• The Journal of Engineering Geology
• /
• v.29 no.4
• /
• pp.553-563
• /
• 2019

In order to survey archaeological sites, drilling and excavation are carried out at the final stage. However, at the preliminary stage, non-excavation geophysical prospection is used for assessing underground archaeological ruins. Among the geophysical prospecting techniques, Ground Penetration Radar (GPR) prospection has effectively been applied to historical sites due to its high resolution at shallow depths. In this study, the GPR prospection was conducted to find underground ruins near Suseong-Dang, the place of ancient rituals in Buan area, Korea. First, the GPR prospection was conducted at three sites (Site-1, 2, and 3), and subsequently, the GPR prospection was carried out at Site-3 in more detail. As a result of the prospection, the underground layered structure of the survey area consists of three layers, which are soil layer, weathered rock, and sound rock from the surface. And the GPR anomaly to the archaeological structure was clearly identified at around 100-cm depth showing est-west direction that is parallel to the long-axis array. This GPR anomaly of irregular geomorphological features and intermittent distribution may be related to the ritual remains found in Suseong Dang. The GPR prospection could be effectively used to detect archaeological sites or remains buried in the ground.

• Journal of Biomedical Engineering Research
• /
• v.25 no.5
• /
• pp.335-342
• /
• 2004

This paper describes a trans-admittance scanner for breast cancer detection. A FPGA-based sinusoidal waveform generator produces a constant voltage. The voltage is applied between a hand-held electrode and a scan probe placed on the breast. The scan probe contains an 8x8 array of electrodes that are kept at the ground potential. Multi-channel precision digital ammeters using the phase-sensitive demodulation technique were developed to measure the exit current from each electrode in the array. Different regions of the breast are scanned by moving the probe on the breast. We could get trans-admittance images of resistor and saline phantoms with an anomaly inside. The images provided the information on the depth and location of the anomaly. In future studies, we need to improve the accuracy through a better calibration method. We plan to test the scanner's ability to detect a cancer lesion inside the human breast.

• Proceedings of the KSRS Conference
• /
• v.2
• /
• pp.1011-1014
• /
• 2006

Coarse resolution (9 - 50 km pixels) Sea Surface Temperature satellite data are frequently considered adequate for open ocean research. However, coastal regions, including coral reef, estuarine and mesoscale upwelling regions require high-resolution (1-km pixel) SST data. The AVHRR SST data often suffer from navigation errors of several kilometres and still require manual navigation adjustments. The second serious problem is faulty and ineffective cloud-detection algorithms used operationally; many of these are based on radiance thresholds and moving window tests. With these methods, increasing sensitivity leads to masking of valid pixels. These errors lead to significant cold pixel biases and hamper image compositing, anomaly detection, and time-series analysis. Here, after manual navigation of over 40,000 AVHRR images, we implemented a new cloud filter that differs from other published methods. The filter first compares a pixel value with a climatological value built from the historical database, and then tests it against a time-based median value derived for that pixel from all satellite passes collected within ${\pm}3$ days. If the difference is larger than a predefined threshold, the pixel is flagged as cloud. We tested the method and compared to in situ SST from several shallow water buoys in the Florida Keys. Cloud statistics from all satellite sensors (AVHRR, MODIS) shows that a climatology filter with a $4^{\circ}C$ threshold and a median filter threshold of $2^{\circ}C$ are effective and accurate to filter clouds without masking good data. RMS difference between concurrent in situ and satellite SST data for the shallow waters (< 10 m bottom depth) is < $1^{\circ}C$, with only a small bias. The filter has been applied to the entire series of high-resolution SST data since1993 (including MODIS SST data since 2003), and a climatology is constructed to serve as the baseline to detect anomaly events.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.851-868
• /
• 2012

After the financial crisis in 2008, the financial market still seems to be unstable with expanding the insolvency of the financial companies' real estate project financing loan in the aftermath of the lasted real estate recession. Especially after the illegal actions of people's financial institutions disclosed, while increased the anxiety of economic subjects about financial markets and weighted in the confusion of financial markets, the potential risk for the overall national economy is increasing. Thus as economic recession prolongs, the people's financial institutions having a weak profit structure and financing ability commit illegal acts in a variety of ways in order to conceal insolvent assets. Especially it is hard to find the loans of shareholder and the same borrower sharing credit risk in advance because most of them usually use a third-party's name bank account. Therefore, in order to effectively detect the fraud under other's name, it is necessary to analyze by clustering the borrowers high-related to a particular borrower through an analysis of association between the whole borrowers. In this paper, we introduce Analysis Techniques for detecting financial loan frauds in advance through an analysis of association between the whole borrowers by extending SNA(social network analysis) which is being studied by focused on sociology recently to the forensic accounting field of the financial frauds. Also this technique introduced in this pager will be very useful to regulatory authorities or law enforcement agencies at the field inspection or investigation.

