• The KIPS Transactions:PartC
• /
• v.12C no.6 s.102
• /
• pp.847-854
• /
• 2005

Since the propagation speed of the Internet worms is quite fast, worm detection in early propagation stage is very important for reducing the damage. Virus throttling technique, one of many early worm detection techniques, detects the Internet worm propagation by limiting the connection requests within a certain ratio.[6, 7] The typical throttling technique increases the possibility of false detection by treating destination IP addresses independently in their delay queue managements. In addition, it uses a simple decision strategy that determines a worn intrusion if the delay queue is overflown. This paper proposes a two dimensional delay queue management technique in which the sessions with the same destination IP are linked and thus a IP is not stored more than once. The virus throttling technique with the proposed delay queue management can reduce the possibility of false worm detection, compared with the typical throttling since the proposed technique never counts the number of a IP more than once when it chicks the length of delay queue. Moreover, this paper proposes a worm detection algorithm based on weighted average queue length for reducing worm detection time and the number of worm packets, without increasing the length of delay queue. Through deep experiments, it is verified that the proposed technique taking account of the length of past delay queue as well as current delay queue forecasts the worn propagation earlier than the typical iuぉ throttling techniques do.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.4
• /
• pp.1-8
• /
• 2008

The USN is important in technique, unmanned observation using wireless network camera, detection technique that use intrusion detection sensor. But these encrypted data transmission and processing technique through sensor network, method of the staff's location recognition and arrangement aren't serviced still as a integrated system in facility security industry. This paper proposed that improve facility management, the staff present recognition and system efficiency using RFID, USN and wireless camera.

• 제어로봇시스템학회:학술대회논문집
• /
• 1991.10a
• /
• pp.114-119
• /
• 1991

An input estimation technique for tracking filter(CHP algorithm) suggested by Y.T. Chan et. al. has bad performance for low maneuvering targets. In this paper, two maneuver detection algorithms are applied to Singer's target model. First, an CHP input estimation technique is applied to 9 state target model. Second, we construct a maneuver detection and correction technique using pseudo acceleration measurements, which are derived directly from measurements. These two filters have good performance for even the low maneuvering targets.

• Proceedings of the Korea Concrete Institute Conference
• /
• 2000.10b
• /
• pp.1303-1308
• /
• 2000

Detection of square shape voids with size 30$\times$20$\times$5cm and 20$\times$20$\times$20cm in concrete were carried out by ultrasonic image processing technique. The advantages and limitations of this technique for non-destructive inspection of square shape voids in concrete are investigated. In this study, it has been verified that the semi-direct measurement method is more effective than the other methods for detecting the voids in concrete using ultrasonic image processing method.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.11 no.8
• /
• pp.1437-1443
• /
• 2000

This paper considers a channel estimation technique in a wireless local area network (WLAN) system with complementary code keying (CCK) signaling over multipath fading channels. This scheme uses the maximum correlator output of RAKE receiver for the extraction of the channel parameters. The performance of the proposed detection technique is compared with that of a noncoherent detection technique, and a significant improvement of performance is observed in terms of the bit error probability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.775-784
• /
• 2019

Malware infringement attacks are continuously increasing in various environments such as mobile, IOT, windows and mac due to the emergence of new and variant malware, and signature-based countermeasures have limitations in detection of malware. In addition, analytical performance is deteriorating due to obfuscation, packing, and anti-VM technique. In this paper, we propose a system that can detect malware based on machine learning by using similarity hashing-based pattern detection technique and static analysis after file classification according to packing. This enables more efficient detection because it utilizes both pattern-based detection, which is well-known malware detection, and machine learning-based detection technology, which is advantageous for detecting new and variant malware. The results of this study were obtained by detecting accuracy of 95.79% or more for benign sample files and malware sample files provided by the AI-based malware detection track of the Information Security R&D Data Challenge 2018 competition. In the future, it is expected that it will be possible to build a system that improves detection performance by applying a feature vector and a detection method to the characteristics of a packed file.

