• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 한국방송∙미디어공학회 2016년도 추계학술대회
• /
• pp.82-84
• /
• 2016

We propose a new reliable SVD-based watermarking scheme having high fidelity and strong robustness with no false-positive problem. Each column of the principal component of a watermark image is embedded into singular values of LL, LH, HL and HH sub-bands of cover image with different scale factors. Each scale factor is optimized by trading-off fidelity and robustness using Differential Evolution (DE) algorithm. The proposed scheme improves fidelity and robustness of existing reliable SVD based watermarking schemes without any false-positive problem. Index Terms - watermarking, reliable SVD, DWT, principal component, Differential Evolution.

• The Korean Journal of Cytopathology
• /
• 제2권1호
• /
• pp.8-19
• /
• 1991

A statistical analysis of the diagnostic value for 244 aspiration biopsy cytology(ABC) among a total 1,043 cases from various sites was performed. ABC, using diagnostic terminology similar to that of a surgical pathology reports, was compared to the final tissue diagnosis. For the entire series, a sensitivity of 91.8%, a specificity of 99.3%, a positive predictive value of 98.9%, a negative predictive value of 94,8%, and an efficacy of the test of 96.3% were shown. There were 8 false negative and 1 false positive diagnosis. The diagnostic accuracy was 89.8%. Those results indicate that the ABC is a considerably highly accurate procedure that should be routinely employed.

• Proceedings of the Korean Information Science Society Conference
• /
• 한국정보과학회 2004년도 가을 학술발표논문집 Vol.31 No.2 (1)
• /
• pp.481-483
• /
• 2004

NIDS(Network Intrusion Detection System)는 공격 탐지 과정에서 대량의 로그가 발생하게 되는데 일반적인 침입탐지 시스템에서 탐지되어 하루에 남는 로그만으로도 시스템에 막대한 양을 차지한다 이러한 문제점은 관리자에게 많은 부담을 줄뿐만 아니라 그렇게 남겨진 로그에는 오탐율(False Positive) 비율이 높기 때문에 관리자가 실제로 위협적인 침입을 식별하고, 침입 행위에 대한 빠른 대응을 어렵게 만든다. 그러므로 NIDS와 특정 호스트가 가지고 있는 보안상 취약한 부분을 비교하여 판단할 수 있는 침입탐지시스템을 선택, 운용하는 것은 관리측면이나 대응측면에서 매우 중요한 일이라고 할 수 있다. 본 논문에서는 NIDS와 해당 호스트 취약점 정보를 이용해 작성된 데이터베이스(HVIDB : Host Vulnerability Information Database)를 이용하여 호스트의 취약성에 관한 로그만을 최종 경고해줌으로써 오탐율의 양을 감소시키고 호스트 보안성의 향상과 관리자가 로그분석 등의 IDS 업무를 효과적으로 할 수 있는 모델을 제시한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 한국정보처리학회 2002년도 춘계학술발표논문집 (하)
• /
• pp.927-930
• /
• 2002

본 논문에서는 중요 프로세스(privileged process)의 시스템 호출 순서(system call sequence)를 이용한 침입탐지 시스템을 제안한다. 기존 연구의 정상행위 기반 침입탐지 시스템은 정상행위를 모델링하여 시스템을 구성하고, 이와 비교를 통해 프로세스의 이상(anomaly) 여부를 결정한다. 이러한 방법은 모델링되지 않은 미지의 행위에 대한 적절한 판단을 행할 수 없으므로, 높은 오류율(false-positive/negative)을 보인다. 본 논문에서는 현재까지 알려진 공격에서 공통적으로 나타나는 윈도우들을 수집하여 침입예상윈도우를 구축하고, 이를 기존의 침입탐지 시스템에 부가적으로 사용하여 효과적으로 오류율(false-positive/negative)을 낮출 수 있음을 보인다. 실험 결과 제안된 방법을 통한 침입탐지는 기존의 방법에 비해 공격 탐지율은 증가하고 정상행위에 대한 오류율은 감소하였다.

• Journal of the Institute of Electronics and Information Engineers
• /
• 제54권1호
• /
• pp.3-10
• /
• 2017

Counting Bloom filters (CBFs) have been popularly used in many network algorithms and applications for the membership queries of dynamic sets, since CBFs can provide delete operations, which are not provided in a standard 1-bit vector Bloom filter. However, because of the counting functions, a CBF can have overflows and accordingly false negatives. CBFs composed of 4-bit counters are generally used, but the 4-bit CBF wastes memory spaces by allocating 4 bits for every counter. In this paper, we propose a simple alternative of a 4-bit CBF named ternary Bloom filter (TBF). In the proposed TBF structure, if two or more elements are mapped to a counter in programming, the counters are not used for insertion or deletion operations any more. When the TBF consumes the same amount of memory space as a 4-bit CBF, it is shown through simulation that the TBF provides a better false positive rate than the CBF as well as the TBF does not generate false negatives.

