• 제어로봇시스템학회:학술대회논문집
• /
• 2002.10a
• /
• pp.111.5-111
• /
• 2002

●NGMS ●Digital Factory ●S-Diagnostics ●Fuzzy Logic ●Neural Network ●DPNN ●Data Mining & Knowledge Discovery

• Electronics and Telecommunications Trends
• /
• v.14 no.4 s.58
• /
• pp.67-80
• /
• 1999

본 고에서는 일본의 국제 표준화 활동의 동향을 살펴보고 우리나라에의 시사점을 제시하고 있다. 우선 일본의 기본적 표준화 정책방향을 검토한 후, NTT와 KDD 등 통신사업자와 NEC 등 통신제조업자의 국제 표준화 전략을 분석하였다. 이를 토대로 우리나라 표준화 정책의 시사점을 기술하였다.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.13 no.4
• /
• pp.491-498
• /
• 2003

The advanced computer network technology enables connectivity of computers through an open network environment. There has been growing numbers of security threat to the networks. Therefore, it requires intrusion detection and prevention technologies. In this paper, we propose a network based intrusion detection model using FCM(Fuzzy Cognitive Maps) that can detect intrusion by the DoS attack detection method adopting the packet analyses. A DoS attack appears in the form of the Probe and Syn Flooding attack which is a typical example. The SPuF(Syn flooding Preventer using Fussy cognitive maps) model captures and analyzes the packet informations to detect Syn flooding attack. Using the result of analysis of decision module, which utilized FCM, the decision module measures the degree of danger of the DoS and trains the response module to deal with attacks. For the performance comparison, the "KDD′99 Competition Data Set" made by MIT Lincoln Labs was used. The result of simulating the "KDD′99 Competition Data Set" in the SPuF model shows that the probe detection rates were over 97 percentages.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.10
• /
• pp.5143-5158
• /
• 2018

Improving the intrusion detection system (IDS) is a pressing need for cyber security world. With the growth of computer networks, there are constantly daily new attacks. Machine Learning (ML) is one of the most important fields which have great contribution to address the intrusion detection issues. One of these issues relates to the imbalance of the diverse classes of network traffic. Accuracy paradox is a result of training ML algorithm with imbalanced classes. Most of the previous efforts concern improving the overall accuracy of these models which is truly important. However, even they improved the total accuracy of the system; it fell in the accuracy paradox. The seriousness of the threat caused by the minor classes and the pitfalls of the previous efforts to address this issue is the motive for this work. In this paper, we consolidated stratified sampling, cost function and weighted Support Vector Machine (WSVM) method to address the accuracy paradox of ID problem. This model achieved good results of total accuracy and superior results in the small classes like the User-To-Remote and Remote-To-Local attacks using the improved version of the benchmark dataset KDDCup99 which is called NSL-KDD.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.13 no.3
• /
• pp.366-370
• /
• 2003

In this research, we suggest a hybrid intelligent Web recommendation systems based on Web data mining and case-based reasoning (CBR). One of the important research topics in the field of Internet business is blending artificial intelligence (AI) techniques with knowledge discovering in database (KDD) or data mining (DM). Data mining is used as an efficient mechanism in reasoning for association knowledge between goods and customers＇ preference. In the field of data mining, the features, called attributes, are often selected primary for mining the association knowledge between related products. Therefore, most of researches, in the arena of Web data mining, used association rules extraction mechanism. However, association rules extraction mechanism has a potential limitation in flexibility of reasoning. If there are some goods, which were not retrieved by association rules-based reasoning, we can＇t present more information to customer. To overcome this limitation case, we combined CBR with Web data mining. CBR is one of the AI techniques and used in problems for which it is difficult to solve with logical (association) rules. A Web-log data gathered in real-world Web shopping mall was given to illustrate the quality of the proposed hybrid recommendation mechanism. This Web shopping mall deals with remote-controlled plastic models such as remote-controlled car, yacht, airplane, and helicopter. The experimental results showed that our hybrid recommendation mechanism could reflect both association knowledge and implicit human knowledge extracted from cases in Web databases.

• Journal of Broadcast Engineering
• /
• v.13 no.1
• /
• pp.86-91
• /
• 2008

In the field of network data analysis, the research of how much the estimation data reflects the population data is inevitable. This paper compares and analyzes the well known MIT Lincoln Lab network data, which is composed of collectable standard information from the network with the KDD CUP 99 dataset which was composed from the MIT/LL data. For comparison and analysis, the protocol information of both the data was used. Correspondence analysis was used for analysis, SVD was used for 2 dimensional visualization and weigthed euclidean distance was used for network data quantification.

• The KIPS Transactions:PartD
• /
• v.10D no.2
• /
• pp.277-282
• /
• 2003

The knowledge discovery from web has been studied in many researches. There are some difficulties using web log for training data on efficient information predictive models. In this paper, we studied on the method to eliminate sparseness from web log data and to perform web user clustering. Using missing value imputation by Bayesian inference of MCMC, the sparseness of web data is removed. And web user clustering is performed using self organizing maps based on 3-D plot by principal component. Finally, using KDD Cup data, our experimental results were shown the problem solving process and the performance evaluation.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.19 no.1
• /
• pp.249-256
• /
• 2024

Machine learning-based intrusion detection methodologies require a large amount of uniform learning data for each class to be classified, and have the problem of having to retrain the entire system when adding an attack type to be detected or classified. In this paper, we use feature learning and hierarchical classification methods to solve classification problems and data imbalance problems using relatively little training data, and propose an intrusion detection methodology that makes it easy to add new attack types. The feasibility of the proposed system was verified through experiments using KDD IDS data..

• Convergence Security Journal
• /
• v.24 no.3
• /
• pp.13-21
• /
• 2024

Recently, with the rapid expansion of networks driven by the advancements of the Fourth Industrial Revolution, cybersecurity threats are becoming increasingly severe. Traditional signature-based Network Intrusion Detection Systems (NIDS) are effective in detecting known attacks but show limitations when faced with new threats such as Advanced Persistent Threats (APT). Additionally, deep learning models based on supervised learning can lead to biased decision boundaries due to the imbalanced nature of network traffic data, where normal traffic vastly outnumbers malicious traffic. To address these challenges, this paper proposes a network intrusion detection method based on one-class models that learn only from normal data to identify abnormal traffic. The effectiveness of this approach is validated through experiments using the Deep SVDD and MemAE models on the NSL-KDD dataset. Comparative analysis with supervised learning models demonstrates that the proposed method offers superior adaptability and performance in real-world scenarios.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.617-629
• /
• 2020

In order to overcome the limitations of the rule-based intrusion detection system due to changes in Internet computing environments, the emergence of new services, and creativity of attackers, network anomaly detection (NAD) using machine learning and deep learning technologies has received much attention. Most of these existing machine learning and deep learning technologies for NAD use supervised learning methods to learn a set of training data set labeled 'normal' and 'attack'. This paper presents the feasibility of the unsupervised learning AutoEncoder(AE) to NAD from data sets collecting of secured network traffic without labeled responses. To verify the performance of the proposed AE mode, we present the experimental results in terms of accuracy, precision, recall, f1-score, and ROC AUC value on the NSL-KDD training and test data sets. In particular, we model a reference AE through the deep analysis of diverse AEs varying hyper-parameters such as the number of layers as well as considering the regularization and denoising effects. The reference model shows the f1-scores 90.4% and 89% of binary classification on the KDDTest+ and KDDTest-21 test data sets based on the threshold of the 82-th percentile of the AE reconstruction error of the training data set.