• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.1087-1098
• /
• 2023

The rapid advancement of artificial intelligence (AI) technology has led to its proactive utilization across various fields. However, this widespread adoption of AI-based systems has raised concerns about the increasing threat of attacks on these systems. In particular, deep neural networks, commonly used in deep learning, have been found vulnerable to adversarial attacks that intentionally manipulate input data to induce model errors. In this study, we propose a method to protect image classification models from visually imperceptible One-Pixel attacks, where only a single pixel is altered in an image. The proposed defense technique utilizes an autoencoder model to remove potential threat elements from input images before forwarding them to the classification model. Experimental results, using the CIFAR-10 dataset, demonstrate that the autoencoder-based defense approach significantly improves the robustness of pretrained image classification models against One-Pixel attacks, with an average defense rate enhancement of 81.2%, all without the need for modifications to the existing models.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.245-261
• /
• 2024

The COVID-19 pandemic has led to the widespread adoption of contactless transactions, resulting in a noticeable increase in the trend towards fully unmanned stores. In such stores, all operational processes are automated, primarily using artificial intelligence (AI) technology. However, this AI technology has several security vulnerabilities, which can be critical in the environment of fully unmanned stores. This paper analyzes the security vulnerabilities that AI-based fully unmanned stores may face, focusing particularly on the object detection model YOLO, demonstrating that Hiding Attacks and Altering Attacks using adversarial patches are possible. It is confirmed that objects with adversarial patches attached may not be recognized by the detection model or may be incorrectly recognized as other objects. Furthermore, the paper analyzes how Data Augmentation techniques can mitigate security threats by providing a defensive effect against adversarial patch attacks. Based on these results, we emphasize the need for proactive research into defensive measures to address the inherent security threats in AI technology used in fully unmanned stores.

• Annual Conference of KIPS
• /
• 2024.05a
• /
• pp.666-669
• /
• 2024

연합학습은 원본 데이터를 공유하지 않고 모델을 학습할 수 있는 각광받는 프라이버시를 위한 학습방법론이다. 이를 위해 참여자의 데이터를 수집하는 대신, 데이터를 인공지능 모델 학습의 요소들(가중치, 기울기 등)로 변환한 뒤, 이를 공유한다. 이러한 강점에 더해 기존 연합학습을 개선하는 방법론들이 추가적으로 연구되고 있다. 기존 연합학습은 모델 가중치를 평균내는 것으로 참여자 간에 동일한 모델 구조를 강요하기 때문에, 참여자 별로 자신의 환경에 알맞은 모델 구조를 사용하기 어렵다. 이를 해결하기 위해 지식 증류 기반의 연합학습 방법(Knowledge Distillation-based Federated Learning)으로 서로 다른 모델 구조를 가질 수 있도록(Model Heterogenousity) 하는 방법이 제시되고 있다. 연합학습은 여러 참여자가 연합하기 때문에 일부 악의적인 참여자로 인한 모델 포이즈닝 공격에 취약하다. 수많은 연구들이 기존 가중치를 기반으로한 연합학습에서의 위협을 연구하였지만, 지식 증류 기반의 연합학습에서는 이러한 위협에 대한 조사가 부족하다. 본 연구에서는 최초로 지식 증류 기반의 연합학습에서의 모델 성능 하락 공격에 대한 위협을 실체화하고자 한다. 이를 위해 우리는 GMA(Gaussian-based Model Poisoning Attack)과 SMA(Sign-Flip based Model Poisoning Attack)을 제안한다. 결과적으로 우리가 제안한 공격 방법은 실험에서 최신 학습 기법에 대해 평균적으로 모델 정확도를 83.43%에서 무작위 추론에 가깝게 떨어뜨리는 것으로 공격 성능을 입증하였다. 우리는 지식 증류 기반의 연합학습의 강건성을 평가하기 위해, 새로운 공격 방법을 제안하였고, 이를통해 현재 지식 증류 기반의 연합학습이 악의적인 공격자에 의한 모델 성능 하락 공격에 취약한 것을 보였다. 우리는 방대한 실험을 통해 제안하는 방법의 성능을 입증하고, 결과적으로 강건성을 높이기 위한 많은 방어 연구가 필요함을 시사한다.

