• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.46 no.4
• /
• pp.139-147
• /
• 2009

In this paper, optimum design of energy-aware distributed detection is considered for a parallel sensor network system consisting of a fusion center and two passive sonar nodes. AND rule and OR rule are employed as the fusion rules of the sensor network. For the fusion rules, it is shown that a threshold rule of each sensor node has uniformly most powerful properties. Optimum threshold for each sensor is investigated that maximizes the probability of detection under a constraint on energy consumption due to false alarms. It is also investigated through numerical experiments how signal strength, an energy constraint, and the distance between two sensor nodes affect the system detection performances.

• The KIPS Transactions:PartB
• /
• v.18B no.4
• /
• pp.213-220
• /
• 2011

This paper proposes an effective, four-stage smoke detection method based on video that provides emergency response in the event of unexpected hazards in early fire-alarming systems. In the first phase, an approximate median method is used to segment moving regions in the present frame of video. In the second phase, a color segmentation of smoke is performed to select candidate smoke regions from these moving regions. In the third phase, a feature extraction algorithm is used to extract five feature parameters of smoke by analyzing characteristics of the candidate smoke regions such as area randomness and motion of smoke. In the fourth phase, extracted five parameters of smoke are used as an input for a K-nearest neighbor (KNN) algorithm to identify whether the candidate smoke regions are smoke or non-smoke. Experimental results indicate that the proposed four-stage smoke detection method outperforms other algorithms in terms of smoke detection, providing a low false alarm rate and high reliability in open and large spaces.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.12
• /
• pp.71-82
• /
• 2012

In this paper, we propose a license plate detection method with improved Adaboost learning and MCT (Modified Census Transform). The MCT represents the local structure patterns as integer numbered feature values which has robustness to illumination change and memory efficiency. However, since these integer values are discrete, a lookup table is needed to design a weak classifier for Adaboost learning. Some previous research efforts have focused on minimization of exponential criterion for Adaboost optimization. In this paper, a method that uses MCT and improved Adaboost learning based on Newton's optimization to exponential criterion is proposed for license plate detection. Experimental results on license patch images and field images demonstrate that the proposed method yields higher performance of detection rates with low false positives than the conventional method using the original Adaboost learning.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.12
• /
• pp.179-185
• /
• 2012

This paper proposes a design of RSIDS(RST and SVM based Intrusion Detection System) using RST(Rough Set Theory) and SVM(Support Vector Machine) algorithm. The RSIDS consists of PrePro(PreProcessing) module, RRG(RST based Rule Generation) module, and SAD(SVM based Attack Detection) module. The PrePro module changes the collected information to the data format of RSIDS. The RRG module analyzes attack data, generates the rules of attacks, extracts attack information from the massive data by using these rules, and transfers the extracted attack information to the SAD module. The SAD module detects the attacks by using it, which the SAD module notifies to a manager. Therefore, compared to the existing SVM, the RSIDS improved average ADR(Attack Detection Ratio) from 77.71% to 85.28%, and reduced average FPR(False Positive ratio) from 13.25% to 9.87%. Thus, the RSIDS is estimated to have been improved, compared to the existing SVM.

• Journal of the Korea Convergence Society
• /
• v.8 no.4
• /
• pp.19-24
• /
• 2017

The growing number of electronic financial transactions (e-banking) has entailed the rapid increase in security threats such as extortion and falsification of financial transaction data. Against such background, rigid security and countermeasures to hedge against such problems have risen as urgent tasks. Thus, this study aims to implement an improved case model by applying the Fraud Detection System (hereinafter, FDS) in a financial corporation 'A' using big data technique (e.g. the function to collect/store various types of typical/atypical financial transaction event data in real time regarding the external intrusion, outflow of internal data, and fraud financial transactions). As a result, There was reduction effect in terms of previous scenario detection target by minimizing false alarm via advanced scenario analysis. And further suggest the future direction of the enhanced FDS.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.30 no.5
• /
• pp.407-417
• /
• 2019

