• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.59-66
• /
• 2018

The performance of a network intrusion detection system using the machine learning method depends heavily on the composition and the size of the feature set. The detection accuracy, such as the detection rate or the false positive rate, of the system relies on the feature composition. And the time it takes to train and detect depends on the size of the feature set. Therefore, in order to enable the system to detect intrusions in real-time, the feature set to beused should have a small size as well as an appropriate composition. In this paper, we show that the size of the feature set can be further reduced without decreasing the detection rate through using Pearson correlation coefficient between features along with the multi-objective genetic algorithm which was used to shorten the size of the feature set in previous work. For the evaluation of the proposed method, the experiments to classify 10 kinds of attacks and benign traffic are performed against NSL_KDD data set.

• Journal of Internet Computing and Services
• /
• v.22 no.1
• /
• pp.13-22
• /
• 2021

Recently network based attack technologies are rapidly advanced and intelligent, the limitations of existing signature-based intrusion detection systems are becoming clear. The reason is that signature-based detection methods lack generalization capabilities for new attacks such as APT attacks. To solve these problems, research on machine learning-based intrusion detection systems is being actively conducted. However, in the actual network environment, attack samples are collected very little compared to normal samples, resulting in class imbalance problems. When a supervised learning-based anomaly detection model is trained with such data, the result is biased to the normal sample. In this paper, we propose to overcome this imbalance problem through One-Class Anomaly Detection using an auto encoder. The experiment was conducted through the NSL-KDD data set and compares the performance with the supervised learning models for the performance evaluation of the proposed method.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.11
• /
• pp.5568-5587
• /
• 2018

This research uses artificial intelligence methods for computer network intrusion detection system modeling. Primary classification is done using self-organized maps (SOM) in two levels, while the secondary classification of ambiguous data is done using Sugeno type Fuzzy Inference System (FIS). FIS is created by using Adaptive Neuro-Fuzzy Inference System (ANFIS). The main challenge for this system was to successfully detect attacks that are either unknown or that are represented by very small percentage of samples in training dataset. Improved algorithm for SOMs in second layer and for the FIS creation is developed for this purpose. Number of clusters in the second SOM layer is optimized by using our improved algorithm to minimize amount of ambiguous data forwarded to FIS. FIS is created using ANFIS that was built on ambiguous training dataset clustered by another SOM (which size is determined dynamically). Proposed hybrid model is created and tested using NSL KDD dataset. For our research, NSL KDD is especially interesting in terms of class distribution (overlapping). Objectives of this research were: to successfully detect intrusions represented in data with small percentage of the total traffic during early detection stages, to successfully deal with overlapping data (separate ambiguous data), to maximize detection rate (DR) and minimize false alarm rate (FAR). Proposed hybrid model with test data achieved acceptable DR value 0.8883 and FAR value 0.2415. The objectives were successfully achieved as it is presented (compared with the similar researches on NSL KDD dataset). Proposed model can be used not only in further research related to this domain, but also in other research areas.

• KSCE Journal of Civil and Environmental Engineering Research
• /
• v.41 no.3
• /
• pp.277-288
• /
• 2021

Building information modeling (BIM) element to industry foundation classes (IFC) entity mappings need to be checked to ensure the semantic integrity of BIM models. Existing studies have demonstrated that machine learning algorithms trained on geometric features are able to classify BIM elements, thereby enabling the checking of these mappings. However, reliance on geometry is limited, especially for elements with similar geometric features. This study investigated the employment of relational data between elements, with the assumption that such additions provide higher classification performance. Neural structured learning, a novel approach for combining structured graph data as features to machine learning input, was used to realize the experiment. Results demonstrated that a significant improvement was attained when trained and tested on eight BIM element types with their relational semantics explicitly represented.

• International Journal of Computer Science & Network Security
• /
• v.23 no.1
• /
• pp.46-52
• /
• 2023

With billions of IoT (Internet of Things) devices populating various emerging applications across the world, detecting anomalies on these devices has become incredibly important. Advanced Intrusion Detection Systems (IDS) are trained to detect abnormal network traffic, and Machine Learning (ML) algorithms are used to create detection models. In this paper, the NSL-KDD dataset was adopted to comparatively study the performance and efficiency of IoT anomaly detection models. The dataset was developed for various research purposes and is especially useful for anomaly detection. This data was used with typical machine learning algorithms including eXtreme Gradient Boosting (XGBoost), Support Vector Machines (SVM), and Deep Convolutional Neural Networks (DCNN) to identify and classify any anomalies present within the IoT applications. Our research results show that the XGBoost algorithm outperformed both the SVM and DCNN algorithms achieving the highest accuracy. In our research, each algorithm was assessed based on accuracy, precision, recall, and F1 score. Furthermore, we obtained interesting results on the execution time taken for each algorithm when running the anomaly detection. Precisely, the XGBoost algorithm was 425.53% faster when compared to the SVM algorithm and 2,075.49% faster than the DCNN algorithm. According to our experimental testing, XGBoost is the most accurate and efficient method.

