• Journal of Internet Computing and Services
• /
• v.18 no.1
• /
• pp.65-75
• /
• 2017

The Detection Model is the model to find the result of a certain purpose using artificial intelligent, data mining, intelligent algorithms In Cyber Security, it usually uses to detect intrusion, malwares, cyber incident, and attacks etc. There are an amount of unlabeled data that are collected in a real environment such as security data. Since the most of data are not defined the class labels, it is difficult to know type of data. Therefore, the label determination process is required to detect and analysis with accuracy. In this paper, we proposed a KDFL(K-means and D-S Fusion based Labeling) method using D-S inference and k-means(unsupervised) algorithms to decide label of data records by fusion, and a detection model architecture using a proposed labeling method. A proposed method has shown better performance on detection rate, accuracy, F1-measure index than other methods. In addition, since it has shown the improved results in error rate, we have verified good performance of our proposed method.

• Journal of Korean Tunnelling and Underground Space Association
• /
• v.21 no.3
• /
• pp.419-432
• /
• 2019

Most of deep learning model training was proceeded by supervised learning, which is to train labeling data composed by inputs and corresponding outputs. Labeling data was directly generated manually, so labeling accuracy of data is relatively high. However, it requires heavy efforts in securing data because of cost and time. Additionally, the main goal of supervised learning is to improve detection performance for 'True Positive' data but not to reduce occurrence of 'False Positive' data. In this paper, the occurrence of unpredictable 'False Positive' appears by trained modes with labeling data and 'True Positive' data in monitoring of deep learning-based CCTV accident detection system, which is under operation at a tunnel monitoring center. Those types of 'False Positive' to 'fire' or 'person' objects were frequently taking place for lights of working vehicle, reflecting sunlight at tunnel entrance, long black feature which occurs to the part of lane or car, etc. To solve this problem, a deep learning model was developed by simultaneously training the 'False Positive' data generated in the field and the labeling data. As a result, in comparison with the model that was trained only by the existing labeling data, the re-inference performance with respect to the labeling data was improved. In addition, re-inference of the 'False Positive' data shows that the number of 'False Positive' for the persons were more reduced in case of training model including many 'False Positive' data. By training of the 'False Positive' data, the capability of field application of the deep learning model was improved automatically.

• Journal of Internet of Things and Convergence
• /
• v.9 no.6
• /
• pp.23-28
• /
• 2023

Windows operating system generates various logs with timestamps. Timestamp tampering is an act of anti-forensics in which a suspect manipulates the timestamps of data related to a crime to conceal traces, making it difficult for analysts to reconstruct the situation of the incident. This can delay investigations or lead to the failure of obtaining crucial digital evidence. Therefore, various techniques have been developed to detect timestamp tampering. However, there is a limitation in detection if a suspect is aware of timestamp patterns and manipulates timestamps skillfully or alters system artifacts used in timestamp tampering detection. In this paper, a method is designed to detect changes in timestamps, even if a suspect alters the timestamp of a file on a storage device, it is challenging to do so with precision beyond millisecond order. In the proposed detection method, the first step involves verifying the timestamp of a file suspected of tampering to determine its write time. Subsequently, the confirmed time is compared with the file size recorded within that time, taking into consideration the performance of the storage device. Finally, the total capacity of files written at a specific time is calculated, and this is compared with the maximum input and output performance of the storage device to detect any potential file tampering.

• Journal of the Korean Crystal Growth and Crystal Technology
• /
• v.9 no.2
• /
• pp.212-216
• /
• 1999

SiC(3C) photodiodes (PDs) were fabricated on p-type Si(111) substrates using chemical vapor deposition (CVD) technique by pyrolyzing tetramethylsilane (TMS) with $H_{2}$ carrier gas. Electrical properties of SiC(3C) were investigated by Hall measurement and current-voltage (I-V) characteristics. SiC(3C) layers exhibited n-type conductivity. Ohmic contact was formed by thermal evaporation Al metal through a shadow-mask. The optical gain $(G_{op})$ of the SiC(3C)/Si PD was measured as a function of the incident wavelength. For the analysis of the photovoltaic detection of the Sic(3C) n/p PD, the spectral response (SR) has calculated by using the electrical parameters of the SiC(3C) layer and the geometric structure of the PD. The peak response calculated for properly chosen parameters was about 0.75 near 550 nm. We expect a good photoresponse in the SiC(3C) heterostructure for the wavelength range of 400~600 nm. The SiC(3C) photodiode can detect blue and near ultraviolet (UV) radiation.

