• Water for future
• /
• v.51 no.11
• /
• pp.73-79
• /
• 2018

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.939-946
• /
• 2013

This paper proposes normal behavior profiling methods for anomaly detection in IEC 61850 based substation network. Signature based security solutions, currently used primarily, are inadequate for APT attack using zero-day vulnerabilities. Recently, some researches about anomaly detection in control network are ongoing. However, there are no published result for IEC 61850 substation network. Our proposed methods includes 3-phase preprocessing for MMS/GOOSE packets and normal behavior profiling using one-class SVM algorithm. These approaches are beneficial to detect APT attacks on IEC 61850 substation network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.321-330
• /
• 2019

Prevention of corporate confidentiality leakage by insiders in enterprises is an essential task for the survival of enterprises. In order to prevent information leakage by insiders, companies have adopted security solutions, but there is a limit to effectively detect abnormal behavior of insiders with access privileges. In this study, we use the Unsupervised Learning algorithm of the machine learning technique to effectively and efficiently cluster the normal and abnormal access logs of the worker's work screen in the manufacturing information system, which includes the company's product manufacturing history and quality information. We propose an optimal feature selection model for anomaly detection by studying clustering methods.

• Transactions of the Korean hydrogen and new energy society
• /
• v.33 no.1
• /
• pp.85-94
• /
• 2022

To detect anomaly signs of thermal runaway in advance, this study analyzed the signals from various sensors installed in lithium-ion batteries. The thermal runaway mechanism was analyzed, and measurement variables for anomalies of a battery cell were surface temperature, strain, and gas concentration. The changes and characteristics of three variables during the thermal runaway process were analyzed under the abuse environment: the overheat and the overcharge. In experiment, the thermal runaway of the battery proceeded in the initial developing stage, the outgassing stage, and the ignition stage. Analysis from the measured data indicated that the suitable variable to detect all stages of thermal runaway is the surface temperature of the battery, and surface strain is alternative.

• Journal of Internet Computing and Services
• /
• v.21 no.5
• /
• pp.109-118
• /
• 2020

Recently, people are spending a lot of time inside their homes because of various diseases. It is difficult to ask others for help in the case of a single-person household that is injured in the house or infected with a disease and needs help from others. In this study, an algorithm is proposed to detect emergency event, which are situations in which single-person households need help from others, such as injuries or disease infections, in their homes. It proposes vision pattern detection algorithms using home CCTVs, audio pattern detection algorithms using artificial intelligence speakers, activity pattern detection algorithms using acceleration sensors in smartphones, and dust pattern detection algorithms using air purifiers. However, if it is difficult to use due to security issues of home CCTVs, it proposes a fusion method combining audio, activity and dust pattern sensors. Each algorithm collected data through YouTube and experiments to measure accuracy.

• Convergence Security Journal
• /
• v.21 no.3
• /
• pp.13-23
• /
• 2021

The attacker's techniques and tools are becoming intelligent and sophisticated. Existing Anti-Virus cannot prevent security accident. So the security threats on the endpoint should also be considered. Recently, EDR security solutions to protect endpoints have emerged, but they focus on visibility. There is still a lack of detection and responsiveness. In this paper, we use real-world EDR event logs to aggregate knowledge-based MITRE ATT&CK and autoencoder-based anomaly detection techniques to detect anomalies in order to screen effective analysis and analysis targets from a security manager perspective. After that, detected anomaly attack signs show the security manager an alarm along with log information and can be connected to legacy systems. The experiment detected EDR event logs for 5 days, and verified them with hybrid analysis search. Therefore, it is expected to produce results on when, which IPs and processes is suspected based on the EDR event log and create a secure endpoint environment through measures on the suspicious IP/Process.

