• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.6
• /
• pp.1148-1152
• /
• 2012

In this paper, we propose an intelligent surveillance system using fuzzy contrast and HOG method. This surveillance system is mainly for the intruder detection. In order to enhance the brightness difference, we apply fuzzy contrast and also apply subtraction method to before/after the surveillance. Then the system identifies the intrusion when the difference of histogram between before/after surveillance is sufficiently large. If the incident happens, the camera stops automatically and the analysis of the screen is performed with fuzzy binarization and Blob method. The intruder is detected and tracked in real time by HOG method and linear SVM. The proposed system is implemented and tested in real world environment and showed acceptable performance in both detection rate and tracking success rate.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.2 s.40
• /
• pp.351-360
• /
• 2006

Proposed security system attacks it, and detect it, and a filter generation, a business to be prompt of interception filtering dates at attack information public information. inner IPS to attack detour setting and a traffic band security, different connection security system, and be attack packet interceptions and service and port interception setting. Exchange new security rule and packet filtering for switch type implementation through dynamic reset memory by real time, and deal with a packet. The attack detection about DDoS, SQL Stammer, Bug bear, Opeserv worm etc. of the 2.5 Gbs which was an attack of a hacker consisted in network performance experiment by real time. Packet by attacks of a hacker was cut off, and ensured the normal inside and external network resources besides the packets which were normal by the results of active renewal.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.18 no.6
• /
• pp.876-880
• /
• 2008

Outliers are the observations which are very larger or smaller than most observations in the given data set. These are shown by some sources. The result of the analysis with outliers may be depended on them. In general, we do data analysis after removing outliers. But, in data mining applications such as fraud detection and intrusion detection, outliers are included in training data because they have crucial information. In regression models, simple and multiple regression models need to eliminate outliers from given training data by standadized and studentized residuals to construct good model. In this paper, we use support vector regression(SVR) based on statistical teaming theory to analyze data with outliers in regression. We verify the improved performance of our work by the experiment using synthetic data sets.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.26 no.4
• /
• pp.267-272
• /
• 2016

Wireless sensor networks (WSNs) are vulnerable to external intrusions due to the wireless communication characteristics and limited hardware resources. Thus, the attacker can cause sinkhole attack while intruding the network. INSENS is proposed for preventing the sinkhole attack. INSENS uses the three symmetric keys in order to prevent such sinkhole attacks. However, the sinkhole attack occurs again, even in the presence of INSENS, through the compromised node because INSENS does not consider the node being compromised. In this paper, we propose a method to counter the sinkhole attack by considering the compromised node, based on the neighboring nodes' information. The goals of the proposed method are i) network reliability improvement and ii) energy conservation through effective prevention of the sinkhole attack by detecting compromised nodes. The experimental results demonstrate that the proposed method can save up to, on average, 19.90% of energy while increasing up to, on average, 71.50%, the report reliability against internal sinkhole attacks in comparison to INSENS.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.185-196
• /
• 2022

The Internet of Things (IoT) has become more and more widespread in recent years, thus attackers are placing greater emphasis on IoT environments. The IoT connects a large number of smart devices via wired and wireless networks that incorporate sensors or actuators in order to produce and share meaningful information. Attackers employed IoT devices as bots to assault the target server; however, because of their resource limitations, these devices are easily infected with IoT malware. The Distributed Denial of Service (DDoS) is one of the many security problems that might arise in an IoT context. DDOS attempt involves flooding a target server with irrelevant requests in an effort to disrupt it fully or partially. This worst practice blocks the legitimate user requests from being processed. We explored an intelligent intrusion detection system (IIDS) using a particular sort of machine learning, such as Artificial Neural Networks, (ANN) in order to handle and mitigate this type of cyber-attacks. In this research paper Feed-Forward Neural Network (FNN) is tested for detecting the DDOS attacks using a modified version of the KDD Cup 99 dataset. The aim of this paper is to determine the performance of the most effective and efficient Back-propagation algorithms among several algorithms and check the potential capability of ANN- based network model as a classifier to counteract the cyber-attacks in IoT environments. We have found that except Gradient Descent with Momentum Algorithm, the success rate obtained by the other three optimized and effective Back- Propagation algorithms is above 99.00%. The experimental findings showed that the accuracy rate of the proposed method using ANN is satisfactory.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.7
• /
• pp.3220-3226
• /
• 2011

