• 제목/요약/키워드: Detection rule

검색결과 443건 처리시간 0.024초

LAN 상의 장애 검출 및 위치 확인을 위한 규칙 기반 장애 진단 에이전트 시스템 (Rule-based Fault Detection Agent System for Fault Detection and Location on LAN)

  • 조강홍;안성진;정진욱
    • 한국정보처리학회논문지
    • /
    • 제7권7호
    • /
    • pp.2169-2178
    • /
    • 2000
  • This paper proposes the structure of an agent and rules for fault detection and location on LAN. To find out a reason of critical fault incurred LAN, collision detection rule, error detection rule, broadcast detection rule, system location rule, and Internet application location rule ar shown. Also, the structure of multi-agent system and state transition diagram is portrayed to have connectivity with he set of rules. To verify availability of proposed rules, the process to find a faulty system is shown by monitoring and analyzing the LAN fault occurrences from the proposed set of rules. Such an rule based agent system is helpful to an Internet manager to solve a reason of fault and make ad decision from gathering management information.

  • PDF

Prediction of User Preferred Cosmetic Brand Based on Unified Fuzzy Rule Inference

  • 김진성
    • 한국지능시스템학회:학술대회논문집
    • /
    • 한국퍼지및지능시스템학회 2005년도 추계학술대회 학술발표 논문집 제15권 제2호
    • /
    • pp.271-275
    • /
    • 2005
  • In this research, we propose a Unified Fuzzy rule-based knowledge Inference Systems UFIS) to help the expert in cosmetic brand detection. Users' preferred cosmetic product detection is very important in the level of CRM. To this Purpose, many corporations trying to develop an efficient data mining tool. In this study, we develop a prototype fuzzy rule detection and inference system. The framework used in this development is mainly based on two different mechanisms such as fuzzy rule extraction and RDB (Relational DB)-based fuzzy rule inference. First, fuzzy clustering and fuzzy rule extraction deal with the presence of the knowledge in data base and its value is presented with a value between $0\∼1$. Second, RDB and SQL(Structured Query Language)-based fuzzy rule inference mechanism provide more flexibility in knowledge management than conventional non-fuzzy value-based KMS(Knowledge Management Systems)

  • PDF

Prediction of User's Preference by using Fuzzy Rule & RDB Inference: A Cosmetic Brand Selection

  • Kim, Jin-Sung
    • International Journal of Fuzzy Logic and Intelligent Systems
    • /
    • 제5권4호
    • /
    • pp.353-359
    • /
    • 2005
  • In this research, we propose a Unified Fuzzy rule-based knowledge Inference Systems (UFIS) to help the expert in cosmetic brand detection. Users' preferred cosmetic product detection is very important in the level of CRM. To this purpose, many corporations trying to develop an efficient data mining tool. In this study, we develop a prototype fuzzy rule detection and inference system. The framework used in this development is mainly based on two different mechanisms such as fuzzy rule extraction and RDB (Relational DB)-based fuzzy rule inference. First, fuzzy clustering and fuzzy rule extraction deal with the presence of the knowledge in data base and its value is presented with a value between 0 -1. Second, RDB and SQL (Structured Query Language)-based fuzzy rule inference mechanism provide more flexibility in knowledge management than conventional non-fuzzy value-based KMS (Knowledge Management Systems).

비정상적인 컴퓨터 행위 방지를 위한 실시간 침입 탐지 병렬 시스템에 관한 연구 (Real-time Intrusion-Detection Parallel System for the Prevention of Anomalous Computer Behaviours)

  • 유은진;전문석
    • 정보보호학회지
    • /
    • 제5권2호
    • /
    • pp.32-48
    • /
    • 1995
  • Our paper describes an Intrusion Detection Parallel System(IDPS) which detects an anomaly activity corresponding to the actions that interaction between near detection events. IDES uses parallel inductive approaches regarding the problem of real-time anomaly behavior detection on rule-based system. This approach uses sequential rule that describes user's behavior and characteristics dependent on time. and that audits user's activities by using rule base as data base to store user's behavior pattern. When user's activity deviates significantly from expected behavior described in rule base. anomaly behaviors are recorded. Observed behavior is flagged as a potential intrusion if it deviates significantly from the expected behavior or if it triggers a rule in the parallel inductive system.

  • PDF

Network Intrusion Detection Based on Directed Acyclic Graph and Belief Rule Base

  • Zhang, Bang-Cheng;Hu, Guan-Yu;Zhou, Zhi-Jie;Zhang, You-Min;Qiao, Pei-Li;Chang, Lei-Lei
    • ETRI Journal
    • /
    • 제39권4호
    • /
    • pp.592-604
    • /
    • 2017
  • Intrusion detection is very important for network situation awareness. While a few methods have been proposed to detect network intrusion, they cannot directly and effectively utilize semi-quantitative information consisting of expert knowledge and quantitative data. Hence, this paper proposes a new detection model based on a directed acyclic graph (DAG) and a belief rule base (BRB). In the proposed model, called DAG-BRB, the DAG is employed to construct a multi-layered BRB model that can avoid explosion of combinations of rule number because of a large number of types of intrusion. To obtain the optimal parameters of the DAG-BRB model, an improved constraint covariance matrix adaption evolution strategy (CMA-ES) is developed that can effectively solve the constraint problem in the BRB. A case study was used to test the efficiency of the proposed DAG-BRB. The results showed that compared with other detection models, the DAG-BRB model has a higher detection rate and can be used in real networks.

