• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.4
• /
• pp.117-122
• /
• 2021

In recent years, human damage and loss of money due to various disasters such as typhoons, earthquakes, forest fires, landslides, and wars are steadily occurring, and a lot of manpower and funds are required to prevent and recover them. In this paper, we designed and developed a disaster drone system based on artificial intelligence in order to monitor these various disaster situations in advance and to quickly recognize and respond to disaster occurrence. In this study, multiple disaster drones are used in areas where it is difficult for humans to monitor, and each drone performs an efficient search with an optimal path by applying a deep learning-based optimal path algorithm. In addition, in order to solve the problem of insufficient battery capacity, which is a fundamental problem of drones, the optimal route of each drone is determined using Ant Colony Optimization (ACO) technology. In order to implement the proposed system, it was applied to a forest fire situation among various disaster situations, and a forest fire map was created based on the transmitted data, and a forest fire map was visually shown to the fire fighters dispatched by a drone equipped with a beam projector. In the proposed system, multiple drones can detect a disaster situation in a short time by simultaneously performing optimal path search and object recognition. Based on this research, it can be used to build disaster drone infrastructure, search for victims (sea, mountain, jungle), self-extinguishing fire using drones, and security drones.

• Journal of Convergence for Information Technology
• /
• v.12 no.1
• /
• pp.76-82
• /
• 2022

Recently, natural and social disasters in Korea are increasing, and new disasters such as COVID 19 and sinkholes, and large-scale disasters that combine natural and social disasters are occurring frequently. In order to reduce damage caused by disasters and effectively respond to disasters, the importance of disaster safety education is emerging because it is necessary to understand the awareness of disaster situations and the functional response process. Ministry of Public Interior and Security is providing disaster safety education for emergency managers through 54 specialized disaster safety education institutions. There is also a lack of experience facilities. This has a problem in that it makes it difficult for disaster safety personnel to effectively respond to disasters due to lack of experience in actual disaster sites. Also, unlike other education fields, the connection between disaster safety education contents and new technologies such as AI is still lacking. In this study, focusing on natural disaster, the current status and problems of domestic disaster safety education institutions and their contents are investigated and analyzed, and based on this, this study suggested improvement plans for domestic disaster safety education contents such as establishment of a unified disaster safety standard curriculum, production and distribution of disaster safety education experience contents using virtual reality technology and infotainment technology, and development of mobile AI tutoring service.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.20 no.6
• /
• pp.299-312
• /
• 2021

Autonomous vehicles using V2X can drive safely information on areas outside the sensor coverage of autonomous vehicles conventional autonomous vehicles. As V2X technology has emerged as a key component of autonomous vehicles, research on V2X security is actively underway research on risk analysis due to failure of V2X communication is insufficient. In this paper, the service scenario and function of autonomous driving system V2X were derived by presenting the intersection scenario of the autonomous vehicle, the malfunction was defined by analyzing the hazard of V2X. he ISO26262 Part3 process was used to analyze the risk of malfunction of autonomous vehicle V2X. In addition, a fault injection scenario was presented to verify the fail-safe of the simulation-based intersection scenario.

• Journal of Digital Convergence
• /
• v.20 no.4
• /
• pp.377-388
• /
• 2022

Metaverse, realistic virtual space technology has become a hot topic. However, due to the lack of an institutional system to the metaverse environment, concerns are rising over the leakage of industrial confidentiality, including digital assets produced, stored, processed, and transferred within the metaverse. Digital forensics, a technology to defend against hacking attacks in cyberspace, cannot be used in metaverse space, and there is no basis for calculating the extent of damage and tracking responsibility, making it difficult to respond to human resources leakage and cyberhacking effectively. In this paper, we define the scope of industrial confidentiality information and leakage scenario and propose policy and institutional measures based on problems in each metaverse scenario. As a result of the study, it was necessary to prepare a standardized law on Extra-territorial search and seizure issues and a system for collecting cryptocurrency evidence to respond to industrial confidentiality leaks in the metaverse. The study expects to contribute to industrial technology development by preparing in advance for problems that may arise in metaverse technology.

• Journal of Convergence for Information Technology
• /
• v.12 no.5
• /
• pp.116-125
• /
• 2022

Recent aspects of terrorism varies in various ways according to means, targets, and regions. In particular, the 9/11 terrorist attacks in the United States in 2001 changed the paradigm of each country's terrorism, and the South Korea also participated in the enactment and enforcement of the Anti-Terrorism Act in 2016. Based on this, CBRN terrorism is included in general terrorism, and the National Police Agency plays the role of a control tower, and a system supported by related organizations such as the Ministry of Environment is being built and operated. However, restrictions were confirmed in the organizational system, manpower composition, and equipment and materials in operation in preparation for CBRN within the police. Based on the identified limitations, we proposed improvement plans to strengthen the capacity for CBRN terrorism: establishing a dedicated CBRN organization; creating research organization; and securing additional dedicated personnel. Based on this, as an improvement plan to strengthen the capability of CBRN, the establishment of an organization dedicated to CBRN and a research organization within the National Police Agency, and expansion of electronic equipment suitable for the characteristics of CBRN were proposed. It is expected that the police's on-site response capability system for CBRN terrorism will be strengthened via the proposed improvement measures to recover the various restrictions on the response to CBRN terrorism.

