• Proceedings of the SAREK Conference
• /
• 2005.11a
• /
• pp.241-246
• /
• 2005

The objective of this study is to develop a rule-based fault detection and diagnosis algorithm and an experimental verification using air handling unit. To develop an analytical algorithm which precisely detects a faulted component, energy equations at each control volume of AHU were applied. An experimental verification was conducted in the AHU at Green Building in KIER. In the experiment conducted in hot summer condition, the rule based FDD algorithm isolated a faulted sensor from HVAC components.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.481-491
• /
• 2020

The malicious URLs which can be used for sending malicious codes and illegally acquiring private information is one of the biggest threat of information security field. Particularly, recent prevalence of smart-phone increases the possibility of the user's exposing to malicious URLs. Since the way of hiding the URL from the user is getting more sophisticated, it is getting harder to detect it. In this paper, after conducting a survey of the user experiences related to malicious URLs, we are proposing the rule-based malicious URL detection method. In addition, we have developed java library which can be applied to any other applications which need to handle the malicious URL. Each class of the library is implementation of a rule for detecting a characteristics of a malicious URL and the library itself is the set of rule which can have the chain of rule for deteciing more complicated situation and enhancing the accuracy. This kinds of rule based approach can enhance the extensibility considering the diversity of malicious URLs.

• Convergence Security Journal
• /
• v.11 no.1
• /
• pp.57-69
• /
• 2011

Many heterogeneous Intrusion Detection Systems(IDSs) based in misuse detection technique including the self-developed IDS are now operating in Defense-ESM(Enterprise Security Management System). IDS based on misuse detection may have different capability in the intrusion detection process according to the frequency and quality of its signature update. This makes the integration and collaboration with other IDSs more difficult. In this paper, with the purpose of creating the proper foundation for integration and collaboration between heterogeneous IDSs being operated in Defense-ESM, we propose an effective mechanism that can enable one IDS to propagate its new detection rules to other IDSs and receive updated rules from others. We also prove the performance of rule exchange and application possibility to defense environment through the implementation and experiment.

• Journal of Internet of Things and Convergence
• /
• v.9 no.1
• /
• pp.77-87
• /
• 2023

Applying various association rule mining algorithms to the network intrusion detection task involves two critical issues: too large size of generated rule set which is hard to be utilized for IoT systems and hardness of control of false negative/positive rates. In this research, we propose an association rule mining algorithm based on the newly defined measures called coverage and exclusion. Coverage shows how frequently a pattern is discovered among the transactions of a class and exclusion does how frequently a pattern is not discovered in the transactions of the other classes. We compare our algorithm experimentally with the Apriori algorithm which is the most famous algorithm using the public dataset called KDDcup99. Compared to Apriori, the proposed algorithm reduces the resulting rule set size by up to 93.2 percent while keeping accuracy completely. The proposed algorithm also controls perfectly the false negative/positive rates of the generated rules by parameters. Therefore, network analysts can effectively apply the proposed association rule mining to the network intrusion detection task by solving two issues.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.5
• /
• pp.161-166
• /
• 2010

Conventional Or Rule decide final sensing result depending on all of SU making sensing result. So Conventional Or Rule must be combined all of local result to decide PU absent or not. But Proposed Or Rule is not needed all of local result depending on each of SU of local result. So Proposed Or Rule can reduce decision time. In this Paper, we verify proposed Or Rule using simulation tool similar with matlab. And we can calculate false alarm probability and miss detection probability of proposed Or rule and conventional Or rule.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2002.11a
• /
• pp.59-65
• /
• 2002

Recently, lots of researchers work focused on the intrusion detection system. Pattern matching technique is commonly used to detect the intrusion in the system, However, the method requires a lot of time to match between systems rule and inputted packet data. This paper proposes a new intrusion detection system based on the pattern matching technique. Proposed system reduces the required time for pattern matching by using classified system rule. The classified rule is implemented with a general tree for efficient pattern matching. Thereby, proposed system could perform network intrusion detection efficiently.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2002.11a
• /
• pp.59-65
• /
• 2002

Recently, lots of researchers work focused on the intrusion detection system. Pattern matching technique is commonly used to detect the intrusion in the system, However, the method requires a lot of time to match between systems rule and inputted packet data. This paper proposes a new intrusion detection system based on the pattern matching technique. Proposed system reduces the required time for pattern matching by using classified system rule. The classified rule is implemented with a general tree for efficient pattern matching. Thereby, proposed system could perform network intrusion detection efficiently.

• Journal of Biomedical Engineering Research
• /
• v.17 no.2
• /
• pp.235-240
• /
• 1996

The automated ECG diagnostic systems that are odd in hospitals have low performance of P-wave detection when faced with some diseases such as conduction block. So, the purpose of this study was the improvement of detection performance in conduction block which is low in P-wave detection. The first procedure was removal of baseline drift by subtracting the median filtered signal of 0.4 second length from the original signal. Then the algorithm detected R peak and T end point and cancelled the QRS-T complex to get'p prototypes'. Next step was magnification of P prototypes with dispersion and detection of'p candidates'in the magnified signal, and then extraction of contextual information concerned with P-waves. For the last procedure, the CIR was applied to P candidates to confirm P-waves. The rule base consisted of three rules that discriminate and confirm P-waves. This algorithm was evaluated using 500 patient's raw data P-wave detection perFormance was in- creased 6.8% compared with the QRS-T complex cancellation method without application of the rule base.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.7 no.6
• /
• pp.110-120
• /
• 2008

Cognitive Radio (CR) technology is proposed for using the unused spectrum band efficiently because of the spectrum scarcity problems. Spectrum sensing technology is one of the key challenge issues in cognitive radio technologies, which enables unlicensed users to identify and utilize vacant spectrum resource allocated to primary users. In this paper, the cooperative spectrum sensing technologies apply the ITS(Intelligent Transport System) and performance of signal detection analyzes. Then, we utilize the OR-rule and AND-rule for the cooperative signal detection. These data fusion rules improve the performance and reliability of the signal detection.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.3A
• /
• pp.221-230
• /
• 2002

This paper presents a new moving object segmentation algorithm using markov random field. The algorithm is based on signal detection theory. That is to say, motion of moving object is decided by binary decision rule, and false decision is corrected by markov random field model. The procedure toward complete segmentation consists of two steps: motion detection and object segmentation. First, motion detection decides the presence of motion on velocity vector by binary decision rule. And velocity vector is generated by optical flow. Second, object segmentation cancels noise by Bayes rule. Experimental results demonstrate the efficiency of the presented method.