Hybrid Fuzzy Adaptive Wiener Filtering with Optimization for Intrusion Detection

  • Sujendran, Revathi;Arunachalam, Malathi
    • ETRI Journal
    • /
    • 제37권3호
    • /
    • pp.502-511
    • /
    • 2015
  • Intrusion detection plays a key role in detecting attacks over networks, and due to the increasing usage of Internet services, several security threats arise. Though an intrusion detection system (IDS) detects attacks efficiently, it also generates a large number of false alerts, which makes it difficult for a system administrator to identify attacks. This paper proposes automatic fuzzy rule generation combined with a Wiener filter to identify attacks. Further, to optimize the results, simplified swarm optimization is used. After training a large dataset, various fuzzy rules are generated automatically for testing, and a Wiener filter is used to filter out attacks that act as noisy data, which improves the accuracy of the detection. By combining automatic fuzzy rule generation with a Wiener filter, an IDS can handle intrusion detection more efficiently. Experimental results, which are based on collected live network data, are discussed and show that the proposed method provides a competitively high detection rate and a reduced false alarm rate in comparison with other existing machine learning techniques.

능동 소나망 분산탐지 체계의 모델링 및 설계 (Modeling and Design of a Distributed Detection System Based on Active Sonar Sensor Networks)

  • 최원용;김송근;홍순목
    • 한국군사과학기술학회지
    • /
    • 제14권1호
    • /
    • pp.123-131
    • /
    • 2011
  • In this paper, modeling and design of a distributed detection system are considered for an active sonar sensor network. The sensor network has a parallel configuration and it consists of a fusion center and a set of receiver nodes. A system with two receiver nodes is considered to investigate a theoretical aspect of design. To be specific, AND rule and OR rule are considered as the fusion rules of the sensor network. For the fusion rules, it is shown that a threshold rule of each sensor node has uniformly most powerful properties. Optimum threshold for each sensor is obtained that maximizes the probability of detection given probability of false alarm. Numerical experiments were also performed to investigate the detection characteristics of a distributed detection system with multiple sensor nodes. The experimental results show how signal strength, false alarm probability, and the distance between nodes in a sensor field affect the system detection performances.

퍼지논리를 이용한 다중관측자 구조 FDIS의 성능개선 (Performance Improvement of Multiple Observer based FDIS using Fuzzy Logic)

  • 류지수;이기상
    • 대한전기학회논문지:전력기술부문A
    • /
    • 제48권4호
    • /
    • pp.444-451
    • /
    • 1999
  • A diagnostic rule-base design method for enhancing fault detection and isolation performance of multiple obsever based fault detection isolation schemes (FIDS) is presented. The diagnostic rule-base has a hierarchical framework to perform detection and isolation of faults of interest, and diagnosis of process faults. The decision unit comprises a rule base and a fuzzy inference engine and removes some difficulties of conventional decision unit which includes crisp logic with threshold values. Emphasis is placed on the design and evaluation methods of the diagnostic rult-base. The suggested scheme is applied to the FDIS design for a DC motor driven centrifugal pump system.

  • PDF

연관법칙 마이닝(Association Rule Mining)을 이용한 ANIDS (Advanced Network Based IDS) 설계 (ANIDS(Advanced Network Based Intrusion Detection System) Design Using Association Rule Mining)

  • 정은희;이병관
    • 한국정보통신학회논문지
    • /
    • 제11권12호
    • /
    • pp.2287-2297
    • /
    • 2007
  • 제안한 ANIDS(Advanced Network based IDS)는 네트워크 패킷을 수집하여 연관규칙 마이닝 기법을 이용하여 패킷의 연관성을 분석하고, 연관성이 높은 패킷을 이용해 패턴 그래프를 생성한 후, 생성된 패턴 그래프를 이용해 침입인지를 판단하는 네트워크 기반 침입 탐지 시스템이다. ANIDS는 패킷 수집 및 관리하는 PMM(Packet Management Module), 연관성 있는 패킷들만을 이용해 패턴 그래프를 생성하는 PGGM (Pattern Graph Generate Module), 침입을 탐지하는 IDM(Intrusion Detection Module)으로 구성된다. 특히, PGGM은 Apriori 알고리즘을 이용해 $Sup_{min}$보다 큰 연관규칙의 후보 패킷을 찾은 후, 연관규칙의 신뢰도를 측정하여 최소 신뢰도 $Conf_{min}$보다 큰 연관규칙의 패턴 그래프를 생성한다. ANIDS는 패킷간의 연관성을 분석하여 침입인지를 탐지 할 수 있는 패턴 그래프를 사용함으로써, 침입 탐지의 긍정적 결함 오류를 감소시킬 수 있으며, 완벽한 패턴 그래프 패턴이 생성되기 전에, 이미 침입으로 판정된 패턴 그래프 패턴과 비교하여 유사한 패턴 형태를 침입으로 간주하므로 기존의 침입 탐지 시스템에 비해 침입 탐지속도를 감소시키고 침입 탐지율을 증가시킬 수 있다.

수동 소나 쌍을 이용한 분산탐지 체계의 설계 및 성능 분석 (Design and Performance Analysis of Distributed Detection Systems with Two Passive Sonar Sensors)

  • 김송근;도주환;송승민;홍순목;김인익;오원천
    • 한국군사과학기술학회지
    • /
    • 제12권2호
    • /
    • pp.159-169
    • /
    • 2009
  • In this paper, optimum design of distributed detection is considered for a parallel sensor network system consisting of a fusion center and two passive sonar nodes. AND rule and OR rule are employed as the fusion rules of the sensor network. For the fusion rules, it is shown that a threshold rule of each sensor node has uniformly most powerful properties. Optimum threshold for each sensor is investigated that maximizes the probability of detection under the constraint of a specified probability of false alarm. It is also investigated through numerical experiments how signal strength, false alarm probability, and the distance between two sensor nodes affect the system detection performances.