• The Journal of Society for e-Business Studies
• /
• v.27 no.1
• /
• pp.1-13
• /
• 2022

With the development of network technologies, the security to protect organizational resources from internal and external intrusions and threats becomes more important. Therefore in recent years, the anomaly detection algorithm that detects and prevents security threats with respect to various security log events has been actively studied. Security anomaly detection algorithms that have been developed based on rule-based or statistical learning in the past are gradually evolving into modeling based on machine learning and deep learning. In this study, we propose a deep-autoencoder model that transforms LSTM-autoencoder as an optimal algorithm to detect insider threats in advance using various machine learning analysis methodologies. This study has academic significance in that it improved the possibility of adaptive security through the development of an anomaly detection algorithm based on unsupervised learning, and reduced the false positive rate compared to the existing algorithm through supervised true positive labeling.

• Proceedings of the KIEE Conference
• /
• 2002.07d
• /
• pp.2733-2735
• /
• 2002

본 논문에서는 원자력 발전소용 이더넷 기반 링형 실시간 제어 통신망인 ERCNet(Ethernet-based Real-Time Control Network)에서 고신뢰성을 유지하기 위한 결함 허용 방법들을 제시한다. 임의의 노드의 프로그램 동작에 이상(fault)이 발생하였을 경우, 와치독(Watchdog) 타이머로 탐지하여 링을 자동 복구하고, 그 노드가 다시 회복될 경우의 노드 추가 메커니즘을 제안한다. 이 메커니즘은 한 노드가 전체 네트워크에서 제외되거나 추가될지라도 네트워크가 운용성(operability)을 유지할 수 있도록 한다. 두 번째로, 한 채널 또는 양 채널 에러 발생시 이 에러를 대처하기 위한 채널 이중화 방식과 시스템 이중화 방식에 대해 제안한다. 마지막으로 통신망의 임의의 위치에서 이상이 발생했을 경우 그 발생 위치를 파악할 수 있는 메커니즘을 제안한다.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.24 no.3
• /
• pp.58-72
• /
• 2021

In July 2021, UNCTAD classified Korea as a developed country. After the Korean War in the 1950s, economic development was promoted despite difficult conditions, resulting in epoch-making national growth. However, in order to respond to the rapidly changing global economy, it is necessary to continuously study the domestic industrial ecosystem and prepare strategies for continuous change and growth. This study analyzed the industrial ecosystem of the automobile industry where it is possible to obtain transaction data between companies by applying complexity spatial network analysis. For data, 295 corporate data(node data) and 607 transaction data (link data) were used. As a result of checking the spatial distribution by geocoding the address of the company, the automobile industry-related companies were concentrated in the Seoul metropolitan area and the Southeastern(Dongnam) region. The node importance was measured through degree centrality, betweenness centrality, closeness centrality, and eigenvector centrality, and the network structure was confirmed by identifying density, distance, community detection, and assortativity and disassortivity. As a result, among the automakers, Hyundai Motor, Kia Motors, and GM Korea were included in the top 15 in 4 indicators of node centrality. In terms of company location, companies located in the Seoul metropolitan area were included in the top 15. In terms of company size, most of the large companies with more than 1,000 employees were included in the top 15 for degree centrality and betweenness centrality. Regarding closeness centrality and eigenvector centrality, most of the companies with 500 or less employees were included in the top 15, except for automakers. In the structure of the network, the density was 0.01390522 and the average distance was 3.422481. As a result of community detection using the fast greedy algorithm, 11 communities were finally derived.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.2
• /
• pp.221-225
• /
• 2008

In this paper, to avoid the frequency analysis requiring a high sampling rate, time-warped similarity measure algorithms, which are able to classify objects even with a low-rate sampling rate as time- series methods, are presented and proposed the DTW-Cosine algorithm, as the best classifier among them in wireless sensor networks. Two problems, local time shifting and spatial signal variation, should be solved to apply the time-warped similarity measure algorithms to wireless sensor networks. We find that our proposed algorithm can overcome those problems very efficiently and outperforms the other algorithms by at least 10.3% accuracy.

• Journal of KIISE:Databases
• /
• v.41 no.4
• /
• pp.217-225
• /
• 2014

Analysis of social media such as Twitter can yield interesting perspectives to understanding human behavior, detecting hot issues, identifying influential people, or discovering a group and community. However, it is difficult to gather the data relevant to specific topics due to the main characteristics of social media data; data is large, noisy, and dynamic. This paper proposes a new algorithm that dynamically selects the seed nodes to efficiently collect tweets relevant to topics. The algorithm utilizes attributes of users to evaluate the user influence, and dynamically selects the seed nodes during the collection process. We evaluate the proposed algorithm with real tweet data, and get satisfactory performance results.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.718-721
• /
• 2011

