• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권11호
• /
• pp.4644-4661
• /
• 2015

Wireless sensor networks are often organized in the form of clusters leading to the new framework of WSN called cluster or hierarchical WSN where each cluster head is responsible for its own cluster and its members. These hierarchical WSN are prone to various routing layer attacks such as Black hole, Gray hole, Sybil, Wormhole, Flooding etc. These routing layer attacks try to spoof, falsify or drop the packets during the packet routing process. They may even flood the network with unwanted data packets. If one cluster head is captured and made malicious, the entire cluster member nodes beneath the cluster get affected. On the other hand if the cluster member nodes are malicious, due to the broadcast wireless communication between all the source nodes it can disrupt the entire cluster functions. Thereby a scheme which can detect both the malicious cluster member and cluster head is the current need. Abnormal energy consumption of nodes is used to identify the malicious activity. To serve this purpose a learning based energy prediction algorithm is proposed. Thus a two level energy prediction based intrusion detection scheme to detect the malicious cluster head and cluster member is proposed and simulations were carried out using NS2-Mannasim framework. Simulation results achieved good detection ratio and less false positive.

• 디지털산업정보학회논문지
• /
• 제14권1호
• /
• pp.35-43
• /
• 2018

MANET composed of only wireless nodes is increasingly utilized in various fields. However, it is exposed to many security vulnerabilities because it doesn't have any infrastructure and transmits data by using multi-hop method. Therefore, MANET should be applied the intrusion detection technique that can detect efficiently malicious nodes and decrease impacts of various attacks. In this paper, we propose a distributed intrusion detection technique that can detect the various attacks while improving the efficiency of attack detection and reducing the false positive rate. The proposed technique uses the cluster structure to manage the information in the center and monitor the traffic of their neighbor nodes directly in all nodes. We use three parameters for attack detection. We also applied an efficient authentication technique using only key exchange without the help of CA in order to provide integrity when exchanging information between cluster heads. This makes it possible to free the forgery of information about trust information of the nodes and attack nodes. The superiority of the proposed technique can be confirmed through comparative experiments with existing intrusion detection techniques.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권9호
• /
• pp.4271-4294
• /
• 2018

Communication cost is the most important factor in Wireless Sensor Networks (WSNs), as exchanging control keying messages consumes a large amount of energy from the constituent sensor nodes. Time-based Dynamic Keying and En-Route Filtering (TICK) can reduce the communication costs by utilizing local time values of the en-route nodes to generate one-time dynamic keys that are used to encrypt reports in a manner that further avoids the regular keying or re-keying of messages. Although TICK is more energy efficient, it employs no re-encryption operation strategy that cannot determine whether a healthy report might be considered as malicious if the clock drift between the source node and the forwarding node is too large. Secure SOurce-BAsed Loose Synchronization (SOBAS) employs a selective encryption en-route in which fixed nodes are selected to re-encrypt the data. Therefore, the selection of encryption nodes is non-adaptive, and the dynamic network conditions (i.e., The residual energy of en-route nodes, hop count, and false positive rate) are also not focused in SOBAS. We propose an energy efficient selection of re-encryption nodes based on fuzzy logic. Simulation results indicate that the proposed method achieves better energy conservation at the en-route nodes along the path when compared to TICK and SOBAS.

• Clinical and Experimental Pediatrics
• /
• 제49권2호
• /
• pp.136-143
• /
• 2006

The relationship between H. pylori(Hp) infection and recurrent abdominal pain(RAP) in children is not clear. Current data in the literature regarding a causal relationship between Hp infection and childhood RAP are conflicting. However, meta-analysis and most of the recently published studies have not supported an association between Hp infection and an increased prevalence of abdominal pain. Most published studies have some problems and have been criticized on methodological grounds. Most of the existing studies have not been designed to include double-blind placebo controls. And, because of the low incidence of Hp infection in children, they have a problem of obtaining sufficient numbers of the Hp infected children. There is also a concern about the heterogeneity of testing methodology in the studies and diagnostic accuracy problems of the non-invasive tests such as low sensitivity of the serology tests and false positive results of the UBT in children. And conflicting results may be explained, in part, by the poor definition of RAP or dyspepsia for the study subjects. To date, no consensus exists for the treatment of Hp-infected children with RAP. Some authors suggest the clinical efficacy of Hp. But others suggest that eradication of Hp is not associated with improvement of RAP. The problem of the most treatment studies is that they had usually no control groups and the number of the subjects was small. In order to make reasonable decisions about treatment of Hp infection in children with RAP, long-term, randomized, double blind, well controlled studies in large numbers of children will be required.

• Journal of Information Processing Systems
• /
• 제1권1호
• /
• pp.14-21
• /
• 2005

Even though mainly statistical methods have been used in anomaly network intrusion detection, to detect various attack types, machine learning based anomaly detection was introduced. Machine learning based anomaly detection started from research applying traditional learning algorithms of artificial intelligence to intrusion detection. However, detection rates of these methods are not satisfactory. Especially, high false positive and repeated alarms about the same attack are problems. The main reason for this is that one packet is used as a basic learning unit. Most attacks consist of more than one packet. In addition, an attack does not lead to a consecutive packet stream. Therefore, with grouping of related packets, a new approach of group-based learning and detection is needed. This type of approach is similar to that of multiple-instance problems in the artificial intelligence community, which cannot clearly classify one instance, but classification of a group is possible. We suggest group generation algorithm grouping related packets, and a learning algorithm based on a unit of such group. To verify the usefulness of the suggested algorithm, 1998 DARPA data was used and the results show that our approach is quite useful.