• Journal of Chest Surgery
• /
• v.29 no.11
• /
• pp.1197-1201
• /
• 1996

From October, 1987 to December, 1995, nine patients underwent total correction of tetralogy of Fallot in adults over 20 years of age. There were 5 male and 4 female patients aged from 22 to 42 years(mean, 29.6 years). Three patients were in New York Heart Association(NYHA) functional class II, and 6 patients in class III. The hemoglobin values ranged from 10.8 to 20.7 gm/㎗ (average, l5.6gm/㎗). The preoperative clinical features were as follows: cyanosis, 8 patients; dyspnea on exertion, 6 patients; clubbing of fingers, 5 patients; frequent upper respiratory infection, 3 patients. At the operation both infundibular and valvular stenosis were present in all patients. Reconstruction of right ventricular outflow tract(RVOT) using Goretex was required in 7 patients, and transannular patching with Goretex in 2 pateints. Left pulmonary angioplasty with pericardium was done in 2 patients. No hospital deaths occurred. Four of 9 patients(44.4%) had postoperative low cardiac output syndrome, and postoperative bleeding in 5. One patient required reoperation due to residual ventricular septal defect and tricuspid regurgitation 3 months after the first operation. The mean follow-up period was 25 months, range 11 to 77 months. All was asymptomatic and in NYHA class I. We suggest that advanced age is not contraindication to surgery in tetralogy of Fallot, and tetralogy of Fallot in adults could be operated on due to low mortality.

• 전기의세계
• /
• v.45 no.4
• /
• pp.5-12
• /
• 1996

지금까지 변압기의 유지보수는 일상순시와 전력설비를 일정기간 사용함에 따른 정기점검에 의하여 불량개소를 발견하고 보수하는 일정주기에 따른 예방보수를 하였으나, 경제적인 유지와 신뢰성 있는 전력공급을 위하여 변압기의 상태를 점검하여 정비하는 상태점검으로 전환하고 있다. 따라서 최근에는 변압기의 이상징후를 운전상태(on-line)에서 상시 감시하여 장래에 일어날 사태 등을 예측하고 그것이 치명적이기 이전에 처리하는 예측보전기술 중심으로 변하고 있다. 변압기의 내부이상을 진단하는 방법으로는 부분방전법, 절연유의 특성시험 및 가스분석법, 역률측정법, 저압서어지 시험법 등이 있으나, 진단방법의 특성 및 신뢰성을 고려할 때, 어느 한 방법으로는 불충분하므로 각종 진단 결과의 종합분석이 필요하다.

• The Journal of Society for e-Business Studies
• /
• v.19 no.4
• /
• pp.119-134
• /
• 2014

Financial companies are providing electronic financial transactions through a variety of user terminals for non-face-to-face services such as Internet banking, smart phone banking, or etc. However, in these services users' security awareness and the limitations of technical responses has frequently caused the financial loss so that fundamental protection measures are required from financial authorities. Accordingly, financial industry is planning and establishing systems that block unusual financial transactions by comprehensively analyzing and detecting user's electronic information, access information, transaction information, and so on in accordance with "Guide for building Unusual financial transactions detection system" to prevent the financial loss that happens in electronic financial transactions. In this paper, we analyze case studies of unusual financial transactions detection and prevention system that is built and operated in financial companies and current operating status and propose effects of the accident prevention and security measures later.

• Journal of the Korean GEO-environmental Society
• /
• v.13 no.2
• /
• pp.49-57
• /
• 2012

Large-scale collapse happened under excavation construction in the past. But, recently the trend that it is completed safely to minimize damages is growing because of increasing levels of design review and detecting signs of problems before the outbreak of large-scale collapse with proactive planning of measurement. In this paper, through studying case collapses over the past, it put the cause of the collapse in order. And then, after reviewing general information on management and utilization of measurement methods which importantly emerging recently, the type and cause of the problem during the excavation was reviewed. And the causes of problem were analyzed by targeting the site which unusual symptoms happened on measuring results under construction. In this study, the awareness that measurement management and subsurface investigation is highly important will increase for preventing large-scale collapse in advance.