• International Journal of Computer Science & Network Security
• /
• v.24 no.1
• /
• pp.107-118
• /
• 2024

With the seamless growth of the technology, network usage requirements are expanding day by day. The majority of electronic devices are capable of communication, which strongly requires a secure and reliable network. Network-based intrusion detection systems (NIDS) is a new method for preventing and alerting computers and networks from attacks. Machine Learning is an emerging field that provides a variety of ways to implement effective network intrusion detection systems (NIDS). Bagging and Boosting are two ensemble ML techniques, renowned for better performance in the learning and classification process. In this paper, the study provides a detailed literature review of the past work done and proposed a novel ensemble approach to develop a NIDS system based on the voting method using bagging and boosting ensemble techniques. The test results demonstrate that the ensemble of bagging and boosting through voting exhibits the highest classification accuracy of 99.98% and a minimum false positive rate (FPR) on both datasets. Although the model building time is average which can be a tradeoff by processor speed.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.28 no.1
• /
• pp.184-192
• /
• 2022

Valve internal leakage is caused by damage to the internal parts of the valve, resulting in accidents and shutdowns of the piping system. This study investigated the possibility of a real-time leak detection method using the acoustic emission (AE) signal generated from the piping system during the internal leakage of a butterfly valve. Datasets of raw time-domain AE signals were collected and postprocessed for each operation mode of the valve in a systematic manner to develop a data-driven model for the detection and classification of internal leakage, by applying machine learning algorithms. The aim of this study was to determine whether it is possible to treat leak detection as a classification problem by applying two classification algorithms: support vector machine (SVM) and convolutional neural network (CNN). The results showed different performances for the algorithms and datasets used. The SVM-based binary classification models, based on feature extraction of data, achieved an overall accuracy of 83% to 90%, while in the case of a multiple classification model, the accuracy was reduced to 66%. By contrast, the CNN-based classification model achieved an accuracy of 99.85%, which is superior to those of any other models based on the SVM algorithm. The results revealed that the SVM classification model requires effective feature extraction of the AE signals to improve the accuracy of multi-class classification. Moreover, the CNN-based classification can be a promising approach to detect both leakage and valve opening as long as the performance of the processor does not degrade.

• 제어로봇시스템학회:학술대회논문집
• /
• 1993.10a
• /
• pp.877-882
• /
• 1993

An adaptive EEG waveform detection is presented. The method is based on a layered process model. The model allows the bilateral information exchange across the layers. The criteria for the waveform detection and epoch-wise classification can be adapted according to the higher layer context information embedded in a wider range of adjacent signals. The designed system is experimentally tested to show the adaptive operation of the waveform detection.

• Journal of Intelligence and Information Systems
• /
• v.17 no.4
• /
• pp.157-173
• /
• 2011

As the Internet use explodes recently, the malicious attacks and hacking for a system connected to network occur frequently. This means the fatal damage can be caused by these intrusions in the government agency, public office, and company operating various systems. For such reasons, there are growing interests and demand about the intrusion detection systems (IDS)-the security systems for detecting, identifying and responding to unauthorized or abnormal activities appropriately. The intrusion detection models that have been applied in conventional IDS are generally designed by modeling the experts' implicit knowledge on the network intrusions or the hackers' abnormal behaviors. These kinds of intrusion detection models perform well under the normal situations. However, they show poor performance when they meet a new or unknown pattern of the network attacks. For this reason, several recent studies try to adopt various artificial intelligence techniques, which can proactively respond to the unknown threats. Especially, artificial neural networks (ANNs) have popularly been applied in the prior studies because of its superior prediction accuracy. However, ANNs have some intrinsic limitations such as the risk of overfitting, the requirement of the large sample size, and the lack of understanding the prediction process (i.e. black box theory). As a result, the most recent studies on IDS have started to adopt support vector machine (SVM), the classification technique that is more stable and powerful compared to ANNs. SVM is known as a relatively high predictive power and generalization capability. Under this background, this study proposes a novel intelligent intrusion detection model that uses SVM as the classification model in order to improve the predictive ability of IDS. Also, our model is designed to consider the asymmetric error cost by optimizing the classification threshold. Generally, there are two common forms of errors in intrusion detection. The first error type is the False-Positive Error (FPE). In the case of FPE, the wrong judgment on it may result in the unnecessary fixation. The second error type is the False-Negative Error (FNE) that mainly misjudges the malware of the program as normal. Compared to FPE, FNE is more fatal. Thus, when considering total cost of misclassification in IDS, it is more reasonable to assign heavier weights on FNE rather than FPE. Therefore, we designed our proposed intrusion detection model to optimize the classification threshold in order to minimize the total misclassification cost. In this case, conventional SVM cannot be applied because it is designed to generate discrete output (i.e. a class). To resolve this problem, we used the revised SVM technique proposed by Platt(2000), which is able to generate the probability estimate. To validate the practical applicability of our model, we applied it to the real-world dataset for network intrusion detection. The experimental dataset was collected from the IDS sensor of an official institution in Korea from January to June 2010. We collected 15,000 log data in total, and selected 1,000 samples from them by using random sampling method. In addition, the SVM model was compared with the logistic regression (LOGIT), decision trees (DT), and ANN to confirm the superiority of the proposed model. LOGIT and DT was experimented using PASW Statistics v18.0, and ANN was experimented using Neuroshell 4.0. For SVM, LIBSVM v2.90-a freeware for training SVM classifier-was used. Empirical results showed that our proposed model based on SVM outperformed all the other comparative models in detecting network intrusions from the accuracy perspective. They also showed that our model reduced the total misclassification cost compared to the ANN-based intrusion detection model. As a result, it is expected that the intrusion detection model proposed in this paper would not only enhance the performance of IDS, but also lead to better management of FNE.

