• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.5
• /
• pp.1301-1316
• /
• 2024

In modern warfare, missiles play a pivotal role but typically spend the majority of their lifecycle in long-term storage or standby mode, making it difficult to detect failures. Preemptive detection of missiles that will fail is crucial to preventing severe consequences, including safety hazards and mission failures. This study proposes a contamination-based stacking ensemble model, employing the local outlier factor (LOF), to detect such missiles. The proposed model creates multiple base LOF models with different contamination values and combines their anomaly scores to achieve a robust anomaly detection. A comparative performance analysis was conducted between the proposed model and the traditional single LOF model, using production-related inspection data from missiles deployed in the military. The experimental results showed that, with the contamination parameter set to 0.1, the proposed model exhibited an increase of approximately 22 percentage points in accuracy and 71 percentage points in F1-score compared to the single LOF model. This approach enables the preemptive identification of potential failures, undetectable through traditional statistical quality control methods. Consequently, it contributes to lower missile failure rates in real battlefield scenarios, leading to significant time and cost savings in the military industry.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2021.07a
• /
• pp.7-10
• /
• 2021

에스컬레이터의 고장 여부를 사전에 파악하는 것은 경제적 손실뿐만 아니라 인명 피해를 예방할 수 있어서 매우 중요하다. 실제 이러한 고장 예측을 위한 많은 딥러닝 알고리즘이 연구되고 있지만, 설비의 이상 데이터 확보가 어려워 모델 학습이 어렵다는 문제점이 있다. 본 연구에서는 이러한 문제의 해결 방안으로 비지도 학습 기반의 방법론 중 하나인 LSTM Autoencoder 알고리즘을 사용해 에스컬레이터의 이상을 탐지하는 모델을 생성했고, 최종 실험 결과 모델 성능 AUROC가 0.9966, 테스트 Accuracy가 0.97이라는 높은 정확도를 기록했다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.1
• /
• pp.1-12
• /
• 2010

Recently, large amount of information in IDS(Intrusion Detection System) can be un manageable and also be mixed with false prediction error. In this paper, we propose a data mining methodology for IDS, which contains uncertainty based on training process and post-processing analysis additionally. Our system is trained to classify the existing attack for misuse detection, to detect the new attack pattern for anomaly detection, and to define border patter between attack and normal pattern. In experimental results show that our approach improve the performance against existing attacks and new attacks,from 0.62 to 0.84 about 35%.

• Proceedings of the Korea Inteligent Information System Society Conference
• /
• 2007.11a
• /
• pp.514-519
• /
• 2007

컴퓨터 네트워크 모니터링에 의한 보안장비는 많은 트래픽 자료를 분석하여, 이상유무를 판단하고, 대응해야 한다. 기존의 보안장비들은 이미 알려진 패턴에 대한 규칙을 이용하는 오용탐지방법(misuse detection)과 의미를 파악하기 어려운 많은 자료들을 제시하고 있는데 머물고 있다. 보다 나은 보안을 위해서는 정상적인 동작에서 벗어나는 이상징후를 탐지하여 침입을 탐지하는 이상탐지방법(anomaly detection)의 채용이 필요하고, 보안장비에서 제시되는 많은 트래픽 자료들은 보안전문가의 전문적인 분석이 필요하다. 본 연구에서는 데이터마이닝 기법을 이용한 이상탐지방법과 보안전문가의 전문적인 보안지식에 의한 분석, 대응, 관리를 위한 지식처리 기법을 사용할 수 있는 지능형 IPS(intrusion Detection System) 프레임워크를 제안한다.

• Journal of Applied Reliability
• /
• v.18 no.1
• /
• pp.20-32
• /
• 2018

Purpose: The purpose of this study is to set up an anomaly detection criteria for sensor data coming from a motorcycle. Methods: Five sensor values for accelerator pedal, engine rpm, transmission rpm, gear and speed are obtained every 0.02 second from a motorcycle. Exploratory data analysis is used to find any pattern in the data. Traditional process control methods such as X control chart and time series models are fitted to find any anomaly behavior in the data. Finally unsupervised learning algorithm such as k-means clustering is used to find any anomaly spot in the sensor data. Results: According to exploratory data analysis, the distribution of accelerator pedal sensor values is very much skewed to the left. The motorcycle seemed to have been driven in a city at speed less than 45 kilometers per hour. Traditional process control charts such as X control chart fail due to severe autocorrelation in each sensor data. However, ARIMA model found three abnormal points where they are beyond 2 sigma limits in the control chart. We applied a copula based Markov chain to perform statistical process control for correlated observations. Copula based Markov model found anomaly behavior in the similar places as ARIMA model. In an unsupervised learning algorithm, large sensor values get subdivided into two, three, and four disjoint regions. So extreme sensor values are the ones that need to be tracked down for any sign of anomaly behavior in the sensor values. Conclusion: Exploratory data analysis is useful to find any pattern in the sensor data. Process control chart using ARIMA and Joe's copula based Markov model also give warnings near similar places in the data. Unsupervised learning algorithm shows us that the extreme sensor values are the ones that need to be tracked down for any sign of anomaly behavior.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.8
• /
• pp.23-30
• /
• 2021

