• Journal of the Korea Society of Computer and Information
• /
• v.14 no.5
• /
• pp.65-75
• /
• 2009

The development of IT technology, Internet popularity is increasing geometrically. However, as its side effect, the intrusion behaviors such as information leakage for key system and infringement of computation network etc are also increasing fast. The attack traffic detection method which is suggested in this study utilizes the Snort, traditional NIDS, filters the packet with false positive among the detected attack traffics using Nmap information. Then, it performs the secondary filtering using nessus vulnerability information and finally performs correlation analysis considering appropriateness of management system, severity of signature and security hole so that it could reduce false positive alarm message as well as minimize the errors from false positive and as a result, it raised the overall attack detection results.

• Journal of KIISE
• /
• v.44 no.2
• /
• pp.171-178
• /
• 2017

In this study, we propose an automated unit test generation technique for detecting vulnerabilities of Android kernel modules. The technique automatically generates unit test drivers/stubs and unit test inputs for each function of Android kernel modules by utilizing dynamic symbolic execution. To reduce false alarms caused by function pointers and missing pre-conditions of automated unit test generation technique, we develop false alarm reduction techniques that match function pointers by utilizing static analysis and generate pre-conditions by utilizing def-use analysis. We showed that the proposed technique could detect all existing vulnerabilities in the three modules of Android kernel 3.4. Also, the false alarm reduction techniques removed 44.9% of false alarms on average.

• International Journal of Naval Architecture and Ocean Engineering
• /
• v.13 no.1
• /
• pp.187-193
• /
• 2021

In order to solve the problem of false terrains caused by environmental interferences and tunneling effect in the conventional multi-beam seafloor terrain detection, this paper proposed a seafloor topography detection method based on fast two-dimensional (2D) Censored Mean Level Detector-statistics Constant False Alarm Rate (CMLD-CFAR) method. The proposed method uses s cross-sliding window. The target occlusion phenomenon that occurs in multi-target environments can be eliminated by censoring some of the large cells of the reference cells, while the remaining reference cells are used to calculate the local threshold. The conventional 2D CMLD-CFAR methods need to estimate the background clutter power level for every pixel, thus increasing the computational burden significantly. In order to overcome this limitation, the proposed method uses a fast algorithm to select the Regions of Interest (ROI) based on a global threshold, while the rest pixels are distinguished as clutter directly. The proposed method is verified by experiments with real multi-beam data. The results show that the proposed method can effectively solve the problem of false terrain in a multi-beam terrain survey and achieve a high detection accuracy.

• Journal of Korean Biological Nursing Science
• /
• v.20 no.4
• /
• pp.228-235
• /
• 2018

Purpose: This study aimed to investigate the clinical alarm occurrence and management of nurses toward clinical alarms in the intensive care unit (ICU). Methods: This observational study was conducted with 40 patients and nurses cases in two ICUs of a university hospital. This study divided 24 hours into the unit of an hour and conducted two times of direct observation per unit hour for 48 hours targeting the medical devices applied to 40 patients. Data were analyzed using IBM SPSS Statistics 23. Results: On average, 3.8 units of medical devices were applied for each patient and the ranges of alarm settings were wide. During 48 hours, 184 cases of clinical alarm were occurred by four types of medical devices including physiological monitors, mechanical ventilators, infusion pumps, and continuous renal replacement therapy. Among them, false alarm was 110 cases (59.8%). As for the alarm management by ICU nurses, two-minute alarm mute took up most at 38.0% (70 cases), and no response was second most at 32.6% (60 cases). When valid alarm sounded, nurses showed no response at 43.2%. Conclusion: The findings suggest that a standard protocol for alarm management should be developed for Korean ICU settings. Based on the protocol, continuous training and education should be provided to nurses for appropriate alarm management.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.5
• /
• pp.1616-1626
• /
• 2010

This paper will show how self-alarming EAS(Electronic Article Surveillance) system can improve its receiving performance of magnetic field signal and reduce false alarm using dual-band wireless communication. Our research improved the receiving performance and the areas of recognition of magnetic signal through the change of VLF receiving circuit and alarm transmitting method. In addition, we verified the reduction of false alarm by improvement of integrity and distance between tag and receiver through experiment. Thanks to our research, we can build the high performance and economical EAS with low false alarm on the multi gate store.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.8C
• /
• pp.529-535
• /
• 2011

