• Title/Summary/Keyword: Unknown Data Association

검색결과 125건 처리시간 0.023초

알려지지 않은 위협 탐지를 위한 CBA와 OCSVM 기반 하이브리드 침입 탐지 시스템 (A hybrid intrusion detection system based on CBA and OCSVM for unknown threat detection)

  • 신건윤;김동욱;윤지영;김상수;한명묵
    • 인터넷정보학회논문지
    • /
    • 제22권3호
    • /
    • pp.27-35
    • /
    • 2021
  • 인터넷이 발달함에 따라, IoT, 클라우드 등과 같은 다양한 IT 기술들이 개발되었고, 이러한 기술들을 사용하여 국가와 여러 기업들에서는 다양한 시스템을 구축하였다. 해당 시스템들은 방대한 양의 데이터들을 생성하고, 공유하기 때문에 시스템에 들어있는 중요한 데이터들을 보호하기 위해 위협을 탐지할 수 있는 다양한 시스템이 필요하였으며, 이에 대한 연구가 현재까지 활발히 진행되고 있다. 대표적인 기술로 이상 탐지와 오용 탐지를 들 수 있으며, 해당 기술들은 기존에 알려진 위협이나 정상과는 다른 행동을 보이는 위협들을 탐지한다. 하지만 IT 기술이 발전함에 따라 시스템을 위협하는 기술들도 점차 발전되고 있으며, 이러한 탐지 방법들을 피해서 위협을 가한다. 지능형 지속 위협(Advanced Persistent Threat : APT)은 국가 또는 기업의 시스템을 공격하여 중요 정보 탈취 및 시스템 다운 등의 공격을 수행하며, 이러한 공격에는 기존에 알려지지 않았던 악성코드 및 공격 기술들을 적용한 위협이 존재한다. 따라서 본 논문에서는 알려지지 않은 위협을 탐지하기 위한 이상 탐지와 오용 탐지를 결합한 하이브리드 침입 탐지 시스템을 제안한다. 두 가지 탐지 기술을 적용하여 알려진 위협과 알려지지 않은 위협에 대한 탐지가 가능하게 하였으며, 기계학습을 적용함으로써 보다 정확한 위협 탐지가 가능하게 된다. 오용 탐지에서는 Classification based on Association Rule(CBA)를 적용하여 알려진 위협에 대한 규칙을 생성하였으며, 이상 탐지에서는 One Class SVM(OCSVM)을 사용하여 알려지지 않은 위협을 탐지하였다. 실험 결과, 알려지지 않은 위협 탐지 정확도는 약 94%로 나타난 것을 확인하였고, 하이브리드 침입 탐지를 통해 알려지지 않은 위협을 탐지 할 수 있는 것을 확인하였다.

실내 환경에서 Infrared 카메라를 이용한 실용적 FastSLAM 구현 방법 (A Practical FastSLAM Implementation Method using an Infrared Camera for Indoor Environments)

  • 장헤이롱;이헌철;이범희
    • 로봇학회논문지
    • /
    • 제4권4호
    • /
    • pp.305-311
    • /
    • 2009
  • FastSLAM is a factored solution to SLAM problem using a Rao-Blackwellized particle filter. In this paper, we propose a practical FastSLAM implementation method using an infrared camera for indoor environments. The infrared camera is equipped on a Pioneer3 robot and looks upward direction to the ceiling which has infrared tags with the same height. The infrared tags are detected with theinfrared camera as measurements, and the Nearest Neighbor method is used to solve the unknown data association problem. The global map is successfully built and the robot pose is predicted in real time by the FastSLAM2.0 algorithm. The experiment result shows the accuracy and robustness of the proposed method in practical indoor environment.

  • PDF

Interpretation of Data Mining Prediction Model Using Decision Tree

  • Kang, Hyuncheol;Han, Sang-Tae;Choi, Jong-Ho
    • Communications for Statistical Applications and Methods
    • /
    • 제7권3호
    • /
    • pp.937-943
    • /
    • 2000
  • Data mining usually deal with undesigned massive data containing many variables for which their characteristics and association rules are unknown, therefore it is actually not easy to interpret the results of analysis. In this paper, it is shown that decision tree can be very useful in interpreting data mining prediction model using two real examples.

  • PDF

침입탐지 알고리즘 성능 최적화 및 평가 방법론 개발 (Optimizing of Intrusion Detection Algorithm Performance and The development of Evaluation Methodology)

  • 신대철;김홍윤
    • 디지털산업정보학회논문지
    • /
    • 제8권1호
    • /
    • pp.125-137
    • /
    • 2012
  • As the Internet use explodes recently, the malicious attacks and hacking for a system connected to network occur frequently. For such reason, lots of intrusion detection system has been developed. Intrusion detection system has abilities to detect abnormal behavior and unknown intrusions also it can detect intrusions by using patterns studied from various penetration methods. Various algorithms are studying now such as the statistical method for detecting abnormal behavior, extracting abnormal behavior, and developing patterns that can be expected. Etc. This study using clustering of data mining and association rule analyzes detecting areas based on two models and helps design detection system which detecting abnormal behavior, unknown attack, misuse attack in a large network.

Association measure of doubly interval censored data using a Kendall's 𝜏 estimator

  • Kang, Seo-Hyun;Kim, Yang-Jin
    • Communications for Statistical Applications and Methods
    • /
    • 제28권2호
    • /
    • pp.151-159
    • /
    • 2021
  • In this article, our interest is to estimate the association between consecutive gap times which are subject to interval censoring. Such data are referred as doubly interval censored data (Sun, 2006). In a context of serial event, an induced dependent censoring frequently occurs, resulting in biased estimates. In this study, our goal is to propose a Kendall's 𝜏 based association measure for doubly interval censored data. For adjusting the impact of induced dependent censoring, the inverse probability censoring weighting (IPCW) technique is implemented. Furthermore, a multiple imputation technique is applied to recover unknown failure times owing to interval censoring. Simulation studies demonstrate that the suggested association estimator performs well with moderate sample sizes. The proposed method is applied to a dataset of children's dental records.