• The korean journal of orthodontics
• /
• v.29 no.6 s.77
• /
• pp.707-720
• /
• 1999

The purpose of this study was to evaluate racial differences In head posture and the influence of head posture to the craniofacial morphology. The sample group of this study was made up of 51 Korean males and 120 Scandinavian Caucasian males. From the comparison of the cranio-cervical angle and the variables of craniofacial morphology between them, the following results were obtained. 1. The cranio-cervical angle (NSL/OPT) was on average 9.28 degrees larger In Koreans. 2. The length of the anterior cranial base (N-S) was on average 4.66mm shorter in Koreans. 3. The length of the maxillary base (sp-pm and ss-pm) were on average 2.75mm and 4.65mm shorter in Koreans respectively, the anterior maxillary height (n-sp) was on average 2.60mm longer, the posterior dimension (s-pm) was found to be 2.06mm longer in Koreans, and the maxillary inclination (NSL/NL) was identical in both samples. 4. The mandibular body length (pg-tgo) and ramus height (ar-tgo) were identical in the two groups, but the genial angle (ML/RL) was 3.22 degrees smaller and the mandibular plane inclination (NSL/ML) was 2.44 degrees larger in Koreans 5. The maxillary prognathism (s-n-sp and s-n-ss) and the mandibular prognathism (s-n-sm) were identical in both samples. 6. The sagittal jaw relationship (ss-n-pg) was 1.44 degrees larger in the Korean sample, but the vortical jaw relationship (NL/ML) was not significantly different. 7. The anterior facial height (n-gn) was 5.57mm longer in the Korean sample. 8. The mandibular alveolar prognathism (CL/ML) was 5.71 degrees greater and the interincisal angle (ILs/ILi) was 3.08 degrees more acute in Koreans. Taken together these results, craniofacial morphology can be influenced by the head posture defined by cranio-cervical angulation.

• KEPCO Journal on Electric Power and Energy
• /
• v.2 no.2
• /
• pp.311-316
• /
• 2016

Network intrusion detection system based on machine learning method such as artificial neural network is quite dependent on the selected features in terms of accuracy and efficiency. Nevertheless, choosing the optimal combination of features, which guarantees accuracy and efficienty, from generally used many features to detect network intrusion requires extensive computing resources. In this paper, we deal with a optimal feature selection problem to determine 6 denial service attacks and normal usage provided by NSL-KDD data. We propose a optimal feature selection algorithm. Proposed algorithm is based on the multi-start local search algorithm, one of representative meta-heuristic algorithm for solving optimization problem. In order to evaluate the performance of our proposed algorithm, comparison with a case of all 41 features used against NSL-KDD data is conducted. In addtion, comparisons between 3 well-known machine learning methods (multi-layer perceptron., Bayes classifier, and Support vector machine) are performed to find a machine learning method which shows the best performance combined with the proposed feature selection method.

• Proceedings of the Materials Research Society of Korea Conference
• /
• 2007.11a
• /
• pp.62.2-62.2
• /
• 2007

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.10
• /
• pp.5143-5158
• /
• 2018

Improving the intrusion detection system (IDS) is a pressing need for cyber security world. With the growth of computer networks, there are constantly daily new attacks. Machine Learning (ML) is one of the most important fields which have great contribution to address the intrusion detection issues. One of these issues relates to the imbalance of the diverse classes of network traffic. Accuracy paradox is a result of training ML algorithm with imbalanced classes. Most of the previous efforts concern improving the overall accuracy of these models which is truly important. However, even they improved the total accuracy of the system; it fell in the accuracy paradox. The seriousness of the threat caused by the minor classes and the pitfalls of the previous efforts to address this issue is the motive for this work. In this paper, we consolidated stratified sampling, cost function and weighted Support Vector Machine (WSVM) method to address the accuracy paradox of ID problem. This model achieved good results of total accuracy and superior results in the small classes like the User-To-Remote and Remote-To-Local attacks using the improved version of the benchmark dataset KDDCup99 which is called NSL-KDD.

• Korean Journal of Materials Research
• /
• v.20 no.10
• /
• pp.550-554
• /
• 2010

This work presents a fabrication procedure to make large-area, size-tunable, periodically different shape metal arrays using nanosphere lithography (NSL) combined with ashing and annealing. A polystyrene (PS, 580 ${\mu}m$) monolayer, which was used as a mask, was obtained with a mixed solution of PS in methanol by multi-step spin coating. The mask morphology was changed by oxygen RIE (Reactive Ion Etching) ashing and temperature processing by microwave heating. The Au or Pt deposition resulted in size tunable nano patterns with different morphologies such as hole and dots. These processes allow outstanding control of the size and morphology of the particles. Various sizes of hole patterns were obtained by reducing the size of the PS sphere through the ashing process, and by increasing the size of the PS sphere through annealing treatment, which resulted in tcontrolling the size of the metallic nanoparticles from 30 nm to 230 nm.