After permission for utilization of TV white space by FCC, a lot of attentions are focused on spectrum sensing, and various spectrum sensing methods have been proposed. However, they do not consider real environment, thus they are hard to achieve the required performance. In this paper, we propose resolutions for the problem which could be occurred in implementation of spectrum sensing module and verify performance of the proposed methods with computer simulation. The first proposed method utilizes channel status information to separate received signal and spurious for reducing false alarm probability caused by system internal spurious. The another proposed scheme is subband normalization method to prevent miss detection caused by multiple narrow band signals with different received signal strength. The simulation results verify that we can prevent false alarm cause by spurious components with the proposed system internal spurious cognition. Moreover, the proposed subband normalization method shows that it could overcome performance degradation caused by received signal strength difference.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.23 no.5
• /
• pp.444-450
• /
• 2013

For intelligent vehicle technology, it is very important to recognize the states of around vehicles and assess the collision risk for safety driving of the vehicle. Specifically, it is very fatal the collision with the vehicle coming from opposite direction. In this paper, a centerlane violation prediction method is proposed. Only radar signal based prediction makes lots of false alarm cause of measurement noise and the false alarm can make more danger situation than the non-prediction situation. We proposed the novel prediction method using IMM algorithm and fuzzy logic to increase accuracy and get rid of false positive. Fuzzy logic adjusts the radar signal and the IMM algorithm appropriately. It is verified by the computer simulation that shows stable prediction result and fewer number of false alarm.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10a
• /
• pp.307-309
• /
• 2004

침입탐지시스템에서 발생되는 오 경보는 false positive 와 false negative 로 구분된다. false positive는 실제적인 공격은 아니지만 공격이라고 오인하여 경보를 발생시켜 시스템의 효율성을 떨어뜨리기 때문에 false positive 패턴에 대한 분석이 필요하다. 오 경보 데이터는 시간이 지남에 따라 데이터의 양뿐만 아니라 데이터 패턴의 특성 또한 변하게 된다 따라서 새로운 데이터가 추가될 때마다 오 경보 데이터의 패턴을 분석할 수 있는 도구가 필요하다. 이 논문에서는 오 경보 데이터로부터 false positive 의 패턴을 분석할 수 있는 프레임워크에 대해서 기술한다. 우리의 프레임워크는 시간이 지남에 따라 변하는 데이터의 패턴 특성을 분석할 수 있도록 하기 위해 점진적 연관규칙 기법을 적용한다. 이 프레임워크를 통해서 false positive 패턴 특성의 변화를 효율적으로 관리 할 수 있다.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.52 no.3
• /
• pp.173-180
• /
• 2015

A passive type of fence security system was developed, which was based on electric charge detection technique. The implemented fence security system was installed at outskirts of greenhouse laboratory in the University of Seoul. The purpose of this research is to minimize false alarms by analyzing environmental noise. The existing system determines the intrusion alarm by analyzing the power of amplified signal, but the alarm was seriously affected by natural strong wind and heavy rainfall. The SAU(Signal Analysis Unit) sends input signals to remote server which displays intrusion alarm and stores all the information in database. The environmental noise such as temperature, humidity and wind speed was separately gathered to analyze a correlation with input signal. The input signal was analyzed for frequency characteristic using FFT(Fast Fourier Transform) and the algorithm that differentiate between intrusion alarm and environmental noise signal is improved. The proposed algorithm is applied for the site for one month as the same as the existing algorithm and the false alarm data was gathered and analyzed. The false alarm number was decreased by 98% after new algorithm was applied to the fence. The proposed algorithm improved the reliability at the field regarding environmental noise signal.

• The Journal of the Acoustical Society of Korea
• /
• v.21 no.7
• /
• pp.632-640
• /
• 2002

In this paper, we proposed ACM (Anti-filler confidence measure) to compensate shortcoming of conventional RLJ-CM (RLJ-CM) and NCM (normalized CM), and integrated proposed ACM and conventional NCM using HCM (hybrid CM). Proposed ACM analyzes that FA (false acceptance) happens by the construction method of anti-phone model, and presumed phoneme sequence in actuality using phoneme recognizer to compensate this. We defined this as anti-phone model and used in confidence measure calculation. Analyzing feature of two confidences measure, conventional NCM shows good performance to FR (false rejection) and proposed ACM shows good performance in FA. This shows that feature of each other are complementary. Use these feature, we integrated two confidence measures using weighting vector α And defined this as HCM. In MDR (missed detection rate) 10% neighborhood, HCM is 0.219 FA/KW/HR (false alarm/keyword/hour). This is that Performance improves 22% than used conventional NCM individually.