• International Journal of Computer Science & Network Security
• /
• v.24 no.1
• /
• pp.52-60
• /
• 2024

APT (Advanced Persistent Threat) attack is a dangerous, targeted attack form with clear targets. APT attack campaigns have huge consequences. Therefore, the problem of researching and developing the APT attack detection solution is very urgent and necessary nowadays. On the other hand, no matter how advanced the APT attack, it has clear processes and lifecycles. Taking advantage of this point, security experts recommend that could develop APT attack detection solutions for each of their life cycles and processes. In APT attacks, hackers often use phishing techniques to perform attacks and steal data. If this attack and phishing phase is detected, the entire APT attack campaign will be crash. Therefore, it is necessary to research and deploy technology and solutions that could detect early the APT attack when it is in the stages of attacking and stealing data. This paper proposes an APT attack detection framework based on the Network traffic analysis technique using open-source tools and deep learning models. This research focuses on analyzing Network traffic into different components, then finds ways to extract abnormal behaviors on those components, and finally uses deep learning algorithms to classify Network traffic based on the extracted abnormal behaviors. The abnormal behavior analysis process is presented in detail in section III.A of the paper. The APT attack detection method based on Network traffic is presented in section III.B of this paper. Finally, the experimental process of the proposal is performed in section IV of the paper.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.10
• /
• pp.1-9
• /
• 2022

In this paper, we propose the Deep Learning-Based Companion Animal Abnormal Behavior Detection Service, which using video and sensor data. Due to the recent increase in households with companion animals, the pet tech industry with artificial intelligence is growing in the existing food and medical-oriented companion animal market. In this study, companion animal behavior was classified and abnormal behavior was detected based on a deep learning model using various data for health management of companion animals through artificial intelligence. Video data and sensor data of companion animals are collected using CCTV and the manufactured pet wearable device, and used as input data for the model. Image data was processed by combining the YOLO(You Only Look Once) model and DeepLabCut for extracting joint coordinates to detect companion animal objects for behavior classification. Also, in order to process sensor data, GAT(Graph Attention Network), which can identify the correlation and characteristics of each sensor, was used.

• The Journal of the Korea Contents Association
• /
• v.6 no.9
• /
• pp.50-59
• /
• 2006

This paper proposes an automatic video monitoring system and its application to emergency detection by analyzing human behavior using neural network. The object area is identified by subtracting the statistically constructed background image from the input image. The identified object area then is transformed to the feature vector. Neural network has been adapted for analyzing the human behavior using the feature vector, and is designed to classify the behavior in rather simple numerical calculation. The system proposed in this paper is able to classify the three human behavior: stand, faint, and squat. Experiment results shows that the proposed algorithm is very efficient and useful in detecting the emergency situation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.7
• /
• pp.3095-3111
• /
• 2018

Spectrum sensing (SS) is one of the fundamental tasks for cognitive radio. In SS, decisions can be made via comparing the test statistics with a threshold. Conventional adaptive algorithms for SS usually adjust their thresholds according to the radio environment. This paper concentrates on the issue of adaptive SS whose threshold is adjusted based on the Markovian behavior of primary user (PU). Moreover, Bayesian cost is adopted as the performance metric to achieve a trade-off between false alarm and missed detection probabilities. Two novel adaptive algorithms, including Markov Bayesian energy detection (MBED) algorithm and IMBED (improved MBED) algorithm, are proposed. Both algorithms model the behavior of PU as a two-state Markov process, with which their thresholds are adaptively adjusted according to the detection results at previous slots. Compared with the existing Bayesian energy detection (BED) algorithm, MBED algorithm can achieve lower Bayesian cost, especially in high signal-to-noise ratio (SNR) regime. Furthermore, it has the advantage of low computational complexity. IMBED algorithm is proposed to alleviate the side effects of detection errors at previous slots. It can reduce Bayesian cost more significantly and in a wider SNR region. Simulation results are provided to illustrate the effectiveness and efficiencies of both algorithms.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.8
• /
• pp.3769-3789
• /
• 2018

