• IEIE Transactions on Smart Processing and Computing
• /
• 제5권3호
• /
• pp.169-177
• /
• 2016

To realize high-speed intrusion detection by accommodating many regular expression (regex)-based signatures and growing network link capacities, we propose the Service TimE-Aware Load-balancing (STEAL) algorithm. This work is motivated from the observation that utilization of a many-core network intrusion detection system (NIDS) is influenced by unfair computational distribution among many-core NIDS nodes. To avoid such unfair computational distribution, STEAL is designed to dynamically distribute a large volume of traffic among many-core NIDS nodes based on packet service time, which is represented by the deep packet time in many-core NIDS nodes. From experiments, we show that compared to the commonly used load-balancing algorithm based on arrival rate, STEAL increases the number of received packets (i.e., decreases the number of dropped packets) in many-core NIDS. Specifically, by integrating an open source NIDS (i.e. Bro) with STEAL, we show that even under attack-dominant traffic and with many signatures, STEAL can rapidly improve the performance of many-core NIDS to realize high-speed intrusion detection.

• Journal of Power Electronics
• /
• 제16권4호
• /
• pp.1526-1540
• /
• 2016

This work mainly discusses an accurate and fast islanding detection based on fractional wavelet packet transform (FRWPT)for multibus microgrid systems. The proposed protection scheme uses combined desirable features retrieved from discrete fractional Fourier transform (FRFT) and wavelet packet transform (WPT) techniques, which provides precise time-frequency information on minute perturbation signals introduced in the system. Moreover, this study focuses on the design of decoupling control with a distributed controller based on state feedback for the efficient operation of microgrid systems that are transitioning from the grid-connected mode to the islanded mode. An IEEE 9-bus test system with inverter based distributed generation (DG) units is considered for islanding assessment and smooth operation. Finally, tracking errors are greatly reduced with stability improvement based on the proposed controller. FRWPT based islanding detection is demonstrated via a time domain simulation of the system. Simulated results show an improvement in system stability with the application of the proposed controller and accurate islanding detection based on the FRWPT technique in comparison with the results obtained by applying the wavelet transform (WT) and WPT.

• Smart Structures and Systems
• /
• 제11권6호
• /
• pp.589-604
• /
• 2013

Identification of damage has become an evolving area of research over the last few decades with increasing the need of online health monitoring of the large structures. The visual damage detection can be impractical, expensive and ineffective in case of large structures, e.g., offshore platforms, offshore pipelines, multi-storied buildings and bridges. Damage in a system causes a change in the dynamic properties of the system. The structural damage is typically a local phenomenon, which tends to be captured by higher frequency signals. Most of vibration-based damage detection methods require modal properties that are obtained from measured signals through the system identification techniques. However, the modal properties such as natural frequencies and mode shapes are not such good sensitive indication of structural damage. Identification of damaged jacket type offshore platform members, based on wavelet packet transform is presented in this paper. The jacket platform is excited by simple wave load. Response of actual jacket needs to be measured. Dynamic signals are measured by finite element analysis result. It is assumed that this is actual response of the platform measured in the field. The dynamic signals first decomposed into wavelet packet components. Then eliminating some of the component signals (eliminate approximation component of wavelet packet decomposition), component energies of remained signal (detail components) are calculated and used for damage assessment. This method is called Detail Signal Energy Rate Index (DSERI). The results show that reduced wavelet packet component energies are good candidate indices which are sensitive to structural damage. These component energies can be used for damage assessment including identifying damage occurrence and are applicable for finding damages' location.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• 제10권3호
• /
• pp.542-548
• /
• 2006

In this paper, we propose a face region detection/verification method using wavelet packet analysis and structural statistic for frontal human color image. The method extracts skin color lesions from input images, first. and then applies spatial restrictive conditions to the region, and determines whether the region is face candidate region or not. In second step, we find eye region in the face candidate region using structural statistic for standard korean faces. And in last step, the face region is verified via wavelet packet analysis if the face torture were satisfied to normal texture conditions.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• 제35권1A호
• /
• pp.16-24
• /
• 2010

High Speed Uplink Packet Access(HSUPA) is a WCDMA Release 6 technology which corresponds to High Speed Downlink Packet Access(HSDPA). Node B Supports fast scheduling, Hybrid ARQ(HARQ), short Transmission Time Interval(TTI) for high rate uplink packet data. It is very important to detect Iub congestion to improve end user's Quality of Service(QoS). This paper proposes Node B Congestion Detection(BCD) mechanism and suggests to use the hybrid of Transport Network Layer(TNL) congestion detection and BCD. It is shown that HSUPA user throughput performance can be improved by the proposed method even with small Iub bandwidth.

