• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.7
• /
• pp.3076-3092
• /
• 2020

An IKPCA-ELM-based intrusion detection method is developed to address the problem of the low accuracy and slow speed of intrusion detection caused by redundancies and high dimensions of data in the network. First, in order to reduce the effects of uneven sample distribution and sample attribute differences on the extraction of KPCA features, the sample attribute mean and mean square error are introduced into the Gaussian radial basis function and polynomial kernel function respectively, and the two improved kernel functions are combined to construct a hybrid kernel function. Second, an improved particle swarm optimization (IPSO) algorithm is proposed to determine the optimal hybrid kernel function for improved kernel principal component analysis (IKPCA). Finally, IKPCA is conducted to complete feature extraction, and an extreme learning machine (ELM) is applied to classify common attack type detection. The experimental results demonstrate the effectiveness of the constructed hybrid kernel function. Compared with other intrusion detection methods, IKPCA-ELM not only ensures high accuracy rates, but also reduces the detection time and false alarm rate, especially reducing the false alarm rate of small sample attacks.

• Journal of KIISE:Information Networking
• /
• v.29 no.6
• /
• pp.674-684
• /
• 2002

Anomaly detection techniques have teen devised to address the limitations of misuse detection approach for intrusion detection. An HMM is a useful tool to model sequence information whose generation mechanism is not observable and is an optimal modeling technique to minimize false-positive error and to maximize detection rate, However, HMM has the short-coming of login training time. This paper proposes an effective HMM-based IDS that improves the modeling time and performance by only considering the events of privilege flows based on the domain knowledge of attacks. Experimental results show that training with the proposed method is significantly faster than the conventional method trained with all data, as well as no loss of recognition performance.

• Journal of KIISE:Software and Applications
• /
• v.37 no.5
• /
• pp.394-402
• /
• 2010

JavaScript is one of the most popular languages to develope web sites and web applications. Since applicationss written in JavaScript are sent to clients as the original source code, they are easily exposed to plagiarists. Therefore, a method to detect plagiarized JavaScript programs is necessary. The conventional program dependency graph(PDG) based approaches are not suitable to analyze JavaScript programs because they do not reflect dynamic features of JavaScript. They also generate false positives in some cases and show inefficiency with large scale search space. We devise a JavaScript specific PDG(JS PDG) that captures dynamic features of JavaScript and propose a JavaScript plagiarism detection method for precise and fast detection. We evaluate the proposed plagiarism detection method with experiment. Our experiments show that our approach can detect false-positives generated by conventional PDG and can prune the plagiarism search space.

• Journal of Institute of Control, Robotics and Systems
• /
• v.22 no.4
• /
• pp.276-280
• /
• 2016

Due to the increasing interest in safety and consistent product quality over a past few decades, demand for effective quality monitoring and safe operation in the modern industry has propelled research into statistical based fault detection and diagnosis methods. This paper describes the application of Hotelling $T^2$ index based Principal Component Analysis (PCA) method for fault detection and diagnosis in industrial processes. Multivariate statistical process control techniques are now widely used for performance monitoring and fault detection. Conventional methods such as PCA are suitable only for steady state processes. These conventional projection methods causes false alarms or missing data for the systems with transient values of processes. These issues significantly compromise the reliability of the monitoring systems. In this paper, a reliable method is used to overcome false alarms occur due to varying process conditions and missing data problems in transient states. This monitoring method is implemented and validated experimentally along with matlab. Experimental results proved the credibility of this fault detection method for both the steady state and transient operations.

