• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.411-421
• /
• 2015

These days, a conversion of the fast-advancing ICT (Information and Communications Technologies) and the IoT (Internet of Things) has been in progress. However, these conversion Technology could lead to many of the security threat existing in the ICT environment. The security threats of car in the IoT environment could cause the property damage and casualty. There are the inadequate preparations for the car security and the difficulty of detection for the security threats by itself. In this paper, we proposed the decision-making framework for the anomaly detection and found out what are the threats of car in the IoT environment. The discrimination of the factor, path and type of threats from the attack against the car should take priority over the self-inspection and the swift handling of the attack on control system.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.43 no.4
• /
• pp.190-197
• /
• 2020

Recently there was an incident that military radars, coastal CCTVs and other surveillance equipment captured a small rubber boat smuggling a group of illegal immigrants into South Korea, but guards on duty failed to notice it until after they reached the shore and fled. After that, the detection of such vessels before it reach to the Korean shore has emerged as an important issue to be solved. In the fields of marine navigation, Automatic Identification System (AIS) is widely equipped in vessels, and the vessels incessantly transmits its position information. In this paper, we propose a method of automatically identifying abnormally behaving vessels with AIS using convolutional autoencoder (CAE). Vessel anomaly detection can be referred to as the process of detecting its trajectory that significantly deviated from the majority of the trajectories. In this method, the normal vessel trajectory is gridded as an image, and CAE are trained with images from historical normal vessel trajectories to reconstruct the input image. Features of normal trajectories are captured into weights in CAE. As a result, images of the trajectories of abnormal behaving vessels are poorly reconstructed and end up with large reconstruction errors. We show how correctly the model detects simulated abnormal trajectories shifted a few pixel from normal trajectories. Since the proposed model identifies abnormally behaving ships using actual AIS data, it is expected to contribute to the strengthening of security level when it is applied to various maritime surveillance systems.

• Journal of Korea Multimedia Society
• /
• v.24 no.8
• /
• pp.979-987
• /
• 2021

Multiple Sclerosis (MS) can be early diagnosed by detecting lesions in brain magnetic resonance images (MRI). Unsupervised anomaly detection methods based on autoencoder have been recently proposed for automated detection of MS lesions. However, these autoencoder-based methods were developed only for 2D images (e.g. 2D cross-sectional slices) of MRI, so do not utilize the full 3D information of MRI. In this paper, therefore, we propose a novel 3D autoencoder-based framework for detection of the lesion volume of MS in MRI. We first define a 3D convolutional neural network (CNN) for full MRI volumes, and build each encoder and decoder layer of the 3D autoencoder based on 3D CNN. We also add a skip connection between the encoder and decoder layer for effective data reconstruction. In the experimental results, we compare the 3D autoencoder-based method with the 2D autoencoder models using the training datasets of 80 healthy subjects from the Human Connectome Project (HCP) and the testing datasets of 25 MS patients from the Longitudinal multiple sclerosis lesion segmentation challenge, and show that the proposed method achieves superior performance in prediction of MS lesion by up to 15%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1027-1041
• /
• 2015

Recently, there are rapidly increasing cases of APT (Advanced Persistent Threat) attacks such as Verizon(2010), Nonghyup(2011), SK Communications(2011), and 3.20 Cyber Terror(2013), which cause leak of confidential information and tremendous damage to valuable assets without being noticed. Several anomaly detection technologies were studied to defend the APT attacks, mostly focusing on detection of obvious anomalies based on known malicious codes' signature. However, they are limited in detecting APT attacks and suffering from high false-negative detection accuracy because APT attacks consistently use zero-day vulnerabilities and have long latent period. Detecting APT attacks requires long-term analysis of data from a diverse set of sources collected over the long time, real-time analysis of the ingested data, and correlation analysis of individual attacks. However, traditional security systems lack sophisticated analytic capabilities, compute power, and agility. In this paper, we propose a Fast Data based real-time abnormal behavior detection system to overcome the traditional systems' real-time processing and analysis limitation.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.649-653
• /
• 2006

In this paper, we propose a hybrid feature extraction method in which Principal Components Analysis is combined with optimized k-Means clustering technique. Our approach hierarchically reduces the redundancy of features with high explanation in principal components analysis for choosing a good subset of features critical to improve the performance of classifiers. Based on this result, we evaluate the performance of intrusion detection by using Support Vector Machine and a nonparametric approach based on k-Nearest Neighbor over data sets with reduced features. The Experiment results with KDD Cup 1999 dataset show several advantages in terms of computational complexity and our method achieves significant detection rate which shows possibility of detecting successfully attacks.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.19 no.1
• /
• pp.57-64
• /
• 2024