• KIEE International Transactions on Power Engineering
• /
• v.3A no.4
• /
• pp.191-197
• /
• 2003

Accurate detection and classification of faults on transmission lines is vitally important. In this respect, many different types of faults occur, such as inter alia low impedance faults (LIF) and high impedance faults (HIF). The latter in particular pose difficulties for the commonly employed conventional overcurrent and distance relays, and if undetected, can cause damage to expensive equipment, threaten life and cause fire hazards. Although HIFs are far less common than LIFs, it is imperative that any protection device should be able to satisfactorily deal with both HIFs and LIFs. Because of the randomness and asymmetric characteristics of HIFs, their modeling is difficult and numerous papers relating to various HIF models have been published. In this paper, the model of HIFs in transmission lines is accomplished using the characteristics of a ZnO arrester, which is then implemented within the overall transmission system model based on the electromagnetic transients program (EMTP). This paper proposes an algorithm for fault detection and classification for both LIFs and HIFs using Adaptive Network-based Fuzzy Inference System (ANFIS). The inputs into ANFIS are current signals only based on Root-Mean-Square (RMS) values of 3-phase currents and zero sequence current. The performance of the proposed algorithm is tested on a typical 154 kV Korean transmission line system under various fault conditions. Test results demonstrate that the ANFIS can detect and classify faults including LIFs and HIFs accurately within half a cycle.

• Journal of Industrial Convergence
• /
• v.20 no.5
• /
• pp.61-68
• /
• 2022

In recent years, malicious codes are being produced using the developing information and communication technology, and it is insufficient to detect them with the existing detection system. In order to accurately and efficiently detect and respond to such intelligent malicious code, an intelligent detection model is required, and in order to maximize detection performance, it is important to train with the main characteristic information set of the malicious code. In this paper, we proposed a technique for designing an intelligent detection model and generating the data required for model training as a set of key feature information through transformation, dimensionality reduction, and feature selection steps. And based on this, the main characteristic information was classified by malicious code. In addition, based on the classified characteristic information, we derived common characteristic information that can be used to analyze and detect modified or newly emerging malicious codes. Since the proposed detection model detects malicious codes by learning with a limited number of characteristic information, the detection time and response are fast, so damage can be greatly reduced and Although the performance evaluation result value is slightly different depending on the learning algorithm, it was found through evaluation that most malicious codes can be detected.

• Journal of Information Processing Systems
• /
• v.2 no.1
• /
• pp.52-57
• /
• 2006

One of the important functions of an Intelligent Transportation System (ITS) is to classify vehicle types using a vision system. We propose a method using machine-learning algorithms for this classification problem with 3-D object model fitting. It is also necessary to detect road lanes from a fixed traffic surveillance camera in preparation for model fitting. We apply a background mask and line analysis algorithm based on statistical measures to Hough Transform (HT) in order to remove noise and false positive road lanes. The results show that this method is quite efficient in terms of quality.

• Journal of Korea Multimedia Society
• /
• v.25 no.10
• /
• pp.1524-1534
• /
• 2022

This study proposes the classification model of Minhwa genre based on object detection of deep learning. To detect unique Korean traditional objects in Minhwa, we construct custom datasets by labeling images using object keywords in Minhwa DB. We train YOLOv5 models with custom datasets, and classify images using predicted object labels result, the output of model training. The algorithm consists of two classification steps: 1) according to the painting technique and 2) genre of Minhwa. Through classifying paintings using this algorithm on the Internet, it is expected that the correct information of Minhwa can be built and provided to users forward.

• Journal of KIISE:Databases
• /
• v.34 no.6
• /
• pp.473-482
• /
• 2007

Network-based IDS(Intrusion Detection System) gathers network packet data and analyzes them into attack or normal. They raise alarm when possible intrusion happens. But they often output a large amount of low-level of incomplete alert information. Consequently, a large amount of incomplete alert information that can be unmanageable and also be mixed with false alerts can prevent intrusion response systems and security administrator from adequately understanding and analyzing the state of network security, and initiating appropriate response in a timely fashion. So it is important for the security administrator to reduce the redundancy of alerts, integrate and correlate security alerts, construct attack scenarios and present high-level aggregated information. False alarm rate is the ratio between the number of normal connections that are incorrectly misclassified as attacks and the total number of normal connections. In this paper we propose a false alarm classification model to reduce the false alarm rate using classification analysis of data mining techniques. The proposed model can classify the alarms from the intrusion detection systems into false alert or true attack. Our approach is useful to reduce false alerts and to improve the detection rate of network-based intrusion detection systems.

• Journal of Korea Multimedia Society
• /
• v.18 no.12
• /
• pp.1519-1527
• /
• 2015

TFT-LCD automatic defect inspection system for detecting defects in place of the visual tester does pre-processing, candidate defect pixel detection, and recognition and classification through a blob analysis. An over-detection result of defects acts as an undue burden of blob analysis for recognition and classification. In this paper, we propose defect detection method based on the histogram distribution modeling of TFT-LCD image to minimize over-detection of candidate defective pixels. Primary defect candidate pixels are detected estimating the skewness of the luminance distribution histogram of the background pixels. Based on the detected defect pixels, the defective pixels other than noise pixels are detected using the distribution histogram model of the local area. Experimental results confirm that the proposed method shows an excellent defect detection result on the image containing the various types of defects and the reduction of the degree of over-detection as well.