• Title/Summary/Keyword: detection technique

Search Result 4,102, Processing Time 0.032 seconds

Detection of GPS Clock Jump using Teager Energy (Teager 에너지를 이용한 GPS 위성 시계 도약 검출)

  • Heo, Youn-Jeong;Cho, Jeong-Ho;Heo, Moon-Beom
    • Journal of the Korean Society for Aeronautical & Space Sciences
    • /
    • v.38 no.1
    • /
    • pp.58-63
    • /
    • 2010
  • In this paper, we propose a simple technique for the detection of a frequency jump in the GPS clock behavior. GPS satellite atomic clocks have characteristics of a second order polynomial in the long term and a non-periodic frequency drift in the short term, showing a sudden frequency jump occasionally. As satellite clock anomalies influence on GPS measurements, it requires to develop a real time technique for the detection of the clock anomaly on the real-time GPS precise point positioning. The proposed technique is based on Teager energy which is mainly used in the field of various signal processing for the detection of a specific signal or symptom. Therefore, we employed the Teager energy for the detection of the jump phenomenon of GPS satellite atomic clocks, and it showed that the proposed clock anomaly detection strategy outperforms a conventional detection methodology.

Identification of Attack Group using Malware and Packer Detection (악성코드 및 패커 탐지를 이용한 공격 그룹 판별)

  • Moon, Heaeun;Sung, Joonyoung;Lee, Hyunsik;Jang, Gyeongik;Kwak, Kiyong;Woo, Sangtae
    • Journal of KIISE
    • /
    • v.45 no.2
    • /
    • pp.106-112
    • /
    • 2018
  • Recently, the number of cyber attacks using malicious code has increased. Various types of malicious code detection techniques have been researched for several years as the damage has increased. In recent years, profiling techniques have been used to identify attack groups. This paper focuses on the identification of attack groups using a detection technique that does not involve malicious code detection. The attacker is identified by using a string or a code signature of the malicious code. In addition, the detection rate is increased by adding a technique to confirm the packing file. We use Yara as a detection technique. We have research about RAT (remote access tool) that is mainly used in attack groups. Further, this paper develops a ruleset using malicious code and packer main feature signatures for RAT which is mainly used by the attack groups. It is possible to detect the attacker by detecting RAT based on the newly created ruleset.

Real-Time Change Detection Architecture Based on SOM for Video Surveillance Systems (영상 감시시스템을 위한 SOM 기반 실시간 변화 감지 기법)

  • Kim, Jongwon;Cho, Jeongho
    • The Journal of Korean Institute of Information Technology
    • /
    • v.17 no.4
    • /
    • pp.109-117
    • /
    • 2019
  • In modern society, due to various accidents and crime threats committed to an unspecified number of people, individual security awareness is increasing throughout society and various surveillance techniques are being actively studied. Still, there is a decline in robustness due to many problems, requiring higher reliability monitoring techniques. Thus, this paper suggests a real-time change detection technique to complement the low robustness problem in various environments and dynamic/static change detection and to solve the cost efficiency problem. We used the Self-Organizing Map (SOM) applied as a data clustering technique to implement change detection, and we were able to confirm the superiority of noise robustness and abnormal detection judgment compared to the detection technique applied to the existing image surveillance system through simulation in the indoor office environment.

Direction detection technique of radioactive contaminants based on rotating collimator (회전형 콜리메이터 기반 방사능 오염원의 방향탐지 기법)

  • Hwang, Young-Gwan;Song, Keun-Young;Lee, Nam-Ho
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.24 no.11
    • /
    • pp.1519-1527
    • /
    • 2020
  • AGeneral radiation measuring devices have been developed in the form of spatial dose rate detection devices that measure dose rates to radioactive contaminant and 2D or 3D imaging devices for radioactive contamination information. Each of these radiation detection techniques has advantages. The advantages of both detection devices are necessary to minimize personal injury and rapid decontamination in the area of a radioactive accident. In this paper, we proposed a technique that can measure the dose rate and direction information about the radioactive pollutant source in real time using a detection sensor, a rotating body, and a directional shield for radioactive pollutant detection. The rotational-based detection device is configured to check the dose rate and direction using the location information of the rotator and measurement value. We proposed a measurement technique for vertical and horizontal directions through multiple holes. It was confirmed that the measurement error for direction information was less than 1% when detected in the horizontal direction.

A study on the improvement ransomware detection performance using combine sampling methods (혼합샘플링 기법을 사용한 랜섬웨어탐지 성능향상에 관한 연구)

  • Kim Soo Chul;Lee Hyung Dong;Byun Kyung Keun;Shin Yong Tae
    • Convergence Security Journal
    • /
    • v.23 no.1
    • /
    • pp.69-77
    • /
    • 2023
  • Recently, ransomware damage has been increasing rapidly around the world, including Irish health authorities and U.S. oil pipelines, and is causing damage to all sectors of society. In particular, research using machine learning as well as existing detection methods is increasing for ransomware detection and response. However, traditional machine learning has a problem in that it is difficult to extract accurate predictions because the model tends to predict in the direction where there is a lot of data. Accordingly, in an imbalance class consisting of a large number of non-Ransomware (normal code or malware) and a small number of Ransomware, a technique for resolving the imbalance and improving ransomware detection performance is proposed. In this experiment, we use two scenarios (Binary, Multi Classification) to confirm that the sampling technique improves the detection performance of a small number of classes while maintaining the detection performance of a large number of classes. In particular, the proposed mixed sampling technique (SMOTE+ENN) resulted in a performance(G-mean, F1-score) improvement of more than 10%.

