• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.53-60
• /
• 2020

At the present stage of the fourth industrial revolution, machine learning and artificial intelligence technologies are rapidly developing, and there is a movement to apply machine learning technology in the security field. Malicious code, including new and transformed, generates an average of 390,000 a day worldwide. Statistics show that security companies ignore or miss 31 percent of alarms. As many malicious codes are generated, it is becoming difficult for humans to detect all malicious codes. As a result, research on the detection of malware and network intrusion events through machine learning is being actively conducted in academia and industry. In international conferences and journals, research on security data analysis using deep learning, a field of machine learning, is presented. have. However, these papers focus on detection accuracy and modify several parameters to improve detection accuracy but do not consider the ratio of dataset. Therefore, this paper aims to reduce the cost and resources of many machine learning research by finding the ratio of dataset that can derive the highest detection accuracy in CNN Mobile net-based malware detection model.

• Journal of Digital Convergence
• /
• v.10 no.7
• /
• pp.123-128
• /
• 2012

In this paper, we propose a landmark-detection system of object for more accurate object recognition. The landmark-detection system of object becomes divided into a learning stage and a detection stage. A learning stage is created an interest-region model to set up a search region of each landmark as pre-information necessary for a detection stage and is created a detector by each landmark to detect a landmark in a search region. A detection stage sets up a search region of each landmark in an input image with an interest-region model created in the learning stage. The proposed system uses Fast Fourier Transform to detect landmark, because the landmark-detection is fast. In addition, the system fails to track objects less likely. After we developed the proposed method was applied to environment video. As a result, the system that you want to track objects moving at an irregular rate, even if it was found that stable tracking. The experimental results show that the proposed approach can achieve superior performance using various data sets to previously methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.785-794
• /
• 2019

Recently Deep Learning technology, one of the fourth industrial revolution technologies, is used to identify the hidden meaning of network data that is difficult to detect in the security arena and to predict attacks. Property and quality analysis of data sources are required before selecting the deep learning algorithm to be used for intrusion detection. This is because it affects the detection method depending on the contamination of the data used for learning. Therefore, the characteristics of the data should be identified and the characteristics selected. In this paper, the characteristics of malware were analyzed using network data set and the effect of each feature on performance was analyzed when the deep learning model was applied. The traffic classification experiment was conducted on the comparison of characteristics according to network characteristics and 96.52% accuracy was classified based on the selected characteristics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.201-211
• /
• 2022

According to the recent change in the cybersecurity paradigm, research on anomaly detection methods using machine learning and deep learning techniques, which are AI implementation technologies, is increasing. In this study, a comparative study on data preprocessing techniques that can improve the anomaly detection performance of a GRU (Gated Recurrent Unit) neural network-based intrusion detection model using NGIDS-DS (Next Generation IDS Dataset), an open dataset, was conducted. In addition, in order to solve the class imbalance problem according to the ratio of normal data and attack data, the detection performance according to the oversampling ratio was compared and analyzed using the oversampling technique applied with DCGAN (Deep Convolutional Generative Adversarial Networks). As a result of the experiment, the method preprocessed using the Doc2Vec algorithm for system call feature and process execution path feature showed good performance, and in the case of oversampling performance, when DCGAN was used, improved detection performance was shown.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.169-180
• /
• 2009

Generally home networks are based on wired network and wireless network. This makes customers be capable of using electric home appliances and full-duplex multimedia services and controlling the machines without any restrictions of place or time. Now that the scope of home security is being extended, the home networks can be formed with not only personal computer but also home automation, electric home appliances, and etc. But this causes many of attacks of invasion and damages. Therefore in this paper we suggest the SSIP(Secure Session Initiate protocol) model for solving those problems. The SSIP model is able to provide an efficient authentication and reduce the time of session re-establishment and set-up by adding ability of SIP authentication to Cluster-to-Cluster environment performed on home gateway.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.21-26
• /
• 2024