• Journal of Positioning, Navigation, and Timing
• /
• v.10 no.3
• /
• pp.169-177
• /
• 2021

In this paper, we propose a novel global navigation satellite system (GNSS) spoofing detection technique through an array antenna-based direction of arrival (DoA) estimation of satellite and spoofer. Specifically, we consider a sophisticated GNSS spoofing attack scenario where the spoofer can accurately mimic the multiple pseudo-random number (PRN) signals since the spoofer has its own GNSS receiver and knows the location of the target receiver in advance. The target GNSS receiver precisely estimates the DoA of all PRN signals using compressed sensing-based orthogonal matching pursuit (OMP) even with a small number of samples, and it performs spoofing detection from the DoA estimation results of all PRN signals. In addition, considering the initial situation of a sophisticated spoofing attack scenario, we designed the algorithm to have high spoofing detection performance regardless of the relative spoofing signal power. Therefore, we do not consider the assumption in which the power of the spoofing signal is about 3 dB greater than that of the authentic signal. Then, we introduce design parameters to get high true detection probability and low false alarm probability in tandem by considering the condition for the presence of signal sources and the proximity of the DoA between authentic signals. Through computer simulations, we compare the DoA estimation performance between the conventional signal direction estimation method and the OMP algorithm in few samples. Finally, we show in the sophisticated spoofing attack scenario that the proposed spoofing detection technique using OMP-based estimated DoA of all PRN signals outperforms the conventional spoofing detection scheme in terms of true detection and false alarm probability.

• Journal of Electrical Engineering and Technology
• /
• v.10 no.4
• /
• pp.1540-1551
• /
• 2015

The detection of position and speed in BLDC motors without using position sensors has meant many efforts for the last decades. The aim of this paper is to develop a sensorless technique for detecting the position and speed of BLDC motors, and to overcome the drawbacks of position sensor-based methods by improving the performance of traditional approaches oriented to motor phase voltage sensing. The position and speed information is obtained by computing the derivative of the terminal phase voltages regarding to a virtual neutral point. For starting-up the motor and implementing the algorithms of the detection technique, a FPGA board with a real-time processor is used. Also, a versatile hardware has been developed for driving BLDC motors through pulse width modulation (PWM) signals. Delta and wye winding motors have been considered for evaluating the performance of the designed hardware and software, and tests with and without load are performed. Experimental results for validating the detection technique were attained in the range 5-1500 rpm and 5-150 rpm under no-load and full-load conditions, respectively. Specifically, speed and position square errors lower than 3 rpm and between 10º-30º were obtained without load. In addition, the speed and position errors after full-load tests were around 1 rpm and between 10º-15º, respectively. These results provide the evidence that the developed technique allows to detect the position and speed of BLDC motors with low accuracy errors at starting-up and over a wide speed range, and reduce the influence of noise in position sensing, which suggest that it can be satisfactorily used as a reliable alternative to position sensors in precision applications.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 1999.05a
• /
• pp.203-207
• /
• 1999

In this paper we propose the automated generation algorithm of penetration scenario using association mining technique. Until now known intrusion detections are classified into anomaly detection and misuse detection. The former uses statistical method, features selection, neural network method in order to decide intrusion, the latter uses conditional probability, expert system, state transition analysis, pattern matching for deciding intrusion. In proposed many intrusion detection algorithms unknown penetrations are created and updated by security experts. Our algorithm automatically generates penetration scenarios applying association mining technique to state transition technique. Association mining technique discovers efficient and useful unknown information in existing data. In this paper the algorithm we propose can automatically generate penetration scenarios to have been produced by security experts and is easy to cope with intrusions when it is compared to existing intrusion algorithms. Also It has advantage that maintenance cost is not high.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.7 no.1
• /
• pp.61-70
• /
• 1996

M-ary differential phase shift keying(DPSK)is a bandwidth efficient digital modulation technique and recently has attracted increased attention in mobile satellite communication application where the available radio bandwidth is limited. Coherent detection offers good BER performance in AWGN channel. However, it requires long acquisition times in fading environment. In this paper, we analyze the BER performance of M-ary DPSK signal using the Multiple Differ- ential Feedback Detection(MDFD) technique in Rician fading and shadowed Rician fading channel. MDFD is an efficient scheme to decrease the performance gap between differential and coherent reception by increasing the complexity of the conventional differential receiver to some extent. Compared to the multiple symbol maximum likelihood detection technique, the multiple differential feedback detection technique has a much simpler structure for hardware implementation. Espe- cially, this technique has application to land mobile satellite channel which can vary in time and space between AWGN and rapidly fading channel.