Partial Compatibility Test 를 이용한 로봇의 위치 추정 및 매핑의 Data Association (Data Association of Robot Localization and Mapping Using Partial Compatibility Test)

  • 염서군;최윤성;무경;한창수
    • 한국정밀공학회지
    • /
    • 제33권2호
    • /
    • pp.129-138
    • /
    • 2016
  • This paper presents a natural corners-based SLAM (Simultaneous Localization and Mapping) with a robust data association algorithm in a real unknown environment. Corners are extracted from raw laser sensor data, which are chosen as landmarks for correcting the pose of mobile robot and building the map. In the proposed data association method, the extracted corners in every step are separated into several groups with small numbers of corners. In each group, local best matching vector between new corners and stored ones is found by joint compatibility, while nearest feature for every new corner is checked by individual compatibility. All these groups with local best matching vector and nearest feature candidate of each new corner are combined by partial compatibility with linear matching time. Finally, SLAM experiment results in an indoor environment based on the extracted corners show good robustness and low computation complexity of the proposed algorithms in comparison with existing methods.

Case Studies in EFL Reading: Perceptions, Experiences, and Strategies

  • Chin, Cheong-Sook
    • 영어어문교육
    • /
    • 제15권4호
    • /
    • pp.1-22
    • /
    • 2009
  • This case study aimed to explore proficient EFL readers' perceptions and experiences about reading tasks and how those perceptions and experiences influence their reading processing behaviors, and to examine how the cultural background of a text affects their reading strategies and comprehension. Three college students who were non-English majors participated in this study. Three data sources were employed: questionnaires, interviews, and think-alouds. The results showed that: (1) the participants emphasized comprehension as the goal of reading and considered themselves good EFL readers; (2) their reading purposes were closely associated with personal pursuits; (3) they preferred to read materials that deal with areas of interest but did not try to take a risk in terms of level of difficulty and/or length; (4) they implemented a multistrategic approach to reading in that the majority of their strategy use was in conjunction with their concern about meaning construction; (5) they were able to develop useful understandings of unknown vocabulary; and (6) their clear awareness of the cultural background presupposed in the text helped them invoke prior knowledge and reduce unknown vocabulary hindrances which contributed to comprehension. Pedagogical implications for EFL reading instruction are provided.

  • PDF

SVM을 통한 미확인 침입탐지 시스템 개발 (A Development of Unknown Intrusion Detection System with SVM)

  • 김석태;한인규;이창용;고정호;이도원;오정민;방철수;이극
    • 융합보안논문지
    • /
    • 제7권4호
    • /
    • pp.23-28
    • /
    • 2007
  • 본 연구는 수집된 training 패킷을 패킷이미지 생성모듈을 통해 적절히 가공하여 SVM에 학습을 시키고 학습된 SVM에 testing 패킷이미지를 테스트 시킨 후 분류해내는 것을 제안한다. 서포트 벡터 머신[Support Vector Machines]을 이용한 미확인 침입탐지 시스템은 보안의 안정성 및 효율성면에서 기존의 시스템들보다 훨씬 우수하다.

  • PDF

분산형 FP트리를 활용한 병렬 데이터 마이닝 (Parallel Data Mining with Distributed Frequent Pattern Trees)

  • 조두산;김동승
    • 대한전자공학회:학술대회논문집
    • /
    • 대한전자공학회 2003년도 하계종합학술대회 논문집 V
    • /
    • pp.2561-2564
    • /
    • 2003
  • Data mining is an effective method of the discovery of useful information such as rules and previously unknown patterns existing in large databases. The discovery of association rules is an important data mining problem. We have developed a new parallel mining called Distributed Frequent Pattern Tree (abbreviated by DFPT) algorithm on a distributed shared nothing parallel system to detect association rules. DFPT algorithm is devised for parallel execution of the FP-growth algorithm. It needs only two full disk data scanning of the database by eliminating the need for generating the candidate items. We have achieved good workload balancing throughout the mining process by distributing the work equally to all processors. We implemented the algorithm on a PC cluster system, and observed that the algorithm outperformed the Improved Count Distribution scheme.

  • PDF

A Case Study on College EFL Readers: Awareness, Experiences, and Processes

  • Chin, Cheongsook
    • 영어어문교육
    • /
    • 제17권3호
    • /
    • pp.1-25
    • /
    • 2011
  • This research primarily aimed to investigate proficient and less proficient EFL readers' awareness and experiences about learning to read and reading in English. The secondary purpose was to explore the participants' reading strategies, and to discover how the genres of English texts influence their reading processing behaviors. The participants consisted of four college students in engineering aged 21-25 years. Three data sources were employed: questionnaires, interviews, and think-alouds. The findings revealed that: (1) the proficient EFL readers judged themselves to be good readers, while the less proficient EFL readers judged themselves to be fair readers; (2) unknown vocabulary was perceived to be the major impediment to reading comprehension; the think-aloud data, however, demonstrated that unknown vocabulary did not significantly interfere with their reading comprehension; (3) regardless of the genre of the text, the participants employed similar reading strategies; (4) the participants were more likely to tolerate ambiguity and predict the content when reading the narrative text than the expository text; (5) there was no set of strategies that distinguished proficient EFL readers from less proficient EFL readers; and (6) when identifying problems, the proficient EFL readers used fix-up strategies more effectively and were better able to provide satisfactory solutions than their counterparts. Pedagogical implications for EFL reading instruction are discussed.

  • PDF