• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.155-162
• /
• 2022

Over the last 10 years, there has been rapid growth in the use of Machine Learning (ML) techniques to automate the process of intrusion threat detection at a scale never imagined before. This has prompted researchers, software engineers, and network specialists to rethink the applications of machine ML techniques particularly in the area of cybersecurity. As a result there exists numerous research documentations on the use ML techniques to detect and block cyber-attacks. This article is a systematic review involving the identification of published scholarly articles as found on IEEE Explore and Scopus databases. The articles exclusively related to the use of machine learning in Intrusion Detection Systems (IDS). Methods, concepts, results, and conclusions as found in the texts are analyzed. A description on the process taken in the identification of the research articles included: First, an introduction to the topic which is followed by a methodology section. A table is used to list identified research articles in the form of title, authors, methodology, and key findings.

• Mass Spectrometry Letters
• /
• v.13 no.4
• /
• pp.95-105
• /
• 2022

Amatoxin-induced mushroom poisoning starts with nonspecific symptoms of toxicity but hepatic damage may follow, resulting in the rapid development of liver insufficiency and, ultimately, coma and death. Accurate detection of amatoxins, such as α-, β-, and γ-amanitin, within the first few hours after presentation is necessary to improve the therapeutic outcomes of patients. Therefore, analytical methods for the identification and quantification of α-, β-, and γ-amanitin in biological samples are necessary for clinical and forensic toxicology. This study presents a literature review of the analytical techniques available for amatoxin detection in biological matrices, and established an inventory of liquid chromatography (LC) techniques with mass spectrometry (MS), ultraviolet (UV) detection, and electrochemical detection (ECD). LC-MS methods using quadrupole tandem mass spectrometry, time-of-flight mass spectrometry, and orbitrap MS are powerful analytical techniques for the identification and determination of amatoxins in plasma, urine, serum, and tissue samples, with high sensitivity, specificity, and reproducibility compared to LC with UV and ECD, enzyme-linked immunoassay, and capillary electrophoresis methods.

• International Journal of Computer Science & Network Security
• /
• v.23 no.7
• /
• pp.202-209
• /
• 2023

Android malware is now on the rise, because of the rising interest in the Android operating system. Machine learning models may be used to classify unknown Android malware utilizing characteristics gathered from the dynamic and static analysis of an Android applications. Anti-virus software simply searches for the signs of the virus instance in a specific programme to detect it while scanning. Anti-virus software that competes with it keeps these in large databases and examines each file for all existing virus and malware signatures. The proposed model aims to provide a machine learning method that depend on the malware detection method for Android inability to detect malware apps and improve phone users' security and privacy. This system tracks numerous permission-based characteristics and events collected from Android apps and analyses them using a classifier model to determine whether the program is good ware or malware. This method used the machine learning techniques KNN-SVM, DBN, and GRU in which help to find the accuracy which gives the different values like KNN gives 87.20 percents accuracy, SVM gives 91.40 accuracy, Naive Bayes gives 85.10 and DBN-GRU Gives 97.90. Furthermore, in this paper, we simply employ standard machine learning techniques; but, in future work, we will attempt to improve those machine learning algorithms in order to develop a better detection algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.201-211
• /
• 2022

According to the recent change in the cybersecurity paradigm, research on anomaly detection methods using machine learning and deep learning techniques, which are AI implementation technologies, is increasing. In this study, a comparative study on data preprocessing techniques that can improve the anomaly detection performance of a GRU (Gated Recurrent Unit) neural network-based intrusion detection model using NGIDS-DS (Next Generation IDS Dataset), an open dataset, was conducted. In addition, in order to solve the class imbalance problem according to the ratio of normal data and attack data, the detection performance according to the oversampling ratio was compared and analyzed using the oversampling technique applied with DCGAN (Deep Convolutional Generative Adversarial Networks). As a result of the experiment, the method preprocessed using the Doc2Vec algorithm for system call feature and process execution path feature showed good performance, and in the case of oversampling performance, when DCGAN was used, improved detection performance was shown.

• Journal of Sensor Science and Technology
• /
• v.21 no.1
• /
• pp.39-45
• /
• 2012

Recently the convergence of healthcare technology is used for daily life healthcare monitoring. Cardiac arrhythmia is presented by the state of the heart irregularity. Abnormal heart's electrical signal pathway or heart's tissue disorder could be the cause of cardiac arrhythmia. Fatal arrhythmia could put patient's life at risk. Therefore arrhythmia detection is very important. Previous studies on the detection of arrhythmia in various ECG analysis and classification methods had been carried out. In this paper, an ECG signal processing techniques to detect abnormal ECG based on DTW minimum accumulation distance through the template matching for normalized data and variable threshold method for ECG R-peak detection. Signal processing techniques able to determine the occurrence of normal ECG and abnormal ECG. Abnormal ECG detection algorithm using DTW minimum accumulation distance method is performed using MITBIH database for performance evaluation. Experiment result shows the average percentage accuracy of using the propose method for Rpeak detection is 99.63 % and abnormal detection is 99.60 %.

