• Proceedings of the KSRS Conference
• /
• v.2
• /
• pp.1011-1014
• /
• 2006

Coarse resolution (9 - 50 km pixels) Sea Surface Temperature satellite data are frequently considered adequate for open ocean research. However, coastal regions, including coral reef, estuarine and mesoscale upwelling regions require high-resolution (1-km pixel) SST data. The AVHRR SST data often suffer from navigation errors of several kilometres and still require manual navigation adjustments. The second serious problem is faulty and ineffective cloud-detection algorithms used operationally; many of these are based on radiance thresholds and moving window tests. With these methods, increasing sensitivity leads to masking of valid pixels. These errors lead to significant cold pixel biases and hamper image compositing, anomaly detection, and time-series analysis. Here, after manual navigation of over 40,000 AVHRR images, we implemented a new cloud filter that differs from other published methods. The filter first compares a pixel value with a climatological value built from the historical database, and then tests it against a time-based median value derived for that pixel from all satellite passes collected within ${\pm}3$ days. If the difference is larger than a predefined threshold, the pixel is flagged as cloud. We tested the method and compared to in situ SST from several shallow water buoys in the Florida Keys. Cloud statistics from all satellite sensors (AVHRR, MODIS) shows that a climatology filter with a $4^{\circ}C$ threshold and a median filter threshold of $2^{\circ}C$ are effective and accurate to filter clouds without masking good data. RMS difference between concurrent in situ and satellite SST data for the shallow waters (< 10 m bottom depth) is < $1^{\circ}C$, with only a small bias. The filter has been applied to the entire series of high-resolution SST data since1993 (including MODIS SST data since 2003), and a climatology is constructed to serve as the baseline to detect anomaly events.

• Geophysics and Geophysical Exploration
• /
• v.6 no.2
• /
• pp.57-63
• /
• 2003

For the dectection of small cavity in the hard rock, we investigated the feasibility of crosswell travel-time tomography and Kirchhoff migration technique. In travel-time tomography, first arrival anomaly caused by small cavity was investigated by numerical modeling based on the knowledge of actual field information. First arrival delay was very small (<0.125 msec) and detectable receiver offset range was limited to 4m with respect to $1\%$ normalized first arrival anomaly. As a consequence, it was turned out that carefully designed survey array with both sufficient narrow spatial spacing and temporal (<0.03125 msec) sampling were required for small cavity detection. Also, crosswell Kirchhoff migration technique was investigated with both numerical and real data. Stack section obtained by numerical data shows the good cavity image. In crosswell seismic data, various unwanted seismic events such as direct wave and various mode converted waves were alto recorded. To remove these noises und to enhance the diffraction signal, combination of median and bandpass filtering was applied and prestack and stacked migration images were created. From this, we viewed the crosswell migration technique as one of the adoptable method for small cavity detection.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.4 no.1
• /
• pp.267-282
• /
• 2000

With the development of computer&network technology and the growth of its dependance, computer failures not only lose human and material resources but also make organization's competition weak as a side-effect of information society. Therefore, people consider computer security as important factor. Intrusion Detection Systems (IDS) detect intrusions and take an appropriate action against them in order to protect a computer from system failure due to illegal intrusion. A variety of methods and models for IDS have been developed until now, but the existing methods or models aren't enough to detect intrusions because of the complexity of computer network the vulnerability of the object system, insufficient understanding for information security and the appearance of new illegal intrusion method. We propose a new IDS model to be suitable at the information system organized by homogeneous hosts and design for the IDS model and implement the prototype of it for feasibility study. The IDS model consist of many distributed unit sensor IDSs at homogeneous hosts and if any of distributed unit sensor IDSs detect anomaly system call among system call sequences generated by a process, the anomaly system call can be dynamically shared with other unit sensor IDSs. This makes the IDS model can effectively detect new intruders about whole information system.

• Journal of KIISE:Information Networking
• /
• v.32 no.3
• /
• pp.279-290
• /
• 2005

Recently, as the serious damage caused by DDoS attacks increases, the rapid detection and the proper response mechanisms are urgent. However, existing security mechanisms do not effectively defend against these attacks, or the defense capability of some mechanisms is only limited to specific DDoS attacks. In this paper, we propose a detection architecture against DDoS attack using data mining technology that can classify the latest types of DDoS attack, and can detect the modification of existing attacks as well as the novel attacks. This architecture consists of a Misuse Detection Module modeling to classify the existing attacks, and an Anomaly Detection Module modeling to detect the novel attacks. And it utilizes the off-line generated models in order to detect the DDoS attack using the real-time traffic. We gathered the NetFlow data generated at an access router of our network in order to model the real network traffic and test it. The NetFlow provides the useful flow-based statistical information without tremendous preprocessing. Also, we mounted the well-known DDoS attack tools to gather the attack traffic. And then, our experimental results show that our approach can provide the outstanding performance against existing attacks, and provide the possibility of detection against the novel attack.