• Journal of the Korean Society of Fisheries and Ocean Technology
• /
• v.27 no.4
• /
• pp.286-292
• /
• 1991

The authors propose to use the vortex generators in order to improve of the efficiency for the cambered otter boards. The equipments and testing method of this model test was the same as the previous report. This study was tested for 6 models such as the single cambered, the V-shaped cambered and the slotted cambered otter board without and with vortex generators. The results obtained are as follows: \circled1 C sub(L) of the single cambered model otter board with vortex generators was increased about 10% in comparison with that of model without vortex generators, C sub(D) decreased 2%, and L/D increased 5~20%. \circled2 L/D of the V-shaped cambered model otter board with vortex generators was increased 10~20% in comparison with that of model without vortex generators. \circled3 C sub(L) of the two slotted cambered model otter board with vortex generators was increased about 20% within an angle of attack 25$^{\circ}$ in comparison with that of without vortex generators, C sub(D) increased 5~20%, and L/D was higher than prototype within an angle of attack 20$^{\circ}$. \circled4 The separation point of the model otter boards with vortex generators was removed back ward a little in comparison with that of the model without vortex generators. \circled5 Flow speed difference of the back side to the front side of model otter boards with vortex generators was increased a little in comparison with that of the models without vortex generators. \circled6 The size of separation zone in case of the model otter boards with vortex generators was decreased about 10% in comparison with that of the models without vortex generators.

• 제어로봇시스템학회:학술대회논문집
• /
• 2004.08a
• /
• pp.383-388
• /
• 2004

This paper presents the aerodynamic coefficient modeling with a new model structure explored by Least Squares using Modulating Function Technique (LS/MFT) for an F-16XL airplane using wind tunnel data supplied by NASA/LRC. A new model structure for aerodynamic coefficient was proposed, one that considered all possible combination terms of angle of attack ${\alpha}$(t) and ${\alpha}$(t) given number of harmonics K, and was compared with Pearson's model, which has the same number of parameters as the new model. Our new model harmonic results show better agreement with the physical data than Pearson's model. The number of harmonics in the model was extended to 6 and its parameters were estimated by LS/MFT. The model output of lift coefficient with K=6 correspond reasonably well with the physical data. In particular, the estimation performances of four aerodynamic coefficients were greatly improved at high frequency by considering all harmonics included in the input${\alpha}$(t), and by using the new model. In addition, the importance of each parameter in the model was analyzed by parameter reduction errors. Moreover, the estimation of three parameters, i.e., amplitude, phase and frequency, for a pure sinusoid and a finite sum of sinusoids- using LS/MFT is investigated.

• Journal of the Society of Naval Architects of Korea
• /
• v.46 no.6
• /
• pp.569-577
• /
• 2009

As the scale factor of model propellers utilized in cavitation test is about 40, it is difficult to find out practical countermeasures against the small area erosions on the blade tip region throughout model erosion tests. In this study, a partial propeller blade model was used for the observation of cavitation pattern for the eroded propeller. A partial propeller blade model was manufactured from 0.7R to tip with expanded profile and with adjustable device of angle of attack. Reynold's number of a partial propeller blade model is 7 times larger than that of a model propeller. Also, anti-singing edge and application of countermeasures to partial propeller blade model which produced in large scale can be more practical than a model propeller. For the observation of cavitation at high Reynold's number, high speed cavitation tunnel was used. To find out the most severe erosive blade position during a revolution, cavitation observation tests were carried out at 5 blade angle positions.

• Journal of the Korea Society for Simulation
• /
• v.30 no.3
• /
• pp.11-17
• /
• 2021

The 30mm anti-aircraft gun has been developed with various types of weapon systems such as protective, protective complex, and wheel-type anti-aircraft artillery. The role of this anti-aircraft gun is an important anti-aircraft weapon in charge of air defense. Anti-aircraft weapons are tasked with defending the airspace from aircraft attacks. In particular, anti-aircraft weapons are organized in combination with mechanized units. And anti-aircraft weapons are prone to attack by enemies because they operate on the front lines of the battlefield. The enemy is expected to attack our troops by covering up or concealing as much as possible in order to increase their viability. Therefore, this study analyzed whether our 30mm anti-aircraft bullets could subdue the enemy in cover. This study analyzed the performance of 30mm anti-aircraft bullets using the M&S technique. For this study, live shooting and simulation method by M&S were used for the experiment. In this study, steel plate and plywood were used for the live shooting experiment. In addition, in the simulation process through M&S, this study used the PRODAS model, AUTODYN model, and Split-x model to analyze the trajectory, penetration, and fragmentation capability of 30mm anti-aircraft bullets. According to the experimental results, it has been proven that 30mm anti-aircraft bullets can destroy enemy armored vehicles. 30mm anti-aircraft bullets succeeded in quickly subduing enemies concealed in general buildings or forests. In this way, it was possible to minimize damage to allies in advance.