• Journal of Korea Association of Health Promotion
• /
• 제2권1호
• /
• pp.27-37
• /
• 2004

Background 'For many years, the Papanicolaou smear has been used to detect pre-malignant and malignant disease of the cervix. Although cervical cytology screening programmes have result in the reduction of cervical cancer incidence and mortality, Pap smear have been subjected to intense scrutiny and criticism in recent years. So cervicography is introduced. Cervicography is an adjunct method of cervical cancer screening intended to complement Papanicolaou smear. Cervicography involve obtaining and evaluating a photographic image of the cervix. The purpose of this investigation was to evaluate the efficacy of Papanicolaou smear and cervicography in cervical cancer screening. Materials & Methods : This study population was of 74 women, who visited department of obstetrics & Gynecology, Korea association of Health Promotion Chung-nam branch from January, 20O2 to October, 2003. All patients were taken Pap smear before cervicography, and then two cervicography was obtained with applying5% acetic acid. Those women in whom abnormalities were detected by either test subsequently obtained histologic specimen. Results : 1. The sensitivity and the specificity of Papanicolaou smear was 92.1% and 72.7%respectively.2. The sensitivity and the specificity of cervicography was 88.9% and 54.5% respectively. The false negative rate, and false positive rate of Papanicolaou smear were 7.9%, 27.2% respectively. The false negative rate, and false positive rate of cervicography were 11.1%,45.5% respectively. Conclusions . Papanicolaou smear is a useful method and an important tool for detecting cervical cancer. However when Papanicolaou smear and Cervicograpy is used together, the sensitivity is higher than for Papanicolaou smear used alone.

• Journal of Yeungnam Medical Science
• /
• 제3권1호
• /
• pp.179-183
• /
• 1986

The frozen section technique is a means of intraoperative pathological diagnosis, and a procedure of great value to the surgeon. This method should be accurate, rapid and reliable. This method serves useful purposes, such as determining the presence of tumor, its type(especially whether it is benign or malignant), the adequacy of a biopsy of a suspected lesion, and the conditions of the surgical margins. But, it bears many disadvantages, the most of which is the danger of incorrect diagnosis. We studied the indications, the limitations, and the accuracy of the frozen section method and the materials studies was total of frozen section during recent 3 years. The overall accuracy of the frozen section diagnosis of 809 cases was 98.1% with 0.5% of false negative, 0% of false positive, 0.5% of incorrect histological diagnosis or grading errors, and 0.9% of deferred cases. The tissues submitted were lymph node, gastrointestinal tract, skin subcutaneous tissues in decreasing oder of frequency. The false positive case is not present, while the false negative cases were 4.

• The KIPS Transactions:PartC
• /
• 제12C권1호
• /
• pp.45-52
• /
• 2005

A damage scale of information property has been increasing rapidly by various illegal actions of information systems, which result from dysfunction of a knowledge society. Reinforcement in criminal investigation requests of network security has accelerated research and development of Intrusion Detection Systems(IDSs), which report intrusion-detection about these illegal actions. Due to limited designs of early IDSs, it is hard for the IDSs to cope with tricks to go around IDS as well as false-positive and false-negative trials in various network environments. In this paper, we showed that this kind of problems can be solved by using a Virtual Protocol Stack(VPS) that possesses automatic learning ability through an optimum-adaptive mobile code. Therefore, the enhanced IDS adapts dynamically to various network environments in consideration of monitored and self-learned network status. Moreover, it is shown that Insertion/Evasion attacks can be actively detected. Finally, we discussed that this method can be expanded to an intrusion detection technique that possesses adaptability in the various mixed network environments.

• Journal of Korean Society of Transportation
• /
• 제31권4호
• /
• pp.85-94
• /
• 2013

The Continuous Risk Profile (CRP) has been well known to be the most accurate and efficient among existing network screening methods. However, the classical CRP uses safety performance functions (SPFs) which require a huge investment to construct a database system. This study aims to suggest a new CRP method using average crash frequencies of homogeneous groups, instead of SPFs, as rescaling factors. Hierarchical clustering analysis is performed to classify freeway segments into homogeneous groups based on the data of AADT and number of lanes. Using the data from I-880 in California, the proposed method is compared to other several network screening methods. The results show that the proposed method decrease false positive rates while it does not produce any false negatives. The method developed in this study can be easily applied to screen freeway networks without any additional complex database systems, and contribute to the improvement of freeway safety management systems.

• Convergence Security Journal
• /
• 제19권5호
• /
• pp.47-53
• /
• 2019

Network-based sharing of information has evolved into a cloud service environment today, increasing its number of users rapidly, but has become a major target for network-based illegal attackers.. In addition, IP spoofing among attackers' various attack techniques generally involves resource exhaustion attacks. Therefore, fast detection and response techniques are required. The existing detection method for IP spoofing attack performs the final authentication process according to the analysis and matching of traceback information of the client who attempted the connection request. However, the simple comparison method of traceback information may require excessive OTP due to frequent false positives in an environment requiring service transparency. In this paper, symmetric key cryptography based on traceback information is used as mutual authentication information to improve this problem. That is, after generating a traceback-based encryption key, mutual authentication is possible by performing a normal decryption process. In addition, this process could improve the overhead caused by false positives.