• 정보처리학회논문지C
• /
• 제11C권6호
• /
• pp.711-718
• /
• 2004

일반적으로 패킷 샘플링은 네트워크의 관리 및 보안 등의 목적으로 네트워크를 통과하는 패킷들 중 일부만을 수집하여 분석하는 기법이다. 본 논문에서는 분산 서비스 거부(DDoS) 공격을 효율적으로 탐지하고 트래픽 분석 성능을 높이기 위해, DDoS 공격 탐지 기술에 다양한 패킷 샘플링 기법들을 적용하고 이들이 DDoS 탐지 성능에 어떠한 영향을 미치는지 비교 분석한다. 트래픽 특성 분석을 위해 DDoS 탐지 기법의 하나인 기존의 트래픽 비율 분석법을 사용하여 실험하였다. 실험 결과 DDoS 공격 탐지를 위한 패킷 샘플링 기법의 사용은 모든 패킷을 조사하지 않고도 기존의 트래픽 비율 분석법과 비슷한 성능을 보이는 것을 확인할 수 있었으며, DDoS 공격 탐지의 정확성을 유지하면서도 분석 트래픽양을 현저히 줄인 수 있었다.

• 대한원격탐사학회:학술대회논문집
• /
• 대한원격탐사학회 2004년도 Proceedings of ISRS 2004
• /
• pp.64-67
• /
• 2004

Change detection using aerial and satellite images is one of the important research topics in photogrammetry and image interpretation. It is of particular importance especially in the fields of military, political and administrative affairs. When there is a need to detect changes in multi-temporal images, the most efficient methods for change detection and thresholds of change/no change area need to be chosen. Also, the images obtained from the various methods need to be analyzed. To do so, we need a system that can support our decision making process. Therefore, in this paper, we propose the Decision Support System for Change Detection. This system is composed of Data Base, Model Base and Graphic User Interface(GUI). Data base is a compilation of previous change detection results, and Model Base comprise of numerous operations. The data can be input and have the results of change detection analyzed by using GUI. In this paper, we will explain the entire operation of the system and demonstrate the level of its effectiveness.

• 한국동물위생학회지
• /
• 제34권4호
• /
• pp.333-339
• /
• 2011

Loop-mediated isothermal amplification (LAMP) was developed to detect Mycobacterium tuberculosis complex (MTC) and non-tuberculous mycobacterium (NTM) genomic DNA in blood samples of Korea native cattle. A set of four primers, two outer and two inner, were designed from M. bovis and M. avium genomic DNA targeting the IS6110 and 16S rRNA gene, respectively. Based on 85 Intradermal Tuberculin Test (ITT) positive blood sample and using conventional PCR and LAMP, the agreement quotient (kappa), which measures agreement beyond chance were 0.93 (conventional PCR) and 0.97 (LAMP), respectively. The detection limit of the LAMP method was $2.0{\times}10^2$ copy/ml M. bovis and M. avium cells, compared to $2.0{\times}10^3$ copy/ml M. bovis and M. avium cells for conventional PCR. These results suggest that the LAMP is a powerful tool for rapid, sensitive, and practical detection of MTC and NTM in blood samples of Korea native cattle.

• 디지털산업정보학회논문지
• /
• 제5권2호
• /
• pp.167-176
• /
• 2009

In this paper, a system that detects driver's drowsiness has been implemented based on the automatic extraction and the tracking of pupils. The research also focuses on the compensation of illumination and reduction of background noises that naturally exist in the driving condition. The system, that is based on the principle of Haar-like feature, automatically collects data from areas of driver's face and eyes among the complex background. Then, it makes decision of driver's drowsiness by using recognition of characteristics of pupils area, detection of pupils, and their movements. The implemented system has been evaluated and verified the practical uses for the prevention of driver's drowsiness.

• 한국정보과학회:학술대회논문집
• /
• 한국정보과학회 2011년도 한국컴퓨터종합학술대회논문집 Vol.38 No.1(D)
• /
• pp.215-218
• /
• 2011

VoIP(Voice over Internet Protocol) 서비스는 기존의 음성전화 서비스(Public Switched Telephone Network, PSTN)와 달리 IP 프로토콜을 이용한 저렴한 통신비용 등의 장점이 있는 음성통신 기술로써, 기존의 아날로그 음성전화 서비스를 대신하는 서비스이며, 새로운 인터넷 융합서비스로 많은 사용자가 이용하고 있다. 하지만 VoIP 서비스가 인터넷망을 이용함으로 IP Spoofing, DoS (Denial of Server) / DDoS(Distributed Denial of Service), 등의 여러 가지 보안의 문제점을 가지고 있다. VoIP 서비스에서 DDoS 공격은 Proxy 서버 등에 대량의 공격 메시지를 보냄으로써 서버의 자원을 고갈시켜 정상적인 서비스를 하지 못하게 한다. DoS, DDoS 공격 중 Invite Flooding 공격은 1분에 수천 개의 Invite 메시지를 보내 회선의 자원을 고갈시키는 공격이다. 특히 IP/Port 위조하여 공격 경우 공격 패킷 탐지하기 어려우므로 차단할 수 없다. 따라서 본 논문에서는 VoIP의 DoS/DDoS 중 하나인 Invite Flooding 공격 시 SIP Proxy Server에서 메시지 분산시키는 방법과 MAC Address와 사용자 번호 등 IP 이외의 고정적인 사용자 정보를 확인하여 공격을 탐지하고, 공격 Agent에 감염된 Phone을 공격차단서비스로 보내 복구시키는 방법을 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권9호
• /
• pp.3639-3662
• /
• 2020