• Journal of Internet of Things and Convergence
• /
• v.8 no.5
• /
• pp.119-125
• /
• 2022

With the recent increase in dementia patients due to aging, measures to prevent their wandering behavior and disappearance are urgently needed. To solve this problem, various authentication methods and location detection techniques have been introduced, but the security problem of personal authentication and a system that can check indoor and outdoor overall was lacking. In order to solve this problem, various authentication methods and location detection techniques have been introduced, but it was difficult to find a system that can check the security problem of personal authentication and indoor/outdoor overall. In this study, we intend to propose a system that can identify personal authentication, basic health status, and overall location indoors and outdoors by using wristband-type wearable devices in a private blockchain environment. In this system, personal authentication uses ECG, which is difficult to forge and highly personally identifiable, Bluetooth beacon that is easy to use with low power, non-contact and automatic transmission and reception indoors, and DGPS that corrects the pseudorange error of GPS satellites outdoors. It is intended to detect wandering behavior and abnormal signs by locating the patient. Through this, it is intended to contribute to the prompt response and prevention of disappearance in case of wandering behavior and abnormal symptoms of dementia patients living at home or in nursing homes.

• Journal of KIISE:Information Networking
• /
• v.33 no.3
• /
• pp.201-217
• /
• 2006

In this paper, we collected the physical traces from high speed Internet backbone traffic and analyze the various characteristics of the underlying packet traces. Particularly, our work is focused on analyzing the characteristics of an anomalous traffic. It is found that in our data, the anomalous traffic is caused by UDP session traffic and we determined that it was one of the Denial of Service attacks. In this work, we adopted the unsupervised machine learning algorithm to classify the network flows. We apply the k-means clustering algorithm to train the learner. Via the Cramer-Yon-Misses test, we confirmed that the proposed classification method which is able to detect anomalous traffic within 1 second can accurately predict the class of a flow and can be effectively used in determining the anomalous flows.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.3
• /
• pp.9-15
• /
• 2013

Recently, Intrusion detection system is an important technology in computer network system because of has seen a dramatic increase in the number of attacks. The most of intrusion detection methods do not detect intrusion on real-time because difficult to analyze an auditing data for intrusions. A network intrusion detection system is used to monitors the activities of individual users, groups, remote hosts and entire systems, and detects suspected security violations, by both insider and outsiders, as they occur. It is learns user's behavior patterns over time and detects behavior that deviates from these patterns. In this paper has rule-based component that can be used to encode information about known system vulnerabilities and intrusion scenarios. Integrating the two approaches makes Intrusion Detection System a comprehensive system for detecting intrusions as well as misuse by authorized users or Anomaly users (unauthorized users) using RFM analysis methodology and monitoring collect data from sensor Intrusion Detection System(IDS).

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.3
• /
• pp.181-188
• /
• 2011

With the rapid proliferation of wireless networks and mobile computing applications, the landscape of the network security has greatly changed recently. Especially, Vehicular Ad Hoc Networks maintaining network topology with vehicle nodes of high mobility are self-organizing Peer-to-Peer networks that typically have short-lasting and unstable communication links. VANETs are formed with neither fixed infrastructure, centralized administration, nor dedicated routing equipment, and vehicle nodes are moving, joining and leaving the network with very high speed over time. So, VANET-security is very vulnerable for the intrusion of malicious and misbehaving nodes in the network, since VANETs are mostly open networks, allowing everyone connection without centralized control. In this paper, we propose a weighted intrusion detection method using rough set that can identify malicious behavior of vehicle node's activity and detect intrusions efficiently in VANETs. The performance of the proposed scheme is evaluated by a simulation study in terms of intrusion detection rate and false alarm rate for the threshold of deviation number ${\epsilon}$.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.25-38
• /
• 2017

Many security threats are occurring around the world due to the characteristics of industrial control systems that can cause serious damage in the event of a security incident including major national infrastructure. Therefore, the industrial control system network traffic should be analyzed so that it can identify the attack in advance or perform incident response after the accident. In this paper, we research the visualization technique as network forensics to enable reasonable suspicion of all possible attacks on DNP3 control system protocol, and define normal action based rules and derive visualization requirements. As a result, we developed a visualization tool that can detect sudden network traffic changes such as DDoS and attacks that contain anormal behavior from captured packet files on industrial control system network. The suspicious behavior in the industrial control system network can be found using visualization tool with Digital Bond packet.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.8
• /
• pp.781-790
• /
• 2004

This paper describes intrusion detection rule mangement using mobile agents. Intrusion detection can be divided into anomaly detection and misuse detection. Misuse detection is best suited for reliably detecting known use patterns. Misuse detection systems can detect many or all known attack patterns, but they are of little use for as yet unknown attack methods. Therefore, the introduction of mobile agents to provide computational security by constantly moving around the Internet and propagating rules is presented as a solution to misuse detection. This work presents a new approach for detecting intrusions, in which mobile agent mechanisms are used for security rules propagation. To evaluate the proposed appraoch, we compared the workload data between a rules propagation method using a mobile agent and a conventional method. Also, we simulated a rules management using NS-2(Network Simulator) with respect to time.