• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.24 no.7B
• /
• pp.1351-1360
• /
• 1999

In frequency selective channels, conventional PN code acquisition schemes are not ideal candidates. This is because they are primarily designed for the AWGN channel. In this paper, a direct-sequence spread-spectrum(DSSS) PN code acquisition system based on digital matched filtering (DMF) with automatic threshold control(ATC) algorithm is presented and analyzed with regards to probability of detection and probability of false alarm. These two important probabilities, the probability of detection ($P_D$) and the probability of false alarm ($P_{FA}$) are derived and analyzed in considering Doppler shift, sampling rate, mean acquisition time, and PN chip rate in frequency selective Rayleigh fading channel when using serial-search method as detection technique. From computer simulation results of a DMF acquisition system model, it is shown that the performance of the acquisition system using ATC algorithm is better than that of constant threshold system.

• Genomics & Informatics
• /
• v.5 no.4
• /
• pp.143-151
• /
• 2007

To understand the mechanism of transcriptional regulation, it is essential to detect promoters and regulatory elements. Various kinds of methods have been introduced to improve the prediction accuracy of regulatory elements. Since there are few experimentally validated regulatory elements, previous studies have used criteria based solely on the level of scores over background sequences. However, selecting the detection criteria for different prediction methods is not feasible. Here, we studied the calibration of thresholds to improve regulatory element prediction. We predicted a regulatory element using MATCH, which is a powerful tool for transcription factor binding site (TFBS) detection. To increase the prediction accuracy, we used a regulatory potential (RP) score measuring the similarity of patterns in alignments to those in known regulatory regions. Next, we calibrated the thresholds to find relevant scores, increasing the true positives while decreasing possible false positives. By applying various thresholds, we compared predicted regulatory elements with validated regulatory elements from the Open Regulatory Annotation (ORegAnno) database. The predicted regulators by the selected threshold were validated through enrichment analysis of muscle-specific gene sets from the Tissue-Specific Transcripts and Genes (T-STAG) database. We found 14 known muscle-specific regulators with a less than a 5% false discovery rate (FDR) in a single TFBS analysis, as well as known transcription factor combinations in our combinatorial TFBS analysis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1197-1207
• /
• 2018

PowerShell is command line shell and scripting language, built on the .NET framework, and it has several advantages as an attack tool, including built-in support for Windows, easy code concealment and persistence, and various pen-test frameworks. Accordingly, malwares using PowerShell are increasing rapidly, however, there is a limit to cope with the conventional malware detection technique. In this paper, we propose an improved monitoring method to observe commands executed in the PowerShell and a deep learning based malware classification model that extract features from commands using Convolutional Neural Network(CNN) and send them to Recurrent Neural Network(RNN) according to the order of execution. As a result of testing the proposed model with 5-fold cross validation using 1,916 PowerShell-based malwares collected at malware sharing site and 38,148 benign scripts disclosed by an obfuscation detection study, it shows that the model effectively detects malwares with about 97% True Positive Rate(TPR) and 1% False Positive Rate(FPR).

• Journal of the Institute of Electronics and Information Engineers
• /
• v.52 no.1
• /
• pp.61-68
• /
• 2015

In recent times, the median filtering (MF) detector as a forensic tool for the recovery of forgery images' processing history has concerned broad interest. For the classification of MF image, MF detector should be designed with smaller feature set and higher detection ratio. This paper presents a novel method for the detection of MF in altered images. It is transformed from BMP to several kinds of MF image by the median window size. The difference distribution values are computed according to the window sizes and then the values construct the feature set same as the MF window size. For the MF detector, the feature set transformed to the model specification which is computed using latent growth modeling (LGM). Through experiments, the test image is classified by the discriminant into two classes: the true positive (TP) and the false negative (FN). It confirms that the proposed algorithm is to be outstanding performance when the minimum distance average is 0.119 in the confusion of TP and FN for the effectivity of classification.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.14 no.4
• /
• pp.451-456
• /
• 2004

Signature based intrusion detection system (IDS), having stored rules for detecting intrusions at the library, judges whether new inputs are intrusion or not by matching them with the new inputs. However their policy has two restrictions generally. First, when they couldn't make rules against new intrusions, false negative (FN) errors may are taken place. Second, when they made a lot of rules for maintaining diversification, the amount of resources grows larger proportional to their amount. In this paper, we propose the learning algorithm which can evolve the competent of anomaly detectors having the ability to detect anomalous attacks by genetic algorithm. The anomaly detectors are the population be composed of by following the negative selection procedure of the biological immune system. To show the effectiveness of proposed system, we apply the learning algorithm to the artificial network environment, which is a computer security system.

