• 한국정보기술응용학회:학술대회논문집
• /
• 한국정보기술응용학회 2005년도 6th 2005 International Conference on Computers, Communications and System
• /
• pp.161-164
• /
• 2005

As the power of influence of the Internet grows steadily, attacks against the Internet can cause enormous monetary damages nowadays. A worm can not only replicate itself like a virus but also propagate itself across the Internet. So it infects vulnerable hosts in the Internet and then downgrades the overall performance of the Internet or makes the Internet not to work. To response this, worm detection and prevention technologies are developed. The worm detection technologies are classified into two categories, host based detection and network based detection. Host based detection methods are a method which checks the files that worms make, a method which checks the integrity of the file systems and so on. Network based detection methods are a misuse detection method which compares traffic payloads with worm signatures and anomaly detection methods which check inbound/outbound scan rates, ICMP host/port unreachable message rates, and TCP RST packet rates. However, single detection methods like the aforementioned can't response worms' attacks effectively because worms attack the Internet in the distributed fashion. In this paper, we propose a design of distributed worm detection system to overcome the inefficiency. Existing distributed network intrusion detection systems cooperate with each other only with their own information. Unlike this, in our proposed system, a worm detection system on a network in which worms select targets and a worm detection system on a network in which worms propagate themselves cooperate with each other with the direction-aware information in terms of worm's lifecycle. The direction-aware information includes the moving direction of worms and the service port attacked by worms. In this way, we can not only reduce false positive rate of the system but also prevent worms from propagating themselves across the Internet through dispersing the confirmed worm signature.

• 반도체디스플레이기술학회지
• /
• 제17권1호
• /
• pp.54-61
• /
• 2018

In this study, two aspects were analyzed about the robot for removal of explosive devices. First, the cost analyses were performed to provide a reasonable solution for the acquirement of the system. It is processed by an engineering estimate method and the process was consisted of two ways : a system development expense and a mass production unit price. In additions, the resultant cost analyses were compared between the cases excluding and including a mines detection system. As results, in the case of the acquirement of the robot system for removal of explosive devices, it is recommended that the performance by improving the mines detection ability should be considered preferentially rather than the cost because the material cost for the mines detection system is negligible compared to the whole system cost. Second, as a way for improving the system performance by the mine detection function, the carbon nanotube (CNT) based sensor technology was studied in terms of sensitivity and simple productivity with presenting its preliminary experimental results. The detection electrodes were formed by a photolithography method using a photosensitive CNT paste. As results, this method was shown as a scalable and expandable technology for the excellent mines detection sensors.

• 한국수산과학회지
• /
• 제43권1호
• /
• pp.83-88
• /
• 2010

Acoustic telemetry is a useful method to investigate fish behavior and is widely used to obtain biological information. In this study, the detection ability of a mooring-type acoustic telemetry system and the seasonal changes were studied for survey design and data analysis. The system detection range was examined with an underwater noise model, and seasonal changes were estimated with a ray-tracing program and underwater temperature profile data. The field experiment was conducted with two sets of pingers and six receivers to estimate the difference in detection rate by installation depth and to compare the model estimate. Results indicated that the long-range detection ability of the acoustic telemetry system was significantly affected by underwater temperature. The detection rate rapidly decreased near the sea surface or bottom despite that the near-range Signal to noise ratio was sufficient.

• 한국통신학회논문지
• /
• 제38B권7호
• /
• pp.589-595
• /
• 2013

최근 보안 관제를 위한 인원부족 및 감시 능력의 한계로 자동화된 지능형 관제 시스템에 대한 요구가 증가하고 있다. 이 논문에서는 지능형 감시시스템의 구축을 위하여 자동화된 객체추출 및 추적 시스템, 그리고 이상행위를 인지하는 이상행위 검출 시스템을 설계하고 구현하였다. 각 모듈은 기존의 연구 결과를 바탕으로 실제 환경에서 적용되고 상용화가 가능하도록 알고리즘의 성능을 높였으며, 구현 후 다양한 테스트를 통해 그 성과를 검증하였다. 특히, 배회 또는 도주와 같은 이상행위의 경우 1초 이내에 검출할 수 있었다.

• 한국시뮬레이션학회논문지
• /
• 제11권4호
• /
• pp.91-105
• /
• 2002

The attackers on Internet-connected systems we are seeing today are more serious and technically complex than those in the past. So it is beyond the scope of amy one system to deal with the intrusions. That the multiple IDSes (Intrusion Detection System) coordinate by sharing attacker's information for the effective detection of the intrusion is the effective method for improving the intrusion detection performance. The system which uses BBA (BlackBoard Architecture) for the information sharing can be easily expanded by adding new agents and increasing the number of BB (BlackBoard) levels. Moreover the subdivided levels of blackboard enhance the sensitivity of the intrusion detection. For the simulation, security models are constructed based on the DEVS (Discrete EVent system Specification) formalism. The intrusion detection agent uses the ES (Expert System). The intrusion detection system detects the intrusions using the blackboard and the firewall responses these detection information.