• Journal of Convergence for Information Technology
• /
• v.11 no.5
• /
• pp.30-37
• /
• 2021

Various devices are connected to the Internet, and attacks using the Internet are occurring. Among such attacks, there are attacks that use malicious URLs to make users access to wrong phishing sites or distribute malicious viruses. Therefore, how to detect such malicious URL attacks is one of the important security issues. Among recent deep learning technologies, neural networks are showing good performance in image recognition, speech recognition, and pattern recognition. This neural network can be applied to research that analyzes and detects patterns of malicious URL characteristics. In this paper, performance analysis according to various parameters was performed on a method of detecting malicious URLs using neural networks. In this paper, malicious URL detection performance was analyzed while changing the activation function, learning rate, and neural network structure. The experimental data was crawled by Alexa top 1 million and Whois to build the data, and the machine learning library used TensorFlow. As a result of the experiment, when the number of layers is 4, the learning rate is 0.005, and the number of nodes in each layer is 100, the accuracy of 97.8% and the f1 score of 92.94% are obtained.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.39-48
• /
• 2022

Cyberattacks around the world continue to increase, and their damage extends beyond government facilities and affects civilians. These issues emphasized the importance of developing a system that can identify and detect cyber anomalies early. As above, in order to effectively identify cyber anomalies, several studies have been conducted to learn BGP (Border Gateway Protocol) data through a machine learning model and identify them as anomalies. However, BGP data is unbalanced data in which abnormal data is less than normal data. This causes the model to have a learning biased result, reducing the reliability of the result. In addition, there is a limit in that security personnel cannot recognize the cyber situation as a typical result of machine learning in an actual cyber situation. Therefore, in this paper, we investigate BGP (Border Gateway Protocol) that keeps network records around the world and solve the problem of unbalanced data by using SMOTE. After that, assuming a cyber range situation, an autoencoder classifies cyber anomalies and visualizes the classified data. By learning the pattern of normal data, the performance of classifying abnormal data with 92.4% accuracy was derived, and the auxiliary index also showed 90% performance, ensuring reliability of the results. In addition, it is expected to be able to effectively defend against cyber attacks because it is possible to effectively recognize the situation by visualizing the congested cyber space.

• KIPS Transactions on Software and Data Engineering
• /
• v.10 no.11
• /
• pp.449-456
• /
• 2021

An intrusion detection system is a technology that detects abnormal behaviors that violate security, and detects abnormal operations and prevents system attacks. Existing intrusion detection systems have been designed using statistical analysis or anomaly detection techniques for traffic patterns, but modern systems generate a variety of traffic different from existing systems due to rapidly growing technologies, so the existing methods have limitations. In order to overcome this limitation, study on intrusion detection methods applying various machine learning techniques is being actively conducted. In this study, a comparative study was conducted on data preprocessing techniques that can improve the accuracy of anomaly detection using NGIDS-DS (Next Generation IDS Database) generated by simulation equipment for traffic in various network environments. Padding and sliding window were used as data preprocessing, and an oversampling technique with Adversarial Auto-Encoder (AAE) was applied to solve the problem of imbalance between the normal data rate and the abnormal data rate. In addition, the performance improvement of detection accuracy was confirmed by using Skip-gram among the Word2Vec techniques that can extract feature vectors of preprocessed sequence data. PCA-SVM and GRU were used as models for comparative experiments, and the experimental results showed better performance when sliding window, skip-gram, AAE, and GRU were applied.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.115-127
• /
• 2021

With the development of science and technology around the world, the realm of cyberspace, following land, sea, air, and space, is also recognized as a battlefield area. Accordingly, it is necessary to design and establish various elements such as definitions, systems, procedures, and plans for not only physical operations in land, sea, air, and space but also cyber operations in cyberspace. In this research, the importance of cyber targets that can be considered when prioritizing the list of cyber targets selected through intermediate target development in the target development and prioritization stage of targeting processing of cyber operations was selected as a factor to be considered. We propose a method to calculate the score for the cyber target and use it as a part of the cyber target prioritization score. Accordingly, in the cyber target prioritization process, the cyber target importance category is set, and the cyber target importance concept and reference item are derived. We propose a TIR (Target Importance Rank) algorithm that synthesizes parameters such as Event Prioritization Framework based on PageRank algorithm for score calculation and synthesis for each derived standard item. And, by constructing the Stuxnet case-based network topology and scenario data, a cyber target importance score is derived with the proposed algorithm, and the cyber target is prioritized to verify the proposed algorithm.

• Journal of the Korea Society for Simulation
• /
• v.19 no.4
• /
• pp.151-159
• /
• 2010

Currently, by using the Internet, We can do varius things such as Web surfing, email, on-line shopping, stock trading on your home or office. However, as being out of the concept of security from the beginning, it is the big social issues that malicious user intrudes into the system through the network, on purpose to steal personal information or to paralyze system. In addition, network intrusion by ordinary people using network attack tools is bringing about big worries, so that the need for effective and powerful intrusion detection system becomes very important issue in our Internet environment. However, it is very difficult to prevent this attack perfectly. In this paper we proposed the algorithm for the detection of DoS attacks, and developed attack detection tools. Through learning in a normal state on Step 1, we calculate thresholds, the number of packets that are coming to each port, the median and the average utilization of each port on Step 2. And we propose values to determine how to attack detection on Step 3. By programing proposed attack detection algorithm and by testing the results, we can see that the difference between the median of packet mounts for unit interval and the average utilization of each port number is effective in detecting attacks. Also, without the need to look into the network data, we can easily be implemented by only using the number of packets to detect attacks.