• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.373-385
• /
• 2021

To provide convenience and safety of drivers, the recent vehicles are being equipped with a number of electronic control units (ECUs). Multiple ECUs construct a network inside a vehicle to share information related to the vehicle's status; in addition, the CAN protocol is normally applied. As the modern vehicles provide highly convenient and safe services, it provides many types of attack surfaces; as a result, it makes them vulnerable to cyber attacks. The automotive IDS (Intrusion Detection System) is one of the promising techniques for securing vehicles. However, the existing methods for automotive IDS are able to analyze only periodic messages. If someone attacks on non-periodic messages, the existing methods are not able to properly detect the intrusion. In this paper, we present a method to detect intrusions including an attack using non-periodic messages. Moreover, we evaluate our method on the real vehicles, where we show that our method has 0% of FPR and 0% of FNR under our attack model.

• KNOM Review
• /
• v.22 no.1
• /
• pp.11-19
• /
• 2019

As technology develops, the latest security threats on the network applied to users are increasing. By attacking industrial or corporate systems with malicious purposes, hackers cause many social problems such as confidential information leakage, cyber terrorism, infringement of information assets, and financial damage. Due to the complex and diversified threats, the current security personnel alone are not enough to detect and analyze all threats. In particular, the Supervisory Control And Data Acquisition (SCADA) used in industrial infrastructures that collect, analyze, and return static data 24 hours a day, 265 days a year, is very vulnerable to real-time security threats. This paper introduces security information and event management (SIEM), a powerful integrated security management system that can monitor the state of the system in real time and detect security threats. Next, we compare SIEM solutions from various companies with the open source SIEM (OSSIM) from AlienVault, which is distributed as an open source, and present cases using the OSSIM and how to utilize it.

• KIPS Transactions on Software and Data Engineering
• /
• v.3 no.9
• /
• pp.341-348
• /
• 2014

The advance in web accessibility with dissemination of smart phones gives rise to rapid increment of users on social network platforms. Many research projects are in progress to detect events using Twitter because it has a powerful influence on the dissemination of information with its open networks, and it is the representative service which generates more than 500 million Tweets a day in average; however, existing studies to detect events has been used TFIDF algorithm without any consideration of the various conditions of tweets. In addition, some of them detected predefined events. In this paper, we propose the RTFIDF VT algorithm which is a modified algorithm of TFIDF by reflecting features of Twitter. We also verified the optimal section of TF and DF for detecting events through the experiment. Finally, we suggest a system that extracts result-sets of places and related keywords at the given specific time using the RTFIDF VT algorithm and validated section of TF and DF.

• Journal of the Korean Society of Radiology
• /
• v.16 no.2
• /
• pp.151-156
• /
• 2022

A detector using a small number of photosensors was designed, and the position of a scintillation pixel that interacted with gamma rays through a maximum likelihood position estimation(MLPE) was measured as a digital position. For this purpose, simulation was performed using DETECT2000, which can simulate the movement of light within the scintillator, and the accuracy of position measurement was evaluated. A detector was configured using a 6 × 6 scintillation pixel array and 4 photosensors, and a gamma ray event was generated at the center of each scintillation pixel to create a look-up table through the ratio of acquired light. The gamma-ray event generated at the new position was applied as the input value of the MLPE, and the positiion of the scintillation pixel was converted into a digital positiion after comparison with the look-up table. All scintillation pixels were evaluated, and as a result, a high accuracy of 99.1% was obtained. When this method is applied to the currently usesd system, it is concidered that the process of determining the position of the scintillation pixel will be simplified.

• Journal of Intelligence and Information Systems
• /
• v.24 no.1
• /
• pp.183-203
• /
• 2018