• Journal of Korean Society of Transportation
• /
• v.22 no.6
• /
• pp.175-196
• /
• 2004

This study focuses on improving the performance of freeway incident detection by introducing some new measures to reduce false alarms in developing a new incident detection model. The model consists of the 5 major components through which a series of decision makings in determining the given traffic flow condition are made. The decision making process was designed such that the causes of traffic congestions can be accurately classified into several types including incidents and bottlenecks according to their unique characteristics. The model performance was tested and found to be compatible with that of the existing well-recognized models in terms of the detection rate and detection time. It should noted that the model produced much less false alarms than most of the existing models. The study results prove that the initial objective of the study was satisfied as it was an experimental trial to improve the false alarm rate for the incident detection model to be more pactically usable for traffic management purposes.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.8
• /
• pp.577-581
• /
• 2009

Recently, various new services based on ubiquitous computing and networking have been developed. In this paper, we contrive Adaptive PIR(Pyroelectric Infrared Radiation) Detection Algorithm (APIDA), a PIR-sensor based digital signal processing algorithm, that detects the movement of an invading object by the recognition of heat change in the detection area, since the object like person or car emits heat(i.e., infrared radition), We devised APIDA as a highly reliable signal processing algorithm that increases the successful detection rate and decreases the false alarm rate in the intruding object detection. According to performance evaluation experiment, APIDA shows the successful detection rate of 90% and low false alarm in the plain area.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.30 no.1
• /
• pp.79-87
• /
• 2019

Radar detection range is decreased with an increase in the noise levels and detection thresholds in adaptive CFAR of a radar signal processor to the weather clutter reflection signal in the rain. When a high-velocity plot is generated in weather clutter, what are detected are not targets but false plots. Detection opportunity is reduced by radar time resource consumption from additional confirmations regarding the false plots. In this paper, the received signals are saved using a radar-received signal storage device. Based on the analysis of the received signals from weather clutter, the influence of the rainfall reflection has been mitigated by front-end attenuation of the signal processor. The improvement in the detection performance is verified through received signal and simulation results.

• The Journal of the Acoustical Society of Korea
• /
• v.21 no.7
• /
• pp.632-640
• /
• 2002

In this paper, we proposed ACM (Anti-filler confidence measure) to compensate shortcoming of conventional RLJ-CM (RLJ-CM) and NCM (normalized CM), and integrated proposed ACM and conventional NCM using HCM (hybrid CM). Proposed ACM analyzes that FA (false acceptance) happens by the construction method of anti-phone model, and presumed phoneme sequence in actuality using phoneme recognizer to compensate this. We defined this as anti-phone model and used in confidence measure calculation. Analyzing feature of two confidences measure, conventional NCM shows good performance to FR (false rejection) and proposed ACM shows good performance in FA. This shows that feature of each other are complementary. Use these feature, we integrated two confidence measures using weighting vector α And defined this as HCM. In MDR (missed detection rate) 10% neighborhood, HCM is 0.219 FA/KW/HR (false alarm/keyword/hour). This is that Performance improves 22% than used conventional NCM individually.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.323-343
• /
• 2020

With the rapid development of computer and communication techniques, copyright protection of vector geographic data has attracted considerable research attention because of the high cost of such data. A novel adaptive watermark detection algorithm is proposed for vector geographic data that can be used to qualitatively analyze the robustness of watermarks against data addition attacks. First, a watermark was embedded into the vertex coordinates based on coordinate mapping and quantization. Second, the adaptive watermark detection model, which is capable of calculating the detection threshold, false positive error (FPE) and false negative error (FNE), was established, and the characteristics of the adaptive watermark detection algorithm were analyzed. Finally, experiments were conducted on several real-world vector maps to show the usability and robustness of the proposed algorithm.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.507-516
• /
• 2001

In this paper, we implement sequence-based anomaly detection sensor using SOM and HMM, and analyze what is important information in system call and how a threshold is decided. The new filtering and reduction rules of SOM reduces the input size of HMM. This gives real-time processing to HMM-based anomaly detection sensor. Also, we introduced an anomaly count into the sensor. Due to lessened sensibility, a user easily understand easily the detection information and false-positive was decreased. And the active coordination of the threshold value makes the detection sensor adapt according to the system condition.