• The Transactions of the Korea Information Processing Society
• /
• v.7 no.7
• /
• pp.2169-2178
• /
• 2000

This paper proposes the structure of an agent and rules for fault detection and location on LAN. To find out a reason of critical fault incurred LAN, collision detection rule, error detection rule, broadcast detection rule, system location rule, and Internet application location rule ar shown. Also, the structure of multi-agent system and state transition diagram is portrayed to have connectivity with he set of rules. To verify availability of proposed rules, the process to find a faulty system is shown by monitoring and analyzing the LAN fault occurrences from the proposed set of rules. Such an rule based agent system is helpful to an Internet manager to solve a reason of fault and make ad decision from gathering management information.

• Proceedings of the Korean Institute of Intelligent Systems Conference
• /
• 2005.11a
• /
• pp.271-275
• /
• 2005

In this research, we propose a Unified Fuzzy rule-based knowledge Inference Systems UFIS) to help the expert in cosmetic brand detection. Users' preferred cosmetic product detection is very important in the level of CRM. To this Purpose, many corporations trying to develop an efficient data mining tool. In this study, we develop a prototype fuzzy rule detection and inference system. The framework used in this development is mainly based on two different mechanisms such as fuzzy rule extraction and RDB (Relational DB)-based fuzzy rule inference. First, fuzzy clustering and fuzzy rule extraction deal with the presence of the knowledge in data base and its value is presented with a value between $0\∼1$. Second, RDB and SQL(Structured Query Language)-based fuzzy rule inference mechanism provide more flexibility in knowledge management than conventional non-fuzzy value-based KMS(Knowledge Management Systems)

• International Journal of Fuzzy Logic and Intelligent Systems
• /
• v.5 no.4
• /
• pp.353-359
• /
• 2005

In this research, we propose a Unified Fuzzy rule-based knowledge Inference Systems (UFIS) to help the expert in cosmetic brand detection. Users' preferred cosmetic product detection is very important in the level of CRM. To this purpose, many corporations trying to develop an efficient data mining tool. In this study, we develop a prototype fuzzy rule detection and inference system. The framework used in this development is mainly based on two different mechanisms such as fuzzy rule extraction and RDB (Relational DB)-based fuzzy rule inference. First, fuzzy clustering and fuzzy rule extraction deal with the presence of the knowledge in data base and its value is presented with a value between 0 -1. Second, RDB and SQL (Structured Query Language)-based fuzzy rule inference mechanism provide more flexibility in knowledge management than conventional non-fuzzy value-based KMS (Knowledge Management Systems).

• Review of KIISC
• /
• v.5 no.2
• /
• pp.32-48
• /
• 1995

Our paper describes an Intrusion Detection Parallel System(IDPS) which detects an anomaly activity corresponding to the actions that interaction between near detection events. IDES uses parallel inductive approaches regarding the problem of real-time anomaly behavior detection on rule-based system. This approach uses sequential rule that describes user's behavior and characteristics dependent on time. and that audits user's activities by using rule base as data base to store user's behavior pattern. When user's activity deviates significantly from expected behavior described in rule base. anomaly behaviors are recorded. Observed behavior is flagged as a potential intrusion if it deviates significantly from the expected behavior or if it triggers a rule in the parallel inductive system.

• ETRI Journal
• /
• v.39 no.4
• /
• pp.592-604
• /
• 2017

Intrusion detection is very important for network situation awareness. While a few methods have been proposed to detect network intrusion, they cannot directly and effectively utilize semi-quantitative information consisting of expert knowledge and quantitative data. Hence, this paper proposes a new detection model based on a directed acyclic graph (DAG) and a belief rule base (BRB). In the proposed model, called DAG-BRB, the DAG is employed to construct a multi-layered BRB model that can avoid explosion of combinations of rule number because of a large number of types of intrusion. To obtain the optimal parameters of the DAG-BRB model, an improved constraint covariance matrix adaption evolution strategy (CMA-ES) is developed that can effectively solve the constraint problem in the BRB. A case study was used to test the efficiency of the proposed DAG-BRB. The results showed that compared with other detection models, the DAG-BRB model has a higher detection rate and can be used in real networks.

