• Journal of the Korean Institute of Intelligent Systems
• /
• v.22 no.3
• /
• pp.328-333
• /
• 2012

Current differential GPS (DGPS) system consists of reference station (RS), integrity monitor (IM), and control station (CS). The RS computes the pseudorange corrections (PRC) and generates the RTCM messages for broadcasting. The IM receives the corrections from the RS broadcasting and verifies that the information is within tolerance. The CS performs realtime system status monitoring and control of the functional and performance parameters. The primary function of a DGPS integrity monitor is to verify the correction information and transmit feedback messages to the reference station. However, the current algorithms for integrity monitoring have the limitations of integrity monitor functions for satellite outage or anomalies. Therefore, this paper focuses on the detection and identification methods of satellite anomalies for maritime DGPS RSIM. Based on the function analysis of current DGPS RSIM, it first addresses the limitation of integrity monitoring functions for DGPS RSIM, and then proposes the detection and identification method of satellite anomalies. In addition, it simulates an actual GPS clock anomaly case using a GPS simulator to analyze the limitations of the integrity monitoring function. It presents the brief test results using the proposed methods for detection and identification of satellite anomalies.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.2
• /
• pp.41-47
• /
• 2012

MANET has vulnerable structure on security owing to structural characteristics as follows. MANET consisted of moving nodes is that every nodes have to perform function of router. Every node has to provide reliable routing service in cooperation each other. These properties are caused by expose to various attacks. But, it is difficult that position of environment intrusion detection system is established, information is collected, and particularly attack is detected because of moving of nodes in MANET environment. It is not easy that important profile is constructed also. In this paper, conformal predictor - support vector machine(CP-SVM) based intrusion detection technique was proposed in order to do more accurate and efficient intrusion detection. In this study, IDS-agents calculate p value from collected packet and transmit to cluster head, and then other all cluster head have same value and detect abnormal behavior using the value. Cluster form of hierarchical structure was used to reduce consumption of nodes also. Effectiveness of proposed method was confirmed through experiment.

• International journal of advanced smart convergence
• /
• v.12 no.3
• /
• pp.32-39
• /
• 2023

This paper provides a comprehensive overview of UAV classification, tracking, and detection, offering researchers a clear understanding of these fundamental concepts. It elucidates how classification categorizes UAVs based on attributes, how tracking monitors real-time positions, and how detection identifies UAV presence. The interconnectedness of these aspects is highlighted, with detection enhancing tracking and classification aiding in anomaly identification. Moreover, the paper emphasizes the relevance of simulations in the context of drones and UAVs, underscoring their pivotal role in training, testing, and research. By succinctly presenting these core concepts and their practical implications, the paper equips researchers with a solid foundation to comprehend and explore the complexities of UAV operations and the role of simulations in advancing this dynamic field.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.839-850
• /
• 2014

As the social and financial damages caused by APT attack such as 3.20 cyber terror are increased, the technical solution against APT attack is required. It is, however, difficult to protect APT attack with existing security equipments because the attack use a zero-day malware persistingly. In this paper, we propose a host based anomaly detection method to overcome the limitation of the conventional signature-based intrusion detection system. First, we defined 39 features to identify between normal and abnormal behavior, and then collected 8.7 million feature data set that are occurred during running both malware and normal executable file. Further, each process is represented as 83-dimensional vector that profiles the frequency of appearance of features. the vector also includes the frequency of features generated in the child processes of each process. Therefore, it is possible to represent the whole behavior information of the process while the process is running. In the experimental results which is applying C4.5 decision tree algorithm, we have confirmed 2.0% and 5.8% for the false positive and the false negative, respectively.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.649-653
• /
• 2006

In this paper, we propose a hybrid feature extraction method in which Principal Components Analysis is combined with optimized k-Means clustering technique. Our approach hierarchically reduces the redundancy of features with high explanation in principal components analysis for choosing a good subset of features critical to improve the performance of classifiers. Based on this result, we evaluate the performance of intrusion detection by using Support Vector Machine and a nonparametric approach based on k-Nearest Neighbor over data sets with reduced features. The Experiment results with KDD Cup 1999 dataset show several advantages in terms of computational complexity and our method achieves significant detection rate which shows possibility of detecting successfully attacks.

• Convergence Security Journal
• /
• v.24 no.3
• /
• pp.13-21
• /
• 2024

Recently, with the rapid expansion of networks driven by the advancements of the Fourth Industrial Revolution, cybersecurity threats are becoming increasingly severe. Traditional signature-based Network Intrusion Detection Systems (NIDS) are effective in detecting known attacks but show limitations when faced with new threats such as Advanced Persistent Threats (APT). Additionally, deep learning models based on supervised learning can lead to biased decision boundaries due to the imbalanced nature of network traffic data, where normal traffic vastly outnumbers malicious traffic. To address these challenges, this paper proposes a network intrusion detection method based on one-class models that learn only from normal data to identify abnormal traffic. The effectiveness of this approach is validated through experiments using the Deep SVDD and MemAE models on the NSL-KDD dataset. Comparative analysis with supervised learning models demonstrates that the proposed method offers superior adaptability and performance in real-world scenarios.

