• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.225-238
• /
• 2012

Among the various security threats in online games, the use of game bots is the most serious problem. In this paper, we propose a framework for user behavior analysis for bot detection in online games. Specifically, we focus on party play that reflects the social activities of gamers: In a Massively Multi-user Online Role Playing Game (MMORPG), party play log includes a distinguished information that can classify game users under normal-user and abnormal-user. That is because the bot users' main activities target on the acquisition of cyber assets. Through a statistical analysis of user behaviors in game activity logs, we establish the threshold levels of the activities that allow us to identify game bots. Also, we build a knowledge base of detection rules based on this statistical analysis. We apply these rule reasoner to the sixth most popular online game in the world. As a result, we can detect game bot users with a high accuracy rate of 95.92%.

• Journal of Internet Computing and Services
• /
• v.21 no.3
• /
• pp.133-144
• /
• 2020

The number of elderly people with dementia is increasing as fast as the proportion of older people due to aging, which creates a social and economic burden. In particular, dementia care costs, including indirect costs such as increased care costs due to lost caregiver hours and caregivers, have grown exponentially over the years. In order to reduce these costs, it is urgent to introduce a management system to care for dementia patients. Therefore, this study proposes a sensor-based abnormal behavior detection system to manage dementia patients who live alone or in an environment where they cannot always take care of dementia patients. Existing studies were merely evaluating behavior or evaluating normal behavior, and there were studies that perceived behavior by processing images, not data from sensors. In this study, we recognized the limitation of real data collection and used both the auto-encoder, the unsupervised learning model, and the LSTM, the supervised learning model. Autoencoder, an unsupervised learning model, trained normal behavioral data to learn patterns for normal behavior, and LSTM further refined classification by learning behaviors that could be perceived by sensors. The test results show that each model has about 96% and 98% accuracy and is designed to pass the LSTM model when the autoencoder outlier has more than 3%. The system is expected to effectively manage the elderly and dementia patients who live alone and reduce the cost of caring.

• KIPS Transactions on Software and Data Engineering
• /
• v.5 no.7
• /
• pp.319-326
• /
• 2016

Given the attributes of mobile apps that shorten the time to make purchase decisions while enabling easy purchase cancellations, usability can be regarded to be a highly prioritized quality attribute among the diverse quality attributes that must be provided by mobile apps. With that backdrop, mobile app developers have been making great effort to minimize usability hampering elements that degrade the merchantability of apps in many ways. Most elements that hamper the convenience in use of mobile apps stem from those potential errors that occur when GUIs are designed. In our previous study, we have proposed a technique to analyze the usability of mobile apps using user behavior logs. We proposes a technique to detect usability hampering elements lying dormant in mobile apps' GUI models by expressing user behavior logs with finite state models, combining user behavior models extracted from multiple users, and comparing the combined user behavior model with the expected behavior model on which the designer's intention is reflected. In addition, to reduce the burden of the repeated test operations that have been conducted by existing developers to detect usability errors, the present paper also proposes a mobile usability error detection automation tool that enables automatic application of the proposed technique. The utility of the proposed technique and tool is being discussed through comparison between the GUI issue reports presented by actual open source app developers and the symptoms detected by the proposed technique.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.4
• /
• pp.81-90
• /
• 2014

As mobile devices have become widely used and developed, PC based malwares can be moving towards mobile-based units. In particular, mobile Botnet reuses powerful malicious behavior of PC-based Botnet or add new malicious techniques. Different from existing PC-based Botnet detection schemes, mobile Botnet detection schemes are generally host-based. It is because mobile Botnet has various attack vectors and it is difficult to inspect all the attack vector at the same time. In this paper, to overcome limitations of host-based scheme, we compare two network-based schemes which detect mobile Botnet by applying HMM and SVM techniques. Through the verification analysis under real Botnet attacks, we present detection rates and detection properties of two schemes.

• Research in Community and Public Health Nursing
• /
• v.15 no.1
• /
• pp.155-164
• /
• 2004

Purpose: The purpose of this study was to identify factors affecting early detection behaviors of breast cancer such as breast self examination(BSE), breast physical examination, mammography. Method: The subjects were 141 women on an island and materials were collected through an organized questionnaire from March, to August 2002. The data were analyzed by using descriptive statistics, $x^2$ and logistic analysis by SAS program. Results: 52.7% of the subjects performed breast self examination, 67.2% did breast physical examination and 67.7% did mammography. That is, about 60% of the subjects performed early detection behavior to find the breast cancer. Practice of breast self examination was significantly correlated with experience of physician examination and mammography. The most significant factor on BSE was a normal salted diet, and the most significant factor on physical examination and mammography was the high education level of subjects. Conclusions: According to the results of this study, it suggests that intensive education and information strategies for breast cancer early detection need to be developed. In particular, early detection programs for lower educated women should be activated.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.5
• /
• pp.843-848
• /
• 2008