• Nuclear Engineering and Technology
• /
• 제49권6호
• /
• pp.1358-1367
• /
• 2017

The data integration with modeled predictions (DIMP) model is a promising inverse radiation transport method for solving the special nuclear material (SNM) holdup problem. Unlike previous methods, DIMP is a completely passive nondestructive assay technique that requires no initial assumptions regarding the source distribution or active measurement time. DIMP predicts the most probable source location and distribution through Bayesian inference and quasi-Newtonian optimization of predicted detector responses (using the adjoint transport solution) with measured responses. DIMP performs well with forward hemispherical collimation and unshielded measurements, but several considerations are required when using narrow-view collimated detectors. DIMP converged well to the correct source distribution as the number of synthetic responses increased. DIMP also performed well for the first experimental validation exercise after applying a collimation factor, and sufficiently reducing the source search volume's extent to prevent the optimizer from getting stuck in local minima. DIMP's simple point detector response function (DRF) is being improved to address coplanar false positive/negative responses, and an angular DRF is being considered for integration with the next version of DIMP to account for highly collimated responses. Overall, DIMP shows promise for solving the SNM holdup inverse problem, especially once an improved optimization algorithm is implemented.

• 전기전자학회논문지
• /
• 제22권4호
• /
• pp.1175-1179
• /
• 2018

본 논문에서는 뇌파 신호를 이용하여 환자의 경련을 감지하는 순환 CNN (Convolutional Neural Networks)을 제안한다. 제안 된 방법은 뇌파 신호의 스펙트럼 특성과 전극의 위치를 보존하기 위해 영상으로 데이터를 매핑하여 처리하였다. 스펙트럼 전처리 과정을 거친 후 CNN에 입력하고 공간 및 시간 특성을 웨이블릿 변환(wavelet transform)없이 추출하여 발작을 검출하였다. 여기에 사용된 보스턴 매사추세츠 공과 대학 (Boston Massachusetts Institute of Technology, CHB-MIT) 아동 병원의 데이터셋 결과는 시간당 0.85의 민감도와 90 %의 위양성 비율 (FPR)을 보였다.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2022년도 추계학술대회
• /
• pp.54-57
• /
• 2022

대한민국은 산불의 위험으로부터 취약한 환경을 가지고 있으며, 이로 인해 매년 큰 피해가 발생하고 있다. 이를 예방하기 위해 많은 인력을 활용하고 있으나 효과가 미흡한 실정이다. 만약 인공지능 기술을 통해 산불을 조기 발견해 진화된다면 재산 및 인명피해를 막을 수 있다. 본 논문에서는 산불의 피해를 최소화하기 위한 오브젝트 디텍션 모델을 제작하는 과정에서 발생하는 데이터 수집과 가공 과정을 최소화하는 목표로 한 객체 이중 탐지 방법을 연구했다. YOLOv5에서 한정된 이미지를 학습한 단일 모델을 통해 일차적으로 원본 이미지를 탐지하고, 원본 이미지에서 탐지된 객체를 Crop을 통해 잘라낸다. 이렇게 잘린 이미지를 재탐지하는 객체 이중 탐지 방법을 통해 오 탐지 객체 탐지율의 개선 가능성을 확인했다.

• 한국인터넷방송통신학회논문지
• /
• 제17권4호
• /
• pp.11-17
• /
• 2017

최근 많은 기업 및 기관에서 내부정보가 유출되는 사고가 지속적으로 발생하고 있으며, 이러한 내부정보 유출사고는 대부분 권한 있는 내부자에 의해 발행하고 있다. 본 논문에서는 은닉 마르코프 모델(HMM)을 이용하여 내부자의 정상행위에서 생성된 정보를 모델링한 후 내부자들의 비정상행위를 탐지하는 내부정보 유출 탐지 기법에 대해 제안한다. 보안시스템들의 로그를 통해 내부자들의 행위에 대한 특징을 추출하여 입력 시퀀스를 생성하고, HMM 모델에 학습하여 정상행위에 대한 모델을 생성한다. 이상행위에 대한 판정은 사용자 행위에 대한 관측열을 정상행위 모델에 적용하여 확률값을 계산하고, 이 값을 특정 임계값과 비교하여 이상행위를 탐지한다. 실험을 통해 내부자 정보유출 행위를 탐지하기 위한 최적의 HMM 매개변수를 결정하였고, 실험결과 제안한 시스템이 내부자 정보유출 행위에 대해 20%의 오탐율과 80%의 탐지율을 보여주었다.

• Spatial Information Research
• /
• 제21권3호
• /
• pp.31-43
• /
• 2013

벡터 맵 데이터는 다른 멀티미디어에 비하여 높은 가치를 지님에도 불구하고 데이터의 불법복제와 저작권에 대한 인식과 연구는 미비한 실정이다. 본 연구에서는 벡터 맵 데이터의 저장 구조를 고려하여 다양한 공격에 대하여 강인한 워터마킹 기법을 제안하고자 한다. 워터마킹 알고리즘의 설계를 위하여 여섯 가지 접근 방법을 고안하였다(포인트 기반의 접근, 최소 둘레 삼각형 구성, 길이 비율에 대한 워터마크 삽입, 워터마크 이미지의 위치를 참조, 그룹화, 일방함수의 사용). 제안 방법은 입력 효과성, 오검출률, 충실도의 특성을 만족하고 강인성 측면에서 노이즈 첨가를 제외한 모든 공격에서 강인함을 보였다. 또한 제안 방법은 원본 데이터가 필요 없는 Blind 방식이며, 데이터 의존적이지 않은 장점을 갖는다. 추가로 단순화 공격에 대하여 단순화 정도가 심해짐에 따라 강인성이 저하되는 선행 연구의 문제점을 해결할 수 있었다.