• Journal of information and communication convergence engineering
• /
• 제6권3호
• /
• pp.294-300
• /
• 2008

This study was conducted to investigate what to consider for active response in the intrusion detection system, how to implement active response, and 6-phase response models to respond actively, including the active response scheme to detect unknown attacks by using a traffic measuring engine and an anomaly detection engine.

• Journal of Electrical Engineering and Technology
• /
• 제9권2호
• /
• pp.707-720
• /
• 2014

This paper proposes a face tracking scheme that is a combination of a face detection algorithm and a face tracking algorithm. The proposed face detection algorithm basically uses the Adaboost algorithm, but the amount of search area is dramatically reduced, by using skin color and motion information in the depth map. Also, we propose a face tracking algorithm that uses a template matching method with depth information only. It also includes an early termination scheme, by a spiral search for template matching, which reduces the operation time with small loss in accuracy. It also incorporates an additional simple refinement process to make the loss in accuracy smaller. When the face tracking scheme fails to track the face, it automatically goes back to the face detection scheme, to find a new face to track. The two schemes are experimented with some home-made test sequences, and some in public. The experimental results are compared to show that they outperform the existing methods in accuracy and speed. Also we show some trade-offs between the tracking accuracy and the execution time for broader application.

• 한국컴퓨터정보학회논문지
• /
• 제17권5호
• /
• pp.33-40
• /
• 2012

본 논문은 HTTP Outbound Traffic의 감시를 통해 다양한 웹 공격의 침입 경로에 대응하고, 학습 효율성을 높여 변종 또는 새로운 기법을 이용한 비정상 행위에 대한 오탐을 낮춘 기법을 제안한다. 제안 기법은 HMM(Hidden Markov Model)을 적용하여 HTML 문서속의 태그와 자바스크립트의 학습을 통한 정상 행위 모델을 생성한 후, HTTP Outbound Traffic속의 정보를 정상 행위 모델과 비교하여 웹 공격을 탐지한다. 실제 침입된 환경에서의 검증 분석을 통해, 제안기법이 웹 공격에 대해 0.0001%의 오탐율과 96%의 우수한 탐지능력을 보임을 제시한다.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2018년도 추계학술대회
• /
• pp.251-254
• /
• 2018

주변 환경 변화에 따라 무선 수신 신호가 변화되는 현상을 활용한 Internet of Things(IoT) 시스템에 대한 연구가 활발히 진행되고 있다. 본 논문에서는 고정된 송수신기 간 주기적 신호 교환 시, 수신 신호가 주변 온도 변화에 따라 변화함을 증명하고, 수신 신호 변화를 활용한 화재 감지 기법을 제안한다. 제안 기법은 수신 신호 변화 감지부와 수신기 내부 온도 감지부로 구성되며, 수신기 내부 온도 감지부는 무선 채널 환경 변화에 따른 수신 신호 변화를 화재 발생으로 감지됨을 방지한다. 제안 기법은 화재 감지를 위해 별도의 장치 추가 없이 기존 수신기에 소프트웨어 개선을 통해 지원가능하다는 장점을 지닌다.

• 전력전자학회논문지
• /
• 제12권1호
• /
• pp.74-80
• /
• 2007

본 논문에서는 2상 여자 방식으로 구동하는 전압형 인버터 스위치에 발생한 개방 고장을 검출하는 기법을 제안한다. 제안된 기법은 인버터 각 상의 하단 스위치에 전압 센서를 사용하여 동작 모드에 따라 개방 고장을 판별한다. 이는 구현이 간단하고 빠른 고장 판별이 가능하며 부하의 영향을 거의 받지 않기 때문에, 시스템의 신뢰성을 향상시킨다. 또한 4-스위치 인버터 구동을 적용한 재구성을 통하여 고장 발생시에도 고장의 영향을 최소화 하면서 연속적인 운전을 가능하게 했다. 제안된 고장 검출 알고리즘의 타당성은 실험결과로 검증한다.

• 제어로봇시스템학회논문지
• /
• 제17권11호
• /
• pp.1117-1124
• /
• 2011

An integrated fault detection and isolation method is proposed in this paper. The main objective of this paper is development fault detection, isolation and diagnosis algorithm based on the DKF (Decentralized Kalman Filter) and the bank of IMM (Interacting Multiple Model) filters using penalty scalar for both partial and total faults and the outlier detection algorithm for preventing false alarm also included. The proposed FDI (Fault Detection and Isolation) scheme is developed in four phases. In the first phase, the outlier detection filter is designed to prevent false alarm as a pre-filter. In the second phases, two local filters and master filter are designed to detect sensor faults. In the third phases, the proposed FDI scheme checks sensor residual to isolate sensor faults and 11 EKFs actuator fault models are designed to detect wherever actuator faults occur. In the last phases, four filters are designed to identify the fault type which is either the total fault or partial fault. The developed scheme can deal with not only sensor and actuator faults, but also preventing false alarm. An important feature of the proposed FDI scheme can decreases fault isolation time and figure out not only fault detection and isolation but also fault type identification. To verify the proposed FDI algorithm performance, the Simulator is also developed under the Matlab/Simulink environment.

