• The Korean Journal of Applied Statistics
• /
• v.34 no.3
• /
• pp.507-521
• /
• 2021

Detecting outliers among high-dimensional data encounters a challenging problem of screening the variables since relevant information is often contained in only a few of the variables. Otherwise, when a number of irrelevant variables are included in the data, the distances between all observations tend to become similar which leads to making the degree of outlierness of all observations alike. The subspace outlier detection method overcomes the problem by measuring the degree of outlierness of the observation based on the relevant subsets of the entire variables. In this paper, we survey recent subspace outlier detection techniques, classifying them into three major types according to the subspace selection method. And we summarize the techniques of each type based on how to select the relevant subspaces and how to measure the degree of outlierness. In addition, we introduce some computing tools for implementing the subspace outlier detection techniques and present results from the simulation study and real data analysis.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.637-640
• /
• 2006

본 논문에서는 HTTP 요청, 응답 헤더정보 분석을 통해, 실시간으로 웹 공격을 탐지하는 시각화도구를 제안한다. 공격 탐지기법은 이상, 오용 탐지 기법을 통합한 방식이다. 이상 탐지는 헤더정보의 Refer와 Uri 필드를 이용한 베이지언 분포를 통한 확률 값을 이용하였으며, 오용탐지는 Snort의 공격 시그너쳐의 웹 공격부분을 사용하였다. 공격 탐지 정보의 효율적인 전달을 위해, 시각화를 GUI로 구현하였다. 본 논문에서는 사용자 에이전트의 비정상 행위 감시, 빈도 분석, 공격 에이전트 위치추적을 실시간으로 시각화하여 표현하는 기법을 제안한다.

• The Journal of Society for e-Business Studies
• /
• v.23 no.4
• /
• pp.153-169
• /
• 2018

Previous e-financial anomalies analysis and detection technology collects large amounts of electronic financial transaction logs generated from electronic financial business systems into big-data-based storage space. And it detects abnormal transactions in real time using detection rules that analyze transaction pattern profiling of existing customers and various accident transactions. However, deep analysis such as attempts to access e-finance by insiders of financial institutions with large scale of damages and social ripple effects and stealing important information from e-financial users through bypass of internal control environments is not conducted. This paper analyzes the management status of e-financial security programs of financial companies and draws the possibility that they are allies in security control of insiders who exploit vulnerability in management. In order to efficiently respond to this problem, it will present a comprehensive e-financial security management environment linked to insider threat monitoring as well as the existing e-financial transaction detection system.

• Journal of Intelligence and Information Systems
• /
• v.29 no.3
• /
• pp.229-247
• /
• 2023

With the increasing emphasis on anomaly detection across various fields, diverse anomaly detection algorithms have been developed for various data types and anomaly patterns. However, the performance of anomaly detection algorithms is generally evaluated on publicly available datasets, and the specific performance of each algorithm on anomalies of particular types remains unexplored. Consequently, selecting an appropriate anomaly detection algorithm for specific analytical contexts poses challenges. Therefore, in this paper, we aim to investigate the types of anomalies and various attributes of data. Subsequently, we intend to propose approaches that can assist in the selection of appropriate anomaly detection algorithms based on this understanding. Specifically, this study compares the performance of anomaly detection algorithms for four types of anomalies: local, global, contextual, and clustered anomalies. Through further analysis, the impact of label availability, data quantity, and dimensionality on algorithm performance is examined. Experimental results demonstrate that the most effective algorithm varies depending on the type of anomaly, and certain algorithms exhibit stable performance even in the absence of anomaly-specific information. Furthermore, in some types of anomalies, the performance of unsupervised anomaly detection algorithms was observed to be lower than that of supervised and semi-supervised learning algorithms. Lastly, we found that the performance of most algorithms is more strongly influenced by the type of anomalies when the data quantity is relatively scarce or abundant. Additionally, in cases of higher dimensionality, it was noted that excellent performance was exhibited in detecting local and global anomalies, while lower performance was observed for clustered anomaly types.

