• Title/Summary/Keyword: false alarms

Search Result 199, Processing Time 0.024 seconds

A Design of false alarm analysis framework of intrusion detection system by using incremental mining method (점진적 마이닝 기법을 적용한 침입탐지 시스템의 오 경보 분석 프레임워크 설계)

  • Kim Eun-Hee;Ryu Keun-Ho
    • The KIPS Transactions:PartC
    • /
    • v.13C no.3 s.106
    • /
    • pp.295-302
    • /
    • 2006
  • An intrusion detection system writes a lot of alarms against attack behaviors in real time. These alarms contain not only actual attack alarms, but also false alarms that are mistakes made by the intrusion detection system. False alarms are the main reason that reduces the efficiency of the intrusion detection system, and we propose framework for false alarms analysis in the paper. Also, we apply an incremental data mining method for pattern analysis of false alarms increasing continuously. The framework consists of GUI, DB Manager, Alert Preprocessor, and False Alarm Analyzer. We analyze the false alarms increasingly through the experiment of the proposed framework and show that false alarms are reduced by applying the analyzed false alarm rules in the intrusion detection system.

Refinement for Loops in Buffer-Overrun Abstract Interpretation (요약해석을 이용한 버퍼오버런 분석에서 루프 분석결과의 정교화)

  • Oh, Hak-Joo;Yi, Kwang-Keun
    • Journal of KIISE:Computing Practices and Letters
    • /
    • v.14 no.1
    • /
    • pp.111-115
    • /
    • 2008
  • We present a simple and effective method to reduce loop-related false alarms raised by buffer-overrun static program analyzer. Interval domain buffer-overrun analyzer raise many false alarms in analyzing programs that frequently use loops and arrays. Firstly, we classified patterns of loop-related false alarms for loop-intensive programs, such as embedded programs or mathematical libraries. After that we designed a simple and effective false alarm refiner, specialized for the loop-related false alarms we classified. After the normal analysis of program in which alarms considered as false. We implemented this method on our buffer-overrun analyzer with the result that our refinement method decreased the number of false alarms by 32% of total amount the analyzer reported.

The Analysis of IDS Alarms based on AOI (AOI에 기반을 둔 침입탐지시스템의 알람 분석)

  • Jung, In-Chul;Kwon, Young-S.
    • IE interfaces
    • /
    • v.21 no.1
    • /
    • pp.33-42
    • /
    • 2008
  • To analyze tens of thousands of alarms triggered by the intrusion detections systems (IDS) a day has been very time-consuming, requiring human administrators to stay alert for all time. But most of the alarms triggered by the IDS prove to be the false positives. If alarms could be correctly classified into the false positive and the false negative, then we could alleviate most of the burden of human administrators and manage the IDS far more efficiently. Therefore, we present a new approach based on attribute-oriented induction (AOI) to classify alarms into the false positive and the false negative. The experimental results show the proposed approach performs very well.

Spectrum Sensing and Data Transmission in a Cognitive Relay Network Considering Spatial False Alarms

  • Tishita, Tasnina A.;Akhter, Sumiya;Islam, Md. Imdadul;Amin, M. Ruhul
    • Journal of Information Processing Systems
    • /
    • v.10 no.3
    • /
    • pp.459-470
    • /
    • 2014
  • In this paper, the average probability of the symbol error rate (SER) and throughput are studied in the presence of joint spectrum sensing and data transmission in a cognitive relay network, which is in the environment of an optimal power allocation strategy. In this investigation, the main component in calculating the secondary throughput is the inclusion of the spatial false alarms, in addition to the conventional false alarms. It has been shown that there exists an optimal secondary power amplification factor at which the probability of SER has a minimum value, whereas the throughput has a maximum value. We performed a Monte-Carlo simulation to validate the analytical results.

