• Journal of Information Science Theory and Practice
• /
• v.7 no.1
• /
• pp.52-71
• /
• 2019

An insider threat is a threat that comes from people within the organization being attacked. It can be described as a function of the motivation, opportunity, and capability of the insider. Compared to managing the dimensions of opportunity and capability, assessing one's motivation in committing malicious acts poses more challenges to organizations because it usually involves a more obtrusive process of psychological examination. The existing body of research in psycholinguistics suggests that automated text analysis of electronic communications can be an alternative for predicting and detecting insider threat through unobtrusive behavior monitoring. However, a major challenge in employing this approach is that it is difficult to minimize the risk of missing any potential threat while maintaining an acceptable false alarm rate. To deal with the trade-off between the risk of missed catches and the false alarm rate, we propose a unified psycholinguistic framework that consolidates multiple text analyzers to carry out sentiment analysis, emotion analysis, and topic modeling on electronic communications for unobtrusive psychological assessment. The user scenarios presented in this paper demonstrated how the trade-off issue can be attenuated with different text analyzers working collaboratively to provide more comprehensive summaries of users' psychological states.

• Journal of the Korean Society of Safety
• /
• v.37 no.3
• /
• pp.16-23
• /
• 2022

This study aims to provide a fundamental material for identifying fire and no-fire signals using the detection signal characteristics of IoT-based fire-detection systems. Unlike analog automatic fire-detection equipment, IoT-based fire-detection systems employ wireless digital communication and are connected to a server. If a detection signal exceeds a threshold value, the measured values are saved to a server within seconds. This study was conducted with the detection data saved from seven fire accidents that took place in traditional markets from 2020 to 2021, in addition to 233 fire alarm data that have been saved in the K institute from 2016 to 2020. The saved values demonstrated variable and continuous VC-Signals. Additionally, we discovered that the detection signals of two fire accidents in the K institution had a VC-Signal. In the 233 fire alarms that took place over the span of 5 years, 31% of smoke alarms and 30% of temperature alarms demonstrated a VC-Signal. Therefore, if we selectively recognize VC-Signals as fire signals, we can reduce about 70% of false alarms.

• International Journal of Advanced Culture Technology
• /
• v.11 no.1
• /
• pp.110-134
• /
• 2023

North Korea's development and deployment of nuclear weapons increases Pyongyang's diplomatic bargaining leverage. It is a strategic response to counteract the great expansion in US leverage with the collapse of the USSR. Post-Cold War American influence and hegemony is justified partly by claiming victory in successfully containing an allegedly imperialist Soviet Union. The US created and led formal and informal international institutions as part of its decades-long containment grand strategy against the USSR. The US now exploits these institutions to expedite US unilateral global preeminence. Third World regimes perceived as remnants of the Cold War era that resist accommodating to American demands are stereotyped as rogue states. Rogue regimes are criminal offenders who should be brought to justice, i.e. regime change is required. The initiation of summit diplomacy between US President Trump and North Korean leader Kim Jong-un occurred following the January 2018 Hawaiian ballistic missile false alarm. This event and its political consequences illustrate the efficacy of nuclear weapons as bargaining leverage for so-called rogue actors. North Korea is highly unlikely to surrender those weapons that were the instigation for the subsequent summit diplomacy that occurred. A broader, critical trend-focused strategic analysis is necessary to adopt a longer-term view of the on-going Korean nuclear crisis. The aim would be to conceptualize long-term policies that increase the probability that nuclear weapons capability becomes a largely irrelevant issue in interaction between Pyongyang, Seoul, Beijing and Washington.

• Journal of the Korea Safety Management & Science
• /
• v.25 no.4
• /
• pp.87-94
• /
• 2023

This study analyzed and identified various causes of caustic alarms of 163 fire detectors that occurred from January 2019 to December 2021 at domestic semiconductor manufacturing plants equipped with about 30,000 fire detectors, and proposed a new non-fire prevention cause investigation plan by applying the NFPA 921 scientific methodology. The results of the study are as follows. First, in terms of necessary recognition and problem definition, an analog detector and an integrated monitoring system were proposed to quickly determine the location and installation space information of the fire detector. Second, in order to prevent speculative causes and errors in various analyses in terms of data analysis and hypothesis establishment, non-fire reports were classified into five by factor and defined, and the causes of occurrence by factor were classified and proposed. Finally, in terms of hypothesis verification and final hypothesis selection, a non-fire prevention improvement termination process and a final hypothesis verification sheet were proposed to prevent the cause from causing re-error.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.141-145
• /
• 2008

Wireless sensor network (WSN) is expected to be used in many applications. However, sensor nodes still have some secure problems to use them in the real applications. They are typically deployed on open, wide, and unattended environments. An adversary using these features can easily compromise the deployed sensor nodes and use compromised sensor nodes to inject fabricated data to the sensor network (false data injection attack). The injected fabricated data drains much energy of them and causes a false alarm. To detect and drop the injected fabricated data, a filtering-based security method and adaptive methods are proposed. The number of different partitions is important to make event report since they can make a correctness event report if the representative node does not receive message authentication codes made by the different partition keys. The proposed methods cannot guarantee the detection power since they do not consider the filtering scheme. We proposed clustering method for filtering-based secure methods. Our proposed method uses fuzzy system to enhance the detection power of a cluster.