• Journal of the Korea Convergence Society
• /
• v.8 no.1
• /
• pp.1-6
• /
• 2017

In this paper, we propose a new method for a correlative phase comparison direction finding(DF) which detects the arrival direction of radio waves by data fusing the calculated phase difference and the measured phase difference between the antennas when the radio waves are incident on the circular array antenna composed of 7 antennas respectively. The correlation type phase comparison method uses a uniform circular array(UCA) and a linear array method. The phase difference data calculated formally and the phase difference data measured in the test environment are fused with a correlation function, therefore, it is superior to the currently used phase comparison direction detection method. When the signal-to-noise ratio (SNR) of the received signal is 20dB and the inter-antenna distance to the wavelength of the received signal($L/{\lambda}$) is 0.5, the accuracy of the correlative DF is $1.7^{\circ}$ while measurement phase comparison's is larger than $2.5^{\circ}$, It can be used for electromagnetic signal monitoring and military direction detection.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.6
• /
• pp.1148-1152
• /
• 2012

In this paper, we propose an intelligent surveillance system using fuzzy contrast and HOG method. This surveillance system is mainly for the intruder detection. In order to enhance the brightness difference, we apply fuzzy contrast and also apply subtraction method to before/after the surveillance. Then the system identifies the intrusion when the difference of histogram between before/after surveillance is sufficiently large. If the incident happens, the camera stops automatically and the analysis of the screen is performed with fuzzy binarization and Blob method. The intruder is detected and tracked in real time by HOG method and linear SVM. The proposed system is implemented and tested in real world environment and showed acceptable performance in both detection rate and tracking success rate.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1069-1086
• /
• 2013

Nowadays, web defacement becomes the utmost threat which can harm the target organization's image and reputation. These defacement activities reflect the hacker's political motivation or his tendency. Therefore, the analysis of the hacker's activities can give the decisive clue to pursue criminals. A specific message or photo or music on the defaced web site and the outcome of analysis will be supplying some decisive clues to track down criminals. The encoding method or used fonts of the remained hacker's messages, and hacker's SNS ID such as Twitter or Facebook ID also can help for tracking hackers information. In this paper, we implemented the web defacement analysis system by applying CBR algorithm. The implemented system extracts the features from the web defacement cases on zone-h.org. This paper will be useful to understand the hacker's purpose and to plan countermeasures as a IDSS(Investigation Detection Support System).

• Journal of the Computational Structural Engineering Institute of Korea
• /
• v.17 no.3
• /
• pp.261-269
• /
• 2004

The existing concrete beams can be retrofitted or reinforced by attaching carbon fiber or glass fiber sheet beneath the beams. Although diverse design methods and application techniques of the retrofitting are studied and developed, the testing method of examining retrofitted beams have not been put into practice yet. In this study, a bond delamination has been modeled and studied to provide a basis for the development of actual testing equipments. For this purpose, Gaussian and sinusoidal waves with 3GHz and 5GHz center frequency are used as an incident wave and 1mm and 3mm bond delamination under the reinforcement are modeled. In the modeling, Finite Difference-Time Domain algorithm is used to investigate the behavior of electromagnetic waves in concrete. The results have shown that 5GHz waves are suitable for the detection of delamination.

• Journal of Radiation Protection and Research
• /
• v.9 no.2
• /
• pp.55-60
• /
• 1984

The optimum etching condition of allyl diglycol carbonate (CR-39) for detecting the 60 MeV N-ions was determined as $70^{\circ}C$, 20% NaOH for 130min, by considering the variations of track density and diameter. Under these conditions, the maximum detectable track density was $1.7{\times}10^7tr/cm^2$. Track densities were linearly increased with increase of the total charge of the incident 60 MeV N-ions. By considering the scattring of N-ions as the Rutherford elastic scattering of point source, the measured relative probability was well consistent with the calculated value. The detection efficiency of CR-39 was in the range of 54-41% for 60 MeV N-ions of 12 nC-100 nC.

• Journal of Radiation Protection and Research
• /
• v.43 no.3
• /
• pp.85-96
• /
• 2018

Background: A variety of inorganic scintillators have been developed and improved for use in radiation detection and measurement, and in situ gamma-ray spectrometry in the environment remains an important area in nuclear safety. In order to verify the feasibility of promising scintillators in an actual environment, a performance test is necessary to identify gamma-ray peaks and calculate the radioactivity from their net count rates in peaks. Materials and Methods: Among commercially available scintillators, $LaBr_3(Ce)$ scintillators have so far shown the highest energy resolution when detecting and identifying gamma-rays. However, the intrinsic background of this scintillator type affects efficient application to the environment with a relatively low count rate. An algorithm to subtract the intrinsic background was consequently developed, and the in situ calibration factor at 1 m above ground level was calculated from Monte Carlo simulation in order to determine the radioactivity from the measured net count rate. Results and Discussion: The radioactivity of six natural radionuclides in the environment was evaluated from in situ gamma-ray spectrometry using an $LaBr_3(Ce)$ detector. The results were then compared with those of a portable high purity Ge (HPGe) detector with in situ object counting system (ISOCS) software at the same sites. In addition, the radioactive cesium in the ground of Jeju Island, South Korea, was determined with the same assumption of the source distribution between measurements using two detectors. Conclusion: Good agreement between both detectors was achieved in the in situ gamma-ray spectrometry of natural as well as artificial radionuclides in the ground. This means that an $LaBr_3(Ce)$ detector can produce reliable and stable results of radioactivity in the ground from the measured energy spectrum of incident gamma-rays at 1 m above the ground.