• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2005.11a
• /
• pp.161-164
• /
• 2005

As the power of influence of the Internet grows steadily, attacks against the Internet can cause enormous monetary damages nowadays. A worm can not only replicate itself like a virus but also propagate itself across the Internet. So it infects vulnerable hosts in the Internet and then downgrades the overall performance of the Internet or makes the Internet not to work. To response this, worm detection and prevention technologies are developed. The worm detection technologies are classified into two categories, host based detection and network based detection. Host based detection methods are a method which checks the files that worms make, a method which checks the integrity of the file systems and so on. Network based detection methods are a misuse detection method which compares traffic payloads with worm signatures and anomaly detection methods which check inbound/outbound scan rates, ICMP host/port unreachable message rates, and TCP RST packet rates. However, single detection methods like the aforementioned can't response worms' attacks effectively because worms attack the Internet in the distributed fashion. In this paper, we propose a design of distributed worm detection system to overcome the inefficiency. Existing distributed network intrusion detection systems cooperate with each other only with their own information. Unlike this, in our proposed system, a worm detection system on a network in which worms select targets and a worm detection system on a network in which worms propagate themselves cooperate with each other with the direction-aware information in terms of worm's lifecycle. The direction-aware information includes the moving direction of worms and the service port attacked by worms. In this way, we can not only reduce false positive rate of the system but also prevent worms from propagating themselves across the Internet through dispersing the confirmed worm signature.

• Korean Journal of Fisheries and Aquatic Sciences
• /
• v.43 no.1
• /
• pp.83-88
• /
• 2010

Acoustic telemetry is a useful method to investigate fish behavior and is widely used to obtain biological information. In this study, the detection ability of a mooring-type acoustic telemetry system and the seasonal changes were studied for survey design and data analysis. The system detection range was examined with an underwater noise model, and seasonal changes were estimated with a ray-tracing program and underwater temperature profile data. The field experiment was conducted with two sets of pingers and six receivers to estimate the difference in detection rate by installation depth and to compare the model estimate. Results indicated that the long-range detection ability of the acoustic telemetry system was significantly affected by underwater temperature. The detection rate rapidly decreased near the sea surface or bottom despite that the near-range Signal to noise ratio was sufficient.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.7
• /
• pp.589-595
• /
• 2013

The agents for security surveillance are not enough for monitoring CCTV system, so the intelligent automatic surveillance system is needed. In this paper, object detection, tracking and abnormal event detection system is implemented for intelligent CCTV system. Each modules are tested on the real CCTV environment and promoted for commercialization. Abnormal event detection module and loitering detection and sudden running detection function and it's detection time is under 1 second which is satisfied level.

• Journal of the Semiconductor & Display Technology
• /
• v.17 no.1
• /
• pp.54-61
• /
• 2018

In this study, two aspects were analyzed about the robot for removal of explosive devices. First, the cost analyses were performed to provide a reasonable solution for the acquirement of the system. It is processed by an engineering estimate method and the process was consisted of two ways : a system development expense and a mass production unit price. In additions, the resultant cost analyses were compared between the cases excluding and including a mines detection system. As results, in the case of the acquirement of the robot system for removal of explosive devices, it is recommended that the performance by improving the mines detection ability should be considered preferentially rather than the cost because the material cost for the mines detection system is negligible compared to the whole system cost. Second, as a way for improving the system performance by the mine detection function, the carbon nanotube (CNT) based sensor technology was studied in terms of sensitivity and simple productivity with presenting its preliminary experimental results. The detection electrodes were formed by a photolithography method using a photosensitive CNT paste. As results, this method was shown as a scalable and expandable technology for the excellent mines detection sensors.