• Journal of the Korean Society of Fisheries and Ocean Technology
• /
• v.40 no.3
• /
• pp.196-205
• /
• 2004

As far as an opening device of fishing gears is concerned, applications of a kite are under development around the world. The typical examples are found in the opening device of the stow net on anchor and the buoyancy material of the trawl. While the stow net on anchor has proved its capability for the past 20 years, the trawl has not been wildly used since it has been first introduced for the commercial use only without sufficient studies and thus has revealed many drawbacks. Therefore, the fundamental hydrodynamics of the kite itself need to ne studied further. Models of plate and canvas kite were deployed in the circulating water tank for the mechanical test. For this situation lift and drag tests were performed considering a change in the shape of objects, which resulted in a different aspect ratio of rectangle and trapezoid. The results obtained from the above approaches are summarized as follows, where aspect ratio, attack angle, lift coefficient and maximum lift coefficient are denoted as A, B, $C_L$ and $C_{Lmax}$ respectively : 1. Given the rectangular plate, $C_{Lmax}$ was produced as 1.46${\sim}$1.54 with A${\leq}$1 and 40$^{\circ}$${\leq}$B${\leq}$42$^{\circ}$. And when A${\geq}$1.5 and 20$^{\circ}$${\leq}$B${\leq}$22$^{\circ}$, $C_{Lmax}$ was 10.7${\sim}$1.11. Given the rectangular canvas, $C_{Lmax}$ was 1.75${\sim}$1.91 with A${\leq}$1 and 32$^{\circ}$${\leq}$B${\leq}$40$^{\circ}$. And when A${\geq}$1.5 and 18$^{\circ}$${\leq}$B${\leq}$22$^{\circ}$, $C_{Lmax}$ was 1.24${\sim}$1.40. Given the trapezoid kite, $C_{Lmax}$ was produced as 1.65${\sim}$1.89 with A${\leq}$1.5 and 34$^{\circ}$${\leq}$B${\leq}$44$^{\circ}$. And when A=2 and B=14${\sim}$48, $C_L$ was around 1. Given the inverted trapezoid kite, $C_{Lmax}$ was 1.57${\sim}$1.74 with A${\leq}$1.5 and 24$^{\circ}$${\leq}$B${\leq}$36$^{\circ}$. And when A=2, $C_{Lmax}$ was 1.21 with B=18$^{\circ}$. 2. For a model with A=1/2, an increase in B caused an increase in $C_L$ until $C_L$ has reached the maximum. Then there was a tendency of a gradual decrease in the value of $C_L$ and in particular, the rectangular kite showed a more rapid decrease. For a model with A=2/3, the tendency of $C_L$ was similar to the case of a model with A=1/2 but the tendency was a more rapid decrease than those of the previous models. For a model with A=1, and increase in B caused an increase in $C_L$ until $C_L$ has reached the maximum. Soon after the tendency of $C_L$ decreased dramatically. For a model with A=1.5, the tendency of $C_L$ as a function of B was various. For a model with A=2, the tendency of $C_L$ as a function of B was almost the same in the rectangular and trapezoid model. There was no considerable change in the models with 20$^{\circ}$${\leq}$B${\leq}$50$^{\circ}$. 3. The tendency of kite model's $C_L$ in accordance with increase of B was increased rapidly than plate models until $C_L$ has reached the maximum. Then $C_L$ in the kite model was decreased dramatically but in the plate model was decreased gradually. The value of $C_{Lmax}$ in the kite model was higher than that of the plate model, and the kite model's attack angel at $C_{Lmax}$ was smaller than the plate model's. 4. In the relationship between aspect ratio and lift force, the attack angle which had the maximum lift coefficient was large at the small aspect ratio models, At the large aspect ratio models, the attack angle was small. 5. There was camber vertex in the position in which the fluid pressure was generated, and the rectangular & trapezoid canvas had larger value of camber vertex when the aspect ratio was high, while the inverted trapezoid canvas was versa. 6. All canvas kite had larger camber ratio when the aspect ratio was high, and the rectangular & trapezoid canvas had larger one when the attack angle was high.

• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.409-418
• /
• 2004

Multicast services are provided on the Internet in fast increasing . Therefore it is important to keep security for multicast communication. Member leaving is deeply associated with scalability problem for group key management. If one member of the group is removed, new group key has to be generated and distributed to all remaining members of group. Minimizing the number of messages and operation cost for generation of the composite keys are important evaluating criteria of multicast key management scheme since generation and distribution of new keys for rekeying require expensive operation. Batch removal can reduce these important parameters rather than removing members sequentially In fashion one after another. In this paper, Hamming distance is calculated between eve교 members to be removed. The members with Hamming distance less than threshold are selected for rekeying procedure. With running the round assignment algorithm In the case of removing several members simultaneously, our model has advantages of reducing the number of message and operation cost for generation of the composite keys and eliminating possibility of collusion attack for rekeying.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.11
• /
• pp.2188-2195
• /
• 2015

In tactical wireless local area networks, jamming attack can easily occur by sending out continuous radio signals. The damage will be serious when the channel frequency is identical. Since wireless channel environment is open to everyone, the perfect solution for jamming attack does not exist. However, a channel-hopping scheme is well known for mitigating those jamming attacks. In this paper, I consider various channel-hopping schemes in order to analyze the throughput and fairness performance under smart jammer attack. Also an analytical model is introduced to evaluate the throughput performances of channel-hopping schemes. After analyzing well known channel-hopping schemes, I propose a simple channel-hopping scheme that can enhance fairness significantly at minimal throughput degradation expense.