• Smart Media Journal
• /
• v.6 no.4
• /
• pp.9-16
• /
• 2017

The railway point machine is an especially important component that changes the traveling direction of a train. Failure of the point machine may cause a serious railway accident. Therefore, early detection of failures is important for the management of railway condition monitoring systems. In this paper, we propose a noise-robust anomaly detection method in railway condition monitoring systems using sound data. First, we extract feature vectors from the spectrogram image of sound signals and convert it into modulation feature to ensure robust performance, and lastly, use the support vector machine (SVM) as an early anomaly detector of railway point machines. By the experimental results, we confirmed that the proposed method could detect the anomaly conditions of railway point machines with acceptable accuracy even under noisy conditions.

• Journal of Korea Multimedia Society
• /
• v.23 no.8
• /
• pp.915-926
• /
• 2020

Outlier detection methods help one to identify unusual instances in data that may correspond to erroneous, exceptional, or surprising events or behaviors. This work studies conditional outlier detection, a special instance of the outlier detection problem, in the context of incorrect data label identification. Unlike conventional (unconditional) outlier detection methods that seek abnormalities across all data attributes, conditional outlier detection assumes data are given in pairs of input (condition) and output (response or label). Accordingly, the goal of conditional outlier detection is to identify incorrect or unusual output assignments considering their input as condition. As a solution to conditional outlier detection, this paper proposes the ratio-based outlier scoring (ROS) approach and its variant. The propose solutions work by adopting conventional outlier scores and are able to apply them to identify conditional outliers in data. Experiments on synthetic and real-world image datasets are conducted to demonstrate the benefits and advantages of the proposed approaches.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.3
• /
• pp.1119-1143
• /
• 2014

Lightweight trust mechanism with lightweight cryptographic primitives has emerged as an important mechanism in resource constraint wireless sensor based mobile devices. In this work, outlier detection in lightweight Mobile Ad-hoc NETworks (MANETs) is extended to create the space of reliable trust cycle with anomaly detection mechanism and minimum energy losses [1]. Further, system is tested against outliers through detection ratios and anomaly scores before incorporating virtual programmable nodes to increase the efficiency. Security in proposed system is verified through ProVerif automated toolkit and mathematical analysis shows that it is strong against bad mouthing and on-off attacks. Performance of proposed technique is analyzed over different MANET routing protocols with variations in number of nodes and it is observed that system provide good amount of throughput with maximum of 20% increase in delay on increase of maximum of 100 nodes. System is reflecting good amount of scalability, optimization of resources and security. Lightweight modeling and policy analysis with lightweight cryptographic primitives shows that the intruders can be detection in few milliseconds without any conflicts in access rights.

• ETRI Journal
• /
• v.38 no.6
• /
• pp.1145-1152
• /
• 2016

Because the nodes in a wireless sensor network (WSN) are mobile and the network is highly dynamic, monitoring every node at all times is impractical. As a result, an intruder can attack the network easily, thus impairing the system. Hence, detecting anomalies in the network is very essential for handling efficient and safe communication. To overcome these issues, in this paper, we propose a rule-based anomaly detection technique using roaming honeypots. Initially, the honeypots are deployed in such a way that all nodes in the network are covered by at least one honeypot. Honeypots check every new connection by letting the centralized administrator collect the information regarding the new connection by slowing down the communication with the new node. Certain predefined rules are applied on the new node to make a decision regarding the anomality of the node. When the timer value of each honeypot expires, other sensor nodes are appointed as honeypots. Owing to this honeypot rotation, the intruder will not be able to track a honeypot to impair the network. Simulation results show that this technique can efficiently handle the anomaly detection in a WSN.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.5
• /
• pp.1301-1316
• /
• 2024

In modern warfare, missiles play a pivotal role but typically spend the majority of their lifecycle in long-term storage or standby mode, making it difficult to detect failures. Preemptive detection of missiles that will fail is crucial to preventing severe consequences, including safety hazards and mission failures. This study proposes a contamination-based stacking ensemble model, employing the local outlier factor (LOF), to detect such missiles. The proposed model creates multiple base LOF models with different contamination values and combines their anomaly scores to achieve a robust anomaly detection. A comparative performance analysis was conducted between the proposed model and the traditional single LOF model, using production-related inspection data from missiles deployed in the military. The experimental results showed that, with the contamination parameter set to 0.1, the proposed model exhibited an increase of approximately 22 percentage points in accuracy and 71 percentage points in F1-score compared to the single LOF model. This approach enables the preemptive identification of potential failures, undetectable through traditional statistical quality control methods. Consequently, it contributes to lower missile failure rates in real battlefield scenarios, leading to significant time and cost savings in the military industry.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.8
• /
• pp.23-30
• /
• 2021

