• Journal of Information Processing Systems
• /
• v.1 no.1 s.1
• /
• pp.9-13
• /
• 2005

Computer security has become a critical issue with the rapid development of business and other transaction systems over the Internet. The application of artificial intelligence, machine learning and data mining techniques to intrusion detection systems has been increasing recently. But most research is focused on improving the classification performance of a classifier. Selecting important features from input data leads to simplification of the problem, and faster and more accurate detection rates. Thus selecting important features is an important issue in intrusion detection. Another issue in intrusion detection is that most of the intrusion detection systems are performed by off-line and it is not a suitable method for a real-time intrusion detection system. In this paper, we develop the real-time intrusion detection system, which combines an on-line feature extraction method with the Least Squares Support Vector Machine classifier. Applying the proposed system to KDD CUP 99 data, experimental results show that it has a remarkable feature extraction and classification performance compared to existing off-line intrusion detection systems.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.11
• /
• pp.1-7
• /
• 2017

In this paper, we introduce three monitoring filtering techniques which reduce the overheads of dynamic data race detection. It is well known that detecting data races dynamically in multi-threaded programs is quite hard and troublesome task, because the dynamic detection techniques need to monitor all execution of a multi-threaded program and to analyse every conflicting memory and thread operations in the program. Thus, the main drawback of the dynamic analysis for detecting data races is the heavy additional time and space overheads for running the program. For the practicality, we also empirically compare the efficiency of three monitoring filtering techniques. The results using OpenMP benchmarks show that the filtering techniques are practical for dynamic data race detection, since they reduce the average runtime overhead to under 10% of that of the pure detection.

• ETRI Journal
• /
• v.39 no.1
• /
• pp.124-134
• /
• 2017

Data races are one of the most difficult types of bugs in concurrent multithreaded systems. It requires significant time and cost to accurately detect bugs in complex large-scale programs. Although many race detection techniques have been proposed by various researchers, none of them are effective in all aspects. In this paper, we compare the performance of five recent dynamic race detection techniques: FastTrack, Acculock, Multilock-HB, SimpleLock+, and causally precedes (CP) detection. We experimentally demonstrate the strengths and weaknesses of these dynamic race detection techniques in terms of their detection capability, running time, and runtime overhead using 20 benchmark programs with different characteristics. The comparison results show that the detection capability of CP detection does not differ from that of FastTrack, and that SimpleLock+ generates the lowest overhead among the hybrid detection techniques (Acculock, SimpleLock+, and Multilock-HB) for all benchmark programs. SimpleLock+ is 1.2 times slower than FastTrack on average, but misses one true data race reported from Mutilock-HB on the large-scale benchmark programs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.4
• /
• pp.647-660
• /
• 2022

Recent works demonstrate that the semi-supervised anomaly detection method functions quite well in the environment with normal data and some anomalous data. However, abnormal data shortages can occur in an environment where it is difficult to reserve anomalous data, such as an unknown attack in the cyber security fields. In this paper, we propose ADA-PH(Abnormal Data Augmentation Method using Perturbation based on Hypersphere), a novel anomalous data augmentation method that is applicable in an environment where abnormal data is insufficient to secure the performance of the semi-supervised anomaly detection method. ADA-PH generates abnormal data by perturbing samples located relatively far from the center of the hypersphere. With the network intrusion detection datasets where abnormal data is rare, ADA-PH shows 23.63% higher AUC performance than anomaly detection without data augmentation and even performs better than the other augmentation methods. Also, we further conduct quantitative and qualitative analysis on whether generated abnormal data is anomalous.

• Korean Journal of Remote Sensing
• /
• v.24 no.5
• /
• pp.445-452
• /
• 2008

Preliminary results are reported on ship detection using coherence images computed from cross-correlating images of multi-look-processed dual-polarization data (HH and HV) of ENVISAT ASAR. The traditional techniques of ship detection by radars such as CFAR (Constant False Alarm Rate) rely on the amplitude data, and therefore the detection tends to become difficult when the amplitudes of ships images are at similar level as the mean amplitude of surrounding sea clutter. The proposed method utilizes the property that the multi-look images of ships are correlated with each other. Because the inter-look images of sea surface are covered by uncorrelated speckle, cross-correlation of multi-look images yields the different degrees of coherence between the images and water. In this paper, the polarimetric information of ships, land and intertidal zone are first compared based on the cross-correlation between HH and HV images, In the next step, we examine the technique when the dual-polarization data are split into two multi-look images, It was shown that the inter-look cross-correlation method could be applicable in the performance improvement of small ship detection and the land masking, It was also found that a simple combination of coherence images from each co-polarised (HH) inter-look and cross-polarised (HV) inter-look data can provide much higher target-detection possibilities.