The network capability to accomplish its functions in a timely fashion under failures and attacks is known as survivability. Ad hoc routing protocols have been studied and extended to various domains, such as Intelligent Transport Systems (ITSs), Unmanned Aerial Vehicles (UAVs), underwater acoustic networks, and Internet of Things (IoT) focusing on different aspects, such as security, QoS, energy. The existing solutions proposed in this domain incur substantial overhead and eventually become burden on the network, especially when there are fewer attacks or no attack at all. There is a need that the effectiveness of these routing protocols be analyzed in the presence of Denial of Service (DoS) attacks without any intrusion detection or prevention system. This will enable us to establish and identify the inherently stable routing protocols that are capable to survive longer in the presence of these attacks. This work presents a DoS attack case study to perform theoretical analysis of survivability on node and network level in the presence of DoS attacks. We evaluate the performance of reactive and proactive routing protocols and analyse their survivability. For experimentation, we use NS-2 simulator without detection or prevention capabilities. Results show that proactive protocols perform better in terms of throughput, overhead and packet drop.

• 전기전자학회논문지
• /
• 제28권1호
• /
• pp.6-13
• /
• 2024

본 논문에서는 비지도학습 모델인 오토인코더와 가우시안 커널 밀도 추정 함수를 이용하여 차량용 CAN 네트워크에서 비정상적인 데이터를 탐지하는 방안을 제안한다. 제안하는 오토인코더 모델은 정상 데이터에서 CAN 프레임의 ID만으로 학습시킨다. 이후 가우시안 커널 밀도 추정 함수를 이용하여 구한 최적의 프레임 개수와 손실 임계값을 가지는 모델을 사용하여 비정상 데이터를 효과적으로 탐지한다. DoS 공격, Gear 스푸핑 공격, RPM 스푸핑 공격, Fuzzy 공격 등 4가지 공격 데이터로 오토인코더 기반 IDS를 검증하였으며 성능을 평가하였다. 기존 비지도학습 기반 모델들과 비교했을 때 우수한 성능을 나타냈으며 모든 평가 지표에서 99% 이상의 성능을 나타냈다.

• Journal of Computing Science and Engineering
• /
• 제5권4호
• /
• pp.305-313
• /
• 2011

Due to the expansion of high-speed Internet access, the need for secure and reliable networks has become more critical. The sophistication of network attacks, as well as their severity, has also increased recently. As such, more and more organizations are becoming vulnerable to attack. The aim of this research is to classify network attacks using neural networks (NN), which leads to a higher detection rate and a lower false alarm rate in a shorter time. This paper focuses on two classification types: a single class (normal, or attack), and a multi class (normal, DoS, PRB, R2L, U2R), where the category of attack is also detected by the NN. Extensive analysis is conducted in order to assess the translation of symbolic data, partitioning of the training data and the complexity of the architecture. This paper investigates two engines; the first engine is the back-propagation neural network intrusion detection system (BPNNIDS) and the second engine is the radial basis function neural network intrusion detection system (BPNNIDS). The two engines proposed in this paper are tested against traditional and other machine learning algorithms using a common dataset: the DARPA 98 KDD99 benchmark dataset from International Knowledge Discovery and Data Mining Tools. BPNNIDS shows a superior response compared to the other techniques reported in literature especially in terms of response time, detection rate and false positive rate.

• 제어로봇시스템학회:학술대회논문집
• /
• 제어로봇시스템학회 2005년도 ICCAS
• /
• pp.1464-1467
• /
• 2005

In this research, we developed a system, which can find the location of vehicle when people park their cars in a big parking lot or large area. People can find their cars readily through this simple device and they can save their time and effort. This is the purpose of this research. Performing this, detection of electromagnetic wave's direction is needed and we used shielding effectiveness of electromagnetic waves for the method of it. An absolute coordinate indicates four directions (E, W, S, N) by using an electronic compass module, and it is needed for the localization. The device can check the received count of the electromagnetic waves coming from all other directions through the system, which is installed in the vehicle. The direction recorded the least received count would be the location of the parked vehicles. We can add on the function of this research by using the same frequency of cars alarm goods. Also, it is useful in the huge indoor parking lot.

• 한국정보통신학회논문지
• /
• 제8권3호
• /
• pp.748-753
• /
• 2004

에지는 영상에서 위치와 모양 등에 대한 다양한 정보를 포함하고 있다. 그러므로, 이러한 에지를 검출하기 위한 많은 연구가 이루어져 왔으며, 초기에 사용한 에지 검출 연산자는 인접한 화소를 조사하고, 각 화소들 사이에 대한 관계를 이용하는 것이었다. 그러나, 이러한 방법들은 노이즈가 존재하는 영상에서는 우수한 성능을 나타내지 못하며, 선택적인 에지 검출이 불가능하다. 따라서, 본 논문에서는 라인 폭에 의존하지 않는 웨이브렛 함수를 사용하여, AWGN에 훼손된 영상으로부터 라인-에지 성분을 검출하였다.