• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.3
• /
• pp.42-49
• /
• 2021

As cyber attacks become more intelligent, there is difficulty in detecting advanced attacks in various fields such as industry, defense, and medical care. IPS (Intrusion Prevention System), etc., but the need for centralized integrated management of each security system is increasing. In this paper, we collect big data for intrusion detection and build an intrusion detection platform using deep learning and CNN (Convolutional Neural Networks). In this paper, we design an intelligent big data platform that collects data by observing and analyzing user visit logs and linking with big data. We want to collect big data for intrusion detection and build an intrusion detection platform based on CNN model. In this study, we evaluated the performance of the Intrusion Detection System (IDS) using the KDD99 dataset developed by DARPA in 1998, and the actual attack categories were tested with KDD99's DoS, U2R, and R2L using four probing methods.

• Geophysics and Geophysical Exploration
• /
• v.4 no.3
• /
• pp.80-83
• /
• 2001

Four seismic reflection horizons in 3-D seismic data, coherence derived from the seismic data, and 38 well logs from the Boonsville Gas Filed in Texas were tried to be integrated and visualized in 3 dimensions. Time surface was constructed from pick times of the reflection horizons. Average velocities to each horizon at 38 well locations were calculated based on depth markers from the well logs and time picks from the 3-D seismic data. The time surface was transformed to depth surface through velocity interpolation. Coherence was calculated on the 3-D seismic data by semblance method. Spatial distribution of the coherence is captured easily in 3-D visualization. Comparing to a time-slice of seismic data, distinctive stratigraphic features could be correctly recognized on the 3-D visualization.

• Journal of Internet Computing and Services
• /
• v.10 no.3
• /
• pp.113-129
• /
• 2009

Abstract Corporate activities are composed of numerous working processes and during the working flow, various business processes are being created and completed simultaneously. Enterprise Resources Planning (ERP) makes the working process simple, yet creates more complicated work structure and therefore, there is an absolute need of efficient management for business processes. The workflow literature has been looking for efficient and effective ways of rediscovering and mining workflow intelligence and knowledge from their enactment histories and event logs. As part of studies to analyze and improve the process, the concepts of 'Process Mining', 'Process re-discovery', 'BPR (Business Process Reengineering)' have appeared and the studies for practical implementation are proactively being done. However, these studies normally follow the approach throughout data warehousing for log data of process instances. It is very hard for these approaches to reflect user's intention to the rediscovering and mining activities. The process instances designed based on the consideration of analysis can make groupings effectively and when the analysis demand of user changes within the analysis domain can also reduce the cost of analysis. Therefore, the thesis proposes a special type of workflow model, which is called a colored workflow model, that is extended from the ICN (information control net) modeling methodology by reinforcing the concept of colored token. The colored tokens represent the conceptual types of constraints and criteria that can be used to classifying and grouping the workflow intelligence and knowledge extracted from the corresponding workflow models' enactment histories and event logs. Through the runtime information of process instances, it makes possible to analyze proactive and user-oriented process with the goal of deriving business knowledge from the beginning of process definition.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.471-484
• /
• 2018

Recently, cyber threats are frequently occurring in ICS(industrial control systems) of government agencies, infrastructure, and manufacturing companies. In order to cope with such cyber threats, it is necessary to apply CTI to ICS. For this purpose, a security information collection system is needed. However, it is difficult to install security solution in control devices such as PLC. Therefor, it is difficult to collect security information of ICS. In addition, there is a problem that the security information format generated in various assets is different. Therefore, in this paper, we propose an efficient method to collect ICS security information. We utilize CybOX/STIX/TAXII CTI models that are easy to apply to ICS. Using this model, we designed the formats to collect security information of ICS assets. We created formats for system logs, IDS logs, and EWS application logs of ICS assets using Windows and Linux. In addition, we designed and implemented a security information collection system that reflects the designed formats. This system can be used to apply monitoring system and CTI to future ICS.

• The Journal of Society for e-Business Studies
• /
• v.18 no.2
• /
• pp.191-203
• /
• 2013

Today, information technologies have been applied to operations in container terminals, and it is possible to collect operational log data due to development of equipment and operations technology. Terminal operators are collecting event log data and try to figure out the way of resolving operations problems. Operators want to analyze event logs to determine the causes of the operation problems, but it can hardly be done manually. In this paper, we suggest a formal framework to evaluate performance measures using the collected log data of operations in container terminals. The proposed formal framework supports different container terminal layout, operational processes, and equipment. Our formal framework is composed of specification of terminal layout, log data, workflow, statistics, and report, based on the concept of container handling objects. For validation of our framework, we have implemented a terminal performance analysis system based on the proposed framework.

