• Smart Media Journal
• /
• v.8 no.3
• /
• pp.17-22
• /
• 2019

Signature-based intrusion systems use intrusion detection rules for detecting intrusion. However, writing intrusion detection rules is difficult and requires considerable knowledge of various fields. Attackers may modify previous attempts to escape intrusion detection rules. In this paper, we deal with the problem of detecting modified attacks based on previous intrusion detection rules. We show a simple method of reporting approximate occurrences of at least one of the network intrusion detection rules, based on q-grams and the longest increasing subsequences. Experimental results showed that our approach could detect modified attacks, modeled with edit operations.

• International Journal of Fuzzy Logic and Intelligent Systems
• /
• v.3 no.1
• /
• pp.52-57
• /
• 2003

In this paper, we propose a Fuzzy Classifier System(FCS) to find a set of fuzzy rules which can carry out the edge detection. The classifier system of Holland can evaluate the usefulness of rules represented by classifiers with repeated learning. FCS makes the classifier system be able to carry out the mapping from continuous inputs to outputs. It is the FCS that applies the method of machine learning to the concept of fuzzy logic. It is that the antecedent and consequent of classifier is same as a fuzzy rule. In this paper, the FCS is the Michigan style. A single fuzzy if-then rule is coded as an individual. The average gray levels which each group of neighbor pixels has are represented into fuzzy set. Then a pixel is decided whether it is edge pixel or not using fuzzy if-then rules. Depending on the average of gray levels, a number of fuzzy rules can be activated, and each rules makes the output. These outputs are aggregated and defuzzified to take new gray value of the pixel. To evaluate this edge detection, we will compare the new gray level of a pixel with gray level obtained by the other edge detection method such as Sobel edge detection. This comparison provides a reinforcement signal for FCS which is reinforcement learning. Also the FCS employs the Genetic Algorithms to make new rules and modify rules when performance of the system needs to be improved.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.7
• /
• pp.2169-2178
• /
• 2000

This paper proposes the structure of an agent and rules for fault detection and location on LAN. To find out a reason of critical fault incurred LAN, collision detection rule, error detection rule, broadcast detection rule, system location rule, and Internet application location rule ar shown. Also, the structure of multi-agent system and state transition diagram is portrayed to have connectivity with he set of rules. To verify availability of proposed rules, the process to find a faulty system is shown by monitoring and analyzing the LAN fault occurrences from the proposed set of rules. Such an rule based agent system is helpful to an Internet manager to solve a reason of fault and make ad decision from gathering management information.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.525-532
• /
• 2003

This paper describes intrusion detection rule management using mobile agents. Intrusion detection can be divided into anomaly detection and misuse detection. Misuse detection is best suited for reliably detecting known use patterns. Misuse detection systems can detect many or all known attack patterns, but they are of little use for as yet unknown attack methods. Therefore, the introduction of mobile agents to provide computational security by constantly moving around the Internet and propagating rules is presented as a solution to misuse detection. This work presents a new approach for detecting intrusions, in which mobile agent mechanisms are used for security rules propagation. To evaluate the proposed approach, we compared the workload data between a rules propagation method using a mobile agent and a conventional method. Also, we simulated a rules management using NS-2 (Network Simulator) with respect to time.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.12 no.6
• /
• pp.531-536
• /
• 2002

In this paper, we have applied Genetic Algorithms(GAs) to Intrusion Detection System(TDS), and then proposed and simulated the misuse detection model firstly. We have implemented with the KBD contest data, and tried to simulated in the same environment. In the experiment, the set of record is regarded as a chromosome, and GAs are used to produce the intrusion patterns. That is, the intrusion rules are generated. We have concentrated on the simulation and analysis of classification among the Data Mining techniques and then the intrusion patterns are produced. The generated rules are represented by intrusion data and classified between abnormal and normal users. The different rules are generated separately from three models "Time Based Traffic Model", "Host Based Traffic Model", and "Content Model". The proposed system has generated the update and adaptive rules automatically and continuously on the misuse detection method which is difficult to update the rule generation. The generated rules are experimented on 430M test data and almost 94.3% of detection rate is shown.3% of detection rate is shown.

• Journal of Korea Society of Industrial Information Systems
• /
• v.8 no.4
• /
• pp.8-16
• /
• 2003

This paper moses a method to solve the weakness in Snort, the network based intrusion detection system. Snort which is the rule-based intrusion detection system dose not supports a protection method for their own rules which are signatures to detect intrusions. Therefore the purpose of this paper is to provide a scheme for protecting rules. The system with the proposed scheme could support integrity and confidentiality to the rules.

• Journal of the Korean Society of Safety
• /
• v.19 no.1
• /
• pp.49-55
• /
• 2004

This study presents an analysis of comparison of P-type fire detection system with fuzzy logic-applied fire detection system. The fuzzy logic-applied fire detection system has input variables obtained by fire experiment of small scale with K-type temperature sensor and optical smoke sensor. And the antecedent part of fuzzy rules consists of temperature and smoke density, and the consequent part consists of fire probability. Also triangular fuzzy membership function is used for input variables and fuzzy rules. To calculate the final fire probability a centroid method is introduced. A fire experiment is conducted with controlling wood crib layer, cigarette to simulate actual fire and false alarm situation. The results show that peak fire probability is 25[%] for non-fire and is more than 80[%] for fire situation, respectively. The fuzzy logic-applied fire detection system suggested here is able to distinguish fire situation and non-fire situation very precisely.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.6
• /
• pp.624-629
• /
• 2016

Recently various types of disaster monitoring system using smart-phones are under active studying. In this paper, we propose a system that automatically performs the disaster and fire detection. Additionally we implement the Arduino-based smart image sensor system in the web platform. When a fire is detected, an SMS is sent to the Fire and Disaster Management Agency. In order to improve fire detection probability, we proposed a smart Arduino fire detection sensor simulation which searches the smart sensor inference algorithm using fuzzy rules.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.8
• /
• pp.781-790
• /
• 2004

This paper describes intrusion detection rule mangement using mobile agents. Intrusion detection can be divided into anomaly detection and misuse detection. Misuse detection is best suited for reliably detecting known use patterns. Misuse detection systems can detect many or all known attack patterns, but they are of little use for as yet unknown attack methods. Therefore, the introduction of mobile agents to provide computational security by constantly moving around the Internet and propagating rules is presented as a solution to misuse detection. This work presents a new approach for detecting intrusions, in which mobile agent mechanisms are used for security rules propagation. To evaluate the proposed appraoch, we compared the workload data between a rules propagation method using a mobile agent and a conventional method. Also, we simulated a rules management using NS-2(Network Simulator) with respect to time.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.13 no.1
• /
• pp.9-21
• /
• 2010

In this paper, optimum design of distributed detection is considered for a parallel sensor network system consisting of a fusion center and multiple passive sonar nodes. Nonrandom fusion rules are employed as the fusion rules of the sensor network. For the nonrandom fusion rules, it is shown that a threshold rule of each sensor node has uniformly most powerful properties. Optimum threshold for each sensor is investigated that maximizes the probability of detection under a constraint on energy consumption due to false alarms. It is also investigated through numerical experiments how signal strength, false alarm probability, and the distance between three sensor nodes affect the system detection performances.