• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.605-616
• /
• 2021

While malwares must be accurately identifiable from arbitrary programs, existing studies using classification techniques have limitations that they can only be applied to limited samples. In this work, we propose a method to utilize API call frequency to detect and classify malware families from arbitrary programs. Our proposed method defines a rule that checks whether the call frequency of a particular API exceeds the threshold, and identifies a specific family by utilizing the rate information on the corresponding rules. In this paper, decision tree algorithm is applied to define the optimal threshold that can accurately identify a particular family from the training set. The performance measurements using 4,443 samples showed 85.1% precision and 91.3% recall rate for family detection, 97.7% precision and 98.1% reproduction rate for classification, which confirms that our method works to distinguish malware families effectively.

• KIPS Transactions on Software and Data Engineering
• /
• v.7 no.11
• /
• pp.443-450
• /
• 2018

Crohn's disease, which is recently increasing in Korea, may be seen throughout the gastrointestinal tract and cause various symptoms. In particular, Crohn's disease is especially difficult to diagnose with several symptoms similar to other ulcerative colonic diseases. Thus, some studies are underway to distinguish two or more similar diseases. However, the previous studies have not described the procedural diagnosis process of it, which may lead to over-examination in the process. Therefore, we propose a diagnosis process of Crohn's disease based on the analysis of redundancy, sequential linkage and decision point in the diagnosis of Crohn's disease, so that it enables to identify ulcerative colonic diseases with symptoms similar to Crohn's disease. Finally, we can distinguish the colon diseases that have symptoms similar to Crohn's disease and help diagnose Crohn's disease effectively by defining the proposed process-oriented association as an ontology. Applying the proposed ontology to 5 cases showed that more accurate diagnosis was possible and in one case it could be diagnosed even with fewer tests.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.135-144
• /
• 2003

An intrusion detection system shows different result over overall detection area according to its detection characteristics of inner detection algorithms or techniques. To expand detection areas, we requires an integrated detection which can be archived both by deploying a few detection systems which detect different detection areas and by combining their results. In addition to expand detection areas, we need to decrease the workload of security managers by false alarms and improve the correctness by minimizing false alerts which happen during the process of integration. In this paper, a method for aggregation detection use fuzzy inference to integrate a vague detection results which imply the characteristics of detection systems. Their analyzed detection characteristics are expressed as fuzzy membership functions and fuzzy rule bases which are applied through the process of fuzzy control. And, it integrate a vague decision results and minimize the number of false alerts by reflecting the characteristics of detection systems. Also it does minimize inference objects by applying thresholds decided through several experiments.

• Journal of the Korea Convergence Society
• /
• v.12 no.11
• /
• pp.91-97
• /
• 2021

This paper uses a data extension technique originally designed for the rule refinement problem to handling incomplete data. This technique is characterized in that each event can have a weight indicating importance, and each variable can be expressed as a probability value. Since the key problem in this paper is to find the probability that is closest to the missing value and replace the missing value with the probability, three different algorithms are used to find the probability for the missing value and then store it in this data structure format. And, after learning to classify each information area with the SVM classification algorithm for evaluation of each probability structure, it compares with the original information and measures how much they match each other. The three algorithms for the imputation probability of the missing value use the same data structure, but have different characteristics in the approach method, so it is expected that it can be used for various purposes depending on the application field.

• Journal of Biomedical Engineering Research
• /
• v.43 no.4
• /
• pp.280-289
• /
• 2022

In this paper, we present a QRS-complex detection algorithm to calculate an accurate heartbeat and clearly recognize irregular rhythm from ECG signals. The conventional Pan-Tompkins algorithm brings false QRS detection in the derivative when QRS and noise signals have similar instant variation. The proposed algorithm uses amplitude differences in 7 adjacent samples to detect QRS-complex which has the highest amplitude variation. The calculated amplitude is cubed to dominate QRS-complex and the moving average method is applied to diminish the noise signal's amplitude. Finally, a decision rule with a threshold value is applied to detect accurate QRS-complex. The calculated signals with Pan-Tompkins and proposed algorithms were compared by signal-to-noise ratio to evaluate the noise reduction degree. QRS-complex detection performance was confirmed by sensitivity and the positive predictive value(PPV). Normal ECG, muscle noise ECG, PVC, and atrial fibrillation signals were achieved which were measured from an ECG simulator. The signal-to-noise ratio difference between Pan-Tompkins and the proposed algorithm were 8.1, 8.5, 9.6, and 4.7, respectively. All ratio of the proposed algorithm is higher than the Pan-Tompkins values. It indicates that the proposed algorithm is more robust to noise than the Pan-Tompkins algorithm. The Pan-Tompkins algorithm and the proposed algorithm showed similar sensitivity and PPV at most waveforms. However, with a noisy atrial fibrillation signal, the PPV for QRS-complex has different values, 42% for the Pan-Tompkins algorithm and 100% for the proposed algorithm. It means that the proposed algorithm has superiority for QRS-complex detection in a noisy environment.

