• Journal of Korea Multimedia Society
• /
• v.22 no.6
• /
• pp.684-694
• /
• 2019

Information spread in networks is universal in many real-world phenomena such as propagation of infectious diseases, diffusion of a new technology, computer virus/spam infection in the internet, and tweeting and retweeting of popular topics. The problem of finding the information source is to pick out the true source if information spread. It is of practical importance because harmful diffusion can be mitigated or even blocked e.g., by vaccinating human or installing security updates. This problem has been much studied, where it has been shown that the detection probability cannot be beyond 31% even for regular trees if the number of infected nodes is sufficiently large. In this paper, we study the impact of an anti-information spreading on the original information source detection. We consider an active defender in the network who spreads the anti-information against to the original information simultaneously and propose an inverse Voronoi partition based inference approach, called Voronoi Inference to find the source. We perform various simulations for the proposed method and obtain the detection probability that outperforms to the existing prior work.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.5
• /
• pp.2651-2673
• /
• 2019

In order to detect Denial of Service (DoS) attacks, victim-side detection methods are used popularly such as static threshold-based method and machine learning-based method. However, as DoS attacking methods become more sophisticated, these methods reveal some natural disadvantages such as the late detection and the difficulty of tracing back attackers. Recently, in order to mitigate these drawbacks, source-side DoS detection methods have been researched. But, the source-side DoS detection methods have limitations if the volume of attack traffic is relatively very small and it is blended into legitimate traffic. Especially, with the subtle attack traffic, DoS detection methods may suffer from high false positive, considering legitimate traffic as attack traffic. In this paper, we propose an effective source-side DoS detection method with traffic seasonality aware adaptive threshold. The threshold of detecting DoS attack is adjusted adaptively to the fluctuated legitimate traffic in order to detect subtle attack traffic. Moreover, by understanding the seasonality of legitimate traffic, the threshold can be updated more carefully even though subtle attack happens and it helps to achieve low false positive. The extensive evaluation with the real traffic logs presents that the proposed method achieves very high detection rate over 90% with low false positive rate down to 5%.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.10
• /
• pp.2001-2006
• /
• 2016

The stereo radiation detection system detects the gamma source and acquires two dimensional left and right images for gamma source and visible objects using the detection result. And then the system measures the distance to the radiation source from the system in 3D space using stereo vision algorithm. In this paper, we implemented the fast detection algorithm for gamma source from the system in 3D space to reduce the detection time with image processing algorithms. Additionally, the system's performance is verified through experiments on gamma irradiation facilities. As a result, if the fast detection algorithm applied to the system, we can confirm that the detection system represents a 35% better performance than the conventional detection method that is full scanning to acquire the stereo image. We also have visualized a gamma source distribution through a 3D monitor using the stereo vision algorithm in order to provide the information of radiation spatial distribution to the user efficiently.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.12
• /
• pp.5643-5656
• /
• 2016

The detection accuracy of steganalysis depends on many factors, including the embedding algorithm, the payload size, the steganalysis feature space and the properties of the cover source. In practice, the cover source mismatch (CSM) problem has been recognized as the single most important factor negatively affecting the performance. To address this problem, we propose a new framework for blind, universal steganalysis which uses traditional steganalyst features. Firstly, cover images with the same statistical properties are searched from a reference image database as aided samples. The test image and its aided samples form a whole test set. Then, by assuming that most of the aided samples are innocent, we conduct outlier detection on the test set to judge the test image as cover or stego. In this way, the framework has removed the need for training. Hence, it does not suffer from cover source mismatch. Because it performs anomaly detection rather than classification, this method is totally unsupervised. The results in our study show that this framework works superior than one-class support vector machine and the outlier detector without considering the image retrieval process.

