• Journal of the Korea Society of Computer and Information
• /
• v.21 no.7
• /
• pp.1-8
• /
• 2016

Nowadays, distributed denial of service (DDoS) attacks on web sites reward attackers financially or politically because our daily lifes tightly depends on web services such as on-line banking, e-mail, and e-commerce. One of DDoS attacks to web servers is called HTTP-GET flood attack which is becoming more serious. Most existing techniques are running on the application layer because these attack packets use legitimate network protocols and HTTP payloads; that is, network-level intrusion detection systems cannot distinguish legitimate HTTP-GET requests and malicious requests. In this paper, we propose a practical detection technique against HTTP-GET flood attacks, based on the access behavior of inline objects in a webpage using NetFlow data. In particular, our proposed scheme is working on the network layer without any application-specific deep packet inspections. We implement the proposed detection technique and evaluate the ability of attack detection on a simple test environment using NetBot attacker. Moreover, we also show that our approach must be applicable to real field by showing the test profile captured on a well-known e-commerce site. The results show that our technique can detect the HTTP-GET flood attack effectively.

• Journal of Digital Convergence
• /
• v.19 no.9
• /
• pp.463-468
• /
• 2021

Although the IoT is showing explosive growth due to the development of technology and the spread of IoT devices and activation of services, serious security risks and financial damage are occurring due to the activities of various botnets. Therefore, it is important to accurately and quickly detect the activities of these botnets. As security in the IoT environment has characteristics that require operation with minimum processing performance and memory, in this paper, the minimum characteristics for detection are selected, and KNN (K-Nearest Neighbor), Naïve Bayes, Decision Tree, Random A comparative study was conducted on the performance of machine learning algorithms such as Forest to detect botnet activity. Experimental results using the Bot-IoT dataset showed that KNN can detect DDoS, DoS, and Reconnaissance attacks most effectively and efficiently among the applied machine learning algorithms.

• Journal of the Institute of Convergence Signal Processing
• /
• v.23 no.3
• /
• pp.150-159
• /
• 2022

This paper presents an implementation of detecting whether a helmet is worn and there is a fall accident through individual image analysis in real-time from extracting the image objects of several workers active in the industrial field. In order to detect image objects of workers, YOLO, a deep learning-based computer vision model, was used, and for whether a helmet is worn or not, the extracted images with 5,000 different helmet learning data images were applied. For whether a fall accident occurred, the position of the head was checked using the Pose real-time body tracking algorithm of Mediapipe, and the movement speed was calculated to determine whether the person fell. In addition, to give reliability to the result of a falling accident, a method to infer the posture of an object by obtaining the size of YOLO's bounding box was proposed and implemented. Finally, Telegram API Bot and Firebase DB server were implemented for notification service to administrators.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.9
• /
• pp.4200-4206
• /
• 2012

Recently, online-game industry has been rapidly expanding in these days. But, the various game service victimized cases are generated by the bots program. Particularly, the abnormal collection of the game money and item loses the inherent fun of a game. It reaches ultimately the definite bad effect to the game life cycle. In this paper, we propose a Bots detection method by observing the playing patterns of game characters with game log data. It analyzed behaviors of human players as well as bots and identified features to build the model to differentiate bots from human players. In an experiment, by using the served online-game, the model of a user and bots were generated was distinguished. And the reasonable result was confirmed.

• Proceedings of the KIEE Conference
• /
• 2008.07a
• /
• pp.1735-1736
• /
• 2008

In this research, a riding robot system named as "RideBot" is developed for health-care and entertainments. The developed riding robot can follow the intention of horseman and can simulate the motion of horse. The riding robot mechanisms are used for many functions of attitude detection, motion sensing, recognition, common interface and motion-generations. This riding robot can react on health conditions, bio-signals and intention informations of user. One of the objectives of this research is that the riding robot could catch user motion and operate spontaneous movements. In this paper, we develope the saddle mechanism which can generate 3 degrees-of-freedom riding motion based on the intention of horseman. Also, we develope reins and spur mechanism for the recognition of the horseman's intention estimation and the bio-signal monitoring system for the health care function of a horseman. In order to evaluate the performance of the riding robot system, we tested several riding motions including slow and normal step motion, left and right turn motion.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.11a
• /
• pp.446-449
• /
• 2020

다크웹을 이용한 사이버 범죄율이 국내외에서 가파르게 상승 중이다. 그러나 다크웹의 특성상 숨겨져 있는 인터넷 영역에서 공유되는 악성코드들을 찾기란 어렵다. 특히 다크웹상 여러 서비스들은 크롤러 bot과 같은 정보 수집을 막고자 다양한 기법을 적용하고 있다. 따라서 우리는 기존의 연구 방법에 따라 다크웹 상의 URL을 수집한 후, 추가적으로 다운로더를 만들어 exe, zip과 같은 특정 형식의 파일을 수집하였다. 앞으로 해당 파일들은 통합 바이러스 스캔 엔진에서 검사하여 의심 파일들을 분별할 예정이다. 의심 파일들은 정적 / 동적 분석을 통해 상세한 보고서를 제출하여 향후 다크웹 내의 악성코드 분포 / 출처 분석에 유의미한 결과를 도출할 수 있다.