• Journal of Communications and Networks
• /
• 제12권1호
• /
• pp.74-85
• /
• 2010

For the purpose of compromising hosts, attackers including infected hosts initially perform a portscan using IP addresses in order to find vulnerable hosts. Considerable research related to portscan detection has been done and many algorithms have been proposed and implemented in the network intrusion detection system (NIDS). In order to distinguish portscanners from remote hosts, most portscan detection algorithms use a fixed threshold that is manually managed by the network manager. Because the threshold is a constant, even though the network environment or the characteristics of traffic can change, many false positives and false negatives are generated by NIDS. This reduces the efficiency of NIDS and imposes a high processing burden on a network management system (NMS). In this paper, in order to address this problem, we propose an automatic portscan detection system using an fast increase slow decrease (FISD) scheme, that will automatically and adaptively set the threshold based on statistical data for traffic during prior time periods. In particular, we focus on reducing false positives rather than false negatives, while the threshold is adaptively set within a range between minimum and maximum values. We also propose a new portscan detection algorithm, rate of increase in the number of failed connection request (RINF), which is much more suitable for our system and shows better performance than other existing algorithms. In terms of the implementation, we compare our scheme with other two simple threshold estimation methods for an adaptive threshold setting scheme. Also, we compare our detection algorithm with other three existing approaches for portscan detection using a real traffic trace. In summary, we show that FISD results in less false positives than other schemes and RINF can fast and accurately detect portscanners. We also show that the proposed system, including our scheme and algorithm, provides good performance in terms of the rate of false positives.

• 제어로봇시스템학회논문지
• /
• 제9권11호
• /
• pp.883-890
• /
• 2003

Two GOS (Generalized Observer Scheme) type Fault Detection Isolation Schemes (FDIS), employing the bank of unknown input functional observers (UIFO) as a residual generator, are proposed to make the practical use of the multiple observer based FDIS. The one is IFD (Instrument Fault Detection) scheme and the other is PFD (Process Fault Detection) scheme. A design method of UIFO is suggested for robust residual generation and reducing the size of the observer bank. Several design objectives that can be achieved by the FDI schemes and the design methods to meet the objectives are described. An IFD system is constructed for the Boeing 929 Jetfoil boat system to show the effectiveness of the propositions. Major contributions of this paper are two folds. Firstly, the proposed UIFO approaches considerably reduce the size of residual generator in the GOS type FDI systems. Secondly, the FDI schemes, in addition to the basic functions of the conventional observer-based FDI schemes, can reconstruct the failed signal or give the estimates of fault magnitude that can be used for compensating fault effects. The schemes are directly applicable to the design of a fault tolerant control systems.

• 한국정보과학회논문지:시스템및이론
• /
• 제32권2호
• /
• pp.49-54
• /
• 2005

본 논문에서는 즉시 할당 상태와 함께 단일 자원, 단일 요청의 가정 하에서 다중처리 시스템에서 사이클을 발생 즉시 발견함으로써 지연 없는 교차상태의 발견 방법을 소개한다. 기존의 방법과는 달리 제시된 방법은 n과 m으로 프로세스와 자원의 수론 나타낼 때 사이클의 발견에 O(1), 대기나 자원의 반납시에 O(n.m)의 시간을 요한다. 따라서 n과 m의 크기에 상관없이 교착상태를 발생 즉시 알 수 있으며, 이점이 다중처리 시스템의 특성과 잘 조화될 수 있음을 보였다. 교착상태와 연관된 응용환경에서 이러한 발견의 예측성과 비 지연성은 매우 유용할 것이다.

• Journal of Electrical Engineering and Technology
• /
• 제13권2호
• /
• pp.989-997
• /
• 2018

Massive event stream brings us great challenges in its volume, velocity, variety, value and veracity. Picking up some valuable information from it often faces with long detection time, high memory consumption and low detection efficiency. Aiming to solve the problems above, an efficient complex event detection method based on NFA_HTS (Nondeterministic Finite Automaton_Hash Table Structure) is proposed in this paper. The achievement of this paper lies that we successfully use NFA_HTS to realize the detection of complex event from massive RFID event stream. Specially, in our scheme, after using NFA to capture the related RFID primitive events, we use HTS to store and process the large matched results, as a result, our scheme can effectively solve the problems above existed in current methods by reducing lots of search, storage and computation operations on the basis of taking advantage of the quick classification and storage technologies of hash table structure. The simulation results show that our proposed NFA_HTS scheme in this paper outperforms some general processing methods in reducing detection time, lowering memory consumption and improving event throughput.