• KNOM Review
• /
• v.23 no.1
• /
• pp.10-17
• /
• 2020

As the threat of Distributed Denial-of-Service attacks that exploit weakly secure IoT devices has spread, research on source-side Denial-of-Service attack detection is being activated to quickly detect the attack and the location of attacker. In addition, a collaborative source-side attack detection technique that shares detection results of source-side networks located at individual sites is also being activated to overcome regional limitations of source-side detection. In this paper, we evaluate the performance of a collaborative source-side DDoS attack detection using statistical weights. The statistical weight is calculated based on the detection rate and false positive rate corresponding to the time zone of the individual source-side network. By calculating weighted sum of the source-side DoS attack detection results from various sites, the proposed method determines whether a DDoS attack happens. As a result of the experiment based on actual DNS request to traffic, it was confirmed that the proposed technique reduces false positive rate 2% while maintaining a high attack detection rate.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.10a
• /
• pp.1103-1105
• /
• 2015

Leaked Radioactive source in nuclear power station, radiation related facilities and the aging nuclear power plant for the dismantling must need to detect and remove early to prevent major accidents. In this paper, we implemented a single sensor-based gamma-ray detectors stereo which can provide the distance to the radiation source, a direction and doserate information for fast and efficient decontamination work the radiation source. And we have carried out an algorithm development for high-speed detection of the detection equipment. Two detectors are required for stereo structure for obtaining the distance information of the radioactive source, but we designed the only sensor-based detection device for the weight reduction. We have extracted the region of interest and obtained the distance calculation result and distribution of radiation source in order to minimize a stereo image acquisition time. Detection time of the algorithm showed a shorter time of about 41%.

• Journal of KIISE:Software and Applications
• /
• v.35 no.7
• /
• pp.442-451
• /
• 2008

Most plagiarism detection systems evaluate the similarity of source codes and detect plagiarized program pairs. If we use the source codes in plagiarism detection, the source code security can be a significant problem. Plagiarism detection based on target code can be used for protecting the security of source codes. In this paper, we propose a new plagiarism detection technique for Java programs using bytecodes without referring their source codes. The plagiarism detection procedure using bytecode consists of two major steps. First, we generate the token sequences from the Java class file by analyzing the code area of methods. Then, we evaluate the similarity between token sequences using the adaptive local alignment. According to the experimental results, we can find the distributions of similarities of the source codes and that of bytecodes are very similar. Also, the correlation between the similarities of source code pairs and those of bytecode pairs is high enough for typical test data. The plagiarism detection system using bytecode can be used as a preliminary verifying tool before detecting the plagiarism by source code comparison.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.705-707
• /
• 2017

Stereo-based spatial radiation detection devices can obtain not only spatial distribution information about the radiation source but also distance information from the detection device to the source. And it provides more efficient information on the source than the existing radiation imaging device. In order to provide high-speed information on the spectrum and type of gamma-ray source, a high-sensitivity detection sensor with high sensitivity is required, and a technique capable of solving the saturation phenomenon at a high dose is needed. In this paper, we constructed a high sensitivity sensor for the measurement of multiple gamma - ray spatial distributions using improved function of detection module to solve saturation to high dose and conducted research to increase the scope of a single detector. The result of this paper improves the performance of gamma ray.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.1-12
• /
• 2022

Besides unexpected growth perceived by IoT's, the variety and volume of threats have increased tremendously, making it a necessity to introduce intrusion detections systems for prevention and detection of such threats. But Intrusion Detection and Prevention System (IDPS) inside the IoT network yet introduces some unique challenges due to their unique characteristics, such as privacy inference, performance, and detection rate and their frequency in the dynamic networks. Our research is focused on the privacy inferences of existing intrusion prevention and detection system approaches. We also tackle the problem of providing unified a solution to implement the open-source IDPS in the IoT architecture for assessing the performance of IDS by calculating; usage consumption and detection rate. The proposed scheme is considered to help implement the human health monitoring system in IoT networks

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.6
• /
• pp.1689-1705
• /
• 2023

To deal with the potential XSS vulnerabilities in the source code of the power communication network, an XSS vulnerability detection method combining the static analysis method with the dynamic testing method is proposed. The static analysis method aims to analyze the structure and content of the source code. We construct a set of feature expressions to match malignant content and set a "variable conversion" method to analyze the data flow of the code that implements interactive functions. The static analysis method explores the vulnerabilities existing in the source code structure and code content. Dynamic testing aims to simulate network attacks to reflect whether there are vulnerabilities in web pages. We construct many attack vectors and implemented the test in the Selenium tool. Due to the combination of the two analysis methods, XSS vulnerability discovery research could be conducted from two aspects: "white-box testing" and "black-box testing". Tests show that this method can effectively detect XSS vulnerabilities in the source code of the power communication network.