• Journal of Platform Technology
• /
• v.11 no.6
• /
• pp.3-12
• /
• 2023

In today's system operation, it is difficult to detect failures and take immediate action in the case of a shortage of manpower compared to the number of equipment or failures in vulnerable time zones, which can lead to delays in failure recovery. In addition, various algorithms exist to detect abnormal symptom data, and it is important to select an appropriate algorithm for each problem. In this paper, an ensemble-based isolation forest model was used to efficiently detect multivariate point anomalies that deviated from the mean distribution in the data set generated to predict system failure and minimize service interruption. And since significant changes in memory space usage are observed together with changes in CPU usage, the problem is solved by using LSTM-Auto Encoder for a collective anomaly in which another feature exhibits an abnormal pattern according to a change in one by comparing two or more features. did In addition, evaluation indicators are set for the performance evaluation of the model presented in this study, and then AI model evaluation is performed.

• Journal of the Korea Society of Computer and Information
• /
• v.8 no.1
• /
• pp.103-113
• /
• 2003

Program Behavior Intrusion Detection Technique analyses system calls that called by daemon program or root authority, constructs profiles. and detectes anomaly intrusions effectively. Anomaly detections using system calls are detected only anomaly processes. But this has a Problem that doesn't detect affected various Part by anomaly processes. To improve this problem, the relation among system calls of processes is represented by bayesian probability values. Application behavior profiling by Bayesian Network supports anomaly intrusion informations . This paper overcomes the Problems of various intrusion detection models we Propose effective intrusion detection technique using Bayesian Networks. we have profiled concisely normal behaviors using behavior context. And this method be able to detect new intrusions or modificated intrusions we had simulation by proposed normal behavior profiling technique using UNM data.

• Journal of Institute of Control, Robotics and Systems
• /
• v.18 no.11
• /
• pp.997-1004
• /
• 2012

In enterprise software projects, performance issues have become more critical during recent decades. While developing software products, many performance tests are executed in the earlier development phase against the newly added code pieces to detect possible performance regressions. In our previous research, we introduced the framework to enable automated performance anomaly detection and reduce the analysis overhead for identifying the root causes, and showed Statistical Process Control (SPC) can be successfully applied to anomaly detection. In this paper, we explain the special performance trend in which the existing anomaly detection system can hardly detect the noticeable performance change especially when a performance regression is introduced and recovered again a while later. Within the fixed number of sampling period, the fluctuation gets aggravated and the lower and upper control limit get relaxed so that sometimes the existing system hardly detect the noticeable performance change. To resolve the issue, we apply dynamically tuned sampling window size based on the performance trend, and Fuzzy theory to find an appropriate size of the moving window.

• Journal of Digital Contents Society
• /
• v.19 no.2
• /
• pp.377-383
• /
• 2018

Internet of Things (IoT) is producing various data as the smart environment comes. The IoT data collection is used as important data to judge systems's status. Therefore, it is important to monitor the anomaly state of the sensor in real-time and to detect anomaly data. However, it is necessary to convert the IoT data into a normalized data structure for anomaly detection because of the variety of data structures and protocols. Thus, we can expect a good quality effect such as accurate analysis data quality and service quality. In this paper, we propose an anomaly detection system based on big data from collected sensor data. The proposed system is applied to ensure anomaly detection and keep data quality. In addition, we applied the machine learning model of support vector machine using anomaly detection based on time-series data. As a result, machine learning using preprocessed data was able to accurately detect and predict anomaly.

• Structural Engineering and Mechanics
• /
• v.88 no.6
• /
• pp.569-581
• /
• 2023

This paper introduces a system to detect and diagnose anomalies in pumped storage hydropower plants. We collect data from various types of sensors, including those monitoring temperature, vibration, and power. The data are classified according to the operation modes (pump and turbine operation modes) and normalized to remove the influence of the external environment. To detect anomalies and diagnose their types, we adopt a multivariate normal distribution analysis by learning the distribution of the normal data. The feasibility of the proposed system is evaluated using actual monitoring data of a pumped storage hydropower plant. The proposed system can be used to implement condition monitoring systems for other plants through modifications.

