• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.12
• /
• pp.1841-1848
• /
• 2013

In this paper, the plans for improvement of real-time security monitoring accuracy and expansion of control region were investigated through comprehensive and systematic collection and analysis of the anomalous activities that inflow and outflow in the network on a large scale in order to overcome the existing security monitoring system based on stylized detection patterns which could correspond to only very limited cyber attacks. This study established an anomaly observation system to collect, store and analyze a diverse infringement threat information flowing into the darknet network, and presented the information classification system of cyber threats, unknown anomalies and high-risk anomalous activities through the statistics based trend analysis of hacking. If this security monitoring system utilizing darknet traffic as presented in the study is applied, it was indicated that detection of all infringement threats was increased by 12.6 percent compared with conventional case and 120 kinds of new type and varietal attacks that could not be detected in the past were detected.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.11
• /
• pp.19-27
• /
• 2022

In this study, we propose a language and platform to describe and manage the MLOps(Machine Learning Operations) workflow for time series data anomaly detection. Time series data is collected in many fields, such as IoT sensors, system performance indicators, and user access. In addition, it is used in many applications such as system monitoring and anomaly detection. In order to perform prediction and anomaly detection of time series data, the MLOps platform that can quickly and flexibly apply the analyzed model to the production environment is required. Thus, we developed Python-based AI/ML Modeling Language (AMML) to easily configure and execute MLOps workflows. Python is widely used in data analysis. The proposed MLOps platform can extract and preprocess time series data from various data sources (R-DB, NoSql DB, Log File, etc.) using AMML and predict it through a deep learning model. To verify the applicability of AMML, the workflow for generating a transformer oil temperature prediction deep learning model was configured with AMML and it was confirmed that the training was performed normally.

• 한국지구물리탐사학회:학술대회논문집
• /
• 2007.12a
• /
• pp.15-25
• /
• 2007

Gravity method could be one of the most effective tool for evaluating the soundness of basement which is directly correlated with density and its variations. Moreover, Gravimeter is easy to handle and strong to electromagnetic noises. But, gravity anomaly due to the target structures in engineering and environmemtal applications are too small to detect, comparing to the external changes, such as, elevation, topography, and regional geological variations. Gravity method targeting these kinds of small anomaly sources with high precision usually called microgravity. Microgravimetry with precision and accuracy of few ${\mu}Gal$, can be achieved by the recent high-resolution gravimeter, careful field acquisition, and sophisticated processing, analysis, and interpretation routines. This paper describes the application of the microgravity, such as, density structure of a rock fill dam, detection of abandoned mine-shaft, detection and mapping of karstic cavities in limestone terrains, and time-lapse gravity for grout monitoring. The case studies show how the gravity anomalies detect the location of the targets and reveal the geologic structure by mapping density distributions and their variations.

• Proceedings of the KSRS Conference
• /
• 2003.11a
• /
• pp.1039-1041
• /
• 2003

Ocean color products derived from remote sensing satellite data are useful for monitoring the sea water quality such as the concentrations of chlorophyll, sediments and dissolved organic matter. Currently, ocean color products derived from MODIS data can be requested from NASA over the internet. However, due to the bandwidth limitation of most users in this region, and the time delay in data delivery, the products cannot be use for near-real time monitoring of sea water chlorophyll. CRISP operates a MODIS data receiving station for environmental monitoring purposes. MODIS data have been routinely received and processed to level 1B. We have adapted the higher level processing algorithms from the Institutional Algorithms provided by NASA to run in a standalone environment. The implemented algorithms include the MODIS ocean color algorithms. Seasonal chlorophyll concentration composite can be compiled for the region. By comparing the near-real time chlorophyll product with the seasonal composite, anomaly in chlorophyll concentration can be detected.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.5
• /
• pp.33-40
• /
• 2012

In this paper we propose an anomaly detection scheme to detect new attack paths or new attack methods without false positives by monitoring HTTP Outbound Traffic after efficient training. Our proposed scheme detects web-based attacks by comparing tags or javascripts of HTTP Outbound Traffic with normal behavioral models which apply HMM(Hidden Markov Model). Through the verification analysis under the real-attacked environment, we show that our scheme has superior detection capability of 0.0001% false positive and 96% detection rate.