Design and Implementation of Static Program Analyzer Finding All Buffer Overrun Errors in C Programs (C 프로그램의 버퍼 오버런(buffer overrun) 오류를 찾아 주는 정적 분석기의 설계와 구현)

  • Yi Kwang-Keun;Kim Jae-Whang;Jung Yung-Bum
    • Journal of KIISE:Software and Applications
    • /
    • v.33 no.5
    • /
    • pp.508-524
    • /
    • 2006
  • We present our experience of combining, in a realistic setting, a static analyzer with a statistical analysis. This combination is in order to reduce the inevitable false alarms from a domain-unaware static analyzer. Our analyzer named Airac(Array Index Range Analyzer for C) collects all the true buffer-overrun points in ANSI C programs. The soundness is maintained, and the analysis' cost-accuracy improvement is achieved by techniques that static analysis community has long accumulated. For still inevitable false alarms (e.g. Airac raised 970 buffer-overrun alarms in commercial C programs of 5.3 million lines and 737 among the 970 alarms were false), which are always apt for particular C programs, we use a statistical post analysis. The statistical analysis, given the analysis results (alarms), sifts out probable false alarms and prioritizes true alarms. It estimates the probability of each alarm being true. The probabilities are used in two ways: 1) only the alarms that have true-alarm probabilities higher than a threshold are reported to the user; 2) the alarms are sorted by the probability before reporting, so that the user can check highly probable errors first. In our experiments with Linux kernel sources, if we set the risk of missing true error is about 3 times greater than false alarming, 74.83% of false alarms could be filtered; only 15.17% of false alarms were mixed up until the user observes 50% of the true alarms.

Development of Alarm System Using Fault Tree Analysis for Pumping Station and Reservoir of Waterworks (Fault Tree 분석에 의한 상수도 가압장과 배수지의 경보시스템 구축)

  • Ahn, Yong-Po;Song, Moo-Geun;Lee, Dong-Ik
    • Journal of Korean Society of Water and Wastewater
    • /
    • v.25 no.6
    • /
    • pp.847-859
    • /
    • 2011
  • This paper presents an alarm system for the integrated monitoring and control station of waterworks in Daegu City. An alarm system informs the operator or other responsible individuals about the abnormality in the process so that an appropriate action can be taken. In practice, operators receive far more false and nuisance alarms than valid and useful alarms. Too many false and nuisance alarms can distract the operator from operating the plant, and thus critical alarms may be ignored. This problem can lead to the point that the operator no longer trusts the alarms or even shuts down the whole monitoring system. This paper proposes an efficient method to reduce false and nuisance alarms by prioritizing every fault using the Fault Tree Analysis (FTA) technique. The effectiveness of the proposed method is evaluated with a set of computer simulation under various faulty conditions.

The impact of modern airport security protocols on patients with total shoulder replacements

  • Michael D. Scheidt;Neal Sethi;Matthew Ballard;Michael Wesolowski;Dane Salazar;Nickolas Garbis
    • Clinics in Shoulder and Elbow
    • /
    • v.26 no.4
    • /
    • pp.416-422
    • /
    • 2023
  • Background: Advancements in airport screening measures in response to 9/11 have resulted in increased false alarm rates for patients with orthopedic and metal implants. With the implementation of millimeter-wave scanning technology, it is important to assess the changes in airport screening experiences of patients who underwent total shoulder arthroplasty (TSA). Methods: Here, 197 patients with prior anatomic and reverse TSA completed between 2013 and 2020 responded to a questionnaire regarding their experiences with airport travel screening after their operation. Of these patients, 86 (44%) stated that they had traveled by plane, while 111 (56%) had not. The questionnaire addressed several measures including the number of domestic and international flights following the operation, number of false alarm screenings by the millimeter-wave scanner, patient body habitus, and presence of additional metal implants. Results: A total of 53 patients (62%) responded "yes" to false screening alarms due to shoulder arthroplasty. The odds of a false screening alarm for patients with other metal implants was 5.87 times that of a false screening alarm for patients with no other metal implants (P<0.1). Of a reported 662 flights, 303 (45.8%) resulted in false screening alarms. Greater body mass index was not significantly lower in patients who experienced false screening alarms (P=0.30). Conclusions: Patients with anatomic and reverse TSA trigger false alarms with millimeter-wave scanners during airport screening at rates consistent with prior reports following 9/11. Patient education on the possibility of false alarms during airport screening is important until improvements in implant identification are made. Level of evidence: IV.

