• Journal of the Korea Society of Computer and Information
• /
• v.27 no.11
• /
• pp.19-27
• /
• 2022

In this study, we propose a language and platform to describe and manage the MLOps(Machine Learning Operations) workflow for time series data anomaly detection. Time series data is collected in many fields, such as IoT sensors, system performance indicators, and user access. In addition, it is used in many applications such as system monitoring and anomaly detection. In order to perform prediction and anomaly detection of time series data, the MLOps platform that can quickly and flexibly apply the analyzed model to the production environment is required. Thus, we developed Python-based AI/ML Modeling Language (AMML) to easily configure and execute MLOps workflows. Python is widely used in data analysis. The proposed MLOps platform can extract and preprocess time series data from various data sources (R-DB, NoSql DB, Log File, etc.) using AMML and predict it through a deep learning model. To verify the applicability of AMML, the workflow for generating a transformer oil temperature prediction deep learning model was configured with AMML and it was confirmed that the training was performed normally.

• Journal of Internet Computing and Services
• /
• v.23 no.3
• /
• pp.97-110
• /
• 2022

Federated learning is a learning method capable of performing model learning without transmitting learning data. The IoT or healthcare field is sensitive to information leakage as it deals with users' personal information, so a lot of attention should be paid to system design, but when using federated-learning, data does not move from devices where data is collected. Accordingly, many federated-learning implementations have been developed, but detailed research on system design for the development and operation of systems using federated learning is insufficient. This study shows that measures for the life cycle, code version management, model serving, and device monitoring of federated learning are needed to be applied to actual projects and distributed to IoT devices, and we propose a design for a development environment that complements these points. The system proposed in this paper considered uninterrupted model-serving and includes source code and model version management, device state monitoring, and server-client learning schedule management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.1019-1034
• /
• 2022

Malware attacks become more prevalent in the hyper-connected society of the 4th industrial revolution. To respond to such malware, automation of malware detection using artificial intelligence technology is attracting attention as a new alternative. However, using artificial intelligence without collateral for its reliability poses greater risks and side effects. The EU and the United States are seeking ways to secure the reliability of artificial intelligence, and the government announced a reliable strategy for realizing artificial intelligence in 2021. The government's AI reliability has five attributes: Safety, Explainability, Transparency, Robustness and Fairness. We develop four elements of safety, explainable, transparent, and fairness, excluding robustness in the malware detection model. In particular, we demonstrated stable generalization performance, which is model accuracy, through the verification of external agencies, and developed focusing on explainability including transparency. The artificial intelligence model, of which learning is determined by changing data, requires life cycle management. As a result, demand for the MLops framework is increasing, which integrates data, model development, and service operations. EXE-executable malware and documented malware response services become data collector as well as service operation at the same time, and connect with data pipelines which obtain information for labeling and purification through external APIs. We have facilitated other security service associations or infrastructure scaling using cloud SaaS and standard APIs.

• Electronics and Telecommunications Trends
• /
• v.37 no.5
• /
• pp.44-53
• /
• 2022

The Internet of Things (IoT) is growing exponentially, with the number of IoT devices multiplying annually. Accordingly, the paradigm is changing from cloud computing to edge computing and even tiny edge computing because of the low latency and cost reduction. Machine learning is also shifting its role from the cloud to edge or tiny edge according to the paradigm shift. However, the fragmented and resource-constrained features of IoT devices have limited the development of artificial intelligence applications. Edge MLaaS (Machine Learning as-a-Service) has been studied to easily and quickly adopt machine learning to products and overcome the device limitations. This paper briefly summarizes what Edge MLaaS is and what element of research it requires.

• Journal of Internet Computing and Services
• /
• v.24 no.5
• /
• pp.17-27
• /
• 2023

Today, as AI (Artificial Intelligence) technology develops and its practicality increases, it is widely used in various application fields in real life. At this time, the AI model is basically learned based on various statistical properties of the learning data and then distributed to the system, but unexpected changes in the data in a rapidly changing data situation cause a decrease in the model's performance. In particular, as it becomes important to find drift signals of deployed models in order to respond to new and unknown attacks that are constantly created in the security field, the need for lifecycle management of the entire model is gradually emerging. In general, it can be detected through performance changes in the model's accuracy and error rate (loss), but there are limitations in the usage environment in that an actual label for the model prediction result is required, and the detection of the point where the actual drift occurs is uncertain. there is. This is because the model's error rate is greatly influenced by various external environmental factors, model selection and parameter settings, and new input data, so it is necessary to precisely determine when actual drift in the data occurs based only on the corresponding value. There are limits to this. Therefore, this paper proposes a method to detect when actual drift occurs through an Anomaly analysis technique based on XAI (eXplainable Artificial Intelligence). As a result of testing a classification model that detects DGA (Domain Generation Algorithm), anomaly scores were extracted through the SHAP(Shapley Additive exPlanations) Value of the data after distribution, and as a result, it was confirmed that efficient drift point detection was possible.

• Journal of IKEEE
• /
• v.25 no.4
• /
• pp.672-678
• /
• 2021

New malware continues to increase and become advanced by every year. Although various studies are going on executable files to diagnose malicious codes, it is difficult to detect attacks that internalize malicious code threats in emails by exploiting non-executable document files, malicious URLs, and malicious macros and JS in documents. In this paper, we introduce a method of analyzing malicious code for email security through proactive detection and blocking of malicious email attacks, and propose a method for determining whether a non-executable document file is malicious based on AI. Among various algorithms, an efficient machine learning modeling is choosed, and an ML workflow system to diagnose malicious code using Kubeflow is proposed.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.14 no.3
• /
• pp.201-207
• /
• 2021

Deep learning, a type of machine learning, performs learning while changing the weights as it progresses through each learning process. Tensor Flow and Keras provide the results of the end of the learning in graph form. Thus, If an error occurs, the result must be discarded. Consequently, existing technologies provide a function to roll back learning results, but the rollback function is limited to results up to five times. Moreover, they applied the concept of MLOps to track the deep learning process, but no rollback capability is provided. In this paper, we construct a system that manages the intermediate value of the learning process by blockchain to record the intermediate learning process and can rollback in the event of an error. To perform the functions of blockchain, the deep learning process and the rollback of learning results are designed to work by writing Smart Contracts. Performance evaluation shows that, when evaluating the rollback function of the existing deep learning method, the proposed method has a 100% recovery rate, compared to the existing technique, which reduces the recovery rate after 6 times, down to 10% when 50 times. In addition, when using Smart Contract in Ethereum blockchain, it is confirmed that 1.57 million won is continuously consumed per block creation.