The security model in the previous network environment has a vulnerability in which resource access control for trusted users is not properly achieved using the Perimeter model based on trust. The Zero Trust is an absolute principle to assume that the users and devices accessing internal data have nothing to trust. Applying the Zero Trust principle is very successful in reducing the attack surface of an organization, and by using the Zero Trust, it is possible to minimize damage when an attack occurs by limiting the intrusion to one small area through segmentation. ZTNA is a major technology that enables organizations to implement Zero Trust security, and similar to Software Defined Boundary (SDP), ZTNA hides most of its infrastructure and services, establishing one-to-one encrypted connections between devices and the resources they need. In this study, we review the functions and requirements that become the principles of the ZTNA architecture, and also study the security requirements and additional considerations according to the construction and operation of the ZTNA solution.

• Smart Media Journal
• /
• v.12 no.11
• /
• pp.36-47
• /
• 2023

Industrial Control System(ICS), which controls facilities at major industrial sites, is increasingly connected to other systems through networks. With this integration and the development of intelligent attacks that can lead to a single external intrusion as a whole system paralysis, the risk and impact of security on industrial control systems are increasing. As a result, research on how to protect and detect cyber attacks is actively underway, and deep learning models in the form of unsupervised learning have achieved a lot, and many abnormal detection technologies based on deep learning are being introduced. In this study, we emphasize the application of preprocessing methodologies to enhance the anomaly detection performance of deep learning models on time series data. The results demonstrate the effectiveness of a Wavelet Transform (WT)-based noise reduction methodology as a preprocessing technique for deep learning-based anomaly detection. Particularly, by incorporating sensor characteristics through clustering, the differential application of the Dual-Tree Complex Wavelet Transform proves to be the most effective approach in improving the detection performance of cyber attacks.

• Research in Plant Disease
• /
• v.18 no.4
• /
• pp.361-369
• /
• 2012

A population density model for bacterial wilt, which is caused by Ralstonia solanacearum, in hot pepper was developed to estimate the primary infection date after overwintering in the field. We developed the model mechansitically to predict reproduction of the pathogen and pathogensis on seedlings of the host. The model estimates the pathogen's populations both in the soil and in the host. In order to quantify environmental infection factors, various temperatures and initial population densities were determined for wilt symptoms on the seedlings of hot pepper in a chamber. Once, the pathogens living in soil multiply up to 400 cells/g of soil, they can infect successfully in the host. Primary infection in a host was supposed to be started when the population of the pathogen were over $10^9$ cells/g of root tissue. The estimated primary infection dates of bacterial wilt in 2011 in Korea were mostly mid-July or late-July which were 10-15 days earlier than those in 2010. Two kinds of meterological data, synoptic observation and field measurements from paddy field and orchard in Kyunggi, were operated the model for comparing the result dates. About 1-3 days were earlier from field data than from synoptic observation.

• Journal of Advanced Navigation Technology
• /
• v.25 no.1
• /
• pp.1-7
• /
• 2021

Detect and avoid (DAA) system, which is essential for the operation of UAS, detects intruding aircraft and offers the ranges of turn and climb/descent maneuver that are required to avoid the intruder. This paper uses detect and avoid alerting logic for unmanned systems (DAIDALUS) developed at NASA as a DAA algorithm. Since DAIDALUS offers ranges of avoidance maneuvers, the actual avoidance maneuver must be decided by the UAS pilot as well as the timing and method of returning to the original route. It can be readily used in real-time human-in-the-loop (HiTL) simulations where a human pilot is making the decision, but a pilot decision model is required in fast-time simulations that proceed without human pilot intervention. This paper proposes a pilot decision model that maneuvers the aircraft based on the DAIDALUS avoidance maneuver range. A series of tests were conducted using test vectors from radio technical commission for aeronautics (RTCA) minimum operational performance standards (MOPS). The alert levels differed by the types of encounters, but loss of well clear (LoWC) was avoided. This model will be useful in fast-time simulation of high-volume traffic involving UAS.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2005.05b
• /
• pp.1317-1322
• /
• 2005