• Proceedings of the Korean Information Science Society Conference
• /
• 1998.10a
• /
• pp.712-714
• /
• 1998

공유 메모리 병렬 프로그램의 주요 문제의 하나는 공유 변수에 접근하는 비 결정적 수행이다. 본 연구에서는 공유 메모리 병렬 프로그램의 접근이상(access anomaly)을 탐지하는 방법들중 수행중 탐지 기법을 보인다. 수행중 접근이상 탐지기법은 접근이상이 존재하면 적어도 하나는 탐지 할 수 있는 장점을 가지고 있다. 수행중 탐지 기법인 English-Hebrew Labeling 은 동기화 명령을 가지고 내포 병렬 루프 프로그램에서 적용될 수 있는 레이블링 기법으로 레이블링에 많은 저장장소를 필요로 하는 단점을 가지고 있었다. 본 연구에서는 새로운 레이블링 방법을 소개하고, 기존의 English-Hebrew Labeling과 최악의 경우에 기억 장소 복잡도의 측면과 시잔 복잡도의 측면에서 효율성을 비교, 분석하게 된다.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.4
• /
• pp.13-20
• /
• 2023

In this paper, the actual data of VOC reduction facilities was analyzed through a model that detects and predicts data anomalies. Using the USAD model, which shows stable performance in the field of anomaly detection, anomalies in real-time data are detected and sensors that cause anomalies are searched. In addition, we propose a method of predicting and warning, when abnormalities that time will occur by predicting future outliers with an auto-regressive model. The experiment was conducted with the actual data of the VOC reduction facility, and the anomaly detection test results showed high detection rates with precision, recall, and F1-score of 98.54%, 89.08%, and 93.57%, respectively. As a result, averaging of the precision, recall, and F1-score for 8 sensors of detection rates were 99.64%, 99.37%, and 99.63%. In addition, the Hamming loss obtained to confirm the validity of the detection experiment for each sensor was 0.0058, showing stable performance. And the abnormal prediction test result showed stable performance with an average absolute error of 0.0902.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.738-741
• /
• 2017

금융 산업, IT 기술의 발전과 이를 융합한 핀테크 사업의 활성화에 따라 전자금융거래의 규모가 지속적으로 증가하고 있다. 이에 따라 다양한 사기 결제나 부정 결제의 위험도 증가하고 있다. 그래서 이러한 위험을 사전에 예방하기 위해 데이터 마이닝 기법을 이용한 이상거래 탐지 연구가 활발히 진행되고 있다. 본 연구에서는 데이터 마이닝을 이용한 이상거래 탐지 연구 동향을 살펴보고, 세부 응용 영역별(신용카드, 보험, 기타금융)로 최적의 성능을 보이는 기법을 비교 분석하였다. 이러한 연구의 결과는 이상거래 탐지 시스템에 대한 최신 연구 동향을 이해하고, 다양한 전자금융거래에 적용할 수 있는 범용(General-purpose) 이상거래 탐지 기술 연구에 큰 도움이 될 것으로 기대된다.

• The Korean Journal of Applied Statistics
• /
• v.27 no.7
• /
• pp.1229-1241
• /
• 2014

Most of sampling surveys have outliers and non-response missing values simultaneously. In that case, due to the effect of outliers, the result of imputation is not good enough to meet a given precision. To overcome this situation, outlier treatment should be conducted before imputation. In this paper in order for reducing the effect of outlier, we study outlier imputation methods and outlier weight adjustment methods. For the outlier detection, the method suggested by She and Owen (2011) is used. A small simulation study is conducted and for real data analysis, Monthly Labor Statistic and Briquette Consumption Survey Data are used.

• KIPS Transactions on Software and Data Engineering
• /
• v.10 no.11
• /
• pp.465-472
• /
• 2021

In this paper, we present an approach for detection of adverse drug reactions from drug reviews to compensate limitations of the spontaneous adverse drug reactions reporting system. Considering negative reviews usually contain adverse drug reactions, sentiment analysis on drug reviews was performed and extracted negative reviews. After then, MedDRA dictionary and named entity recognition were applied to the negative reviews to detect adverse drug reactions. For the experiment, drug reviews of Celecoxib, Naproxen, and Ibuprofen from 5 drug review sites, and analyzed. Our results showed that detection of adverse drug reactions is able to compensate to limitation of under-reporting in the spontaneous adverse drugs reactions reporting system.

• Smart Media Journal
• /
• v.13 no.4
• /
• pp.48-56
• /
• 2024

In the livestock industry, detecting environmental outliers and predicting data are crucial tasks. Outliers in livestock environment data, typically gathered through time-series methods, can signal rapid changes in the environment and potential unexpected epidemics. Prompt detection and response to these outliers are essential to minimize stress in livestock and reduce economic losses for farmers by early detection of epidemic conditions. This study employs two methods to experiment and compare performances in setting thresholds that define outliers in livestock environment data outlier detection. The first method is an outlier detection using Mean Squared Error (MSE), and the second is an outlier detection using a Dynamic Threshold, which analyzes variability against the average value of previous data to identify outliers. The MSE-based method demonstrated a 94.98% accuracy rate, while the Dynamic Threshold method, which uses standard deviation, showed superior performance with 99.66% accuracy.