• Electronics and Telecommunications Trends
• /
• v.35 no.1
• /
• pp.60-70
• /
• 2020

Artificial intelligence (AI) is expected to bring about a wide range of changes in the industry, based on the assessment that it is the most innovative technology in the last three decades. The manufacturing field is an area in which various artificial intelligence technologies are being applied, and through accumulated data analysis, an optimal operation method can be presented to improve the productivity of manufacturing processes. In addition, AI technologies are being used throughout all areas of manufacturing, including product design, engineering, improvement of working environments, detection of anomalies in facilities, and quality control. This makes it possible to easily design and engineer products with a fast pace and provides an efficient working and training environment for workers. Also, abnormal situations related to quality deterioration can be identified, and autonomous operation of facilities without human intervention is made possible. In this paper, AI technologies used in smart factories, such as the trends in generative product design, smart workbench and real-sense interaction guide technology for work and training, anomaly detection technology for quality control, and intelligent manufacturing facility technology for autonomous production, are analyzed.

• The KIPS Transactions:PartC
• /
• v.14C no.3 s.113
• /
• pp.199-208
• /
• 2007

In a ubiquitous network environment, detecting the leakage of personal information is very important. The leakage of personal information might cause severe problem such as impersonation, cyber criminal and personal privacy violation. In this paper, we have proposed a detection method of personal information leakage based on network traffic characteristics. The experimental results indicate that the traffic character of a real campus network shows the self-similarity and Proposed method can detect the anomaly of leakage of personal information by malicious code.

• Proceedings of the KSRS Conference
• /
• v.1
• /
• pp.441-444
• /
• 2006

The MERIS MCI (Maximum Chlorophyll Index), measuring the radiance peak at 709 nm in water-leaving radiance, indicates the presence of a high surface concentration of chlorophyll ${\underline{a}}$ against a scattering background. The index is high in 'red tide' conditions (intense, visible, surface, plankton blooms), and is also raised when aquatic vegetation is present. A bloom search based on MCI has resulted in detection of a variety of events in Canadian, Antarctic and other waters round the world, as well as detection of extensive areas of pelagic vegetation (Sargassum spp.), previously unreported in the scientific literature. Since June 1 2006, global MCI composite images, at a spatial resolution of 5 km, are being produced daily from all MERIS (daylight) passes of Reduced Resolution (RR) data. The global composites significantly increase the area now being searched for events, though the reduced spatial resolution may cause smaller events to be missed. This paper describes the composites and gives examples of plankton bloom events that they have detected. It also shows how the composites show the effect of the South Atlantic Anomaly, where cosmic rays affect the MERIS instrument.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.804-807
• /
• 2012

Cloud service provider has to protect client's information securely since all the resources are offered by the service provider, and a large number of users share the resources. In this paper, a NoSQL-based anomaly detection system is proposed in order to enhance the security of mobile cloud services. The existing integrated security management system that uses a relational database can not be used for real-time processing of data since security log from a variety of security equipment and data from cloud node have different data format with unstructured features. The proposed system can resolve the emerging security problem because it provides real time processing and scalability in distributed processing environment.

• Journal of Korean Society of Water and Wastewater
• /
• v.29 no.3
• /
• pp.415-425
• /
• 2015

Aging water pipe networks hinder efficient management of important water service indices such as revenue water and leakage ratio due to pipe breakage and malfunctioning of pipe appurtenance. In order to control leakage in water pipe networks, various methods such as the minimum night flow analysis and sound waves method have been used. However, the accuracy and efficiency of detecting water leak by these methods need to be improved due to the increase of water consumption at night. In this study the Principal Component Analysis (PCA) technique was applied to the night water flow data of 426 days collected from a water distribution system in the interval of one hour. Based on the PCA technique, computational algorithms were developed to narrow the time windows for efficient execution of leak detection job. The algorithms were programmed on computer using the MATLAB. The presented techniques are expected to contribute to the efficient management of water pipe networks by providing more effective time windows for the detection of the anomaly of pipe network such as leak or abnormal demand.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2041-2044
• /
• 2003

네트워크에서 발생하는 다양한 침입 중에서 서비스거부공격(DoS Attack. Denial-of-Service Attack)이란 공격자가 침입대상 시스템의 시스템 자원과 네트워크 자원을 악의적인 목적으로 소모시키기 위하여 대량의 패킷을 보냄으로써 정상 사용자로 하여금 시스템이 제공하는 서비스를 이용하지 못하도록 하는 공격을 의미한다. 기존 연구에서는 시스템과 네트워크가 수신한 패킷을 분석한 후 네트워크 세션정보를 생성하여 DoS 공격을 탐지하였다. 그러나 이 기법은 공격자가 분산서비스거부공격(DDoS Attack: Distributed DoS Attack)을 하게 되면 분산된 세션정보가 생성되기 때문에 침입을 실시간으로 탐지하기에는 부적절하다. 본 논문에서는 시스템이 가지고 있는 자윈 중에서 DDoS 공격을 밭을 때 가장 민감하게 반응하는 시스템 자원을 모니터링 함으로써 DDoS 공격을 실시간으로 탐지할 수 있는 모델을 제안한다 제안 모델은 시스템이 네트워크에서 수신한 패킷을 처리하는 과정에서 소모되는 커널 메모리 소비량을 감사자료로 이용한 네트워치기반 비정상행위탐지(networked-based anomaly detection)모델이다.