• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.201-211
• /
• 2022

According to the recent change in the cybersecurity paradigm, research on anomaly detection methods using machine learning and deep learning techniques, which are AI implementation technologies, is increasing. In this study, a comparative study on data preprocessing techniques that can improve the anomaly detection performance of a GRU (Gated Recurrent Unit) neural network-based intrusion detection model using NGIDS-DS (Next Generation IDS Dataset), an open dataset, was conducted. In addition, in order to solve the class imbalance problem according to the ratio of normal data and attack data, the detection performance according to the oversampling ratio was compared and analyzed using the oversampling technique applied with DCGAN (Deep Convolutional Generative Adversarial Networks). As a result of the experiment, the method preprocessed using the Doc2Vec algorithm for system call feature and process execution path feature showed good performance, and in the case of oversampling performance, when DCGAN was used, improved detection performance was shown.

• International Journal of Computer Science & Network Security
• /
• v.23 no.1
• /
• pp.46-52
• /
• 2023

With billions of IoT (Internet of Things) devices populating various emerging applications across the world, detecting anomalies on these devices has become incredibly important. Advanced Intrusion Detection Systems (IDS) are trained to detect abnormal network traffic, and Machine Learning (ML) algorithms are used to create detection models. In this paper, the NSL-KDD dataset was adopted to comparatively study the performance and efficiency of IoT anomaly detection models. The dataset was developed for various research purposes and is especially useful for anomaly detection. This data was used with typical machine learning algorithms including eXtreme Gradient Boosting (XGBoost), Support Vector Machines (SVM), and Deep Convolutional Neural Networks (DCNN) to identify and classify any anomalies present within the IoT applications. Our research results show that the XGBoost algorithm outperformed both the SVM and DCNN algorithms achieving the highest accuracy. In our research, each algorithm was assessed based on accuracy, precision, recall, and F1 score. Furthermore, we obtained interesting results on the execution time taken for each algorithm when running the anomaly detection. Precisely, the XGBoost algorithm was 425.53% faster when compared to the SVM algorithm and 2,075.49% faster than the DCNN algorithm. According to our experimental testing, XGBoost is the most accurate and efficient method.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.1
• /
• pp.99-106
• /
• 2009

Though edge detection, an important stage that significantly affecting the performance of image recognition, has been given numerous researches on its execution methods, it still remains as difficult problem and it is one of the components for image recognition applications while it is not the only way to identify an object or track a specific area. This paper, unlike gradient operator using edge detection method, found out edge pixel by referring to 2 neighboring pixels information in binary image and comparing them with pre-defined 4 edge pixels pattern, and detected binary image edge by determining the direction of the next edge detection exploring pixel and proposed method to detect binary image edge by repeating step of edge detection to detect another area edge. When recognizing image, if edge is detected with the use of gradient operator, thinning process, the stage next to edge detection, can be omitted, and with the edge detection algorithm executing time reduced compared with existing area edge tracing method, the entire image recognizing time can be reduced by applying real-time image recognizing system.

• KIPS Transactions on Software and Data Engineering
• /
• v.5 no.8
• /
• pp.369-376
• /
• 2016

Among various vehicle extraction techniques, OBPCA (Object-Based Point Cloud Analysis) calculates features quickly by coarse-grained rectangles from top-view of the vehicle candidates. However, it uses only a top-view rectangle to detect a vehicle. Thus, it is hard to extract rectangular objects with similar size. For this reason, accuracy issue has raised on the OBPCA method which influences on DEM generation and traffic monitoring tasks. In this paper, we propose a novel method which uses the most distinguishing vertical elevations to calculate additional features. Our proposed method uses same features with top-view, determines new thresholds, and decides whether the candidate is vehicle or not. We compared the accuracy and execution time between original OBPCA and the proposed one. The experiment result shows that our method produces 6.61% increase of precision and 13.96% decrease of false positive rate despite with marginal increase of execution time. We can see that the proposed method can reduce misclassification.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.4
• /
• pp.17-24
• /
• 2014

Detecting data races is important for debugging shared-memory programs with nested parallelism, because races result in unintended non-deterministic executions of the program. It is especially important to detect the first occurred data races for effective debugging, because the removal of such races may make other affected races disappear or appear. Previous dynamic detection tools for first race detecting can not guarantee that detected races are unaffected races. Also, the tools does not consider the nesting levels or need support of other techniques. This paper suggests a post-mortem tool which collects candidate accesses during program execution and then detects the first races to occur on the program after execution. This technique is efficient, because it guarantees that first races reported by analyzing a nesting level are the races that occur first at the level, and does not require more analyses to the higher nesting levels than the current level.