하수관거 설계시나 단지개발사업, 그리고 하수관거정비사업과 같이 오수처리시설의 적정 규모 결정을 위해서는 정확한 상수사용량 및 오수발생량 원단위가 요구되지만 국내의 경우 이러한 원단위에 대한 기초자료 부족과 자료의 신빙성 결여로 인해 적정 원단위를 결정하는데 어려움이 있다. 이러한 관점에서 단지개발이 이루어지는 도시에서는 도시의 규모, 입지조건, 기후조건, 생활양식 등 다양한 요인들이 고려된 오수발생패턴 및 발생량 조사가 필요하며, 조사된 원단위는 오수처리시설의 적정 규모 결정뿐 아니라 침입수/유입수 분석 및 하수관거정비에 대한 성과예측에도 활용될 수 있다. 본 연구에서는 현재 단지개발 및 하수관거정비사업이 진행중인 하남시의 표본이 될 수 있는 대표구역을 선정하고 그 지역에서 조사지역을 세부적으로 분류하여 각 지역별 오수발생특성을 분석하였다. 대상지역인 하남시는 총면적의 $97\%$가 자연녹지 및 생산녹지이며, 나머지 $3\%$는 일반주거지역 및 일반 상업지역으로 나뉜다. 그리고 도시계획상 공장지역으로 편성된 부분이 없어 앞으로도 하남시 대부분의 면적이 녹지와 주거/상업지역으로 구성될 것이다. 이러한 하남시의 특성을 고려하여 조사지역은 공장지역을 제외한 일반주거지역, 밀집주거지역, 영업지역으로 분류하였으며 이렇게 분류된 지역은 각각 오수발생패턴 및 오수농도에 대한 조사를 실시하여 오수발생특성을 분석하였고, 조사지역별 인구수 조사와 연계하여 원단위 자료를 추출하였다. 이렇게 조사된 자료들을 통해 침입수/유입수 분석에 요구되는 오수전환율, 야간생활하수량 비율을 산정하였으며, 차후 단지개발 및 관거정비 후에 발생하는 오수 발생특성과 비교분석을 통하여 하남시 지역의 오수발생특성에 대한 신뢰성 있는 자료로 활용될 것으로 기대된다. RMA2 모형을 이용하여 충주댐에서의 물의 흐름을 해석한 결과 옥순대교$\~$청풍대교 구간 사이에 댐 및 지형적 영향으로 인해 잘 발달된 와류가 하도 전체를 통하여 발생되고 있었고 이는 댐 부유물 정체현상이 나타나는 지점과 잘 일치하고 있었다.정함 후 감마분석에 의하여 구하였다. CF:CS 연령모델을 적용한 결과 깊이에 따른 supported $^{210}Pb$와 퇴적 속도는 0.91cm/year 인 것으로 산정 되었다.RS is a more advanced content-based image retrieval system than other systems which support only concepts or image features.방하는 것이 선계기준에 적합한 것으로 나타났다. 밸브 개폐에 따른 수압 변화를 모의한 결과 밸브 개폐도를 적절히 유지하여 필요수량의 확보 및 누수방지대책에 활용할 수 있을 것으로 판단된다.8R(mm)(r^2=0.84)$로 지수적으로 증가하는 경향을 나타내었다. 유거수량은 토성별로 양토를 1.0으로 기준할 때 사양토가 0.86으로 가장 작았고, 식양토 1.09, 식토 1.15로 평가되어 침투수에 비해 토성별 차이가 크게 나타났다. 이는 토성이 세립질일 수록 유거수의 저항이 작기 때문으로 생각된다. 경사에 따라서는 경사도가 증가할수록 증가하였으며 $10\% 경사일 때를 기준으로 $Ro(mm)=Ro_{10}{\times}0.797{\times}e^{-0.021s(\%)}$로 나타났다.천성 승모판 폐쇄 부전등을 초래하는 심각한 선천성 심질환이다. 그러나 진단 즉시 직접 좌관상동맥-대동맥 이식술로 수술적 교정을 해줌으로써 좋은 성적을 기대할 수 있음을 보여주