• Journal of information and communication convergence engineering
• /
• v.6 no.3
• /
• pp.294-300
• /
• 2008

This study was conducted to investigate what to consider for active response in the intrusion detection system, how to implement active response, and 6-phase response models to respond actively, including the active response scheme to detect unknown attacks by using a traffic measuring engine and an anomaly detection engine.

• Journal of Internet Technology
• /
• v.22 no.4
• /
• pp.903-911
• /
• 2021

As cyber-attacks on Cyber-Physical System (CPS) become more diverse and sophisticated, it is important to quickly detect malicious behaviors occurring in CPS. Since CPS can collect sensor data in near real time throughout the process, there have been many attempts to detect anomaly behavior through normal behavior learning from the perspective of data-driven security. However, since the CPS datasets are big data and most of the data are normal data, it has always been a great challenge to analyze the data and implement the anomaly detection model. In this paper, we propose and evaluate the Clustered Deep One-Class Classification (CD-OCC) model that combines the clustering algorithm and deep learning (DL) model using only a normal dataset for anomaly detection. We use auto-encoder to reduce the dimensions of the dataset and the K-means clustering algorithm to classify the normal data into the optimal cluster size. The DL model trains to predict clusters of normal data, and we can obtain logit values as outputs. The derived logit values are datasets that can better represent normal data in terms of knowledge distillation and are used as inputs to the OCC model. As a result of the experiment, the F1 score of the proposed model shows 0.93 and 0.83 in the SWaT and HAI dataset, respectively, and shows a significant performance improvement over other recent detectors such as Com-AE and SVM-RBF.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.1
• /
• pp.39-48
• /
• 2022

In this paper, we propose an anomaly detection system (ADS) to detect anomalies of the in-vehicle network for unmanned aerial vehicle (UAV). The proposed ADS detects the anomalies by measuring the similarity of status messages sequences periodically sent by the UAV to the ground control system. We defined three types of malicious message injection attacks that can be performed on the in-vehicle network of UAV and simulated those attack techniques in the Pixhawk4 quadcopter. The proposed ADS can detect abnormal sequences with accuracy of higher than 96%.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.391-394
• /
• 2004

Change of paradigm of network attack technique was begun by fast extension of the latest Internet and new attack form is appearing. But, Most intrusion detection systems detect informed attack type because is doing based on misuse detection, and active correspondence is difficult in new attack. Therefore, to heighten detection rate for new attack pattern, visibilitys to apply human immunity mechanism are appearing. In this paper, we create self-file from normal behavior profile about network packet and embody self recognition algorithm to use self-nonself discrimination in the human immune system to detect anomaly behavior. Sense change because monitors self-file creating anomaly detector based on Negative Selection Algorithm that is self recognition algorithm's one and detects anomaly behavior. And we achieve simulation to use DARPA Network Dataset and verify effectiveness of algorithm through the anomaly detection rate.

• Journal of information and communication convergence engineering
• /
• v.22 no.2
• /
• pp.159-164
• /
• 2024

This study aimed to develop an advanced anomaly-detection system tailored for solar power distribution panels using thermal imaging cameras to ensure operational stability. It addresses the imperative shift toward digitalized safety management in electrical facilities, transcending the limitations of conventional empirical methodologies. Our proposed system leverages a faster R-CNN-based artificial intelligence model optimized through meticulous hyperparameter tuning to efficiently detect anomalies in distribution panels. Through comprehensive experimentation, we validated the efficacy of the system in accurately identifying anomalies, thereby propelling safety protocols forward during the fourth industrial revolution. This study signifies a significant stride toward fortifying the integrity and resilience of solar power distribution systems, which is pivotal for adapting to emerging technological paradigms and evolving safety standards in the energy sector. These findings offer valuable insights for enhancing the reliability and efficiency of safety management practices and fostering a safer and more sustainable energy landscape.