• Journal of Electrical Engineering and Technology
• /
• v.9 no.4
• /
• pp.1171-1181
• /
• 2014

Different power quality (PQ) disturbance sources can have major impacts on the power supply grid. This study proposes, for the first time, an early warning approach to identifying PQ problems and providing early warning prompts based on the monitored data of PQ disturbance sources. To establish a steady-state power quality early warning index system, the characteristics of PQ disturbance sources are analyzed and summed up. The higher order statistics anomaly detection (HOSAD) algorithm, based on skewness and kurtosis, and hierarchical power quality early warning flow, were then used to mine limit-exceeding and abnormal data and analyze their severity. Cases studies show that the proposed approach is effective and feasible, and that it is possible to provide timely power quality early warnings for limit-exceeding and abnormal data.

• The KIPS Transactions:PartC
• /
• v.11C no.5
• /
• pp.595-604
• /
• 2004

By the help of expansion of computer network and rapid growth of Internet, the information infrastructure is now able to provide a wide range of services. Especially open architecture - the inherent nature of Internet - has not only got in the way of offering QoS service, managing networks, but also made the users vulnerable to both the threat of backing and the issue of information leak. Thus, people recognized the importance of both taking active, prompt and real-time action against intrusion threat, and at the same time, analyzing the similar patterns of in-trusion already known. There are now many researches underway on Intrusion Detection System(IDS). The paper carries research on the in-trusion detection system which hired supervised learning algorithm and Fuzzy membership function especially with Neuro-Fuzzy model in order to improve its performance. It modifies tansigmoid transfer function of Neural Networks into fuzzy membership function, so that it can reduce the uncertainty of anomaly intrusion detection. Finally, the fuzzy logic suggested here has been applied to a network-based anomaly intrusion detection system, tested against intrusion data offered by DARPA 2000 Intrusion Data Sets, and proven that it overcomes the shortcomings that Anomaly Intrusion Detection usually has.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.201-211
• /
• 2022

According to the recent change in the cybersecurity paradigm, research on anomaly detection methods using machine learning and deep learning techniques, which are AI implementation technologies, is increasing. In this study, a comparative study on data preprocessing techniques that can improve the anomaly detection performance of a GRU (Gated Recurrent Unit) neural network-based intrusion detection model using NGIDS-DS (Next Generation IDS Dataset), an open dataset, was conducted. In addition, in order to solve the class imbalance problem according to the ratio of normal data and attack data, the detection performance according to the oversampling ratio was compared and analyzed using the oversampling technique applied with DCGAN (Deep Convolutional Generative Adversarial Networks). As a result of the experiment, the method preprocessed using the Doc2Vec algorithm for system call feature and process execution path feature showed good performance, and in the case of oversampling performance, when DCGAN was used, improved detection performance was shown.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.14 no.1
• /
• pp.75-81
• /
• 2004

Signature based intrusion detection system (IDS), having stored rules for detecting intrusions at the library, judges whether new inputs are intrusion or not by matching them with the new inputs. However their policy has two restrictions generally. First, when they couldn`t make rules against new intrusions, false negative (FN) errors may are taken place. Second, when they made a lot of rules for maintaining diversification, the amount of resources grows larger proportional to their amount. In this paper, we propose the learning algorithm which can evolve the competent of anomaly detectors having the ability to detect anomalous attacks by genetic algorithm. The anomaly detectors are the population be composed of by following the negative selection procedure of the biological immune system. To show the effectiveness of proposed system, we apply the learning algorithm to the artificial network environment, which is a computer security system.

• ETRI Journal
• /
• v.44 no.2
• /
• pp.183-193
• /
• 2022

Smart cities are expected to provide residents with convenience via various agents such as CCTV, delivery robots, security robots, and unmanned shuttles. Environmental data collected by various agents can be used for various purposes, including advertising and security monitoring. This study suggests a surveillance map data framework for efficient and integrated multimodal data representation from multi-agents. The suggested surveillance map is a multilayered global information grid, which is integrated from the multimodal data of each agent. To confirm this, we collected surveillance map data for 4 months, and the behavior patterns of humans and vehicles, distribution changes of elevation, and temperature were analyzed. Moreover, we represent an anomaly detection algorithm based on a surveillance map for security service. A two-stage anomaly detection algorithm for unusual situations was developed. With this, abnormal situations such as unusual crowds and pedestrians, vehicle movement, unusual objects, and temperature change were detected. Because the surveillance map enables efficient and integrated processing of large multimodal data from a multi-agent, the suggested data framework can be used for various applications in the smart city.