In order to monitor internal risk factors such as fire, terror, etc. on the subway station, the surveillance systems using CCTV and various kinds of sensors have been implemented and recently, introduction of surveillance systems using an advanced IT technology, sensor network technology is tried on several areas. Since 2007, Korean government has made an effort to develop the intelligent surveillance and monitoring system, which can monitor fire, intrusion, passenger congestion, health-state of structure, etc., by using wireless sensor network technology and intelligent video analytic technique. For that purpose, this study carried out field wireless communication environment test on Chungmuro Station of Seoul Metro on the basis of ZigBee that is considered as a representative wireless sensor network before field application of the intelligent integrated surveillance system being developed, arranged and analyzed and ZigBee based wireless communication environment test results on the platform and waiting room of Chungmuro Station on this paper. Results of wireless spectrum analysis on the platform and waiting room showed that there is no radio frequency overlapped with that of ZigBee based sensor network and no frequency interference with adjacent frequencies separated 10MHz or more. As results of wireless data transmission test using ZigBee showed that data transmission is influenced by multi-path fading effect from the number and flow rate of passengers on the platform or the waiting room rather than effects from entrance and exit of the train to/from the platform, it should be considered when implementing the intelligent integrated surveillance system on the station.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.6
• /
• pp.23-29
• /
• 2010

Nowadays it is required to design intelligent visual surveillance systems which automatically detect abandoned objects in public places to strengthen the social safety. Already recognized abandoned objects can be occluded partially or fully by surrounding people in public places after the first recognition. To improve an essential recognition performance index PAT, the system should overcome the occlusion problems. In this research, a design scheme is newly proposed to construct the robust detection system which is comprised of multiple stages considering the occlusion problem. To show the feasibilities of the proposed system, the evaluation was tried for the prepared image streams including 6 various situations and the experimental results show 96% and 75% in PAT performance for intrusion and abandoning events, respectively. Finally in spite of full occlusions by multiple persons, the proposed system shows the capability to continuously recognize the abandoned object after complex occlusions disappear.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.1-7
• /
• 2016

As new information and communication technologies evolve, security threats are also becoming increasingly intelligent and advanced. In this paper, we analyze the time series data continuously entered through a series of periods from the network device or lightweight IoT (Internet of Things) devices by using the statistical technique and propose a system to detect abnormal behaviors of the device or abnormality based on the analysis results. The proposed system performs the first level abnormal detection by using previously entered data set, thereafter performs the second level anomaly detection according to the trust bound configured by using stored time series data based on time attribute or group attribute. Multi-level analysis is able to improve reliability and to reduce false positives as well through a variety of decision data set.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.3
• /
• pp.576-599
• /
• 2013

Protocol reverse engineering is useful for many security applications, including intelligent fuzzing, intrusion detection and fingerprint generation. Since manual reverse engineering is a time-consuming and tedious process, a number of automatic techniques have been proposed. However, the accuracy of these techniques is limited due to the complexity of binary instructions, and the derived formats have missed constraints that are critical for security applications. In this paper, we propose a new approach for protocol format extraction. Our approach reasons about only the evaluation behavior of a program on the input message from concolic execution, and enables field identification and constraint inference with high accuracy. Moreover, it performs binary analysis with low complexity by reducing modern instruction sets to BIL, a small, well-specified and architecture-independent language. We have implemented our approach into a system called Icefex and evaluated it over real-world implementations of DNS, eDonkey, FTP, HTTP and McAfee ePO protocols. Experimental results show that our approach is more accurate and effective at extracting protocol formats than other approaches.

• ETRI Journal
• /
• v.37 no.6
• /
• pp.1108-1119
• /
• 2015

Multicast communication of mobile ad hoc networks is vulnerable to internal attacks due to its routing structure and high scalability of its participants. Though existing intrusion detection systems (IDSs) act smartly to defend against attack strategies, adversaries also accordingly update their attacking plans intelligently so as to intervene in successful defending schemes. In our work, we present a novel indirect internal stealthy attack on a tree-based multicast routing protocol. Such an indirect stealthy attack intelligently makes neighbor nodes drop their routing-layer unicast control packets instead of processing or forwarding them. The adversary targets the collision avoidance mechanism of the Medium Access Control (MAC) protocol to indirectly affect the routing layer process. Simulation results show the success of this attacking strategy over the existing "stealthy attack in wireless ad hoc networks: detection and countermeasure (SADEC)" detection system. We design a cross-layer automata-based stealthy attack on multicast routing protocols (SAMRP) attacker detection system to identify and isolate the proposed attacker. NS-2 simulation and analytical results show the efficient performance, against an indirect internal stealthy attack, of SAMRP over the existing SADEC and BLM attacker detection systems.