• 전자통신동향분석
• /
• 제38권5호
• /
• pp.71-80
• /
• 2023

With the rapid advancement of the Internet, the use of encrypted traffic has surged in order to protect data during transmission. Simultaneously, network attacks have also begun to leverage encrypted traffic, leading to active research in the field of encrypted traffic analysis to overcome the limitations of traditional detection methods. In this paper, we provide an overview of the encrypted traffic analysis field, covering the analysis process, domains, models, evaluation methods, and research trends. Specifically, it focuses on the research trends in the field of anomaly detection in encrypted network traffic analysis. Furthermore, considerations for model development in encrypted traffic analysis are discussed, including traffic dataset composition, selection of traffic representation methods, creation of analysis models, and mitigation of AI model attacks. In the future, the volume of encrypted network traffic will continue to increase, particularly with a higher proportion of attack traffic utilizing encryption. Research on attack detection in such an environment must be consistently conducted to address these challenges.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2013년도 춘계학술대회
• /
• pp.373-376
• /
• 2013

Nowadays, eyes detection is required and considered as the most important step in several applications, such as eye tracking, face identification and recognition, facial expression analysis and iris detection. This paper presents the eyes detection in facial images using Harris corner detection. Firstly, Haar-like features for face detection is used to detect a face region in an image. To separate the region of the eyes from a whole face region, the projection function is applied in this paper. At the last step, Harris corner detection is used to detect the eyes location. In experimental results, the eyes location on both grayscale and color facial images were detected accurately and effectively.

• 대한원격탐사학회:학술대회논문집
• /
• 대한원격탐사학회 2008년도 International Symposium on Remote Sensing
• /
• pp.163-168
• /
• 2008

KOMPSAT-3 is expected to provide data with 80-cm spatial resolution, which can be used to detect environmental change and create thematic maps such as land-use and land-cover maps. However, to analyze environmental change, change-detection technologies that use multi-resolution and high-resolution satellite images simultaneously must be developed and linked to each other. This paper describes a GIS-based strategy and methodology for revealing global and local environmental change. In the pre-processing step, we performed geometric correction using satellite, auxiliary, and training data and created a new classification system. We also describe the available technology for connecting global and local change-detection analysis.

• ETRI Journal
• /
• 제43권1호
• /
• pp.152-162
• /
• 2021

In the last few years, detection has become a powerful methodology for network protection and security. This paper presents a new detection scheme for data recorded over a computer network. This approach is applicable to the broad scientific field of information security, including intrusion detection and prevention. The proposed method employs bidimensional (time-frequency) data representations of the forms of the short-time Fourier transform, as well as the Wigner distribution. Moreover, the method applies matrix factorization using singular value decomposition and principal component analysis of the two-dimensional data representation matrices to detect intrusions. The current scheme was evaluated using numerous tests on network activities, which were recorded and presented in the KDD-NSL and UNSW-NB15 datasets. The efficiency and robustness of the technique have been experimentally proved.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2008년도 춘계종합학술대회 A
• /
• pp.805-808
• /
• 2008

본 논문에서는 교차로 사고음 자동검지시스템의 검지율 향상을 위하여 다양한 음향패턴을 분석하였는데, 자동검지의 방해요소인 차종별 경적음과 특수목적용 차량의 사이렌음의 음향패턴은 일반적으로 사고음과 비슷한 음압을 가지고 있으나, 각각 다른 주기적인 형태의 주파수 파형으로 구성되어 있음을 확인하였다. 이를 위해, 교차로사고 자동음향감지시스템의 각종 방해요소(자동차 경적, 사이렌음, 기타 잡음 등)들의 파형 및 주파수 특성 등을 분석하는 음향인식기법을 도입하였다. 연구결과, 일반적인 교통소음과 교통사고음의 음향패턴을 비교하면 많은 차이가 있으며, 차량소통의 유무에 따라 약 20[dB]의 오차범위가 존재하는 것으로 나타났다.

