• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.3
• /
• pp.755-778
• /
• 2024

In recent years, the number of devices being connected to the internet has grown enormously, as has the intrusive behavior in the network. Thus, it is important for intrusion detection systems to report all intrusive behavior. Using deep learning and machine learning algorithms, intrusion detection systems are able to perform well in identifying attacks. However, the concern with these deep learning algorithms is their inability to identify a suitable network based on traffic volume, which requires manual changing of hyperparameters, which consumes a lot of time and effort. So, to address this, this paper offers a solution using the extended compact genetic algorithm for the automatic tuning of the hyperparameters. The novelty in this work comes in the form of modeling the problem of identifying attacks as a multi-objective optimization problem and the usage of linkage learning for solving the optimization problem. The solution is obtained using the feature map-based Convolutional Neural Network that gets encoded into genes, and using the extended compact genetic algorithm the model is optimized for the detection accuracy and latency. The CIC-IDS-2017 and 2018 datasets are used to verify the hypothesis, and the most recent analysis yielded a substantial F1 score of 99.23%. Response time, CPU, and memory consumption evaluations are done to demonstrate the suitability of this model in a fog environment.

• Journal of Internet Technology
• /
• v.22 no.4
• /
• pp.903-911
• /
• 2021

As cyber-attacks on Cyber-Physical System (CPS) become more diverse and sophisticated, it is important to quickly detect malicious behaviors occurring in CPS. Since CPS can collect sensor data in near real time throughout the process, there have been many attempts to detect anomaly behavior through normal behavior learning from the perspective of data-driven security. However, since the CPS datasets are big data and most of the data are normal data, it has always been a great challenge to analyze the data and implement the anomaly detection model. In this paper, we propose and evaluate the Clustered Deep One-Class Classification (CD-OCC) model that combines the clustering algorithm and deep learning (DL) model using only a normal dataset for anomaly detection. We use auto-encoder to reduce the dimensions of the dataset and the K-means clustering algorithm to classify the normal data into the optimal cluster size. The DL model trains to predict clusters of normal data, and we can obtain logit values as outputs. The derived logit values are datasets that can better represent normal data in terms of knowledge distillation and are used as inputs to the OCC model. As a result of the experiment, the F1 score of the proposed model shows 0.93 and 0.83 in the SWaT and HAI dataset, respectively, and shows a significant performance improvement over other recent detectors such as Com-AE and SVM-RBF.

• Proceedings of the KIEE Conference
• /
• 1997.07c
• /
• pp.883-885
• /
• 1997

High impedance fault(HIF) is random in its behavior even in a similar environment. The detection of Ire HIF has focused on the development of algorithms based on harmonic, parameters of the arc currents. However, a fact that proper selection of the harmonic parameters, rather than algorithm selection, is more important is shown in this paper by applying three different performance evaluation methods on two HIF detection algorithms using eight harmonic parameters.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.179-191
• /
• 2024

With the advancement of modern technology, cyber-attacks are always rising. Specialized defense systems are needed to protect organizations against these threats. Malicious behavior in the network is discovered using security tools like intrusion detection systems (IDS), firewall, antimalware systems, security information and event management (SIEM). It aids in defending businesses from attacks. Delivering advance threat feeds for precise attack detection in intrusion detection systems is the role of cyber-threat intelligence (CTI) in the study is being presented. In this proposed work CTI feeds are utilized in the detection of assaults accurately in intrusion detection system. The ultimate objective is to identify the attacker behind the attack. Several data sets had been analyzed for attack detection. With the proposed study the ability to identify network attacks has improved by using machine learning algorithms. The proposed model provides 98% accuracy, 97% precision, and 96% recall respectively.

• Journal of Korean Academy of Nursing
• /
• v.35 no.1
• /
• pp.5-15
• /
• 2005

Purpose: This study was conducted to develop a behavioral checklist to predict an autistic disorder and to identify the earliest detecting time. Method: One hundred and fifty eight children including normal, autistic, institutionalized normal, and retarded were assessed using critical interaction behavioral markers from literature review. Data was collected by semi-structured mother-child interaction by videotape recording and analyzed byfactor analysis, Cronbach a, Kappa, $x^2$, and Duncan. Result: Ten behavioral markers were sorted into 2 factors; joint-attention and synchronized behavior. Autistic children were impaired in pretend play, odeclarative pointing, proimperative pointing, gaze-monitoring, referential looking, showing, joint-attention, rhythmical vocal exchange, and synchronized laughing. The sychronized behavior was also a critical marker to predict the autistic disorder. However, it was difficult to differentiate autistic disorder from mental retardation. In addition, the appropriate detecting time was around 18 months after birth. Conclusion: This checklist should be behavior markers to predict autistic disorder and could be useful as educational material at children's clinics, parents class, and for caregivers in the health center. In addition, early detection should lead to treatment being started as soon after 18 months of age as possible.