• Smart Structures and Systems
• /
• v.29 no.1
• /
• pp.251-266
• /
• 2022

Structural Health Monitoring (SHM) of critical infrastructure comprises a major pillar of maintenance management, shielding public safety and economic sustainability. Although SHM is usually associated with data-driven metrics and thresholds, expert judgement is essential, especially in cases where erroneous predictions can bear casualties or substantial economic loss. Considering that visual inspections are time consuming and potentially subjective, artificial-intelligence tools may be leveraged in order to minimize the inspection effort and provide objective outcomes. In this context, timely detection of sensor malfunctioning is crucial in preventing inaccurate assessment and false alarms. The present work introduces a sensor-fault detection and interpretation framework, based on the well-established support-vector machine scheme for anomaly detection, combined with a coalitional game-theory approach. The proposed framework is implemented in two datasets, provided along the 1st International Project Competition for Structural Health Monitoring (IPC-SHM 2020), comprising acceleration and cable-load measurements from two real cable-stayed bridges. The results demonstrate good predictive performance and highlight the potential for seamless adaption of the algorithm to intrinsically different data domains. For the first time, the term "decision trajectories", originating from the field of cognitive sciences, is introduced and applied in the context of SHM. This provides an intuitive and comprehensive illustration of the impact of individual features, along with an elaboration on feature dependencies that drive individual model predictions. Overall, the proposed framework provides an easy-to-train, application-agnostic and interpretable anomaly detector, which can be integrated into the preprocessing part of various SHM and condition-monitoring applications, offering a first screening of the sensor health prior to further analysis.

• Nuclear Engineering and Technology
• /
• v.52 no.10
• /
• pp.2262-2273
• /
• 2020

Digital twin technology can provide significant value for the prognostics and health management (PHM) of critical plant components by improving insight into system design and operating conditions. Digital twinning of systems can be utilized for anomaly detection, diagnosis and the estimation of the system's remaining useful life in order to optimize operations and maintenance processes in a nuclear plant. In this regard, a conceptual framework for the application of digital twin technology for the prognosis of Control Element Drive Mechanism (CEDM), and a data-driven approach to anomaly detection using coil current profile are presented in this study. Health management of plant components can capitalize on the data and signals that are already recorded as part of the monitored parameters of the plant's instrumentation and control systems. This work is focused on the development of machine learning algorithm and workflow for the analysis of the CEDM using the recorded coil current data. The workflow involves features extraction from the coil-current profile and consequently performing both clustering and classification algorithms. This approach provides an opportunity for health monitoring in support of condition-based predictive maintenance optimization and in the development of the CEDM digital twin model for improved plant safety and availability.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2021.07a
• /
• pp.145-146
• /
• 2021

본 연구에서는 카메라의 촬영 시점에 의해서 발생되는 원근감이 광학 흐름 생성에 어떠한 영향을 주는지 살펴보고 광학 흐름 기반 이상행동 탐지 솔루션의 성능을 고도화하기 위해 기존 광학 흐름 영상으로부터 소실점 기반 가중치 행렬을 계산하여 원근감에 따른 광학 흐름 정도를 평활하는 기법에 대해서 연구한다. 카메라의 뷰포인트에 따라 원근감의 발생 정도나 객체의 크기 및 움직임의 정도가 달라지게 되며, 이는 원본 영상 프레임을 광학 흐름의 크기와 방향성으로 표현하는 영상 변환 네트워크를 가진 생성적 적대 신경망을 학습할 때 정상적인 행동 패턴의 범위를 결정짓는 데 방해가 될 수 있다. 이러한 문제를 해결하기 위하여 데이터셋의 배경으로부터 소실점을 추출하고 원근감에 따라 결정되는 광학 흐름의 크기를 평활하는 기법을 개발하여 기존 모델의 성능과 비교하였으며, 프레임 단위의 정확도 성능이 5.75% 향상된 것으로 확인되었다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2020.07a
• /
• pp.13-14
• /
• 2020

본 논문에서는 엣지 컴퓨팅 환경에서 머신러닝을 활용해 에스컬레이터 이상 감지 및 결함 분류를 하는 연구를 진행하였다. 엣지 컴퓨팅 기반 머신러닝을 사용해 에스컬레이터의 이상 감지 및 결함 분류를 위한 OneM2M환경을 구축하였으며 에스컬레이터에서 발생하는 소음에서 고장 유형에 따라 나타나는 주파수를 이용한다. Edge TPU를 활용해 엣지 컴퓨팅 시스템의 처리량을 최대화하고, 각 작업의 수행시간을 최소화함으로써 엣지 컴퓨팅 환경에서 이상 감지와 결함 분류를 수행할 수 있다.