• Journal of IKEEE
• /
• v.20 no.4
• /
• pp.351-360
• /
• 2016

Recently, machine learning algorithms, especially deep learning-based algorithms, have been receiving attention due to its high classification performance. Among the algorithms, Convolutional Neural Network(CNN) is known to be efficient for image processing tasks used for Advanced Driver Assistance Systems(ADAS). However, it is difficult to achieve real-time processing for CNN in vehicle embedded software environment due to the repeated operations contained in each layer of CNN. In this paper, we propose a hardware accelerator which enhances the execution time of CNN by parallelizing the repeated operations such as convolution. Xilinx ZC706 evaluation board is used to verify the performance of the proposed accelerator. For $36{\times}36$ input images, the hardware execution time of CNN is 2.812ms in 100MHz clock frequency and shows that our hardware can be executed in real-time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1365-1373
• /
• 2019

Meltdown and Spectre are vulnerabilities that exploit out-of-order execution and speculative execution techniques to read memory regions that are not accessible with user privileges. OS patches were released to prevent this attack, but older systems without appropriate patches are still vulnerable. Currently, there are some research to detect Meltdown and Spectre attacks, but most of them proposed dynamic analysis methods. Therefore, this paper proposes a binary signature that can be used to detect Meltdown and Spectre malware without executing them. For this, we collected 13 malicious codes from GitHub and performed binary pattern analysis. Based on this, we proposed a static detection method for Meltdown and Spectre malware. Our results showed that the method identified all the 19 attack files with 0.94% false positive rate when applied to 2,317 normal files.

• Journal of the Korean Ceramic Society
• /
• v.46 no.1
• /
• pp.47-52
• /
• 2009

Lime paint surpassing others in execution efficiency, anti-bacterial, anti-mold and small quantity emission of VOCs(Volatile Organic Compounds) characteristics was developed using a limestone as raw materials. The lime paint prepared by mixing slaked lime($37{\sim}40\;wt%$), PVA:EVA(9 wt%:1 wt%), talc(23 wt%), $TiO_2$(14 wt%), zeolite (3 wt%), antifoaming agent(5 wt%), wetting agent (5 wt%) was indicated over 99.8% of anti-bacterial and anti-mold characteristics. Also, the environment-friendly function of the lime paint was confirmed by detection of small amount of TVOCs($0.01\;mg/m^2h$) and formaldehyde($0.008\;mg/m^2h$). Execution efficiency, economy-and environment-friendly characteristics of this lime paint can make up for defects of established paints. And, it also presents the advantage of a limestone as high value added materials.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.67 no.5
• /
• pp.656-662
• /
• 2018

Pattern matching algorithm is widely used in many application fields such as bio-informatics, intrusion detection, etc. Among many string matching algorithms, KMP (Knuth-Morris-Pratt) algorithm is commonly used because of its fast execution time when using large texts. However, the processing speed of KMP algorithm is also limited when the text size increases significantly. In this paper, we propose a high throughput parallel KMP algorithm considering CPU-GPU memory hierarchy based on OpenCL in GPGPU (General Purpose computing on Graphic Processing Unit). We focus on the optimization for the allocation of work-times and work-groups, the local memory copy of the pattern data and the failure table, and the overlapping of the data transfer with the string matching operations. The experimental results show that the execution time of the optimized parallel KMP algorithm is about 3.6 times faster than that of the non-optimized parallel KMP algorithm.

• Journal of KIISE:Software and Applications
• /
• v.37 no.9
• /
• pp.669-675
• /
• 2010

For detecting requirement errors in early system development phase, the behaviors of a system should be described in formal methods and be analyzed with analysis techniques such as reachability analysis and cycle detection. However, since they are usually based on explicit exploration of system state space, state explosion problem may be occurred when a system becomes complex. That is, the memory and execution time for exploration exponentially increase due to a huge state space. In this paper, we analyze the fundamental causes of this problem in concurrent systems and explore the state space without composing concurrent state spaces for reducing the memory requirement for exploration. Also our new technique keeps a visited history minimally for reducing execution time. Finally we represent experimental results which show the efficiency of our technique.