• Journal of Information Processing Systems
• /
• v.6 no.4
• /
• pp.481-500
• /
• 2010

The Internet explosion and the increase in crucial web applications such as ebanking and e-commerce, make essential the need for network security tools. One of such tools is an Intrusion detection system which can be classified based on detection approachs as being signature-based or anomaly-based. Even though intrusion detection systems are well defined, their cooperation with each other to detect attacks needs to be addressed. Consequently, a new architecture that allows them to cooperate in detecting attacks is proposed. The architecture uses Software Agents to provide scalability and distributability. It works in two modes: learning and detection. During learning mode, it generates a profile for each individual system using a fuzzy data mining algorithm. During detection mode, each system uses the FuzzyJess to match network traffic against its profile. The architecture was tested against a standard data set produced by MIT's Lincoln Laboratory and the primary results show its efficiency and capability to detect attacks. Finally, two new methods, the memory-window and memoryless-window, were developed for extracting useful parameters from raw packets. The parameters are used as detection metrics.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.12
• /
• pp.4889-4908
• /
• 2020

With the advances in Information Technology (IT), users can download or stream copyrighted works, such as videos, music, and webtoons, at their convenience. Thus, the frequency of use of copyrighted works has increased. Consequently, the number of unauthorized copies and sharing of copyrighted works has also increased. Monitoring is being conducted on sites suspected of conducting copyright infringement activities to reduce copyright holders' damage due to unauthorized sharing of copyrighted works. However, suspected copyright infringement sites respond by changing their domains or blocking access requests. Although research has been conducted for improving the effectiveness of suspected copyright infringement site detection by defining suspected copyright infringement sites' response techniques as a lifecycle step, there is a paucity of studies on automation techniques for lifecycle detection. This has reduced the accuracy of lifecycle step detection on suspected copyright infringement sites, which change domains and lifecycle steps in a short period of time. Thus, in this paper, an automated detection technique for suspected copyright infringement sites is proposed for efficient detection and response to suspected copyright infringement sites. Using our proposed technique, the response to each lifecycle step can be effectively conducted by automatically detecting the lifecycle step.

• Structural Engineering and Mechanics
• /
• v.80 no.5
• /
• pp.563-583
• /
• 2021

Composite materials, composed of multiple constituent materials with dissimilar properties, are actively adopted in a wide range of industrial sectors due to their remarkable strength-to-weight and stiffness-to-weight ratio. Nevertheless, the failure mechanism of composite materials is highly complicated due to their sophisticated microstructure, making it much harder to predict their residual material lives in real life applications. A promising solution for this safety issue is structural damage detection. In the present paper, damage detection of composite material via electrical resistance-based technique and infrared thermography is reviewed. The operating principles of the two damage detection methodologies are introduced, and some research advances of each techniques are covered. The advancement of IR thermography-based non-destructive technique (NDT) including optical thermography, laser thermography and eddy current thermography will be reported, as well as the electrical impedance tomography (EIT) which is a technology increasingly drawing attentions in the field of electrical resistance-based damage detection. A brief comparison of the two methodologies based on each of their strengths and limitations is carried out, and a recent research update regarding the coupling of the two techniques for improved damage detection in composite materials will be discussed.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.11
• /
• pp.89-101
• /
• 2023

In order to prevent damages caused by cyber-attacks on nations, businesses, and other entities, anomaly detection techniques for early detection of attackers have been consistently researched. Real-time reduction and false positive reduction are essential to promptly prevent external or internal intrusion attacks. In this study, we hypothesized that the type and frequency of attack events would influence the improvement of anomaly detection true positive rates and reduction of false positive rates. To validate this hypothesis, we utilized the 2015 login log dataset from the Los Alamos National Laboratory. Applying the preprocessed data to representative anomaly detection algorithms, we confirmed that using characteristics that simultaneously consider the type and frequency of attack events is highly effective in reducing false positives and execution time for anomaly detection.

• Proceedings of the KIEE Conference
• /
• 1993.07a
• /
• pp.156-158
• /
• 1993

This paper presents several techniques of power spectrum estimation for high impedance fault detection. High impedance faults are those faults with current too low to be reliably cleared by conventional overcurrent protection. So power spectrum estimation is required. AR and MA techniques require optimal order for good performance of power spectrum estimation because these techniques are unstable for order selection. ARMA and Extended techniches are stable for order selection and have very sharp response. So ARMA and Extended Prony techniques are suitable for our purpose.