When a free-falling ballistic missile intercepts a maritime target in a sea clutter environment at high grazing angle, detection performance of the ballistic missile's seeker can be rapidly degraded by the effect of sea clutter. To solve this problem, it is necessary to verify the performance of maritime target detection via simulations based on various scenarios. We accomplish this by applying a two-dimensional cell -averaging constant false alarm rate detector to a two-dimensional radar image, which is generated by merging a sea clutter signal at high grazing angle with a maritime target signal corresponding to the signal-to-clutter ratio. Simulation results using a computer-aided design model and commercial numerical electromagnetic solver in various scenarios show that the performance of maritime target detection significantly depends on the grazing and azimuth angles.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.11
• /
• pp.5568-5587
• /
• 2018

This research uses artificial intelligence methods for computer network intrusion detection system modeling. Primary classification is done using self-organized maps (SOM) in two levels, while the secondary classification of ambiguous data is done using Sugeno type Fuzzy Inference System (FIS). FIS is created by using Adaptive Neuro-Fuzzy Inference System (ANFIS). The main challenge for this system was to successfully detect attacks that are either unknown or that are represented by very small percentage of samples in training dataset. Improved algorithm for SOMs in second layer and for the FIS creation is developed for this purpose. Number of clusters in the second SOM layer is optimized by using our improved algorithm to minimize amount of ambiguous data forwarded to FIS. FIS is created using ANFIS that was built on ambiguous training dataset clustered by another SOM (which size is determined dynamically). Proposed hybrid model is created and tested using NSL KDD dataset. For our research, NSL KDD is especially interesting in terms of class distribution (overlapping). Objectives of this research were: to successfully detect intrusions represented in data with small percentage of the total traffic during early detection stages, to successfully deal with overlapping data (separate ambiguous data), to maximize detection rate (DR) and minimize false alarm rate (FAR). Proposed hybrid model with test data achieved acceptable DR value 0.8883 and FAR value 0.2415. The objectives were successfully achieved as it is presented (compared with the similar researches on NSL KDD dataset). Proposed model can be used not only in further research related to this domain, but also in other research areas.

• Journal of Broadcast Engineering
• /
• v.26 no.1
• /
• pp.14-25
• /
• 2021

Change detection, which finds changes in remote sensing images of the same location captured at different times, is very important because it is used in various applications. However, registration errors, building displacement errors, and shadow errors cause false positives. To solve these problems, we propose a novle deep convolutional network called CADNet (Change Attention Dense Siamese Network). CADNet uses FPN (Feature Pyramid Network) to detect multi-scale changes, applies a Change Attention Module that attends to the changes, and uses DenseNet as a feature extractor to use feature maps that contain both low-level and high-level features for change detection. CADNet performance measured from the Precision, Recall, F1 side is 98.44%, 98.47%, 98.46% for WHU datasets and 90.72%, 91.89%, 91.30% for LEVIR-CD datasets. The results of this experiment show that CADNet can offer better performance than any other traditional change detection method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.501-511
• /
• 2022

In 2021, ransomware attacks became popular, and the number is rapidly increasing every year. Since PowerShell is used as the primary ransomware technique, the need for PowerShell-based malware detection is ever increasing. However, the existing detection techniques have limits in that they cannot detect obfuscated scripts or require a long processing time for deobfuscation. This paper proposes a simple and fast deobfuscation method and a deep learning-based classification model that can detect PowerShell-based malware. Our technique is composed of Word2Vec and a convolutional neural network to learn the meaning of a script extracting important features. We tested the proposed model using 1400 malicious codes and 8600 normal scripts provided by the AI-based PowerShell malicious script detection track of the 2021 Cybersecurity AI/Big Data Utilization Contest. Our method achieved 5.04 times faster deobfuscation than the existing methods with a perfect success rate and high detection performance with FPR of 0.01 and TPR of 0.965.

• The Journal of Society for e-Business Studies
• /
• v.27 no.1
• /
• pp.1-13
• /
• 2022

With the development of network technologies, the security to protect organizational resources from internal and external intrusions and threats becomes more important. Therefore in recent years, the anomaly detection algorithm that detects and prevents security threats with respect to various security log events has been actively studied. Security anomaly detection algorithms that have been developed based on rule-based or statistical learning in the past are gradually evolving into modeling based on machine learning and deep learning. In this study, we propose a deep-autoencoder model that transforms LSTM-autoencoder as an optimal algorithm to detect insider threats in advance using various machine learning analysis methodologies. This study has academic significance in that it improved the possibility of adaptive security through the development of an anomaly detection algorithm based on unsupervised learning, and reduced the false positive rate compared to the existing algorithm through supervised true positive labeling.