• Journal of Internet Computing and Services
• /
• v.8 no.2
• /
• pp.55-65
• /
• 2007

BcN is a high-quality broadband network for multimedia services integrating telecommunication, broadcasting, and Internet seamlessly at anywhere, anytime, and using any device. BcN is Particularly vulnerable to intrusion because it merges various traditional networks, wired, wireless and data networks. Because of this, one of the most important aspects in BcN is security in terms of reliability. So, in this paper, we suggest the sharing mechanism of security data among various service networks on the BcN. This distributed, hierarchical architecture enables BcN to be robust of attacks and failures, controls data traffic going in and out the backbone core through IP edge routers integrated with IDRS. Our proposed anomaly detection scheme on IDRS for BcN service also improves detection rate compared to the previous conventional approaches.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.385-395
• /
• 2018

With the development of Internet, cyber attack has become a major threat. To detect cyber attacks, intrusion detection system(IDS) has been widely deployed. But IDS has a critical weakness which is that it generates a large number of false alarms. One of the promising techniques that reduce the false alarms in real time is machine learning. However, there are problems that must be solved to use machine learning. So, many machine learning approaches have been applied to this field. But so far, researchers have not focused on features. Despite the features of IDS alerts are important for performance of model, the approach to feature is ignored. In this paper, we propose new feature set which can improve the performance of model and can be extracted from a single alarm. New features are motivated from security analyst's know-how. We trained and tested the proposed model applied new feature set with real IDS alerts. Experimental results indicate the proposed model can achieve better accuracy and false positive rate than SVM model with ordinary features.

• Journal of Internet Computing and Services
• /
• v.17 no.6
• /
• pp.1-8
• /
• 2016

Current indoor intrusion detection and location tracking methods have the weakness in seamless operations in tracking the objective because the object must possess a communicating device and the limitation of the single cell size (approximate $100cm{\times}100cm$) exits. Also, the utilization of CCTV technologies show the shortcomings in tracking when the object disappear the area where the CCTV is not installed or illumination is not enough for capturing the scene (e.g. where the context-awarded system is not installed or low illumination presents). Therefore, in this paper we present an improved in-door tracking system based on sensor networks. Such system is built on a simulated scenario and enables us to detect and extend the area of surveillance as well as actively responding the emergency situation. Through simulated studies, we have demonstrated that the proposed system is capable of supplementing the shortcomings of signal cutting, and of estimating the location of the moving object. We expect the study will improve the better analysis of the intruder behavior, the more effective prevention and flexible response to various emergency situations.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.6
• /
• pp.55-62
• /
• 2010

Monitoring systems are able to report certain events at region of interest(ROI) and to take an appropriate action. From industrial product line full of robots to fire detection, intrusion detection, smart grid application, environmental pollution alarm system, monitoring system has widely used in diverse industry sector. Recently, due to advance of wireless communication technology and availability of low cost sensors, intelligent and/or smart monitoring systems such as sensor networks has been developed. Several deployment methods are introduced to meet various monitoring needs and deployment performance criteria are also summarized to be used to identify weak point and be useful at designing monitoring systems. Both efficiency during deployment and usefulness after the deployment should be assessed. Efficiency factors during deployment are elapsed time, energy required, deployment cost, safety, sensor node failure rate, scalability. Usefulness factors after deployment are ROI coverage, connectivity, uniformity, target density similarity, energy consumption rate per unit time and so on.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.617-629
• /
• 2020

In order to overcome the limitations of the rule-based intrusion detection system due to changes in Internet computing environments, the emergence of new services, and creativity of attackers, network anomaly detection (NAD) using machine learning and deep learning technologies has received much attention. Most of these existing machine learning and deep learning technologies for NAD use supervised learning methods to learn a set of training data set labeled 'normal' and 'attack'. This paper presents the feasibility of the unsupervised learning AutoEncoder(AE) to NAD from data sets collecting of secured network traffic without labeled responses. To verify the performance of the proposed AE mode, we present the experimental results in terms of accuracy, precision, recall, f1-score, and ROC AUC value on the NSL-KDD training and test data sets. In particular, we model a reference AE through the deep analysis of diverse AEs varying hyper-parameters such as the number of layers as well as considering the regularization and denoising effects. The reference model shows the f1-scores 90.4% and 89% of binary classification on the KDDTest+ and KDDTest-21 test data sets based on the threshold of the 82-th percentile of the AE reconstruction error of the training data set.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.747-761
• /
• 2024

Recently, modern vehicles have been controlled by Electronic Control Units (ECUs), by which the safety and convenience of drivers are highly improved. It is known that a luxury vehicle has more than 100 ECUs to electronically control its function. However, the modern vehicles are getting targeted by cyber attacks because of this computer-based automotive system. To address the cyber attacks, automotive manufacturers have been developing some methods for securing their vehicles, such as automotive Intrusion Detection System (IDS). This development is only allowed to the automotive manufacturers because they have databases for their in-vehicle network (i.e., DBC Format File) which are highly confidential. This confidentiality poses a significant challenge to external researchers who attempt to conduct automotive security researches. To handle this restricted information, in this paper, we propose a method to partially understand the DBC Format File by analyzing in-vehicle network traffics. Our method is designed to analyze Controller Area Network (CAN) traffics so that checksum signals are identified in CAN Frame Data Field. Also, our method creates a Lookup Set by which a checksum signal is correctly estimated for a given message. We validate our method with the publicly accessible dataset as well as one from a real vehicle.

• Korean journal of applied entomology
• /
• v.58 no.3
• /
• pp.183-187
• /
• 2019

To establish the cooperative monitoring network which can investigate introductions or outbreaks of high risk insect pests into Korea, seven universities, Gyeongsang National University, Kunsan National University, Seoul National University, Sunchon National University, Andong National University, Jeju National University, and Chungbuk National University, carried out seven regions' monitoring about nine high risk insect pests, Aceria diospyri, Bactrocera dorsalis, Bactrocera minax, Bactrocera tsuneonis, Cydia pomonella, Lobesia botrana, Proeulia sp., Solenopsis invicta, Stephanitis takeyai, from June to October in 2018. A total of 7,560 traps/visual scouting were investigated in 315 points of 105 local sites of seven regions, resulting the nine species, A. diospyri, B. dorsalis, B. minax, B. tsuneonis, C. pomonella, L. botrana, Proeulia sp., S. invicta, and S. takeyai, were not detected. From this study, we established the nationwide monitoring system which can early detect high risk insect pests and secured a bridgehead for monitoring invasive insect pests passing the border.