• Journal of Korea Multimedia Society
• /
• 제6권5호
• /
• pp.778-787
• /
• 2003

Intrusion detection systems based on rules are not efficient for mutated attacks, because they need additional rules for the variations. In this paper, we propose an intrusion detection system using the time delay neural network. Packets on the network can be considered as gray images of which pixels represent bytes of them. Using this continuous packet images, we construct a neural network classifier that discriminates between normal and abnormal packet flows. The system deals well with various mutated attacks, as well as well known attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권8호
• /
• pp.3884-3910
• /
• 2016

Intrusion Detection System (IDS) in general considers a big amount of data that are highly redundant and irrelevant. This trait causes slow instruction, assessment procedures, high resource consumption and poor detection rate. Due to their expensive computational requirements during both training and detection, IDSs are mostly ineffective for real-time anomaly detection. This paper proposes a dimensionality reduction technique that is able to enhance the performance of IDSs up to constant time O(1) based on the Principle Component Analysis (PCA). Furthermore, the present study offers a feature selection approach for identifying major components in real time. The PCA algorithm transforms high-dimensional feature vectors into a low-dimensional feature space, which is used to determine the optimum volume of factors. The proposed approach was assessed using HTTP packet payload of ISCX 2012 IDS and DARPA 1999 dataset. The experimental outcome demonstrated that our proposed anomaly detection achieved promising results with 97% detection rate with 1.2% false positive rate for ISCX 2012 dataset and 100% detection rate with 0.06% false positive rate for DARPA 1999 dataset. Our proposed anomaly detection also achieved comparable performance in terms of computational complexity when compared to three state-of-the-art anomaly detection systems.

• Annual Conference of KIPS
• /
• 한국정보처리학회 2009년도 추계학술발표대회
• /
• pp.465-466
• /
• 2009

This paper investigates congestion detection and control strategies for multi-path traffic (CDCM) diss emination in lifetime-constrained wireless sensor networks. CDCM jointly exploits packet arrival rate, succ essful packet delivery rate and current buffer status of a node to measure the congestion level. Our objec tive is to develop adaptive traffic rate update policies that can increase the reliability and the network lif etime. Our simulation results show that the proposed CDCM scheme provides with good performance.

• Journal of Internet Computing and Services
• /
• 제10권2호
• /
• pp.15-28
• /
• 2009

This paper proposes HWbF(Hit and WLC based Firewall) design which consists of an PFS(Packet Filter Station) and APS(Application Proxy Station). PFS is designed to reduce bottleneck and to prevent the transmission delay of them by distributing packets with PLB(Packet Load Balancing) module, and APS is designed to manage a proxy cash server by using PCSLB(Proxy Cash Server Load Balancing) module and to detect a DoS attack with packet traffic quantity. Therefore, the proposed HWbF in this paper prevents packet transmission delay that was a drawback in an existing Firewall, diminishes bottleneck, and then increases the processing speed of the packet. Also, as HWbF reduce the 50% and 25% of the respective DoS attack error detection rate(TCP) about average value and the fixed critical value to 38% and 17%. with the proposed expression by manipulating the critical value according to the packet traffic quantity, it not only improve the detection of DoS attack traffic but also diminishes the overload of a proxy cash server.

• Convergence Security Journal
• /
• 제21권4호
• /
• pp.109-115
• /
• 2021

Currently, with the development of 5G and IoT technology, it is being used in connection with the things used in real life through a network. However, attempts to use networked computers for malicious purposes are increasing, and attacks using malicious codes that infringe the confidentiality and integrity of user information are becoming more intelligent. As a countermeasure to this, research is being conducted on a method of detecting malicious packets using a security control system and AI technology, supervised learning. The cyber security control system is being operated inefficiently in terms of manpower and cost. In addition, in the era of the COVID-19 pandemic, remote work has increased, making it difficult to respond immediately. In addition, malicious code detection using the existing AI technology, supervised learning, does not detect variant malicious code, and has an inaccurate malicious code detection rate depending on the quantity and quality of data. Therefore, in this study, by converging malicious packet detection technologies through various machine learning and deep learning models, the accuracy of malicious packet detection is increased, the false positive rate and the false positive rate are reduced, and a new type of malicious packet can be efficiently detected when intrusion. We propose a malicious packet detection technology.