• 디지털산업정보학회논문지
• /
• 제16권1호
• /
• pp.67-78
• /
• 2020

Typical security solutions such as intrusion detection system are not suitable for detecting advanced persistent attack(APT), because they cannot draw the big picture from trivial events of security solutions. Researches on techniques for detecting multiple stage attacks by analyzing the correlations between security events or alerts are being actively conducted in academic field. However, these studies still use events from existing security system, and there is insufficient research on the structure of the entire security system suitable for advanced persistent attacks. In this paper, we propose an attack path and intention recognition system suitable for multiple stage attacks like advanced persistent attack detection. The proposed system defines the trace format and overall structure of the system that detects APT attacks based on the correlation and behavior analysis, and is designed with a structure of detection system using deep learning and big data technology, etc.

• International Journal of Computer Science & Network Security
• /
• 제23권5호
• /
• pp.179-192
• /
• 2023

The widespread use of Cloud Computing, Internet of Things (IoT), and social media in the Information Communication Technology (ICT) field has resulted in continuous and unavoidable cyber-attacks on users and critical infrastructures worldwide. Traditional security measures such as firewalls and encryption systems are not effective in countering these sophisticated cyber-attacks. Therefore, Intrusion Detection and Prevention Systems (IDPS) are necessary to reduce the risk to an absolute minimum. Although IDPSs can detect various types of cyber-attacks with high accuracy, their performance is limited by a high false alarm rate. This study proposes a new technique called Fuzzy Logic - Objective Risk Analysis (FLORA) that can significantly reduce false positive alarm rates and maintain a high level of security against serious cyber-attacks. The FLORA model has a high fuzzy accuracy rate of 90.11% and can predict vulnerabilities with a high level of certainty. It also has a mechanism for monitoring and recording digital forensic evidence which can be used in legal prosecution proceedings in different jurisdictions.

• Journal of Electrical Engineering and Technology
• /
• 제13권2호
• /
• pp.829-837
• /
• 2018

In this paper, a flux linkage model based on four magnetization curves fitting is proposed for three-phase 12/8 switched reluctance motor (SRM), with the analysis of the basic principle of flux detection method and function analysis method. In the model, the single value function mapping relationship between position angle and flux is established, which can achieve a direct estimation of rotor position. The realization scheme of SRM indirect position detection system is presented. It is proved by simulation and experiment that the proposed scheme is suitable for rotor position detection of SRM, and has high accuracy of position estimation.

• International Journal of Advanced Culture Technology
• /
• 제9권4호
• /
• pp.288-294
• /
• 2021

There are various ways to be infected with malicious code due to the increase in Internet use, such as the web, affiliate programs, P2P, illegal software, DNS alteration of routers, word processor vulnerabilities, spam mail, and storage media. In addition, malicious codes are produced more easily than before through automatic generation programs due to evasion technology according to the advancement of production technology. In the past, the propagation speed of malicious code was slow, the infection route was limited, and the propagation technology had a simple structure, so there was enough time to study countermeasures. However, current malicious codes have become very intelligent by absorbing technologies such as concealment technology and self-transformation, causing problems such as distributed denial of service attacks (DDoS), spam sending and personal information theft. The existing malware detection technique, which is a signature detection technique, cannot respond when it encounters a malicious code whose attack pattern has been changed or a new type of malicious code. In addition, it is difficult to perform static analysis on malicious code to which code obfuscation, encryption, and packing techniques are applied to make malicious code analysis difficult. Therefore, in this paper, a method to detect malicious code through dynamic analysis and static analysis using Trojan-type Downloader/Dropper malicious code was showed, and suggested to malicious code detection and countermeasures.

• 한국멀티미디어학회논문지
• /
• 제23권8호
• /
• pp.915-926
• /
• 2020

Outlier detection methods help one to identify unusual instances in data that may correspond to erroneous, exceptional, or surprising events or behaviors. This work studies conditional outlier detection, a special instance of the outlier detection problem, in the context of incorrect data label identification. Unlike conventional (unconditional) outlier detection methods that seek abnormalities across all data attributes, conditional outlier detection assumes data are given in pairs of input (condition) and output (response or label). Accordingly, the goal of conditional outlier detection is to identify incorrect or unusual output assignments considering their input as condition. As a solution to conditional outlier detection, this paper proposes the ratio-based outlier scoring (ROS) approach and its variant. The propose solutions work by adopting conventional outlier scores and are able to apply them to identify conditional outliers in data. Experiments on synthetic and real-world image datasets are conducted to demonstrate the benefits and advantages of the proposed approaches.