• Journal of Convergence Society for SMB
• /
• v.2 no.2
• /
• pp.1-6
• /
• 2012

In this paper, we propose a detector generation model which is applied to immune system to improve the misuse detection rates in misuse detection models. 10cv method is used to sendmail data which is provided by the DARPA. We experimented and analyzed the misuse detection rate that is either judgment of the normal system call as abnormal system call or judgment of the abnormal system call as normal system call. In the experiment, between detector which was generated by any abnormal system call and temporary detector. I did experiments with a new detector which was removed temporary detector which made a wrong decision for normal system call as an abnormal system call and abnormal system call as a normal system call. The misuse detection rate of detector which is applied to the immune system is greater than the other detector by 0.3%.

• Journal of KIISE:Information Networking
• /
• v.32 no.3
• /
• pp.301-309
• /
• 2005

Learning program's behavior using machine learning techniques based on system call audit data is an effective intrusion detection method. Rule teaming, neural network, statistical technique, and hidden Markov model are representative methods for intrusion detection. Among them neural networks are known for its good performance in teaming system call sequences. In order to apply it to real world problems successfully, it is important to determine their structure. However, finding appropriate structure requires very long time because there are no formal solutions for determining the structure of networks. In this paper, a novel intrusion detection technique using evolutionary neural networks is proposed. Evolutionary neural networks have the advantage that superior neural networks can be obtained in shorter time than the conventional neural networks because it leams the structure and weights of neural network simultaneously Experimental results against 1999 DARPA IDEVAL data confirm that evolutionary neural networks are effective for intrusion detection.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.43 no.3
• /
• pp.243-256
• /
• 2015

As a part of the R&D efforts for the hypersonic vehicles, various flight test programs has been carried out using small launch vehicles or sounding rockets. Australian HyShot program is a representative case of the flight test program for scramjet engines carried by international collaborations. A number of hypersonic flight test programs has followed in a similar way. In USA, Falcon HTV-2 was carried by DARPA, X-51A by AFRL and HyFly by ONR. HyCAUSE and HIFiRE were carried in collaboration with Australia. In France, LEA program is on the way similarly to X-51A. Russia, China and India seems like carrying out flight test programs for the development of hypersonic defense system. The goals, technical elements, the status and the relation between the programs were summarized in this paper as a reference for the similar program of the country in the future.

• Journal of the Society of Naval Architects of Korea
• /
• v.57 no.3
• /
• pp.133-139
• /
• 2020

In order to study the resistance test technique for the submerged body in Large Cavitation Tunnel (LCT), DARPA Suboff, submarine model publicly available was manufactured. DTRC released the resistance test data of DARPA Suboff conducted at ship speeds up to 18.0 knots in high-speed towing tank in 1990. As LCT is considered restricted waterways with walls, the resistance test results must be corrected with three wall blockage effects called buoyancy effect, solid blockage effect and wake blockage effect. Before correction, the resistance of LCT was 16~20 % higher than that of DTRC. After correction, the resistance and the resistance coefficients were compared with those of DTRC. The corrected resistance of LCT shows good agreement with that of DTRC. The residual resistance coefficient shows the difference according to the calculation method of buoyancy and frictional resistance coefficient. This paper suggests the best way for the calculation of residual resistance coefficient, On the basis of the present study, it is thought that the operating conditions for the propeller cavitation and noise tests can be drawn through LCT tests.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.391-394
• /
• 2004

Change of paradigm of network attack technique was begun by fast extension of the latest Internet and new attack form is appearing. But, Most intrusion detection systems detect informed attack type because is doing based on misuse detection, and active correspondence is difficult in new attack. Therefore, to heighten detection rate for new attack pattern, visibilitys to apply human immunity mechanism are appearing. In this paper, we create self-file from normal behavior profile about network packet and embody self recognition algorithm to use self-nonself discrimination in the human immune system to detect anomaly behavior. Sense change because monitors self-file creating anomaly detector based on Negative Selection Algorithm that is self recognition algorithm's one and detects anomaly behavior. And we achieve simulation to use DARPA Network Dataset and verify effectiveness of algorithm through the anomaly detection rate.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.63-73
• /
• 2010

Malicious bot programs, the source of distributed denial of service attack, are widespread and the number of PCs which were infected by malicious bot program are increasing geometrically thesedays. The continuous distributed denial of service attacks are happened constantly through these bot PCs and some financial incident cases have found lately. Therefore researches to response distributed denial of service attack are necessary so we propose an effective feature generation method for distributed denial of service attack detection using entropy. In this paper, we apply our method to both the DARPA 2000 datasets and also the distributed denial of service attack datasets that we composed and generated ourself in general university. And then we evaluate how the proposed method is useful through classification using bayesian network classifier.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.45 no.1
• /
• pp.10-19
• /
• 2022