• ETRI Journal
• /
• v.44 no.4
• /
• pp.573-587
• /
• 2022

The agricultural sector is completely different from other sectors since it completely relies on various natural and climatic factors. Climate changes have many effects, including lack of annual rainfall and pests, heat waves, changes in sea level, and global ozone/atmospheric CO₂ fluctuation, on land and agriculture in similar ways. Climate change also affects the environment. Based on these factors, farmers chose their crops to increase productivity in their fields. Many existing agricultural ontologies are either domain-specific or have been created with minimal vocabulary and no proper evaluation framework has been implemented. A new agricultural ontology focused on subdomains is designed to assist farmers using Jaccard relative extractor (JRE) and Naïve Bayes algorithm. The JRE is used to find the similarity between two sentences and words in the agricultural documents and the relationship between two terms is identified via the Naïve Bayes algorithm. In the proposed method, the preprocessing of data is carried out through natural language processing techniques and the tags whose dimensions are reduced are subjected to rule-based formal concept analysis and mapping. The subdomain ontologies of weather, pest, and soil are built separately, and the overall agricultural ontology are built around them. The gold standard for the lexical layer is used to evaluate the proposed technique, and its performance is analyzed by comparing it with different state-of-the-art systems. Precision, recall, F-measure, Matthews correlation coefficient, receiver operating characteristic curve area, and precision-recall curve area are the performance metrics used to analyze the performance. The proposed methodology gives a precision score of 94.40% when compared with the decision tree(83.94%) and K-nearest neighbor algorithm(86.89%) for agricultural ontology construction.

• The Korean Journal of Nuclear Medicine
• /
• v.22 no.1
• /
• pp.39-45
• /
• 1988

To evaluate diagnostic accuracy of liver scintigraphy we analysed liver scans of 143 normal and 258 patients with various liver diseases. Three ROC curves for SOL, liver cirrhosis and diffuse liver disease were fitted using rating methods and areas under the ROC curves and their standard errors were calculated by the trapezoidal rule and the variance of the Wilcoxon statistic suggested by McNeil. We compared these results with that of National Institute of Radiological Science in Japan. 1) The sensitivity of liver scintigraphy was 74.2% in SOL, 71.8% in liver cirrhosis and 34.0% in diffuse liver disease. The specificity was 96.0% in SOL, 94.2% in liver cirrhosis and 87.6% in diffuse liver diasease. 2) ROC curves of SOL and liver cirrhosis approached the upper left-hand corner closer than that of diffuse liver disease. Area (${\pm}$ standard error). under the ROC curve was $0.868{\pm}0.024$ in SOL and $0.867{\pm}0.028$ in liver cirrhosis. These were significantly higher than $0.658{\pm}0.043$ in diffuse liver disease. 3) There was no interobserver difference in terms of ROC curves. But low sensitivty and high specificity of authors' SOL diagnosis suggested we used more strict decision threshold.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.45 no.4
• /
• pp.150-156
• /
• 2022

As the 4th industrial revolution emerges, the implementation of smart factories are essential in the manufacturing industry. However, 80% of small and medium-sized enterprises that have introduced smart factories remain at the basic level. In addition, in root industries such as injection molding, PLC and HMI software are used to implement functions that simply show operation data aggregated by facilities in real time. This has limitations for managers to make decisions related to product production other than viewing data. This study presents a method for upgrading the level of smart factories to suit the reality of small and medium-sized enterprises. By monitoring the data collected from the facility, it is possible to determine whether there is an abnormal situation by proposing an appropriate algorithm for meaningful decision-making, and an alarm sounds when the process is out of control. In this study, the function of HMI has been expanded to check the failure frequency rate, facility time operation rate, average time between failures, and average time between failures based on facility operation signals. For the injection molding industry, an HMI prototype including the extended function proposed in this study was implemented. This is expected to provide a foundation for SMEs that do not have sufficient IT capabilities to advance to the middle level of smart factories without making large investments.

• Journal of the Korea Society for Simulation
• /
• v.19 no.4
• /
• pp.99-109
• /
• 2010

Existing research about automated wafer transport management strategy for semiconductor manufacturing equipment was mainly focused on dispatching rules which is optimized to specific system layout, process environment or transfer patterns. But these methods can cause problem as like requiring additional rules or changing whole transport management strategy when applied to new type of process or system. In addition, a lack of consideration for interconnectedness of the added rules can cause unexpected deadlock. In this study, in order to improve these problems, propose dynamic priority based transfer job decision making algorithm which is applicable with regardless of system lay out and transfer patterns. Also, extra rule handling part proposed to support special transfer requirement which is available without damage to generality for maintaining a consistent scheduling policies and minimize loss of stability due to expansion and lead to improve productivity at the same time. Simulation environment of Twin-slot type semiconductor equipment was built In order to measure performance and examine validity about proposed wafer scheduling algorithm.

• Journal of the Society of Naval Architects of Korea
• /
• v.60 no.3
• /
• pp.202-211
• /
• 2023

The profile shops in shipyards produce section steels required for block production of ships. Due to the limitations of shipyard's production capacity, a considerable amount of work is already outsourced. In addition, the need to improve the productivity of the profile shops is growing because the production volume is expected to increase due to the recent boom in the shipbuilding industry. In this study, a scheduling optimization was conducted for a parallel welding line of the profile process, with the aim of minimizing tardiness and the number of set-up changes as objective functions to achieve productivity improvements. In particular, this study applied a dynamic scheduling method to determine the job sequence considering variability of processing time. A Markov decision process model was proposed for the job sequence problem, considering the trade-off relationship between two objective functions. Deep reinforcement learning was also used to learn the optimal scheduling policy. The developed algorithm was evaluated by comparing its performance with priority rules (SSPT, ATCS, MDD, COVERT rule) in test scenarios constructed by the sampling data. As a result, the proposed scheduling algorithms outperformed than the priority rules in terms of set-up ratio, tardiness, and makespan.