• Journal of the Korea Society for Simulation
• /
• v.17 no.3
• /
• pp.9-18
• /
• 2008

Unlike conventional researches, we are able to i) compare the fuzzy logic based BBA with non-fuzzy BBA for verifying the effective performance of the proposed fuzzy logic application ii) dynamically respond to the intrusion using BBA whereas the previous IDS was responding statically and iii) expect that this would be a cornerstone for more practical application researches (analyzing vulnerability and examining countermeasures, etc.) of security simulation. Several simulation tests performed on the targer network will illustrate our techniques. And this paper applies fuzzy logic to reduce the false negative that is one of the main problems of IDS. Intrusion detection is complicated decision-making process, which generally involves enormous factors about the monitored system. Fuzzy evaluation component model, which is a decision agent in the distributed IDS, can consider various factors based on fuzzy logic when an intrusion behavior is detected. The performance obtained from the coordination of intrusion detection agent with fuzzy logic is compared against the corresponding non fuzzy type intrusion detection agent. The results of these comparisons allow us to evaluate a relevant improvement on the fuzzy logic based BBA.

• KIPS Transactions on Software and Data Engineering
• /
• v.3 no.10
• /
• pp.429-440
• /
• 2014

The iris recognition is a biometrics technology to extract and code an unique iris feature from human eye image. Also, it includes the technology to compare with other's various iris stored in the system. On the other hand, eyelashes in iris image are a external factor to affect to recognition rate of iris. If eyelashes are not removed exactly from iris area, there are two false recognitions that recognize eyelashes to iris features or iris features to eyelashes. Eventually, these false recognitions bring out a lot of loss in iris informations. In this paper, in order to solve that problems, we removed eyelashes by gabor filter that using for analysis of frequency feature and improve preservation rate of iris informations. By novel method to extract various features on iris area using angle, frequency, and gaussian parameter on gabor filter that is one of the filters for analysing frequency feature for an image, we could remove accurately eyelashes with various lengths and shapes. As the result, proposed method represents that improve about 4% than previous methods using GMM or histogram analysis in iris preservation rate.

• Journal of the Institute of Convergence Signal Processing
• /
• v.12 no.4
• /
• pp.250-257
• /
• 2011

In this paper, we proposed the method detecting multiple pedestrians using motion information and SVM(Support Vector Machine) from a moving camera image. First, we detect moving pedestrians from both the difference image and the projection histogram which is compensated for the camera ego-motion using corresponding feature sets. The difference image is simple method but it is not detected motionless pedestrians. Thus, to fix up this problem, we detect motionless pedestrians using SVM The SVM works well particularly in binary classification problem such as pedestrian detection. However, it is not detected in case that the pedestrians are adjacent or they move arms and legs excessively in the image. Therefore, in this paper, we proposed the method detecting motionless and adjacent pedestrians as well as people who take excessive action in the image using motion information and SVM The experimental results on our various test video sequences demonstrated the high efficiency of our approach as it had shown an average detection ratio of 94% and False Positive of 2.8%.

• The Journal of the Korean Society for Microbiology
• /
• v.22 no.4
• /
• pp.445-451
• /
• 1987

Coagglutination method is widely used for the diagnosis of Salmonella infection. This test, however, has a disadvantage of false positive reaction due to the coagglutination of staphylococci with non-specific immune complexes or anti-staphylococci antibody in serum. Salmonell O antigen was detected by enzyme immunoassay with protein A-bearing Staphylococcus aureus as in the solid phase. Horse radish peroxidase was labeled to IgG specific against Salmonella O antigen. This enzyme immunoassay was much more sensitive than conventional coagglutination method without false poitive agglutination. To improve the sensitivity for detection of Salmonella O antigen in samples, we tried to determine the optimal concentration of normal IgG that inhibits non-specific binding of horse radish peroxidase labeled IgG to staphylococci, and to establish the optimal condition of reaction between antigen-antibody complex and staphylococci. Non-specific binding of horse radish peroxidase labeled specific IgG to staphylococci was almost blocked when the enzyme labeled IgG was 500-fold diluted with phosphate buffered saline containing 2mg/ml of normal IgG. When staphylococci coated with antibody to Salmonella O antigen were mixed with antigen-antibody complex and then incubated for 1 hour at room temperature, the minimal detectable concentration of Salmonella O antigen was 1ng/ml. The sensitivity of enzyme immunoassay was 100-fold greater than a conventional coagglutination method. This enzyme immunoassay could be expected as an improved method for detection of other infectious agents.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.9
• /
• pp.4467-4486
• /
• 2018

Trying to deal with the problem of low robustness of Copy-Move Forgery Detection (CMFD) under various transformation and degradation attacks, a novel CMFD method is proposed in this paper. The main advantages of proposed work include: (1) Discrete Analytical Fourier-Mellin Transform (DAFMT) and Locality Sensitive Hashing (LSH) are combined to extract the block features and detect the potential copy-move pairs; (2) The Euclidian distance is incorporated in the pixel variance to filter out the false potential copy-move pairs in the post-verification step. In addition to extracting the effective features of an image block, the DAMFT has the properties of rotation and scale invariance. Unlike the traditional lexicographic sorting method, LSH is robust to the degradations of Gaussian noise and JEPG compression. Because most of the false copy-move pairs locate closely to each other in the spatial domain or are in the homogeneous regions, the Euclidian distance and pixel variance are employed in the post-verification step. After evaluating the proposed method by the precision-recall-$F_1$ model quantitatively based on the Image Manipulation Dataset (IMD) and Copy-Move Hard Dataset (CMHD), our method outperforms Emam et al.'s and Li et al.'s works in the recall and $F_1$ aspects.