• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.831-840
• /
• 2002

Due to the advance of computer and communication technology, intrusions or crimes using a computer have been increased rapidly while tremendous information has been provided to users conveniently Specially, for the security of a database which stores important information such as the private information of a customer or the secret information of a company, several basic suity methods of a database management system itself or conventional misuse detection methods have been used. However, a problem caused by abusing the authority of an internal user such as the drain of secret information is more serious than the breakdown of a system by an external intruder. Therefore, in order to maintain the sorority of a database effectively, an anomaly defection technique is necessary. This paper proposes a method that generates the normal behavior profile of a user from the database log of the user based on an association mining method. For this purpose, the Information of a database log is structured by a semantically organized pattern tree. Consequently, an online transaction of a user is compared with the profile of the user, so that any anomaly can be effectively detected.

• Journal of Korea Game Society
• /
• v.9 no.2
• /
• pp.125-133
• /
• 2009

Game artificial intelligence is usually used to provide intelligent and adjusted game environment for user. Previously, it was used for Non-player character(NPC) playing a role of a company or an enemy through collecting and analyzing a user's behaviour. However, it was just mimicking the user's behavior. This paper introduces a method to change game environment by analyzing a user's game behavior. Game behavior data has been used to understand user's game preference. Also, the user's preference was used to provide more active game environment by reflecting decision of geographical features, items and distribution of NPC. For experiment of the suggested method, we utilized a real 2D action game and confirmed the game environment which changing properly according to the user's game play.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.365-371
• /
• 2021

With the rapid growth in Internet users, web applications are becoming the main target of hackers. Most previous WAFs (Web Application Firewalls) target every single HTTP request packet rather than the overall behavior of the attacker, and are known to be difficult to detect new types of attacks. In this paper, we propose a web attack detection system based on user behavior using machine learning to detect attacks of unknown patterns. In order to define user behavior, we focus on features excluding areas where an attacker can camouflage as a normal user. The experimental results shows that by using the path and query information to define users' behaviors, best results for an accuracy of 99% with Decision forest.

• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.3-8
• /
• 2022

Security threats occur from the outside, but more often from the inside. In particular, since the internal user knows about the information service, the security threat damage caused by the internal user is greater. In this environment, the actions of all users accessing information services should be monitored and recorded in real-time. However, the current operating system records only the logs of system and application execution, so there is a limit to monitoring user behavior in real-time. In such a security environment, damage may occur due to user's unauthorized actions. To solve this problem, this study proposes an architecture that monitors user behavior in real-time in a Linux environment. As a result of verifying the function to confirm the effectiveness of the proposed architecture, the console input values and output angles of all users who have access to the operating system are monitored in real-time and stored. Although the performance of the proposed architecture is somewhat slower than the identification and authentication functions provided by the operating system, it was confirmed that the performance was not at a level that users would recognize, and thus it was judged to be sufficiently effective. However, since this study focuses on monitoring the console behavior, it is impossible to monitor the behavior of user applications running in the background, so additional research is needed.

• The Journal of the Korea Contents Association
• /
• v.17 no.2
• /
• pp.404-414
• /
• 2017

With the development of smartphones and online social networks, users produce a lot of contents and share them with each other. Therefore, users spend time by viewing or receiving the contents they do not want. In order to solve such problems, schemes for recommending useful contents have been actively studied. In this paper, we propose a contents recommendation scheme using collaborative filtering for users on online social networks. The proposed scheme consider a user trust in order to remove user data that lower the accuracy of recommendation. The user trust is derived by analyzing the user activity of online social network. For evaluating the user trust from various points of view, we collect user activities that have not been used in conventional techniques. It is shown through performance evaluation that the proposed scheme outperforms the existing scheme.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10b
• /
• pp.562-564
• /
• 2004

아바타는 최근 각광 받고 있는 기술로서 다양한 분야에서 많은 활용 및 발전이 기대된다. 그러나 현재 아바타 행위 표현 및 제어에는 체계적이고 표준적인 접근 방식이 결여되어 있어 아바타 행위 표현의 어려움이 있는 실정이다. 본 논문에서는 다양한 도메인 환경에서 아바타의 제어를 보다 용이하게 하기 위해서 아바타 행위 표현의 계층적 접근 방식을 제안하였다. 이를 위해 다양한 도메인 환경에서 사용되는 작업레벨 행위 모델을 정의하여 사용자가 특정 도메인에서 아바타에게 필요한 작업레벨 행위들을 할당하도록 하고, 이것은 아바타의 동작을 특정 도메인이나 구현환경과 독립적 및 추상적으로 설계한 상위레벨 동작으로 표현된다. 마지막으로 상위레벨 동작은 아바타 엔진이 제어할 수 있는 기본 동작으로 표현되어 다양한 구현 환경에 적용된다. 이와 같은 접근 방식을 통하여 사용자 측면에서 보다 쉽게 아바타의 행위를 제어할 수 있으며, 계층적인 표현 및 제어방식으로 스크립트의 호환성, 확장성 및 재사용성을 높였다