웹 서비스를 대상으로 하는 DDoS(Distributed Denial-of-Service) 공격 또는 유해 트래픽 유입을 탐지 또는 차단하기 위한 목적으로 HTTP(Hypertext Transfer Protocol) 트래픽을 실시간으로 분석하는 기능은 거의 모든 네트워크 트래픽 보안 솔루션들이 탑재하고 있는 필수적인 요소이다. 하지만, HTTP 트래픽의 실시간 데이터 측정 양이 시간이 지날수록 기하급수적으로 증가함에 따라, HTTP 트래픽을 실시간 패킷 단위로 분석한다는 것에 대한 성능 부담감은 날로 커지고 있는 실정이다. 이제는 응용 어플리케이션 차원에서는 성능에 대한 부담감을 해소할 수 없기 때문에 고비용의 소프트웨어 가속기나 하드웨어에 의존적인 전용 장비를 탑재하여 해결하려는 시도가 대부분이다. 본 논문에서는 현재 대부분의 PC 에 탑재되어 있는 그래픽 카드의 GPU(Graphics Processing Units)를 범용적으로 활용하고자 하는 GPGPU(General-Purpose computation on Graphics Processing Units)의 연구에 힘입어, NVIDIA사의 CUDA(Compute Unified Device Architecture)를 사용하여 네트워크 트래픽에서 HTTP 패킷 추출성능을 응용 어플리케이션 차원에서 향상시켜 보고자 하였다. HTTP 패킷 추출 연산만을 기준으로 GPU 의 연산속도는 CPU 에 비해 10 배 이상의 높은 성능을 얻을 수 있었다.

• Journal of Intelligence and Information Systems
• /
• v.16 no.1
• /
• pp.45-56
• /
• 2010

Sensor Networks are composed of many sensor nodes, which are capable of sensing, computing, and communicating with each other, and one or more sink node(s). Sensor networks collect information of various objects' identification and surrounding environment. Due to the limited resources of sensor nodes, use of wireless channel, and the lack of infrastructure, sensor networks are vulnerable to security threats. Most research of sensor networks have focused on how to detect and counter one type of attack. However, in real sensor networks, it is impractical to predict the attack to occur. Additionally, it is possible for multiple attacks to occur in sensor networks. In this paper, we propose the Secure Routing Mechanism to Defend Multiple Attacks in Sensor Networks. The proposed mechanism improves and combines existing security mechanisms, and achieves higher detection rates for single and multiple attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.131-138
• /
• 2003

With the Internet winning a huge popularity, there rise urgent problems which are related to Network Security Managements such as Protecting Network and Communication from un-authorized user. Accordingly, Using Security equipments have been common lately such as Intrusion Detection Systems, Firewalls and VPNs. Those systems. however, operate in individual system which are independent to me another. Their usage are so limited according to their vendors that they can not provide a corporate Security Solution. In this paper, we present a Hierarchical Security Management Model which can be applicable to a Network Security Policies consistently. We also propose a Policy Negotiation Mechanism and a Prototype which help us to manage Security Policies and Negotiations easier. The results of this research also can be one of the useful guides to developing a Security Policy Server or Security Techniques which can be useful in different environments. This study also shows that it is also possible to improve a Security Characteristics as a whole network and also to support Policy Associations among hosts using our mechanisms.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.851-868
• /
• 2012

After the financial crisis in 2008, the financial market still seems to be unstable with expanding the insolvency of the financial companies' real estate project financing loan in the aftermath of the lasted real estate recession. Especially after the illegal actions of people's financial institutions disclosed, while increased the anxiety of economic subjects about financial markets and weighted in the confusion of financial markets, the potential risk for the overall national economy is increasing. Thus as economic recession prolongs, the people's financial institutions having a weak profit structure and financing ability commit illegal acts in a variety of ways in order to conceal insolvent assets. Especially it is hard to find the loans of shareholder and the same borrower sharing credit risk in advance because most of them usually use a third-party's name bank account. Therefore, in order to effectively detect the fraud under other's name, it is necessary to analyze by clustering the borrowers high-related to a particular borrower through an analysis of association between the whole borrowers. In this paper, we introduce Analysis Techniques for detecting financial loan frauds in advance through an analysis of association between the whole borrowers by extending SNA(social network analysis) which is being studied by focused on sociology recently to the forensic accounting field of the financial frauds. Also this technique introduced in this pager will be very useful to regulatory authorities or law enforcement agencies at the field inspection or investigation.

• Journal of Digital Contents Society
• /
• v.19 no.4
• /
• pp.789-799
• /
• 2018

This article presents machine learning based approach on Big data to analyzing time series data for anomaly detection in such industrial complex system. Long Short-Term Memory (LSTM) network have been demonstrated to be improved version of RNN and have become a useful aid for many tasks. This LSTM based model learn the higher level temporal features as well as temporal pattern, then such predictor is used to prediction stage to estimate future data. The prediction error is the difference between predicted output made by predictor and actual in-coming values. An error-distribution estimation model is built using a Gaussian distribution to calculate the anomaly in the score of the observation. In this manner, we move from the concept of a single anomaly to the idea of the collective anomaly. This work can assist the monitoring and management of Smart Factory in minimizing failure and improving manufacturing quality.