News articles are the most suitable medium for examining the events occurring at home and abroad. Especially, as the development of information and communication technology has brought various kinds of online news media, the news about the events occurring in society has increased greatly. So automatically summarizing key events from massive amounts of news data will help users to look at many of the events at a glance. In addition, if we build and provide an event network based on the relevance of events, it will be able to greatly help the reader in understanding the current events. In this study, we propose a method for extracting event networks from large news text data. To this end, we first collected Korean political and social articles from March 2016 to March 2017, and integrated the synonyms by leaving only meaningful words through preprocessing using NPMI and Word2Vec. Latent Dirichlet allocation (LDA) topic modeling was used to calculate the subject distribution by date and to find the peak of the subject distribution and to detect the event. A total of 32 topics were extracted from the topic modeling, and the point of occurrence of the event was deduced by looking at the point at which each subject distribution surged. As a result, a total of 85 events were detected, but the final 16 events were filtered and presented using the Gaussian smoothing technique. We also calculated the relevance score between events detected to construct the event network. Using the cosine coefficient between the co-occurred events, we calculated the relevance between the events and connected the events to construct the event network. Finally, we set up the event network by setting each event to each vertex and the relevance score between events to the vertices connecting the vertices. The event network constructed in our methods helped us to sort out major events in the political and social fields in Korea that occurred in the last one year in chronological order and at the same time identify which events are related to certain events. Our approach differs from existing event detection methods in that LDA topic modeling makes it possible to easily analyze large amounts of data and to identify the relevance of events that were difficult to detect in existing event detection. We applied various text mining techniques and Word2vec technique in the text preprocessing to improve the accuracy of the extraction of proper nouns and synthetic nouns, which have been difficult in analyzing existing Korean texts, can be found. In this study, the detection and network configuration techniques of the event have the following advantages in practical application. First, LDA topic modeling, which is unsupervised learning, can easily analyze subject and topic words and distribution from huge amount of data. Also, by using the date information of the collected news articles, it is possible to express the distribution by topic in a time series. Second, we can find out the connection of events in the form of present and summarized form by calculating relevance score and constructing event network by using simultaneous occurrence of topics that are difficult to grasp in existing event detection. It can be seen from the fact that the inter-event relevance-based event network proposed in this study was actually constructed in order of occurrence time. It is also possible to identify what happened as a starting point for a series of events through the event network. The limitation of this study is that the characteristics of LDA topic modeling have different results according to the initial parameters and the number of subjects, and the subject and event name of the analysis result should be given by the subjective judgment of the researcher. Also, since each topic is assumed to be exclusive and independent, it does not take into account the relevance between themes. Subsequent studies need to calculate the relevance between events that are not covered in this study or those that belong to the same subject.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.8 no.6
• /
• pp.347-357
• /
• 2013

Cyber-Physical system(CPS) is characterized by collaborating computational elements controlling physical entities. In CPS, human desire to acquire useful information and control devices anytime and anywhere automatically has increased the necessity of a high reliable system. However, the physical world where CPS is deployed has management complexity and maintenance cost of 'CPS', so that it is impossible to make reliable systems. Thus, this paper presents an 'Autonomic Control System towards High-reliable Cyber-Physical Systems' that comprise 8-steps including 'fault analysis', 'fault event analysis', 'fault modeling', 'fault state interpretation', 'fault strategy decision', 'fault detection', 'diagnosis&reasoning' and 'maneuver execution'. Through these activities, we fascinate to design and implement 'Autonomic control system' than before. As a proof of the approach, we used a ISR(Intelligent Service Robot) for case study. The experimental results show that it achieves to detect a fault event for autonomic control of 'CPS'.

• Journal of Korea Multimedia Society
• /
• v.18 no.11
• /
• pp.1313-1318
• /
• 2015

Current touch pen requires the special equipments to detect a touch and its price increases in proportion to the screen size. In this paper, we propose a method for detecting a touch and implementing a pen using the depth information. The proposed method obtains a background depth image using a depth camera and extracts an object by comparing a captured depth image with the background depth image. Also, we determine a touch if the depth value of the object is the same as the background and then provide the pen event. Using this method, we can implement a cheaper and more convenient touch pen.

• Journal of Energy Engineering
• /
• v.26 no.4
• /
• pp.23-28
• /
• 2017

Hazard evaluation and FTA are performed as the first and the second step of QRA for a LNG storage tank. Hazards are identified using HAZOP. Each segment of the system is examined, and we list all possible deviations from normal operating conditions and how they might occur. The consequences on the process are assessed, and the means available to detect and correct the deviations are reviewed. The FTA is carried out to analyse the hazards identified from the HAZOP study. A top event is selected to be release of LNG. Then all combinations of individual failures that can lead to the hazardous event are shown in the logical format of the fault tree system.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.61 no.8
• /
• pp.1179-1185
• /
• 2012

This paper presents a new approach for the detection of seismic events using accumulated changes on time-frequency domain and variable threshold. To detect seismic P-wave arrivals with rapidness and accuracy, it is that the changes on the time and the frequency domains are simultaneously used. Their changes are parameters appropriated to reflect characteristics of earthquakes over moderate magnitude(${\geq}$ magnitude 4.0) and microearthquakes. In addition, adaptively controlled threshold values can prevent false P-wave detections due to low SNR. We tested our method on real earthquakes those have various magnitudes. The proposed algorithm gives a good detection performance and it is also comparable to STA/LTA algorithm in computational complexity. Computer simulation results shows that the proposed algorithm is superior to the conventional popular algorithm (STA/LTA) in the seismic P-wave detection.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.141-145
• /
• 2008

Wireless sensor network (WSN) is expected to be used in many applications. However, sensor nodes still have some secure problems to use them in the real applications. They are typically deployed on open, wide, and unattended environments. An adversary using these features can easily compromise the deployed sensor nodes and use compromised sensor nodes to inject fabricated data to the sensor network (false data injection attack). The injected fabricated data drains much energy of them and causes a false alarm. To detect and drop the injected fabricated data, a filtering-based security method and adaptive methods are proposed. The number of different partitions is important to make event report since they can make a correctness event report if the representative node does not receive message authentication codes made by the different partition keys. The proposed methods cannot guarantee the detection power since they do not consider the filtering scheme. We proposed clustering method for filtering-based secure methods. Our proposed method uses fuzzy system to enhance the detection power of a cluster.