• Journal of Software Assessment and Valuation
• /
• v.15 no.2
• /
• pp.43-50
• /
• 2019

With the development of IT technology, computer-related crimes are rapidly increasing, and in recent years, the damage to ransomware infections is increasing rapidly at home and abroad. Conventional security solutions are not sufficient to prevent ransomware infections, and to prevent threats such as malware and ransomware that are evolving, a combination of deep learning technologies is needed to detect abnormal behavior and abnormal symptoms. In this paper, a method is proposed to detect user abnormal behavior using CNN-LSTM model and various deep learning models. Among the proposed models, CNN-LSTM model detects user abnormal behavior with 99% accuracy.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.3
• /
• pp.9-15
• /
• 2013

Recently, Intrusion detection system is an important technology in computer network system because of has seen a dramatic increase in the number of attacks. The most of intrusion detection methods do not detect intrusion on real-time because difficult to analyze an auditing data for intrusions. A network intrusion detection system is used to monitors the activities of individual users, groups, remote hosts and entire systems, and detects suspected security violations, by both insider and outsiders, as they occur. It is learns user's behavior patterns over time and detects behavior that deviates from these patterns. In this paper has rule-based component that can be used to encode information about known system vulnerabilities and intrusion scenarios. Integrating the two approaches makes Intrusion Detection System a comprehensive system for detecting intrusions as well as misuse by authorized users or Anomaly users (unauthorized users) using RFM analysis methodology and monitoring collect data from sensor Intrusion Detection System(IDS).

• Women's Health Nursing
• /
• v.16 no.2
• /
• pp.126-136
• /
• 2010

Purpose: This study was done to evaluate factors affecting active early detection behaviors of breast cancer and performance rate of breast self examination (BSE), physical examination and mammography. Methods: The participants were 264 women from an outpatient breast clinic of a university hospital and materials were collected from March 2007 to February 2008 using a structured questionnaire. The data were analyzed using $x^2$ test, logistic analysis. Results: The rate for BSE was 58.3%, for physical examination, 55.3% and for mammography experience, 63.4%. Women with all of these active early detection behaviors accounted for 31.8% of the participants. Various factors such as age, income, marital status, and menopause showed increased significant performance rate. The explanation power of logistic model was 48.5%, and was significant for age, income and health belief. Factors related to high performance rate were being over 40 years of age, high income and high health belief score. Conclusion: Active early detection behaviors were not high in spite of marked increases in breast cancer incidence. Encouragement for women practicing early detection behavior is important, but there is also a need to develop interest and support for the low performance group. More sustained education and public relations are needed to further improve active early detection behavior.

• International journal of advanced smart convergence
• /
• v.9 no.4
• /
• pp.115-119
• /
• 2020

Recently, CCTV installations are rapidly increasing in the public and private sectors to prevent various crimes. In accordance with the increasing number of CCTVs, video-based abnormal behavior detection in control systems is one of the key technologies for safety. This is because it is difficult for the surveillance personnel who control multiple CCTVs to manually monitor all abnormal behaviors in the video. In order to solve this problem, research to recognize abnormal behavior using deep learning is being actively conducted. In this paper, we propose a model for detecting abnormal behavior based on the deep learning model that is currently widely used. Based on the abnormal behavior video data provided by AI Hub, we performed a comparative experiment to detect anomalous behavior through violence learning and fainting in videos using 2D CNN-LSTM, 3D CNN, and I3D models. We hope that the experimental results of this abnormal behavior learning model will be helpful in developing intelligent CCTV.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.1
• /
• pp.49-57
• /
• 2017

IoT can be connected through a single network not only objects which can be connected to existing internet but also objects which has communication capability. This IoT environment will be a huge change to the existing communication paradigm. However, the big security problem must be solved in order to develop further IoT. Security mechanisms reflecting these characteristics should be applied because devices participating in the IoT have low processing ability and low power. In addition, devices which perform abnormal behaviors between objects should be also detected. Therefore, in this paper, we proposed D-IDS technique for efficient detection of malicious attack nodes between devices participating in the IoT. The proposed technique performs the central detection and distribution detection to improve the performance of attack detection. The central detection monitors the entire network traffic at the boundary router using SVM technique and detects abnormal behavior. And the distribution detection combines RSSI value and reliability of node and detects Sybil attack node. The performance of attack detection against malicious nodes is improved through the attack detection process. The superiority of the proposed technique can be verified by experiments.