Analysis of the range estimation error of a target in the asynchronous bistatic sonar (비동기 양상태 소나의 표적 거리 추정 오차 분석)

  • Jeong, Euicheol;Kim, Tae-Hwan
    • The Journal of the Acoustical Society of Korea
    • /
    • v.39 no.3
    • /
    • pp.163-169
    • /
    • 2020
  • The asynchronous bistatic sonar needs to estimate direct blast arrival time at a receiver to localize targets, and therefore the direct blast arrival time estimation error could be added to target localization error in comparison with synchronous system. Direct blast especially appears as several peaks at the matched filter output by multipath, thus we compared the first peak detection technique and the maximum peak detection technique of those peaks for direct blast arrival time estimation through sea trial data. The test was performed in a shallow sea with bistatic sonar made up of spatially separated source and line array sensors. Line array sensors obtained the target signal which is generated from the echo repeater. As a result, the first peak detection technique is superior to maximum peak detection technique in direct blast arrival time estimation error. The result of this analysis will be used for further research of target tracking in the asynchronous bistatic sonar.

Machine Learning-Based Malicious URL Detection Technique (머신러닝 기반 악성 URL 탐지 기법)

  • Han, Chae-rim;Yun, Su-hyun;Han, Myeong-jin;Lee, Il-Gu
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.3
    • /
    • pp.555-564
    • /
    • 2022
  • Recently, cyberattacks are using hacking techniques utilizing intelligent and advanced malicious codes for non-face-to-face environments such as telecommuting, telemedicine, and automatic industrial facilities, and the damage is increasing. Traditional information protection systems, such as anti-virus, are a method of detecting known malicious URLs based on signature patterns, so unknown malicious URLs cannot be detected. In addition, the conventional static analysis-based malicious URL detection method is vulnerable to dynamic loading and cryptographic attacks. This study proposes a technique for efficiently detecting malicious URLs by dynamically learning malicious URL data. In the proposed detection technique, malicious codes are classified using machine learning-based feature selection algorithms, and the accuracy is improved by removing obfuscation elements after preprocessing using Weighted Euclidean Distance(WED). According to the experimental results, the proposed machine learning-based malicious URL detection technique shows an accuracy of 89.17%, which is improved by 2.82% compared to the conventional method.

Voice-Pishing Detection Algorithm Based on Minimum Classification Error Technique (최소 분류 오차 기법을 이용한 보이스 피싱 검출 알고리즘)

  • Lee, Kye-Hwan;Chang, Joon-Hyuk
    • Journal of the Institute of Electronics Engineers of Korea SP
    • /
    • v.46 no.3
    • /
    • pp.138-142
    • /
    • 2009
  • We propose an effective voice-phishing detection algorithm based on discriminative weight training. The detection of voice phishing is performed based on a Gaussian mixture model (GMM) incorporaiting minimum classification error (MCE) technique. Actually, the MCE technique is based on log-likelihood from the decoding parameter of the SMV(Selectable Mode Vocoder) directly extracted from the decoding process in the mobile phone. According to the experimental result, the proposed approach is found to be effective for the voice phishing detection.

Detecting the HTTP-GET Flood Attacks Based on the Access Behavior of Inline Objects in a Web-page Using NetFlow Data

  • Kang, Koo-Hong
    • Journal of the Korea Society of Computer and Information
    • /
    • v.21 no.7
    • /
    • pp.1-8
    • /
    • 2016
  • Nowadays, distributed denial of service (DDoS) attacks on web sites reward attackers financially or politically because our daily lifes tightly depends on web services such as on-line banking, e-mail, and e-commerce. One of DDoS attacks to web servers is called HTTP-GET flood attack which is becoming more serious. Most existing techniques are running on the application layer because these attack packets use legitimate network protocols and HTTP payloads; that is, network-level intrusion detection systems cannot distinguish legitimate HTTP-GET requests and malicious requests. In this paper, we propose a practical detection technique against HTTP-GET flood attacks, based on the access behavior of inline objects in a webpage using NetFlow data. In particular, our proposed scheme is working on the network layer without any application-specific deep packet inspections. We implement the proposed detection technique and evaluate the ability of attack detection on a simple test environment using NetBot attacker. Moreover, we also show that our approach must be applicable to real field by showing the test profile captured on a well-known e-commerce site. The results show that our technique can detect the HTTP-GET flood attack effectively.

Implementation of Supervisory System for Motion Information per Blocks (블록별 모션정보에 의한 감시시스템의 구현)

  • 김형균;오무송
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.8 no.1
    • /
    • pp.74-79
    • /
    • 2004
  • In this study, embodied supervisory system that apply motion detection technique to small web camera and detects watch picture. Motion detection technique that use pixel value of car image that use in existing need memory to store background image. Also, there is sensitive shortcoming at increase of execution time by data process of pixel unit and noise. Suggested technique that compare extracting motion information by block unit to do to have complexion that solve this shortcoming and is strong at noise. Because motion information by block compares block characteristic value of image without need frame memory, store characteristic cost by block of image. Also, can get effect that reduce influence about noise and is less sensitive to flicker etc.. of camera more than motion detection that use pixel value in process that find characteristic value by block unit.