Recently, the Defense Advanced Research Projects Agency(DARPA) in the United States is studying a new concept of war called Mosaic Warfare, and MUM-T(Manned-Unmanned Teaming) through the division of missions between expensive manned and inexpensive unmanned aircraft is at the center. This study began with the aim of deriving the priority of autonomous functions according to the role of unmanned aerial vehicles in the present and present collaboration that is emerging along with the concept of mosaic warfare. The autonomous function of unmanned aerial vehicles between the presence and absence collaboration may vary in priority depending on the tactical operation of unmanned aerial vehicles, such as air-to-air, air-to-ground, and surveillance and reconnaissance. In this paper, ACE (Air Combat Evaluation), Skyborg, and Longshot, which are recently studied by DARPA, derive the priority of autonomous functions according to air-to-air collaboration, and use AHP analysis. The results of this study are meaningful in that it is possible to recognize the priorities of autonomous functions necessary for unmanned aircraft in order to develop unmanned aerial vehicles according to the priority of autonomous functions and to construct a roadmap for technology implementation. Furthermore, it is believed that the mass production and utilization of unmanned air vehicles will increase if one unmanned air vehicle platform with only essential functions necessary for air-to-air, air-to-air, and surveillance is developed and autonomous functions are expanded in the form of modules according to the tactical operation concept.

• Maritime Security
• /
• v.1 no.1
• /
• pp.215-240
• /
• 2020

In 2017, the U.S. DARPA coined 'mosaic warfare' as a new way of warfighting. According to the Timothy Grayson, director of DARPA's Strategic Technologies Office, mosaic warfare is a "system of system" approach to warfghting designed around compatible "tiles" of capabilities, rather than uniquely shaped "puzzle pieces" that must be fitted into a specific slot in a battle plan in order for it to work. Prior to cover mosaic warfare theory and recent development, it deals analyze its background and several premises for better understanding. The U.S. DoD officials might acknowledge the current its forces vulnerability to the China's A2/AD assets. Furthermore, the U.S. seeks to complete military superiority even in other nation's territorial domains including sea and air. Given its rapid combat restoration capability and less manpower casualty, the U.S. would be able to ready to endure war of attrition that requires massive resources. The core concept of mosaic warfare is a "decision centric warfare". To embody this idea, it create adaptability for U.S. forces and complexity or uncertainty for the enemy through the rapid composition and recomposition of a more disag g reg ated U.S. military force using human command and machine control. This allows providing more options to friendly forces and collapse adversary's OODA loop eventually. Adaptable kill web, composable force packages, A.I., and context-centric C3 architecture are crucial elements to implement and carry out mosaic warfare. Recently, CSBA showed an compelling assessment of mosaic warfare simulation. In this wargame, there was a significant differences between traditional and mosaic teams. Mosaic team was able to mount more simultaneous actions, creating additional complexity to adversaries and overwhelming their decision-making with less friendly force's human casualty. It increase the speed of the U.S. force's decision-making, enabling commanders to better employ tempo. Consequently, this article finds out and suggests implications for Korea armed forces. First of all, it needs to examine and develop 'mosaic warfare' in terms of our security circumstance. In response to future warfare, reviewing overall force structure and architecture is required which is able to compose force element regardless domain. In regards to insufficient defense resources and budget, "choice" and "concentration" are also essential. It needs to have eyes on the neighboring countries' development of future war concept carefully.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.130-132
• /
• 2005

초고속 네트워크의 폭발적인 확산과 함께 네트워크 침입 사례 또한 증가하고 있다. 이를 검출하기 위한 방안으로 침입 탐지 시스템에 대한 관심과 연구 또한 증가하고 있다. 네트워크 침입을 탐지위한 방법으로 기존의 알려진 공격을 찾는 오용 탐지와 비정상적인 행위를 탐지하는 방법이 존재한다. 본 논문에서는 이를 혼합한 하이브리드 형태의 새로운 침입 탐지 시스템을 제안한다. 기존의 혼합된 방식과는 다르게 네트워크 데이터의 모델링과 탐지를 위해 가우시안 혼합 모델을 사용한다. 가우시안 혼합 모델에 기반한 침입 탐지 시스템의 성능을 평가하기 위해 DARPA'99 데이터에 적용하여 실험하였다. 실험 결과 정상과 공격은 확연히 구분되는 결과를 나타내었으며, 공격 간의 분류도 상당 수 가능하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.917-920
• /
• 2006

정보보호 분야에서 네트워크 시뮬레이터에 대한 관심이 커지고 있으나 여러가지 제약 때문에 연구 및 개발이 미흡하다. 특히 침입탐지 시뮬레이터의 평가를 위한 적절한 데이터가 존재하지 않아 침입탐지 시뮬레이터가 적절한지 판단할 근거 자료가 충분하지 않다. 본 논문에서는 네트워크 시뮬레이터에서 DARPA 99 데이터셋을 활용하는 방법으로 트래픽 생성기를 설계 및 구현 하였으며, 그 결과가 정상적으로 동작함을 확인하였다.