Study of the Improvement of False Fire Alarms in Analog Photoelectric Type Smoke Detectors (아날로그 광전식 연기감지기 비화재보 개선에 대한 연구)

  • Seo, Byung Keun;Nam, Sang Gu
    • Fire Science and Engineering
    • /
    • v.30 no.5
    • /
    • pp.108-115
    • /
    • 2016
  • Fire detectors play an important role in alerting the related people to the initial stages of fire to protect assets and life. Therefore, the performance in detecting fires in the early stages without the risk of false alarms is important. Owing to a recent revision of the national fire safety standards to install smoke detectors in living rooms used for sleeping, staying, hospitalizing in apartment house/efficiency apartment/lodging facility/medical facility/facility for elderly and young, the application of smoke detectors is increasing. On the other hand, there is lack of research in preventing false alarms. This study improved algorithms to prevent false alarms in analog photoelectric smoke detector's due to sudden dust and better classify pollution and fire signals through a self-compensatory function. Through this study, alternatives are suggested to reduce the number of false alarms of Analog Photoelectric smoke detectors, and prevent financial losses due to false alarms.

Deep Learning-Based, Real-Time, False-Pick Filter for an Onsite Earthquake Early Warning (EEW) System (온사이트 지진조기경보를 위한 딥러닝 기반 실시간 오탐지 제거)

  • Seo, JeongBeom;Lee, JinKoo;Lee, Woodong;Lee, SeokTae;Lee, HoJun;Jeon, Inchan;Park, NamRyoul
    • Journal of the Earthquake Engineering Society of Korea
    • /
    • v.25 no.2
    • /
    • pp.71-81
    • /
    • 2021
  • This paper presents a real-time, false-pick filter based on deep learning to reduce false alarms of an onsite Earthquake Early Warning (EEW) system. Most onsite EEW systems use P-wave to predict S-wave. Therefore, it is essential to properly distinguish P-waves from noises or other seismic phases to avoid false alarms. To reduce false-picks causing false alarms, this study made the EEWNet Part 1 'False-Pick Filter' model based on Convolutional Neural Network (CNN). Specifically, it modified the Pick_FP (Lomax et al.) to generate input data such as the amplitude, velocity, and displacement of three components from 2 seconds ahead and 2 seconds after the P-wave arrival following one-second time steps. This model extracts log-mel power spectrum features from this input data, then classifies P-waves and others using these features. The dataset consisted of 3,189,583 samples: 81,394 samples from event data (727 events in the Korean Peninsula, 103 teleseismic events, and 1,734 events in Taiwan) and 3,108,189 samples from continuous data (recorded by seismic stations in South Korea for 27 months from 2018 to 2020). This model was trained with 1,826,357 samples through balancing, then tested on continuous data samples of the year 2019, filtering more than 99% of strong false-picks that could trigger false alarms. This model was developed as a module for USGS Earthworm and is written in C language to operate with minimal computing resources.

Reduction of False Alarm Signals for PIR Sensor in Realistic Outdoor Surveillance

  • Hong, Sang Gi;Kim, Nae Soo;Kim, Whan Woo
    • ETRI Journal
    • /
    • v.35 no.1
    • /
    • pp.80-88
    • /
    • 2013
  • A passive infrared or pyroelectric infrared (PIR) sensor is mainly used to sense the existence of moving objects in an indoor environment. However, in an outdoor environment, there are often outbreaks of false alarms from environmental changes and other sources. Therefore, it is difficult to provide reliable detection outdoors. In this paper, two algorithms are proposed to reduce false alarms and provide trustworthy quality to surveillance systems. We gather PIR signals outdoors, analyze the collected data, and extract the target features defined as window energy and alarm duration. Using these features, we model target and false alarms, from which we propose two target decision algorithms: window energy detection and alarm duration detection. Simulation results using real PIR signals show the performance of the proposed algorithms.