• ETRI Journal
• /
• v.37 no.3
• /
• pp.502-511
• /
• 2015

Intrusion detection plays a key role in detecting attacks over networks, and due to the increasing usage of Internet services, several security threats arise. Though an intrusion detection system (IDS) detects attacks efficiently, it also generates a large number of false alerts, which makes it difficult for a system administrator to identify attacks. This paper proposes automatic fuzzy rule generation combined with a Wiener filter to identify attacks. Further, to optimize the results, simplified swarm optimization is used. After training a large dataset, various fuzzy rules are generated automatically for testing, and a Wiener filter is used to filter out attacks that act as noisy data, which improves the accuracy of the detection. By combining automatic fuzzy rule generation with a Wiener filter, an IDS can handle intrusion detection more efficiently. Experimental results, which are based on collected live network data, are discussed and show that the proposed method provides a competitively high detection rate and a reduced false alarm rate in comparison with other existing machine learning techniques.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.14 no.1
• /
• pp.123-131
• /
• 2011

In this paper, modeling and design of a distributed detection system are considered for an active sonar sensor network. The sensor network has a parallel configuration and it consists of a fusion center and a set of receiver nodes. A system with two receiver nodes is considered to investigate a theoretical aspect of design. To be specific, AND rule and OR rule are considered as the fusion rules of the sensor network. For the fusion rules, it is shown that a threshold rule of each sensor node has uniformly most powerful properties. Optimum threshold for each sensor is obtained that maximizes the probability of detection given probability of false alarm. Numerical experiments were also performed to investigate the detection characteristics of a distributed detection system with multiple sensor nodes. The experimental results show how signal strength, false alarm probability, and the distance between nodes in a sensor field affect the system detection performances.

• The Transactions of the Korean Institute of Electrical Engineers A
• /
• v.48 no.4
• /
• pp.444-451
• /
• 1999

A diagnostic rule-base design method for enhancing fault detection and isolation performance of multiple obsever based fault detection isolation schemes (FIDS) is presented. The diagnostic rule-base has a hierarchical framework to perform detection and isolation of faults of interest, and diagnosis of process faults. The decision unit comprises a rule base and a fuzzy inference engine and removes some difficulties of conventional decision unit which includes crisp logic with threshold values. Emphasis is placed on the design and evaluation methods of the diagnostic rult-base. The suggested scheme is applied to the FDIS design for a DC motor driven centrifugal pump system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.12
• /
• pp.2287-2297
• /
• 2007

The proposed ANIDS(Advanced Network Intrusion Detection System) which is network-based IDS using Association Rule Mining, collects the packets on the network, analyze the associations of the packets, generates the pattern graph by using the highly associated packets using Association Rule Mining, and detects the intrusion by using the generated pattern graph. ANIDS consists of PMM(Packet Management Module) collecting and managing packets, PGGM(Pattern Graph Generate Module) generating pattern graphs, and IDM(Intrusion Detection Module) detecting intrusions. Specially, PGGM finds the candidate packets of Association Rule large than $Sup_{min}$ using Apriori algorithm, measures the Confidence of Association Rule, and generates pattern graph of association rules large than $Conf_{min}$. ANIDS reduces the false positive by using pattern graph even before finalizing the new pattern graph, the pattern graph which is being generated is compared with the existing one stored in DB. If they are the same, we can estimate it is an intrusion. Therefore, this paper can reduce the speed of intrusion detection and the false positive and increase the detection ratio of intrusion.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.12 no.2
• /
• pp.159-169
• /
• 2009

In this paper, optimum design of distributed detection is considered for a parallel sensor network system consisting of a fusion center and two passive sonar nodes. AND rule and OR rule are employed as the fusion rules of the sensor network. For the fusion rules, it is shown that a threshold rule of each sensor node has uniformly most powerful properties. Optimum threshold for each sensor is investigated that maximizes the probability of detection under the constraint of a specified probability of false alarm. It is also investigated through numerical experiments how signal strength, false alarm probability, and the distance between two sensor nodes affect the system detection performances.