Social pedestrian groups are the basic elements that constitute a crowd; therefore, detection of such groups is scientifically important for modeling social behavior, as well as practically useful for crowd video understanding. A social group refers to a cluster of members who tend to keep similar motion state for a sustained period of time. One of the main challenges of social group detection arises from the complex dynamic variations of crowd patterns. Therefore, most works model dynamic groups to analysis the crowd behavior, ignoring the existence of stationary groups in crowd scene. However, in this paper, we propose a novel unified framework for detecting social pedestrian groups in crowd videos, including dynamic and stationary pedestrian groups, based on spatiotemporal-oriented energy measurements. Dynamic pedestrian groups are hierarchically clustered based on energy flow similarities and trajectory motion correlations between the atomic groups extracted from principal spatiotemporal-oriented energies. Furthermore, the probability distribution of static spatiotemporal-oriented energies is modeled to detect stationary pedestrian groups. Extensive experiments on challenging datasets demonstrate that our method can achieve superior results for social pedestrian group detection and crowd video classification.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.115-122
• /
• 2006

The most methods for intrusion detection are based on the misuse detection which accumulates hewn intrusion information and makes a decision of an attack against any behavior data. However it is very difficult to detect a new or modified aoack with only the collected patterns of attack behaviors. Therefore, if considering that the method of anomaly behavior detection actually has a high false detection rate, a new approach is required for very huge intrusion patterns based on sequence. The approach can improve a possibility for intrusion detection of known attacks as well as modified and unknown attacks in addition to the similarity measurement of intrusion patterns. This paper proposes a method which applies the multiple sequence alignments technique to the similarity matching of the sequence based intrusion patterns. It enables the statistical analysis of sequence patterns and can be implemented easily. Also, the method reduces the number of detection alerts and false detection for attacks according to the changes of a sequence size.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.23 no.4
• /
• pp.107-113
• /
• 2023

This paper proposes a method for detecting smoking behavior in images using artificial intelligence technology. Since smoking is not a static phenomenon but an action, the object detection technology was combined with the posture estimation technology that can detect the action. A smoker detection learning model was developed to detect smokers in images, and the characteristics of smoking behaviors were applied to posture estimation technology to detect smoking behaviors in images. YOLOv8 was used for object detection, and OpenPose was used for posture estimation. In addition, when smokers and non-smokers are included in the image, a method of separating only people was applied. The proposed method was implemented using Google Colab NVIDEA Tesla T4 GPU in Python, and it was found that the smoking behavior was perfectly detected in the given video as a result of the test.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.1051-1055
• /
• 2003

Policies are collections of general principles specifying the desired behavior and state of a system. Network management is mainly carried out by following policies about the behavior of the resources in the network. Policy-based (PB) network management supports to manage distributed system in a flexible and dynamic way. This paper focuses on configuration management based on Internet Engineering Task Force (IETF) standards. Network security approaches include the usage of intrusion detection system to detect the intrusion, building firewall to protect the internal systems and network. This paper presents how the policy-based framework is collaborated among the network security systems (intrusion detection system, firewall) and intrusion detection systems are cooperated to detect the intrusions.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.2
• /
• pp.261-266
• /
• 2014

The current status of domestic monitoring centers was reviewed and the pattern-based security monitoring system and the centralized security monitoring system, both of which are the characteristics of security monitoring systems, were analyzed together with their advantages and disadvantages. In addition, as for a development plan of domestic security monitoring systems, in order to improve the problems of the existing pattern-based centralized monitoring system, Honeynet and Darknet, which are based on anomalous behavior detection, were analyzed and their application plans were described.

• Proceedings of the Korean Institute of IIIuminating and Electrical Installation Engineers Conference
• /
• 2009.10a
• /
• pp.215-218
• /
• 2009

In this paper, there analyzed the UV behavior and detection images due to corona discharge of insulators at 22.9kV. As the results, the shapes of UV detection images are jellyfish, sunflower, and amoeba type. Generally, the jellyfish and sunflower type appeared in air discharge. In surface discharge, Amoeba is generated. Also, there are classified 8 patterns such as sunflower A or B, jellyfish A or B, amoeba A, B, C, D. This method of the facilities assessment has an immediate effect in the field.