• Journal of Digital Convergence
• /
• v.16 no.7
• /
• pp.461-467
• /
• 2018

The purpose of this study was to identify the analysis of the difference between accident type and injury type on ski resort. In order to achieve this purpose, a total of 522 persons recorded in the safety accident logs of two ski resorts located in Gyeonggi - do in 2016-2017 winter season by the purposeful sampling method. Frequency analysis, chi-square test were executed using SPSS Statistics 21.0 Version. As the results, the following conclusion was derived. First, injury part differ statistically and significantly according to both socio-demographic variables(lesson experience). Second, injury type differ statistically and significantly according to both socio-demographic variables(event, lesson experience, event${\times}$age, lesson experience${\times}$gender). Lastly, both injury part and injury type differ statistically and significantly according to Slope course.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.9
• /
• pp.2272-2279
• /
• 2014

Mobile applications are software systems running on handheld devices, such as smartphones, PDAs, tablets and so on. The market of mobile application has rapidly expanded in the past few years. In this paper, we present a novel approach to track smartphone application usage from a event logs on the mobile device and analyzed both on client system and usage analysis server. We implemented our client system on Android device based usage analytics platform. Based on the analysis server system, we obtained over 47,000 user base, and we get the user's app usage informations on realtime. In this paper, we describe a large scale deployment-based research for a smartphone usage patterns and usage information visualization techniques.

• Ocean Systems Engineering
• /
• v.9 no.3
• /
• pp.329-347
• /
• 2019

The shipbuilding industry is characterized by order production, and various processes are performed simultaneously in the construction of ships. Therefore, effective management of the production process and productivity improvement form important key factors in the industry. For decades, researchers and process managers have attempted to improve processes by using business process analysis (BPA). However, conventional BPA is time-consuming, expensive, and mainly based on subjective results generated by employees, which may not always correspond to the actual conditions. This paper proposes a method to improve the production process of offshore plant modules by analysing the process mining data obtained from the shipbuilding industry. Process mining uses information accumulated from the system-provided event logs to generate a process model and determine the values hidden within the process. The discovered process is visualized as a process model. Subsequently, alternatives are proposed by brainstorming problems (such as bottlenecks or idle time) in the process. The results of this study can aid in productivity improvement (idle time or bottleneck reduction in the production process) in conjunction with a six-sigma technique or ERP system. In future, it is necessary to study the standardization of the module production processes and development of the process monitoring system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.2
• /
• pp.404-412
• /
• 2011

More recently, variety RFID (Radio Frequency Identification) readers are produced by RFID equipment manufactures. Although a transmission standard instituted by EPCglobal is proposed for data transmission between the RFID readers and tags, other RFID reader protocols and the communication connection methods are be in use in other RFID companies. To replace or add the RFID readers of an RFID system, the developers should make changes to the core of the application and/or middleware. In this paper, we propose an RFID reader framework which can manage RFID readers without having to make changes the code of the application in environment with the growing number of heterogeneous RFID readers.This framework that sits on the layer between the RFID readers and the applications provides transparency to the RFID readers. Additionally, it can be used for monitoring the state and the property of all connected RFID, and for recording the RFID tag event logs and system logs. By using this framework, heterogeneous readers can be replaced and added without writing additional code in the applications. Consequently the readers can be easily managed and controlled by the RFID system administrator.

• Journal of Internet Computing and Services
• /
• v.11 no.6
• /
• pp.73-86
• /
• 2010

In proportion to the rapid increase in the number of Web users, web attack techniques are also getting more sophisticated. Therefore, we need not only to detect Web attack based on the log analysis but also to extract web attack events from audit information such as Web firewall, Web IDS and system logs for detecting abnormal Web behaviors. In this paper, web attack detection system was designed and implemented based on integrated web audit data for detecting diverse web attack by generating integrated log information generated from W3C form of IIS log and web firewall/IDS log. The proposed system analyzes multiple web sessions and determines its correlation between the sessions and web attack efficiently. Therefore, proposed system has advantages on extracting the latest web attack events efficiently by designing and implementing the multiple web session and log correlation analysis actively.