• ETRI Journal
• /
• v.27 no.3
• /
• pp.294-303
• /
• 2005

In this paper, a supervised algorithm for the evaluation of geophysical sites using a multi-level cellular neural network (ML-CNN) is introduced, developed, and applied to real data. ML-CNN is a stochastic image processing technique based on template optimization using neighborhood relationships of the pixels. The separation/enhancement and border detection performance of the proposed method is evaluated by various interesting real applications. A genetic algorithm is used in the optimization of CNN templates. The first application is concerned with the separation of potential field data of the Dumluca chromite region, which is one of the rich reserves of Turkey; in this context, the classical approach to the gravity anomaly separation method is one of the main problems in geophysics. The other application is the border detection of archeological ruins of the Hittite Empire in Turkey. The Hittite civilization sites located at the Sivas-Altinyayla region of Turkey are among the most important archeological sites in history, one reason among others being that written documentation was first produced by this civilization.

• Journal of Navigation and Port Research
• /
• v.37 no.1
• /
• pp.41-48
• /
• 2013

A positioning technique using the augmentation system has been researched to improve the accuracy. The network RTK is the precise positioning technique using carrier phase correction data from reference stations and is constantly being researched. The study for the system accuracy has been performed but system integrity research has not been done as much as system accuracy. In this paper, we presented the anomaly detection algorithm by satellite system and the diagnosis algorithm to a basic research in the integrity on network RTK. And the presented algorithms are verified on the DL-V3 dual-frequency receiver and the simulated error scenario using the GSS7700.

• Journal of the Korean Data and Information Science Society
• /
• v.20 no.2
• /
• pp.387-399
• /
• 2009

Mobile wireless networks continue to be plagued by theft of identify and intrusion. Both problems can be addressed in two different ways, either by misuse detection or anomaly-based detection. In this paper, we propose a dissimilarity-based anomaly detection method which can effectively identify abnormal behavior such as mobility patterns of mobile wireless networks. In the proposed algorithm, a normal profile is constructed from normal mobility patterns of mobile nodes in mobile wireless networks. From the constructed normal profile, a dissimilarity is computed by a weighted dissimilarity measure. If the value of the weighted dissimilarity measure is greater than the dissimilarity threshold that is a system parameter, an alert message is occurred. The performance of the proposed method is evaluated through a simulation. From the result of the simulation, we know that the proposed method is superior to the performance of other anomaly detection methods using dissimilarity measures.

• Journal of Internet Computing and Services
• /
• v.24 no.2
• /
• pp.37-45
• /
• 2023

In line with the 4th Industrial Revolution, facility maintenance technologies for building smart factories are receiving attention and are being advanced. In addition, technology is being applied to smart farms and smart fisheries following smart factories. Among them, in the case of a recirculating aquaculture system, there is a motor pump that circulates water for a stable quality environment in the tank. Motor pump maintenance activities for recirculating aquaculture system are carried out based on preventive maintenance and data obtained from vibration sensor. Preventive maintenance cannot cope with abnormalities that occur before prior planning, and vibration sensors are affected by the external environment. This paper proposes an anomaly detection algorithm that utilizes ADTK, a Python open source, for motor pump anomaly detection based on data collected through current sensors that are less affected by the external environment than noise, temperature and vibration sensors.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.5
• /
• pp.953-959
• /
• 2012

There are a number of idle nodes in sensor networks, these can act as detector nodes for anomaly detection in the network. For detecting node selection problem modeled as optimization equation, the conventional method using centralized genetic algorithm was evaluated. In this paper, a method to improve the convergence of the optimal value, while improving energy efficiency as a method of considering the characteristics of the network topology using parallel genetic algorithm is proposed. Through simulation, the proposed method compared with the conventional approaches to the convergence of the optimal value was improved and was found to be energy efficient.