• Journal of KIISE:Software and Applications
• /
• v.33 no.5
• /
• pp.508-524
• /
• 2006

We present our experience of combining, in a realistic setting, a static analyzer with a statistical analysis. This combination is in order to reduce the inevitable false alarms from a domain-unaware static analyzer. Our analyzer named Airac(Array Index Range Analyzer for C) collects all the true buffer-overrun points in ANSI C programs. The soundness is maintained, and the analysis' cost-accuracy improvement is achieved by techniques that static analysis community has long accumulated. For still inevitable false alarms (e.g. Airac raised 970 buffer-overrun alarms in commercial C programs of 5.3 million lines and 737 among the 970 alarms were false), which are always apt for particular C programs, we use a statistical post analysis. The statistical analysis, given the analysis results (alarms), sifts out probable false alarms and prioritizes true alarms. It estimates the probability of each alarm being true. The probabilities are used in two ways: 1) only the alarms that have true-alarm probabilities higher than a threshold are reported to the user; 2) the alarms are sorted by the probability before reporting, so that the user can check highly probable errors first. In our experiments with Linux kernel sources, if we set the risk of missing true error is about 3 times greater than false alarming, 74.83% of false alarms could be filtered; only 15.17% of false alarms were mixed up until the user observes 50% of the true alarms.

• Journal of the Institute of Electronics Engineers of Korea SC
• /
• v.47 no.6
• /
• pp.12-18
• /
• 2010

Automatic Target Detection (ATD) systems that use forward-looking infrared (FLIR) consists of three stages. preprocessing, detection, and clutter rejection. All potential targets are extracted in preprocessing and detection stages. But, this results in a high false alarm rates. To reduce false alarm rates of ATD system, true targets are extracted in the clutter rejection stage. This paper focuses on clutter rejection stage. This paper presents a new clutter rejection technique using PCA features and stochastic features of clutters and targets. PCA features are obtained from Euclidian distances using which potential targets are projected to reduced eigenspace selected from target eigenvectors. CV is used for calculating stochastic features of edges in targets and clutters images. To distinguish between target and clutter, LDA (Linear Discriminant Analysis) is applied. The experimental results show that the proposed algorithm accurately classify clutters with a low false rate compared to PCA method or CV method

• Journal of the Institute of Electronics Engineers of Korea SC
• /
• v.43 no.5 s.311
• /
• pp.80-88
• /
• 2006

In this paper we developed a novel system for automatic detection of mass type breast cancer on dense digital mammogram images. The new approaches presented in this paper are as follows: 1) we presented a method that stably decides the mass center and radius without being affected by image signal irregularity. 2) We developed a radial directional filter that is suitable to process mass image signal. 3) And we developed the multiple feature function based on mass shape spiculation, mass center homogeneity, and mass eccentricity, so as to determine mass-type breast cancer. When the proposed system is applied to dense mammographic images, the true 기arm rate is improved by 10% over a conventional system while the false alarm is increased by 1 per image.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.27 no.11
• /
• pp.82-88
• /
• 2013

It is important to give lightning warning prior to a cloud-to-ground (CG) discharge within an Area of Concern (AOC) because most of lightning damage and victim are usually occurred by the first lightning in the AOC. The aim of this study is to find the optimal operation conditions of the automated lightning warning systems in order to make the best use of the available data. In this paper, the test-operated results of the automated lightning alert and risk management system (ALARM) based on detections of CG discharge and eletrostatic field and optimized at probability of lightning have been described. It was possible to obtain the following warning performance parameters: probability of detection (POD), false alarm ratio (FAR), probability of lightning (POL) and failure-to-warn rate (FTW). The data obtained from trial operation for 5months were not sufficient but the first analysis of domestic lightning warning was carried out. We have observed that the evaluated statistical results through trial operation depend on the various factors such as analysis methods and criteria, topographical conditions, etc. Also we suggest some methods for improvement of POL and POD including the finding of the optimal electric field threshold level to be used, based on the high values of FAR and FTW found in this work.

• The KIPS Transactions:PartC
• /
• v.12C no.4 s.100
• /
• pp.609-616
• /
• 2005

Signature-based Intrusion Detection has many false positive and many difficulties to detect new and changed attacks. Alpha-cut is introduced which reduces false positive with a combination of signature-based IDS and machine learning-based IDS in prior paper [1]. This research is a study of a succession of Alpha-cut, and we introduce Beta-rick in which attacks can be detected but cannot be detected in single signature-based detection. Alpha-cut is a way of increasing detection accuracy for the signature based IDS, Beta-pick is a way which decreases the case of treating attack as normality. For Alpha-cut and Beta-pick we use XIBL as a learning algorithm and also show the difference of result of Sd.5. To describe the value of proposed method we apply Alpha-cut and Beta-pick to signature-based IDS and show the decrease of false alarms.