• Journal of the Korea Society for Simulation
• /
• v.11 no.4
• /
• pp.91-105
• /
• 2002

The attackers on Internet-connected systems we are seeing today are more serious and technically complex than those in the past. So it is beyond the scope of amy one system to deal with the intrusions. That the multiple IDSes (Intrusion Detection System) coordinate by sharing attacker's information for the effective detection of the intrusion is the effective method for improving the intrusion detection performance. The system which uses BBA (BlackBoard Architecture) for the information sharing can be easily expanded by adding new agents and increasing the number of BB (BlackBoard) levels. Moreover the subdivided levels of blackboard enhance the sensitivity of the intrusion detection. For the simulation, security models are constructed based on the DEVS (Discrete EVent system Specification) formalism. The intrusion detection agent uses the ES (Expert System). The intrusion detection system detects the intrusions using the blackboard and the firewall responses these detection information.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.179-191
• /
• 2024

With the advancement of modern technology, cyber-attacks are always rising. Specialized defense systems are needed to protect organizations against these threats. Malicious behavior in the network is discovered using security tools like intrusion detection systems (IDS), firewall, antimalware systems, security information and event management (SIEM). It aids in defending businesses from attacks. Delivering advance threat feeds for precise attack detection in intrusion detection systems is the role of cyber-threat intelligence (CTI) in the study is being presented. In this proposed work CTI feeds are utilized in the detection of assaults accurately in intrusion detection system. The ultimate objective is to identify the attacker behind the attack. Several data sets had been analyzed for attack detection. With the proposed study the ability to identify network attacks has improved by using machine learning algorithms. The proposed model provides 98% accuracy, 97% precision, and 96% recall respectively.

• Journal of Information Processing Systems
• /
• v.1 no.1 s.1
• /
• pp.9-13
• /
• 2005

Computer security has become a critical issue with the rapid development of business and other transaction systems over the Internet. The application of artificial intelligence, machine learning and data mining techniques to intrusion detection systems has been increasing recently. But most research is focused on improving the classification performance of a classifier. Selecting important features from input data leads to simplification of the problem, and faster and more accurate detection rates. Thus selecting important features is an important issue in intrusion detection. Another issue in intrusion detection is that most of the intrusion detection systems are performed by off-line and it is not a suitable method for a real-time intrusion detection system. In this paper, we develop the real-time intrusion detection system, which combines an on-line feature extraction method with the Least Squares Support Vector Machine classifier. Applying the proposed system to KDD CUP 99 data, experimental results show that it has a remarkable feature extraction and classification performance compared to existing off-line intrusion detection systems.

• The Journal of the Korea Contents Association
• /
• v.3 no.1
• /
• pp.31-38
• /
• 2003

In this paper, We propose detection mood generation system using learning to generate automatically detection model. It is improved manpower, efficiency in time. Proposed detection model generator system is consisted of agent system and manager system. Model generation can do existing standardization by genetic algorithm because do model generation and apply by new detection model. according to experiment results, detection model generation using learning proposed sees more efficiently than existing intrusion detection system. When intrusion of new type occur by implemented system and decrease of the False-Positive rate, improve performance of existing intrusion detection system.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.14 no.6
• /
• pp.1002-1008
• /
• 2011

The mine-detection system, which is one of the various mission equipments for Ground Vehicle System, detects mine under the ground. The mine detection sensors comprised of Metal Detection(MD) sensor and Ground Penetration Radar(GPR) are attached on the end of the multi-DOF manipulator. The manipulator moves the sensor to sweep mine areas keeping the pre-determined distance between the sensor and ground to enhance mine detection performance. The detection system can be operated automatically, semi-automatically and manually. When the detection system is operated automatically, the sensor should avoid collisions with unexpected obstacles which may exist on the ground. Two types of ultra-sonic sensors were developed for the mine detection sensor system to keep the appropriate gap between sensor and the ground to avoid the obstacles. Also, mine place marking device was developed.

• Proceedings of the KSR Conference
• /
• 2011.10a
• /
• pp.768-773
• /
• 2011

Today's urban transit system is regarded as the important public transportation service which saves passengers' time and provides the safety. Many researches focus on the rapid and protective responses that minimize the losses when dangerous situation occurs. In this paper we proposed the early fire detection and corresponding rapid response method in urban transit system by combining automatic fire detection for video input and the sensor system. The fire detection method consists of two parts, spark detection and smoke detection. At the spark detection, the RGB color of input video is converted into HSV color and the frame difference is obtained in temporal direction. The region with high R values is considered as fire region candidate and stepwise fire detection rule is applied to calculate its size. At the smoke detection stage, we used the smoke sensor network to secure the credibility of spark detection. The proposed system can be implemented at low prices. In the future work, we would improve the detection algorithm and the accuracy of sensor location in the network.