• International Journal of Computer Science & Network Security
• /
• 제24권4호
• /
• pp.179-191
• /
• 2024

With the advancement of modern technology, cyber-attacks are always rising. Specialized defense systems are needed to protect organizations against these threats. Malicious behavior in the network is discovered using security tools like intrusion detection systems (IDS), firewall, antimalware systems, security information and event management (SIEM). It aids in defending businesses from attacks. Delivering advance threat feeds for precise attack detection in intrusion detection systems is the role of cyber-threat intelligence (CTI) in the study is being presented. In this proposed work CTI feeds are utilized in the detection of assaults accurately in intrusion detection system. The ultimate objective is to identify the attacker behind the attack. Several data sets had been analyzed for attack detection. With the proposed study the ability to identify network attacks has improved by using machine learning algorithms. The proposed model provides 98% accuracy, 97% precision, and 96% recall respectively.

• Journal of Information Processing Systems
• /
• 제1권1호
• /
• pp.9-13
• /
• 2005

Computer security has become a critical issue with the rapid development of business and other transaction systems over the Internet. The application of artificial intelligence, machine learning and data mining techniques to intrusion detection systems has been increasing recently. But most research is focused on improving the classification performance of a classifier. Selecting important features from input data leads to simplification of the problem, and faster and more accurate detection rates. Thus selecting important features is an important issue in intrusion detection. Another issue in intrusion detection is that most of the intrusion detection systems are performed by off-line and it is not a suitable method for a real-time intrusion detection system. In this paper, we develop the real-time intrusion detection system, which combines an on-line feature extraction method with the Least Squares Support Vector Machine classifier. Applying the proposed system to KDD CUP 99 data, experimental results show that it has a remarkable feature extraction and classification performance compared to existing off-line intrusion detection systems.

• 한국콘텐츠학회논문지
• /
• 제3권1호
• /
• pp.31-38
• /
• 2003

본 논문에서는 탐지 모델을 자동 생성하여 인력, 시간에서의 효율성과 오탐율을 향상시키는 학습을 통한 탐지 모델 생성 시스템을 제안한다. 제안된 탐지 모델 생성 시스템은 agent 시스템과 manager 시스템으로 구성되고 agent 시스템은 탐지 모델 데이터베이스를 기반으로 센서의 역활을 수행하고 manager 시스템에서는 탐지 모델 생성과 모델 분산의 역할을 수행한다. 모델 생성은 유전적 알고리즘에 의해 기존의 정형화된 포맷의 탐지 모델을 학습시켜 모델을 생성하고 새로운 탐지 모델로 적용할 수 있다. 실험 결과에 따라 제안된 데이터 마이닝 기반의 탐지 모델 생성 시스템은 기존의 침입 탐지 시스템보다 효율적으로 침입을 탐지하였다. 구현된 시스템으로 인하여 새로운 유형의 침입 시 탐지 모델 생성과, False-Positive율의 감소를 가져와 기존 침입 탐지 시스템의 성능을 개선하여 탐지모델 생성 시스템을 제안한다.

• 한국군사과학기술학회지
• /
• 제14권6호
• /
• pp.1002-1008
• /
• 2011

The mine-detection system, which is one of the various mission equipments for Ground Vehicle System, detects mine under the ground. The mine detection sensors comprised of Metal Detection(MD) sensor and Ground Penetration Radar(GPR) are attached on the end of the multi-DOF manipulator. The manipulator moves the sensor to sweep mine areas keeping the pre-determined distance between the sensor and ground to enhance mine detection performance. The detection system can be operated automatically, semi-automatically and manually. When the detection system is operated automatically, the sensor should avoid collisions with unexpected obstacles which may exist on the ground. Two types of ultra-sonic sensors were developed for the mine detection sensor system to keep the appropriate gap between sensor and the ground to avoid the obstacles. Also, mine place marking device was developed.

• 한국철도학회:학술대회논문집
• /
• 한국철도학회 2011년도 정기총회 및 추계학술대회 논문집
• /
• pp.768-773
• /
• 2011

Today's urban transit system is regarded as the important public transportation service which saves passengers' time and provides the safety. Many researches focus on the rapid and protective responses that minimize the losses when dangerous situation occurs. In this paper we proposed the early fire detection and corresponding rapid response method in urban transit system by combining automatic fire detection for video input and the sensor system. The fire detection method consists of two parts, spark detection and smoke detection. At the spark detection, the RGB color of input video is converted into HSV color and the frame difference is obtained in temporal direction. The region with high R values is considered as fire region candidate and stepwise fire detection rule is applied to calculate its size. At the smoke detection stage, we used the smoke sensor network to secure the credibility of spark detection. The proposed system can be implemented at low prices. In the future work, we would improve the detection algorithm and the accuracy of sensor location in the network.