In the industrial field, robots are used to increase productivity by replacing labors with dangerous, difficult, and hard tasks. However, failures of individual industrial robots in the entire production process may cause product defects or malfunctions, and may cause dangerous disasters in the case of manufacturing parts used in automobiles and aircrafts. Although requirements for early diagnosis of industrial robot failures are steadily increasing, there are many limitations in early detection. This paper introduces methods for diagnosing robot failures using sound-based data and deep learning. This paper also analyzes, compares, and evaluates the performance of failure diagnosis using various deep learning technologies. Furthermore, in order to improve the performance of the fault diagnosis system using deep learning technology, we propose a method to increase the accuracy of fault diagnosis based on an inference window. When adopting the inference window of deep learning, the accuracy of the failure diagnosis was increased up to 94%.

• Smart Media Journal
• /
• v.13 no.4
• /
• pp.65-75
• /
• 2024

This paper proposes a new approach to video surveillance systems, which have become essential components in modern urban management. By utilizing blockchain and IPFS, it enhances data integrity and privacy protection. Additionally, anomaly detection and automatic video storage are enabled through object detection technology, thus improving urban safety and security. This integrated approach serves as an efficient management methodology for surveillance systems, providing city administrators and citizens with a safer and more effective monitoring environment.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.2
• /
• pp.145-152
• /
• 2020

In this paper, we propose the Crop Classification Management System (CCMS) that detects changes in growth environment to improve crop production rate. The CCMS consists of two modules. First, the Crop Classification Module (CCM) classifies crops through CNN. Second, the Farm Anomaly Detection Module (FADM) detects abnormal crops by comparing accumulated data of farms. The CCM recognizes crops currently grown on farms and sends them to the FADM, and the FADM picks up the weather data from the past to the present day of the farm growing the crops and applies them to the Nelson rules. The FADM uses the Nelson rules to find out weather data that has occurred and adjust farm conditions through IoT devices. The performance analysis of CCMS showed that the CCM had a crop classification accuracy of about 90%, and the FADM improved the estimated yield by up to about 30%. In other words, managing farms through the CCMS can help increase the yield of smart farms.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.411-425
• /
• 2023

Today, AI (Artificial Intelligence) technology is widely used in various fields, performing classification and regression tasks according to the purpose of use, and research is also actively progressing. Especially in the field of security, unexpected threats need to be detected, and unsupervised learning-based anomaly detection techniques that can detect threats without adding known threat information to the model training process are promising methods. However, most of the preceding studies that provide interpretability for AI judgments are designed for supervised learning, so it is difficult to apply them to unsupervised learning models with fundamentally different learning methods. In addition, previously researched vision-centered AI mechanism interpretation studies are not suitable for application to the security field that is not expressed in images. Therefore, In this paper, we use a technique that provides interpretability for detected anomalies by searching for and comparing optimization references, which are the source of intrusion attacks. In this paper, based on reference, we propose additional logic to search for data closest to real data. Based on real data, it aims to provide a more intuitive interpretation of anomalies and to promote effective use of an anomaly detection model in the security field.

• Nuclear Engineering and Technology
• /
• v.56 no.4
• /
• pp.1501-1512
• /
• 2024

Plasma disruption in tokamak experiments is a challenging issue that causes damage to the device. Reliable prediction methods are needed, but the lack of full understanding of plasma disruption limits the effectiveness of physics-driven methods. Data-driven methods based on supervised learning are commonly used, and they rely on labelled training data. However, manual labelling of disruption precursors is a time-consuming and challenging task, as some precursors are difficult to accurately identify. The mainstream labelling methods assume that the precursor onset occurs at a fixed time before disruption, which leads to mislabeled samples and suboptimal prediction performance. In this paper, we present disruption prediction methods based on anomaly detection to address these issues, demonstrating good prediction performance on J-TEXT and EAST. By evaluating precursor onset times using different anomaly detection algorithms, it is found that labelling methods can be improved since the onset times of different shots are not necessarily the same. The study optimizes precursor labelling using the onset times inferred by the anomaly detection predictor and test the optimized labels on supervised learning disruption predictors. The results on J-TEXT and EAST show that the models trained on the optimized labels outperform those trained on fixed onset time labels.