Most of face detection technique uses information from the face of the movement. The traditional face detection method is to use difference picture method ate used to detect movement. However, most do not consider this mathematical approach using real-time or real-time implementation of the algorithm is complicated, not easy. This paper, the first to detect real-time facial image is converted YCbCr and RGB video input. Next, you convert the difference between video images of two adjacent to obtain and then to conduct Glassfire Labeling. Labeling value compared to the threshold behavior Area recognizes and converts video extracts. Actions to convert video to conduct face detection, and detection of facial characteristics required for the extraction and use of AdaBoost algorithm.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.357-358
• /
• 2021

Although many people watch the scene with multiple surveillance cameras, it is difficult to ensure that immediate action can be taken in the event of a crime. Therefore, there is a need for a "crime behavior detection system" that can analyze images in real time from multiple surveillance cameras installed in elevators, call immediate crime alerts, and track crime scenes and times effectively. In this paper, a study was conducted to detect violent scenes occurring in elevators using Scene Change Detection. For effective detection, an x2-color histogram combining color histogram and histogram was applied.

• Journal of Animal Science and Technology
• /
• v.65 no.2
• /
• pp.441-458
• /
• 2023

The poultry industry, which produces excellent sources of protein, suffers enormous economic damage from diseases. To solve this problem, research is being conducted on the early detection of infection according to the behavioral characteristics of poultry. The purpose of this study was to evaluate the potential of a non-movement behavior observation method to detect sick chickens. Forty 1-day-old Ross 308 males were used in the experiments, and an isolator equipped with an Internet Protocol (IP) camera was fabricated for observation. The chickens were inoculated with Salmonella enterica serovar Gallinarum A18-GCVP-014, the causative agent of fowl typhoid (FT), at 14 days of age, which is a vulnerable period for FT infection. The chickens were continuously observed with an IP camera for 2 weeks after inoculation, chickens that did not move for more than 30 minutes were detected and marked according to the algorithm. FT infection was confirmed based on clinical symptoms, analysis of cardiac, spleen and liver lesion scores, pathogen re-isolation, and serological analysis. As a result, clinical symptoms were first observed four days after inoculation, and dead chickens were observed on day six. Eleven days after inoculation, the number of clinical symptoms gradually decreased, indicating a state of recovery. For lesion scores, dead chickens scored 3.57 and live chickens scored 2.38. Pathogens were re-isolated in 37 out of 40 chickens, and hemagglutination test was positive in seven out of 26 chickens. The IP camera applied with the algorithm detected about 83% of the chickens that died in advance through non-movement behavior observation. Therefore, observation of non-movement behavior is one of the ways to detect infected chickens in advance, and it appears to have potential for the development of remote broiler management system.

• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.53-58
• /
• 2014

MANET can quickly build a network because it is configured with only the mobile node and it is very popular today due to its various application range. However, MANET should solve vulnerable security problem that dynamic topology, limited resources of each nodes, and wireless communication by the frequent movement of nodes have. In this paper, we propose a domain-based distributed cooperative intrusion detection techniques that can perform accurate intrusion detection by reducing overhead. In the proposed intrusion detection techniques, the local detection and global detection is performed after network is divided into certain size. The local detection performs on all the nodes to detect abnormal behavior of the nodes and the global detection performs signature-based attack detection on gateway node. Signature DB managed by the gateway node accomplishes periodic update by configuring neighboring gateway node and honeynet and maintains the reliability of nodes in the domain by the trust management module. The excellent performance is confirmed through comparative experiments of a multi-layer cluster technique and proposed technique in order to confirm intrusion detection performance of the proposed technique.

• Journal of Internet of Things and Convergence
• /
• v.8 no.5
• /
• pp.119-125
• /
• 2022

With the recent increase in dementia patients due to aging, measures to prevent their wandering behavior and disappearance are urgently needed. To solve this problem, various authentication methods and location detection techniques have been introduced, but the security problem of personal authentication and a system that can check indoor and outdoor overall was lacking. In order to solve this problem, various authentication methods and location detection techniques have been introduced, but it was difficult to find a system that can check the security problem of personal authentication and indoor/outdoor overall. In this study, we intend to propose a system that can identify personal authentication, basic health status, and overall location indoors and outdoors by using wristband-type wearable devices in a private blockchain environment. In this system, personal authentication uses ECG, which is difficult to forge and highly personally identifiable, Bluetooth beacon that is easy to use with low power, non-contact and automatic transmission and reception indoors, and DGPS that corrects the pseudorange error of GPS satellites outdoors. It is intended to detect wandering behavior and abnormal signs by locating the patient. Through this, it is intended to contribute to the prompt response and prevention of disappearance in case of wandering behavior and abnormal symptoms of dementia patients living at home or in nursing homes.