In this study, we present a comparative analysis of major autoencoder(AE)-based anomaly detection methods for quality determination in the manufacturing process and a new anomaly discrimination criterion. Due to the characteristics of manufacturing site, anomalous instances are few and their types greatly vary. These properties degrade the performance of an AI-based anomaly detection model using the dataset for both normal and anomalous cases, and incur a lot of time and costs in obtaining additional data for performance improvement. To solve this problem, the studies on AE-based models such as AE and VAE are underway, which perform anomaly detection using only normal data. In this work, based on Convolutional AE, VAE, and Dilated VAE models, statistics on residual images, MSE, and information entropy were selected as outlier discriminant criteria to compare and analyze the performance of each model. In particular, the range value applied to the Convolutional AE model showed the best performance with AUC PRC 0.9570, F1 Score 0.8812 and AUC ROC 0.9548, accuracy 87.60%. This shows a performance improvement of an accuracy about 20%P(Percentage Point) compared to MSE, which was frequently used as a standard for determining outliers, and confirmed that model performance can be improved according to the criteria for determining outliers.

• Journal of Navigation and Port Research
• /
• v.37 no.1
• /
• pp.41-48
• /
• 2013

A positioning technique using the augmentation system has been researched to improve the accuracy. The network RTK is the precise positioning technique using carrier phase correction data from reference stations and is constantly being researched. The study for the system accuracy has been performed but system integrity research has not been done as much as system accuracy. In this paper, we presented the anomaly detection algorithm by satellite system and the diagnosis algorithm to a basic research in the integrity on network RTK. And the presented algorithms are verified on the DL-V3 dual-frequency receiver and the simulated error scenario using the GSS7700.

• Structural Engineering and Mechanics
• /
• v.88 no.6
• /
• pp.569-581
• /
• 2023

This paper introduces a system to detect and diagnose anomalies in pumped storage hydropower plants. We collect data from various types of sensors, including those monitoring temperature, vibration, and power. The data are classified according to the operation modes (pump and turbine operation modes) and normalized to remove the influence of the external environment. To detect anomalies and diagnose their types, we adopt a multivariate normal distribution analysis by learning the distribution of the normal data. The feasibility of the proposed system is evaluated using actual monitoring data of a pumped storage hydropower plant. The proposed system can be used to implement condition monitoring systems for other plants through modifications.

• Journal of Korea Multimedia Society
• /
• v.9 no.8
• /
• pp.1030-1036
• /
• 2006

The rapid proliferation of wireless networks and mobile computing applications has changed the landscape of network security. Anomaly detection is a pattern recognition task whose goal is to report the occurrence of abnormal or unknown behavior in a given system being monitored. This paper presents an efficient rough set based anomaly detection method that can effectively identify a group of especially harmful internal masqueraders in cellular mobile networks. Our scheme uses the trace data of wireless application layer by a user as feature value. Based on the feature values, the use pattern of a mobile's user can be captured by rough sets, and the abnormal behavior of the mobile can be also detected effectively by applying a roughness membership function considering weighted feature values. The performance of our scheme is evaluated by a simulation. Simulation results demonstrate that the anomalies are well detected by the method that assigns different weighted values to feature attributes depending on importance.

• Journal of Internet Computing and Services
• /
• v.6 no.5
• /
• pp.45-56
• /
• 2005

The weak foundation of the computing environment caused information leakage and hacking to be uncontrollable, Therefore, dynamic control of security threats and real-time reaction to identical or similar types of accidents after intrusion are considered to be important, h one of the solutions to solve the problem, studies on intrusion detection systems are actively being conducted. To improve the anomaly IDS using system calls, this study focuses on neural networks learning using the soundex algorithm which is designed to change feature selection and variable length data into a fixed length learning pattern, That Is, by changing variable length sequential system call data into a fixed iength behavior pattern using the soundex algorithm, this study conducted neural networks learning by using a backpropagation algorithm. The backpropagation neural networks technique is applied for anomaly detection of system calls using Sendmail Data of UNM to demonstrate its performance.