• ETRI Journal
• /
• v.38 no.6
• /
• pp.1145-1152
• /
• 2016

Because the nodes in a wireless sensor network (WSN) are mobile and the network is highly dynamic, monitoring every node at all times is impractical. As a result, an intruder can attack the network easily, thus impairing the system. Hence, detecting anomalies in the network is very essential for handling efficient and safe communication. To overcome these issues, in this paper, we propose a rule-based anomaly detection technique using roaming honeypots. Initially, the honeypots are deployed in such a way that all nodes in the network are covered by at least one honeypot. Honeypots check every new connection by letting the centralized administrator collect the information regarding the new connection by slowing down the communication with the new node. Certain predefined rules are applied on the new node to make a decision regarding the anomality of the node. When the timer value of each honeypot expires, other sensor nodes are appointed as honeypots. Owing to this honeypot rotation, the intruder will not be able to track a honeypot to impair the network. Simulation results show that this technique can efficiently handle the anomaly detection in a WSN.

• Korean Journal of Remote Sensing
• /
• v.19 no.3
• /
• pp.209-216
• /
• 2003

Dramatic changes in the patterns of satellite-derived pigment concentrations, sea-level height anomaly, sea surface temperature anomaly, and zonal wind anomaly are observed during the 1997-1998 El Ni$\bar{n}$o. By some measures, the 1997-1998 El Ni$\bar{n}$o was the strongest one of the 20$^{th}$ century. A very strong El Ni$\bar{n}$o developed during 1997 and matured late in the year. A dramatic recovery occurred in mid-1998 and led to La Nina condition. The largest spatial extent of the phytoplankton bloom was fellowed recovery from El Ni$\bar{n}$o over the equatorial Pacific. The evolution towards a warm episode (El Ni$\bar{n}$o) started from spring of 2002 and continued during January 2003, while equatorial SSTA remained greater than +1$^{\circ}C$ in the central equatorial Pacific. The OSMI (Ocean Scanning Multispectral Imager) data are used for detection of dramatic changes in the patterns of pigment concentration during next El Ni$\bar{n}$o.

• ETRI Journal
• /
• v.44 no.2
• /
• pp.183-193
• /
• 2022

Smart cities are expected to provide residents with convenience via various agents such as CCTV, delivery robots, security robots, and unmanned shuttles. Environmental data collected by various agents can be used for various purposes, including advertising and security monitoring. This study suggests a surveillance map data framework for efficient and integrated multimodal data representation from multi-agents. The suggested surveillance map is a multilayered global information grid, which is integrated from the multimodal data of each agent. To confirm this, we collected surveillance map data for 4 months, and the behavior patterns of humans and vehicles, distribution changes of elevation, and temperature were analyzed. Moreover, we represent an anomaly detection algorithm based on a surveillance map for security service. A two-stage anomaly detection algorithm for unusual situations was developed. With this, abnormal situations such as unusual crowds and pedestrians, vehicle movement, unusual objects, and temperature change were detected. Because the surveillance map enables efficient and integrated processing of large multimodal data from a multi-agent, the suggested data framework can be used for various applications in the smart city.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.22 no.3
• /
• pp.328-333
• /
• 2012

Current differential GPS (DGPS) system consists of reference station (RS), integrity monitor (IM), and control station (CS). The RS computes the pseudorange corrections (PRC) and generates the RTCM messages for broadcasting. The IM receives the corrections from the RS broadcasting and verifies that the information is within tolerance. The CS performs realtime system status monitoring and control of the functional and performance parameters. The primary function of a DGPS integrity monitor is to verify the correction information and transmit feedback messages to the reference station. However, the current algorithms for integrity monitoring have the limitations of integrity monitor functions for satellite outage or anomalies. Therefore, this paper focuses on the detection and identification methods of satellite anomalies for maritime DGPS RSIM. Based on the function analysis of current DGPS RSIM, it first addresses the limitation of integrity monitoring functions for DGPS RSIM, and then proposes the detection and identification method of satellite anomalies. In addition, it simulates an actual GPS clock anomaly case using a GPS simulator to analyze the limitations of the integrity monitoring function. It presents the brief test results using the proposed methods for detection and identification of satellite anomalies.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.131-139
• /
• 2021

In current time, anomaly detection is the primary concern of the administrative authorities. Suspicious activity identification is shifting from a human operator to a machine-assisted monitoring in order to assist the human operator and react to an unexpected incident quickly. These automatic surveillance systems face many challenges due to the intrinsic complex characteristics of video sequences and foreground human motion patterns. In this paper, we propose a novel approach to detect anomalous human activity using a hybrid approach of statistical model and Genetic Programming. The feature-set of local motion patterns is generated by a statistical model from the video data in an unsupervised way. This features set is inserted to an enhanced Genetic Programming based classifier to classify normal and abnormal patterns. The experiments are performed using publicly available benchmark datasets under different real-life scenarios. Results show that the proposed methodology is capable to detect and locate the anomalous activity in the real time. The accuracy of the proposed scheme exceeds those of the existing state of the art in term of anomalous activity detection.