• KIPS Transactions on Software and Data Engineering
• /
• v.12 no.2
• /
• pp.91-98
• /
• 2023

Human-object interaction(HOI) detection requires both object detection and interaction recognition, and requires a large amount of data to learn a detection model. Current opened dataset is insufficient in scale for training model enough. In this paper, we propose an easy and effective data augmentation method called Simple Quattro Augmentation(SQA) and Random Quattro Augmentation(RQA) for human-object interaction detection. We show that our proposed method can be easily integrated into State-of-the-Art HOI detection models with HICO-DET dataset.

• Nuclear Engineering and Technology
• /
• v.55 no.1
• /
• pp.100-108
• /
• 2023

In this study, a neural network model inspired by a one-dimensional convolution U-net is developed to automatically accelerate edge localized mode (ELM) detection from big diagnostic data of fusion devices and increase the detection accuracy regardless of the hyperparameter setting. This model recognizes the input signal patterns and overcomes the problems of existing detection algorithms, such as the prominence algorithm and those of differential methods with high sensitivity for the threshold and signal intensity. To train the model, 10 sets of discharge radiation data from the KSTAR are used and sliced into 11091 inputs of length 12 ms, of which 20% are used for validation. According to the receiver operating characteristic curves, our model shows a positive prediction rate and a true prediction rate of approximately 90% each, which is comparable to the best detection performance afforded by other algorithms using their optimized hyperparameters. The accurate and automatic ELM-burst detection methodology used in our model can be beneficial for determining plasma properties, such as the ELM frequency from big data measured in multiple experiments using machines from the KSTAR device and ITER. Additionally, it is applicable to feature detection in the time-series data of other engineering fields.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.26 no.3
• /
• pp.233-238
• /
• 2016

In this paper, we propose the algorithms of processing the uncertainty data using data fusion for the next generation intrusion detection. In the next generation intrusion detection, a lot of data are collected by many of network sensors to discover knowledge from generating information in cyber space. It is necessary the data fusion process to extract knowledge from collected sensors data. In this paper, we have proposed method to represent the uncertainty data, by classifying where is a confidence interval in interval of uncertainty data through feature analysis of different data using inference method with Dempster-Shafer Evidence Theory. In this paper, we have implemented a detection experiment that is classified by the confidence interval using IRIS plant Data Set for anomaly detection of uncertainty data. As a result, we found that it is possible to classify data by confidence interval.

• IE interfaces
• /
• v.20 no.3
• /
• pp.288-297
• /
• 2007

Success of semiconductor/LCD industry depends on its yield and quality of product. For the purpose, FDC (Fault Detection and Classification) system is used to diagnose fault state in main manufacturing processes by monitoring time series data collected by equipment sensors which represent various conditions of the equipment. The data set is segmented at the start and end of each product lot processing by a trigger event module. However, in practice, segmented sensor data usually have the features of data asynchronization such as different start points, end points, and data lengths. Due to the asynchronization problem, false alarm (type I error) and missed alarm (type II error) occur frequently. In this paper, we propose a robust process fault detection system by integrating a process event detection method and a similarity measuring method based on dynamic time warping algorithm. An experiment shows that the proposed system is able to recognize abnormal condition correctly under the asynchronous data situation.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.4
• /
• pp.33-45
• /
• 2015

Currently, Internet is used an essential tool in the business area. Despite this importance, there is a risk of network attacks attempting collection of fraudulence, private information, and cyber terrorism. Firewalls and IDS(Intrusion Detection System) are tools against those attacks. IDS is used to determine whether a network data is a network attack. IDS analyzes the network data using various techniques including expert system, data mining, and state transition analysis. This paper tries to compare the performance of two data mining models in detecting network attacks. They are decision tree (C4.5), and neural network (FANN model). I trained and tested these models with data and measured the effectiveness in terms of detection accuracy, detection rate, and false alarm rate. This paper tries to find out which model is effective in intrusion detection. In the analysis, I used KDD Cup 99 data which is a benchmark data in intrusion detection research. I used an open source Weka software for C4.5 model, and C++ code available for FANN model.