• Journal of the Korean Institute of Intelligent Systems
• /
• v.14 no.4
• /
• pp.451-456
• /
• 2004

Signature based intrusion detection system (IDS), having stored rules for detecting intrusions at the library, judges whether new inputs are intrusion or not by matching them with the new inputs. However their policy has two restrictions generally. First, when they couldn't make rules against new intrusions, false negative (FN) errors may are taken place. Second, when they made a lot of rules for maintaining diversification, the amount of resources grows larger proportional to their amount. In this paper, we propose the learning algorithm which can evolve the competent of anomaly detectors having the ability to detect anomalous attacks by genetic algorithm. The anomaly detectors are the population be composed of by following the negative selection procedure of the biological immune system. To show the effectiveness of proposed system, we apply the learning algorithm to the artificial network environment, which is a computer security system.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.14 no.1
• /
• pp.75-81
• /
• 2004

Signature based intrusion detection system (IDS), having stored rules for detecting intrusions at the library, judges whether new inputs are intrusion or not by matching them with the new inputs. However their policy has two restrictions generally. First, when they couldn`t make rules against new intrusions, false negative (FN) errors may are taken place. Second, when they made a lot of rules for maintaining diversification, the amount of resources grows larger proportional to their amount. In this paper, we propose the learning algorithm which can evolve the competent of anomaly detectors having the ability to detect anomalous attacks by genetic algorithm. The anomaly detectors are the population be composed of by following the negative selection procedure of the biological immune system. To show the effectiveness of proposed system, we apply the learning algorithm to the artificial network environment, which is a computer security system.

• Journal of Communication Design
• /
• v.63
• /
• pp.336-347
• /
• 2018

Nowadays, in Korea, the number of campers is increased over 5 million. Many Korean camping brands have excellent qualities however, a lot of times weak brand identities to be globally known. The purpose of this study is to provide helpful sources to have strong brand identities, add more values based on related word research from big data and market research. The data is to be analysed by sensible & cognitive approaches. The keywords for the sensible research are 'camping, camp, camping brand, and camping design'. Then 17 representative oversea brands and 10 Korean brands were analysed for the market researches. From related word research from big data, we can find out the thinking process of potential consumers, how people communicates to exchange information, and what can be the sources to add brand values. Also from the market researches, we were able to find that successful brands have distinctive brand identities, stories, logos with representable colors and they continuous produce signature designs and own way of color matching.

• Journal of Korean Society of Environmental Engineers
• /
• v.22 no.5
• /
• pp.939-947
• /
• 2000

Enhanced biological phosphorus removal (EBPR) was performed in an anaerobic/aerobic sequencing batch reactor (SBR). Influent was a synthetic wastewater based on acetate as a carbon source. The sludge age and hydraulic retention time were kept at 10 days and 16 hrs, respectively, Phosphate release during the anaerobic period and phosphate uptake in aerobic period were increased gradually with time. and after about 200 days, steady-state operation could be achieved with complete removal of influent phosphate. Number distribution of microbial community in the sludge performing EBPR was investigated during the steady state operation. 17 rRNA targeted oligonucleotide probes were designed and slot hybridization technique was used to determine the number distribution of each microorganism. In the acetate fed SBR, rRNA belonging to the beta subclass of proteobacteria was the most dominant in total rRNA and rRNA matching to CTE probe was the second, rRNAs of Acinetobacter, Aeromonas and Pseudomonas, which are usually thought as phosphorus accumulating organisms in EBPR processes, constituted less than 10% of total rRNA. From this community analysis, it was inferred that microorganisms belong to the beta subclass of proteobacteia (BET) and CTE such as Rhodocyclus group were important in biological phosphorus removal. Therefore, the role of Acinetobacter, Aeromonas and Pseudomonas in the EBPR might have been overestimated.

• Journal of KIISE
• /
• v.44 no.1
• /
• pp.1-12
• /
• 2017

The continuously growing internet service requirements has resulted in a multitier system structure consisting of web server and database (DB) server. In this multitier structure, the existing intrusion detection system (IDS) detects known attacks by matching misused traffic patterns or signatures. However, malicious change to the contents at DB server through hypertext transfer protocol (HTTP) requests at the DB server cannot be detected by the IDS at the DB server's end, since the DB server processes structured query language (SQL) without knowing the associated HTTP, while the web server cannot identify the response associated with the attacker's SQL query. To detect these types of attacks, the malicious user is tracked using knowledge on interaction between HTTP request and SQL query. However, this is a practical challenge because system's source code analysis and its application logic needs to be understood completely. In this study, we proposed a scheme to find the HTTP request associated with a given SQL query using only system log files. We first generated an HTTP request-SQL query map from system log files alone. Subsequently, the HTTP request associated with a given SQL query was identified among a set of HTTP requests using this map. Computer simulations indicated that the proposed scheme finds the HTTP request associated with a given SQL query with 94% accuracy.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.45 no.6
• /
• pp.170-178
• /
• 2008

A high performance object recognition algorithm using Fourier description of the 3D information of the objects is proposed. Object boundaries contain sufficient information for recognition in most of objects. However, it is not well utilized as the key solution of the object recognition since obtaining the accurate boundary information is not easy. Also, object boundaries vary highly depending on the size or orientation of object. The proposed object recognition algorithm is based on 1) the accurate object boundaries extracted from the 3D shape which is obtained by the laser scan device, and 2) reduction of the required database using the size and rotational invariant feature of the Fourier Descriptor. Such Fourier information is compared with the database and the recognition is done by selecting the best matching object. The experiments have been done on the rich database of MPEG 7 Part B.

• The Journal of the Korea Contents Association
• /
• v.21 no.10
• /
• pp.59-66
• /
• 2021

In this paper, an improved integrated security control procedure is newly proposed by applying artificial intelligence technology to integrated security control and unifying the existing security control and AI security control response procedures. Current cyber security control is highly dependent on the level of human ability. In other words, it is practically unreasonable to analyze various logs generated by people from different types of equipment and analyze and process all of the security events that are rapidly increasing. And, the signature-based security equipment that detects by matching a string and a pattern has insufficient functions to accurately detect advanced and advanced cyberattacks such as APT (Advanced Persistent Threat). As one way to solve these pending problems, the artificial intelligence technology of supervised and unsupervised learning is applied to the detection and analysis of cyber attacks, and through this, the analysis of logs and events that occur innumerable times is automated and intelligent through this. The level of response has been raised in the overall aspect by making it possible to predict and block the continuous occurrence of cyberattacks. And after applying AI security control technology, an improved integrated security control service model was newly proposed by integrating and solving the problem of overlapping detection of AI and SIEM into a unified breach response process(procedure).