We proposes a method for determining the frequency for monitoring the activities of a malware download site used for malware attacks on websites. In recent years, there has been an increase in attacks exploiting vulnerabilities in web applications for infecting websites with malware and maliciously using those websites as attack platforms. One scheme for countering such attacks is to blacklist malware download sites and filter out access to them from user websites. However, a malware download site is often constructed through the use of an ordinary website that has been maliciously manipulated by an attacker. Once the malware has been deleted from the malware download site, this scheme must be able to unblacklist that site to prevent normal user websites from being falsely detected as malware download sites. However, if a malware download site is frequently monitored for the presence of malware, the attacker may sense this monitoring and relocate that malware on a different site. This means that an attack will not be detected until the newly generated malware download site is discovered. In response to these problems, we clarify the change in attack-detection accuracy caused by attacker behavior. This is done by modeling attacker behavior, specifying a state-transition model with respect to the blacklisting of a malware download site, and analyzing these models with synthetically generated attack patterns and measured attack patterns in an operation network. From this analysis, we derive the optimal monitoring frequency that maximizes the true detection rate while minimizing the false detection rate.

In the literature, two connectivity-based distributed clustering schemes exist: CDC (Connectivity-based Distributed node Clustering scheme) and SDC (SCM-based Distributed Clustering). While CDC and SDC have mechanisms for maintaining clusters against nodes joining and leaving, neither method assumes that frequent changes occur in the network topology. In this paper, we propose a lightweight distributed clustering method that we term SBDC (Schelling-Based Distributed Clustering) since this scheme is derived from Schelling's model – a popular segregation model in sociology. We evaluate the effectiveness of the proposed SBDC in an environment where frequent changes arise in the network topology. Our simulation results show that SBDC outperforms CDC and SDC under frequent changes in network topology caused by high node mobility.

While online communities are important platforms for various social activities, many online communities fail to survive, which motivates researchers to investigate factors affecting the growth and survival of online communities. We comprehensively examine the effects of a wide variety of social network features on the growth and survival of communities in Reddit. We show that several social network features, including clique ratio, density, clustering coefficient, reciprocity and centralization, have significant effects on the survival of communities. In contrast, we also show that social network features examined in this paper only have weak effects on the growth of communities. Moreover, we conducted experiments predicting future growth and survival of online communities utilizing social network features as well as contents and activity features in the communities. The results show that prediction models utilizing social network features as well as contents and activity features achieve approximately 30% higher F1 measure, which evaluates the prediction accuracy, than the models only using contents and activity features. In contrast, it is also shown that social network features are not effective for predicting the growth of communities.

The Technical Committee on Communication Behavior Engineering addresses the research question “How do we construct a communication network system that includes users?”. The growth in highly functional networks and terminals has brought about greater diversity in users' lifestyles and freed people from the restrictions of time and place. Under this situation, the similarities of human behavior cause traffic aggregation and generate new problems in terms of the stabilization of network service quality. This paper summarizes previous studies relevant to communication behavior from a multidisciplinary perspective and discusses the research approach adopted by the Technical Committee on Communication Behavior Engineering.

Socially aware networking is an emerging research field that aims to improve the current networking technologies and realize novel network services by applying social network analysis (SNA) techniques. Conducting socially aware networking studies requires knowledge of both SNA and communication networking, but it is not easy for communication networking researchers who are unfamiliar with SNA to obtain comprehensive knowledge of SNA due to its interdisciplinary nature. This paper therefore aims to fill the knowledge gap for networking researchers who are interested in socially aware networking but are not familiar with SNA. This paper surveys three types of important SNA techniques for socially aware networking: identification of influential nodes, link prediction, and community detection. Then, this paper introduces how SNA techniques are used in socially aware networking and discusses research trends in socially aware networking.