Song, Daisuke Inoue, Masashi Eto, Mio Suzuki, Satoshi Hayashi and Koji Nakao, 
      ''A Methodology for Analyzing Overall Flow of Spam-based Attacks'',
  1. 16th International Conference on Neural Information Processing(ICONIP 2009), LNCS 5864, pp. 556-564, Bangkok, Thailand, 1-5 December 2009. (pdf is available here)
    1. Jungsuk Song, Hiroki Takakura and Yongjin Kwon, 
      ''A Generalized Feature Extraction Scheme to Detect 0-Day Attacks via IDS Alerts'',
  1. The 2008 International Symposium on Applications and the Internet(SAINT2008), IEEE CS Press, pp. 51-56, Turku, FINLAND, 28 July - 1 Aug. 2008. (pdf is available here)
    1. Jungsuk Song, Hiroki Takakura and Yasuo Okabe, 
      ''Cooperation of Intelligent Honeypots to Detect Unknown Malicious Codes'',
  • WOMBAT Workshop on Information Security Threat Data Collection and Sharing (WISTDCS 2008), IEEE CS Press, pp. 31-39, Amsterdam, Netherlands, 21-22 April 2008. (pdf is available here)
    • Jungsuk Song, Hayato Ohba, Hiroki Takakura, Yasuo Okabe, Kenji Ohira and Yongjin Kwon,
  1. WOMBAT Workshop on Information Security Threat Data Collection and Sharing (WISTDCS 2008), IEEE CS Press, pp. 31-39, Amsterdam, Netherlands, 21-22 April 2008. (pdf is available here)
    1. Jungsuk Song, Hayato Ohba, Hiroki Takakura, Yasuo Okabe, Kenji Ohira and Yongjin Kwon, 
      ''A Comprehensive Approach to Detect Unknown Attacks via Intrusion Detection Alerts'',
[[The twelfth Asian Computing Science Conference(ASIAN2007) Focusing on Computer and Network Security:http://www.qatar.cmu.edu/asian07/]], LNCS 4846,
  • pp. 247-253, Doha, Qatar, 9-11 December 2007. (pdf is available here)
    • Jungsuk Song, Hiroki Takakura, Yasuo Okabe, Yongjin Kwon,
  1. pp. 247-253, Doha, Qatar, 9-11 December 2007. (pdf is available here)
    1. Jungsuk Song, Hiroki Takakura, Yasuo Okabe, Yongjin Kwon, 
      ''A Robust Feature Normalization Scheme and an Optimized Clustering Method for Anomaly-based Intrusion Detection System'',
  1. Proc. 12th International Conference on Database Systems for Advanced Applications (DASFAA2007),(Lecture Notes in Computer Science 4443), pp. 140-151, Bangkok, Thailand, 9-12 April 2007. (pdf is available here)
    1. J. Song and Y. Kwon, 
      ''A Visual RTSD System against Various Attacks for Low False Positive Rate Based on Patterns of Attacker's Behaviors'',
Pre-Proceedings of the 5th International Workshop on Information Security Applications (WISA 2004), Vol. 5, pp. 695-704, Jeju-island, Korea, 23-25 August 2004.


**Technical Reports and Oral Presentations
    • Jungsuk Song, Daisuke Inoue, Masashi Eto, Hyung Chan Kim, Koji Nakao, A Preliminary Investigation for Analyzing Network Incidents Caused by Spam,
  • The Symposium on Cryptography and Information Security (SCIS2010), Takamatsu, Japan, Jan. 19-22, 2010.
    • Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song, Koji Nakao,
    1. Jungsuk Song, Daisuke Inoue, Masashi Eto, Hyung Chan Kim, Koji Nakao, A Preliminary Investigation for Analyzing Network Incidents Caused by Spam,
  1. The Symposium on Cryptography and Information Security (SCIS2010), Takamatsu, Japan, Jan. 19-22, 2010.
    1. Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song, Koji Nakao, 
      ''An Extended QEMU Emulator for Primary Binary Analysis'',
  • The Symposium on Cryptography and Information Security (SCIS2010), Takamatsu, Japan, Jan. 19-22, 2010.
    • Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song, Koji Nakao,
  1. The Symposium on Cryptography and Information Security (SCIS2010), Takamatsu, Japan, Jan. 19-22, 2010.
    1. Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song, Koji Nakao, 
      ''An Implementation of a Generic Unpacking Method on Bochs Emulator'',
  1. Proc. of the Computer Security Symposium 2009 (CSS2009), vol. 2, pp. 997-1002, 26-28 October 2009.
    1. Hiroki Takakura, Jungsuk Song, Takayuki Ito, 
      ''How 77DDoS attack observed in the Japanese Internet'',
  1. International Workshop on DDoS Attacks and Defenses, KAIST-ICC, Daejeon, Korea, September 29-30, 2009.
    1. Jungsuk Song, Hiroki Takakura, Yasuo Okabe, 
      ''A Network Intrusion Detection System Based on Clustering and Multiple One-class SVM'',
  • 12th Core University Program Seminar on Next Generation Internet Technologies, Beppu, Japan, Feb. 2009.
    • Jungsuk Song, Hiroki Takakura, Yasuo Okabe,
  1. 12th Core University Program Seminar on Next Generation Internet Technologies, Beppu, Japan, Feb. 2009.
    1. Jungsuk Song, Hiroki Takakura, Yasuo Okabe, 
      ''Performance Evaluation of Unsupervised Machine Learning Techniques for Intrusion Detection'',
  • 11th Core University Program Seminar on Next Generation Internet Technologies, Busan, Korea, Aug. 2008.
    • Hiroki Takakura and Jungsuk Song, Situation of Zero-Day Attacks on the Internet and their Detection Method,SIG-FPAI-A801-05, July 4, 2008.(in Japanese).
    • Jungsuk Song, Hiroki Takakura, Yasuo Okabe,
  1. 11th Core University Program Seminar on Next Generation Internet Technologies, Busan, Korea, Aug. 2008.
    1. Hiroki Takakura and Jungsuk Song, Situation of Zero-Day Attacks on the Internet and their Detection Method,SIG-FPAI-A801-05, July 4, 2008.(in Japanese).
    1. Jungsuk Song, Hiroki Takakura, Yasuo Okabe, 
      ''Data Mining and Visualization of IDS Alerts to Extract Malicious Activities'',
9th Core University Program Seminar on Next Generation Internet Technologies,
  • Oct. 2007.
    • Jungsuk Song, Hiroki Takakura, Yasuo Okabe,
  • A Proposal of New Benchmark Data to Evaluate Mining Algorithms for Intrusion Detection, 23th APAN Meeting in Manila, Jan. 2007.
    • Hayato Ohba, Jungsuk Song, Hiroki Takakura and Yasuo Okabe,
  1. Oct. 2007.
    1. Jungsuk Song, Hiroki Takakura, Yasuo Okabe,
  2. A Proposal of New Benchmark Data to Evaluate Mining Algorithms for Intrusion Detection, 23th APAN Meeting in Manila, Jan. 2007.
    1. Hayato Ohba, Jungsuk Song, Hiroki Takakura and Yasuo Okabe, 
      ''Analysis and Visualization of Network IDS Data Using Machine Learning'',
  • IEICE Technical Report, vol. 106, no. 465, IA2006-36, pp. 31-36, Jan. 2007.(in Japanese)
    • Kenji Ohira, Jungsuk Song, Hiroki Takakura and Yasuo Okabe,
  1. IEICE Technical Report, vol. 106, no. 465, IA2006-36, pp. 31-36, Jan. 2007.(in Japanese)
    1. Kenji Ohira, Jungsuk Song, Hiroki Takakura and Yasuo Okabe, 
      ''A Construction Method of a Honeypot System to Safely Collect Unknown alicious Codes'',
  1. IEICE Technical Report, vol. 106, no.62, IA2006-1, pp. 1-6, May 2006.(in Japanese)
    1. J. Song, H. Takakura, Y. Okabe, Y. Kwon, A Study on Accuracy Improvement of Intrusion Detection System Based on Data Mining, In Proceedings of KISS (Korea Information Science Society) Korea Computer Congress 2005 , Vol.32, No.1, pp.208-210, July 6-8, 2005.