• Proceedings of the Korean Information Science Society Conference
• /
• 1999.10c
• /
• pp.306-308
• /
• 1999

사회분야 전반이 전산화되면서 전산시스템에 대한 효과적인 침입방지와 탐지가 중요한 문제로 대두되었다. 침입행위도 정상사용행위와 마찬가지로 전산시스템 서비스를 사용하므로 호출된 서비스의 순서로 나타난다. 본 논문에서는 정상사용행위에 대한 서비스 호출순서를 모델링 한 후 사용자의 사용패턴을 정상행위와 비교해서 비정상행위(anomaly)를 탐지하는 접근방식을 사용한다. 정상 행위 모델링에는 순서정보를 통계적으로 모델링하고 펴가하는데 널리 쓰이고 있는 HMM(Hidden Markov Model)을 사용하였다. Sun사의 BSM 모듈로 얻어진 3명 사용자의 사용로그에 대하여 본 시스템을 적용한 결과, 학습되지 않은 u2r 침입에 대해 2.95%의 false-positive 오류에서 100%의 탐지율을 보여주었다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.1328-1331
• /
• 2013

본 논문에서는 스마트폰 내장 가속도 센서를 이용한 2단계 행위 인식 시스템을 제안한다. 제안하는 행위 인식 시스템에서는 행위 별 시간에 따른 가속도 센서 데이터의 변화 패턴을 충분히 반영하기 위해, 1단계 분류에서는 결정트리 모델 학습과 분류를 수행하고, 2단계 분류에서는 1단계 분류 결과들의 시퀀스를 이용하여 HMM모델 학습과 분류를 수행하였다. 또한, 본 논문에서는 특정 사용자나 스마트폰의 특정 위치, 방향 변화에도 견고한 행위 인식을 위하여, 동일한 행위에 대해 사용자와 스마트폰의 위치, 방향을 변경하면서 다양한 훈련 데이터를 수집하였다. 6720개의 가속도 센서 데이터를 이용하여 총 6가지 실내 행위들을 인식하기 위한 실험들을 수행하였고, 그 결과 높은 인식 성능을 확인 할 수 있었다.

• Journal of KIISE:Software and Applications
• /
• v.33 no.9
• /
• pp.751-775
• /
• 2006

In this paper, we suggested an avatar control technique using the high-level behavior. We separated behaviors into three levels according to level of abstraction and defined layered scripts. Layered scripts provide the user with the control over the avatar behaviors at the abstract level and the reusability of scripts. As the 3D environment gets complicated, the number of required avatar behaviors increases accordingly and thus controlling the avatar-object behaviors gets even more challenging. To solve this problem, we embed avatar behaviors into each environment object, which informs how the avatar can interact with the object. Even with a large number of environment objects, our system can manage avatar-object interactions in an object-oriented manner Finally, we suggest an easy-to-use user interface technique that allows the user to control avatars based on context menus. Using the avatar behavior information that is embedded into the object, the system can analyze the object state and filter the behaviors. As a result, context menu shows the behaviors that the avatar can do. In this paper, we made the virtual presentation environment and applied our model to the system. In this paper, we suggested the technique that we controling an the avatar control technique using the high-level behavior. We separated behaviors into three levels byaccording to level of abstract levelion and defined multi-levellayered script. Multi-leveILayered script offers that the user can control avatar behavior at the abstract level and reuses script easily. We suggested object models for avatar-object interaction. Because, TtThe 3D environment is getting more complicated very quickly, so that the numberss of avatar behaviors are getting more variableincreased. Therefore, controlling avatar-object behavior is getting complex and difficultWe need tough processing for handling avatar-object interaction. To solve this problem, we suggested object models that embedded avatar behaviors into object for avatar-object interaction. insert embedded ail avatar behaviors into object. Even though the numbers of objects areis large bigger, it can manage avatar-object interactions by very efficientlyobject-oriented manner. Finally Wewe suggested context menu for ease ordering. User can control avatar throughusing not avatar but the object-oriented interfaces. To do this, Oobject model is suggested by analyzeing object state and filtering the behavior, behavior and context menu shows the behaviors that avatar can do. The user doesn't care about the object or avatar state through the related object.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.9
• /
• pp.921-928
• /
• 2004

This paper proposed dynamic adaptive model based on discrete probability distribution function and user profile in web based HyperMedia educational systems. This modelsrepresents application domain to weighted direction graph of dynamic adaptive objects andmodeling user actions using dynamically approach method structured on discrete probability function. Proposed probabilitic analysis can use that presenting potential attribute to useractions that are tracing search actions of user in WebMedia structure. This approach methodscan allocate dynamically appropriate profiles to user.