• The Journal of the Korea Contents Association
• /
• v.9 no.4
• /
• pp.131-141
• /
• 2009

An increasing variety of malware, such as worms, spyware and adware, threatens both personal and business computing. Remotely controlled bot networks of compromised systems are growing quickly. This paper proposes an intrusion detection system based outflow traffic analysis. Many research efforts and commercial products have focused on preventing intrusion by filtering known exploits or unknown ones exploiting known vulnerabilities. Complementary to these solutions, the proposed IDS can detect intrusion of unknown new mal ware before their signatures are widely distributed. The proposed IDS is consists of a outflow detector, user monitor, process monitor and network monitor. To infer user intent, the proposed IDS correlates outbound connections with user-driven input at the process level under the assumption that user intent is implied by user-driven input. As a complement to existing prevention system, proposed IDS decreases the danger of information leak and protects computers and networks from more severe damage.

• Journal of the Korea Society for Simulation
• /
• v.28 no.1
• /
• pp.23-39
• /
• 2019

The use of drone-bots is demanded in times regarding the reduction of military force, the spread of the life-oriented thought, and the use of innovative technology in the defense through the fourth industrial revolution. Especially, the drone's surveillance and reconnaissance are expected to play a big role in the future battlefield. However, there are not many cases in which the concept of operation is studied scientifically. In this study, We propose search algorithms for reconnaissance drone through simulation analysis. In the simulation, the drone and target move linearly in continuous space, and the target is moving adopting the Random-walk concept to reflect the uncertainty of the battlefield. The research investigates the effectiveness of existing search methods such as Parallel and Spiral Search. We analyze the probabilistic analysis for detector radius and the speed on the detection probability. In particular, the new detection algorithms those can be used when an enemy moves toward a specific goal, PS (Probability Search) and HS (Hamiltonian Search), are introduced. The results of this study will have applicability on planning the path for the reconnaissance operations using drone-bots.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.19-27
• /
• 2022

With the innovative development of ICT technology, hacking techniques of hackers are also evolving into sophisticated and intelligent hacking techniques. Threat detection research to counter these cyber threats was mainly conducted in a passive way through hacking damage investigation and analysis, but recently, the importance of cyber threat information collection and analysis is increasing. A bot-type automation program is a rather active method of extracting malicious code by visiting a website to collect threat information or detect threats. However, this method also has a limitation in that it cannot prevent hacking damage because it is a method to identify hacking damage because malicious code has already been distributed or after being hacked. Therefore, to overcome these limitations, we propose a model that detects actual threats by acquiring and analyzing threat information while identifying and managing cyber bases. This model is an active and proactive method of collecting threat information or detecting threats outside the boundary such as a firewall. We designed a model for detecting threats using cyber strongholds and validated them in the defense environment.

• The Plant Pathology Journal
• /
• v.29 no.1
• /
• pp.10-16
• /
• 2013

Hevea brasiliensis is a natural source of rubber and an important plantation tree species in Malaysia. Leaf blight disease caused by Fusicoccum substantially reduces the growth and performance of H. brasiliensis. The aim of this study was to use a combination of both morphological characteristics and molecular data to clarify the taxonomic position of the fungus associated with leaf blight disease. Fusicoccum species were isolated from infected leaves collected from plantations at 3 widely separated locations - Selangor, Perak, and Johor states - in Peninsular Malaysia in 2010. All the isolates were identified according to their conidial patterns and DNA sequences generated from internal transcribed spacers (ITS1 and ITS2), the 5.8S rRNA, and an unknown locus (BotF15) containing microsatellite repeats. Based on taxonomic and sequence data, Neofusicoccum ribis was identified as the main cause of leaf blight disease in H. brasiliensis in commercial plantations in Malaysia. A pathogenicity trial on detached leaves further confirmed that N. ribis causes leaf blight disease. N. ribis is an important leaf pathogen, and its detection in Malaysia has important implications for future planting of H. brasiliensis.