    • J. Song, H. Takakura, Y. Okabe, Y. Kwon, A Study on Accuracy Improvement of Intrusion Detection System Based on Data Mining, In Proceedings of KISS (Korea Information Science Society) Korea Computer Congress 2005 , Vol.32, No.1, pp.208-210, July 6-8, 2005. 
  • *Hobbies
-Watching Computer Games, Especially [[Starcraft:http://en.wikipedia.org/wiki/StarCraft]]
-Playing and Watching Soccer
-Watching Baseball


*Dreams
Song Microsystems CEO


*Links
-[[Okabe Lab.:http://www.net.ist.i.kyoto-u.ac.jp/ja/index.php?%B2%AC%C9%F4%B8%A6%B5%E6%BC%BC]]
-[[IEICE Review Process:https://review.ieice.org/index_j.aspx]]
-[[Journal Search SCI:http://scientific.thomsonreuters.com/cgi-bin/jrnlst/jloptions.cgi?PC=K]]
-[[Journal Search SCIE:http://scientific.thomsonreuters.com/cgi-bin/jrnlst/jloptions.cgi?PC=D]]
-[[ACM Transactions on Information and System Security(SCIE):http://tissec.acm.org/]]
-[[ACM Transactions on Information Systems(SCI):http://tois.acm.org/]]
-[[The IEEE/ACM Transactions on Networking(SCI):http://www.ton.cs.umass.edu/]]
-[[IEEE Security & Privacy(Magazine, SCIE):http://www.computer.org/portal/site/security/]]
-[[IEEE Network(Magazine, SCI):http://www.comsoc.org/livepubs/ni/]]
-[[IEEE Transactions on Dependable and Secure Computing(SCIE):http://www.computer.org/portal/web/tdsc]]
-[[IEEE Transactions on Computers(SCI):http://www.computer.org/portal/web/tc]]
-[[IEEE Transactions on Visualization and Computer Graphics(SCI):http://www.computer.org/portal/web/tvcg]]
-[[ELSEVIER Computers & Security(SCIE):http://www.elsevier.com/wps/find/journaldescription.cws_home/405877/description#description]]
-[[ELSEVIER Computer Networks(SCIE):http://www.elsevier.com/wps/find/journaldescription.cws_home/505606/description#description]]
-[[ELSEVIER Computer Communications(SCIE):http://www.elsevier.com/wps/find/journaldescription.cws_home/525440/description#description]]
-[[ELSEVIER Information Sciences(SCI):http://www.elsevier.com/wps/find/journaldescription.authors/505730/description]]
-[[IEEE Computer Society's Technical Committee on Security and Privacy:http://www.ieee-security.org/]]
-[[Computer Security Foundations Symposium:http://www.ieee-security.org/CSFWweb/]]
-[[Journal of Computer Security:http://www.mitre.org/public/jcs/]]
-[[ACM/SIGCOMM:http://www.sigcomm.org/]]
-[[RAID2008:http://www.ll.mit.edu/RAID2008/index.html]]
-[[USENIX:http://www.usenix.org/]]
-[[DASFAA2007:http://www.dasfaa07.ait.ac.th/index.htm]]
-[[ASIAN2007:http://www.qatar.cmu.edu/asian07/]]
-[[ICONIP2009:http://www.iconip09.org/]]
-[[SAINT:http://www.saintconference.org/]]
-[[NPSec2010:http://webgaki.inf.shizuoka.ac.jp/~npsec2010/]]
-[[NETSAP2010:http://infonet.cse.kyutech.ac.jp/conf/saint10/workshop-CFPaper/ws-cfp-4.html]]