In this study, we present a comparative analysis of major autoencoder(AE)-based anomaly detection methods for quality determination in the manufacturing process and a new anomaly discrimination criterion. Due to the characteristics of manufacturing site, anomalous instances are few and their types greatly vary. These properties degrade the performance of an AI-based anomaly detection model using the dataset for both normal and anomalous cases, and incur a lot of time and costs in obtaining additional data for performance improvement. To solve this problem, the studies on AE-based models such as AE and VAE are underway, which perform anomaly detection using only normal data. In this work, based on Convolutional AE, VAE, and Dilated VAE models, statistics on residual images, MSE, and information entropy were selected as outlier discriminant criteria to compare and analyze the performance of each model. In particular, the range value applied to the Convolutional AE model showed the best performance with AUC PRC 0.9570, F1 Score 0.8812 and AUC ROC 0.9548, accuracy 87.60%. This shows a performance improvement of an accuracy about 20%P(Percentage Point) compared to MSE, which was frequently used as a standard for determining outliers, and confirmed that model performance can be improved according to the criteria for determining outliers.

• ETRI Journal
• /
• v.27 no.3
• /
• pp.294-303
• /
• 2005

In this paper, a supervised algorithm for the evaluation of geophysical sites using a multi-level cellular neural network (ML-CNN) is introduced, developed, and applied to real data. ML-CNN is a stochastic image processing technique based on template optimization using neighborhood relationships of the pixels. The separation/enhancement and border detection performance of the proposed method is evaluated by various interesting real applications. A genetic algorithm is used in the optimization of CNN templates. The first application is concerned with the separation of potential field data of the Dumluca chromite region, which is one of the rich reserves of Turkey; in this context, the classical approach to the gravity anomaly separation method is one of the main problems in geophysics. The other application is the border detection of archeological ruins of the Hittite Empire in Turkey. The Hittite civilization sites located at the Sivas-Altinyayla region of Turkey are among the most important archeological sites in history, one reason among others being that written documentation was first produced by this civilization.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.617-629
• /
• 2020

In order to overcome the limitations of the rule-based intrusion detection system due to changes in Internet computing environments, the emergence of new services, and creativity of attackers, network anomaly detection (NAD) using machine learning and deep learning technologies has received much attention. Most of these existing machine learning and deep learning technologies for NAD use supervised learning methods to learn a set of training data set labeled 'normal' and 'attack'. This paper presents the feasibility of the unsupervised learning AutoEncoder(AE) to NAD from data sets collecting of secured network traffic without labeled responses. To verify the performance of the proposed AE mode, we present the experimental results in terms of accuracy, precision, recall, f1-score, and ROC AUC value on the NSL-KDD training and test data sets. In particular, we model a reference AE through the deep analysis of diverse AEs varying hyper-parameters such as the number of layers as well as considering the regularization and denoising effects. The reference model shows the f1-scores 90.4% and 89% of binary classification on the KDDTest+ and KDDTest-21 test data sets based on the threshold of the 82-th percentile of the AE reconstruction error of the training data set.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.131-139
• /
• 2021

In current time, anomaly detection is the primary concern of the administrative authorities. Suspicious activity identification is shifting from a human operator to a machine-assisted monitoring in order to assist the human operator and react to an unexpected incident quickly. These automatic surveillance systems face many challenges due to the intrinsic complex characteristics of video sequences and foreground human motion patterns. In this paper, we propose a novel approach to detect anomalous human activity using a hybrid approach of statistical model and Genetic Programming. The feature-set of local motion patterns is generated by a statistical model from the video data in an unsupervised way. This features set is inserted to an enhanced Genetic Programming based classifier to classify normal and abnormal patterns. The experiments are performed using publicly available benchmark datasets under different real-life scenarios. Results show that the proposed methodology is capable to detect and locate the anomalous activity in the real time. The accuracy of the proposed scheme exceeds those of the existing state of the art in term of anomalous activity detection.

• Convergence Security Journal
• /
• v.23 no.2
• /
• pp.103-113
• /
• 2023

In recent years, Unmanned Aerial Vehicles (UAV) have been widely used in various industries. However, as the depend ence on UAV increases rapidly, concerns about the security and safety of UAV are growing. Currently, various vulnerabili ties such as stealing the control right of the UAV or the right to communicate with the UAV in the web application are being disclosed. However, there is a lack of research related to the security of UAV. Therefore, in this paper, a study was conducted to determine whether the packet data was normal or abnormal by collecting packet data of an unmanned aerial vehicle in a HITL(Hardware In The Loop) simulation environment similar to the real environment. In addition, this paper proposes a method for reducing computational cost in the modeling process and increasing the ease of data interpretation, a machine learning-based anomaly detection model that detects abnormal data by learning only normal data, and optimized hyperparameter values.