• Journal of Internet Computing and Services
• /
• v.22 no.3
• /
• pp.27-35
• /
• 2021

With the development of the Internet, various IT technologies such as IoT, Cloud, etc. have been developed, and various systems have been built in countries and companies. Because these systems generate and share vast amounts of data, they needed a variety of systems that could detect threats to protect the critical data contained in the system, which has been actively studied to date. Typical techniques include anomaly detection and misuse detection, and these techniques detect threats that are known or exhibit behavior different from normal. However, as IT technology advances, so do technologies that threaten systems, and these methods of detection. Advanced Persistent Threat (APT) attacks national or companies systems to steal important information and perform attacks such as system down. These threats apply previously unknown malware and attack technologies. Therefore, in this paper, we propose a hybrid intrusion detection system that combines anomaly detection and misuse detection to detect unknown threats. Two detection techniques have been applied to enable the detection of known and unknown threats, and by applying machine learning, more accurate threat detection is possible. In misuse detection, we applied Classification based on Association Rule(CBA) to generate rules for known threats, and in anomaly detection, we used One-Class SVM(OCSVM) to detect unknown threats. Experiments show that unknown threat detection accuracy is about 94%, and we confirm that unknown threats can be detected.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2006.05a
• /
• pp.247-250
• /
• 2006

Maximizing the productivity in reactive ion etching, early detection of process equipment anomaly became crucial in current high volume semiconductor manufacturing environment. To address the importance of the process fault detection for productivity, support vector machines (SVMs) is employed to assist the decision to determine process faults in real-time. SVMs for eleven steps of etching runs are established with data acquired from baseline runs, and they are further verified with the data from controlled (acceptable) and perturbed (unacceptable) runs. Then, each SVM is further utilized for the fault detection purpose utilizing control limits which is well understood in statistical process control chart. Utilizing SVMs, fault detection of reactive ion etching process is demonstrated with zero false alarm rate of the controlled runs on a run to run basis.

• Journal of Korea Artificial Intelligence Association
• /
• v.1 no.1
• /
• pp.11-16
• /
• 2023

Accurate hospital case modeling and prediction are crucial for efficient healthcare. In this study, we demonstrate the implementation of regression analysis methods in machine learning systems utilizing mathematical statics and machine learning techniques. The developed machine learning model includes Bayesian linear, artificial neural network, decision tree, decision forest, and linear regression analysis models. Through the application of these algorithms, corresponding regression models were constructed and analyzed. The results suggest the potential of leveraging machine learning systems for medical research. The experiment aimed to create an Azure Machine Learning Studio tool for the speedy evaluation of multiple regression models. The tool faciliates the comparision of 5 types of regression models in a unified experiment and presents assessment results with performance metrics. Evaluation of regression machine learning models highlighted the advantages of boosted decision tree regression, and decision forest regression in hospital case prediction. These findings could lay the groundwork for the deliberate development of new directions in medical data processing and decision making. Furthermore, potential avenues for future research may include exploring methods such as clustering, classification, and anomaly detection in healthcare systems.

• Journal of Information Technology Applications and Management
• /
• v.29 no.5
• /
• pp.27-37
• /
• 2022

This study intends to link agricultural machine history data with related organizations or collect them through IoT sensors, receive input from agricultural machine users and managers, and analyze them through AI algorithms. Through this, the goal is to track and manage the history data throughout all stages of production, purchase, operation, and disposal of agricultural machinery. First, LSTM (Long Short-Term Memory) is used to estimate oil consumption and recommend maintenance from historical data of agricultural machines such as tractors and combines, and C-LSTM (Convolution Long Short-Term Memory) is used to diagnose and determine failures. Memory) to build a deep learning algorithm. Second, in order to collect historical data of agricultural machinery, IoT sensors including GPS module, gyro sensor, acceleration sensor, and temperature and humidity sensor are attached to agricultural machinery to automatically collect data. Third, event-type data such as agricultural machine production, purchase, and disposal are automatically collected from related organizations to design an interface that can integrate the entire life cycle history data and collect data through this.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2020.07a
• /
• pp.13-14
• /
• 2020

본 논문에서는 엣지 컴퓨팅 환경에서 머신러닝을 활용해 에스컬레이터 이상 감지 및 결함 분류를 하는 연구를 진행하였다. 엣지 컴퓨팅 기반 머신러닝을 사용해 에스컬레이터의 이상 감지 및 결함 분류를 위한 OneM2M환경을 구축하였으며 에스컬레이터에서 발생하는 소음에서 고장 유형에 따라 나타나는 주파수를 이용한다. Edge TPU를 활용해 엣지 컴퓨팅 시스템의 처리량을 최대화하고, 각 작업의 수행시간을 최소화함으로써 엣지 컴퓨팅 환경에서 이상 감지와 결함 분류를 수행할 수 있다.

• Geomechanics and Engineering
• /
• v.25 no.1
• /
• pp.59-73
• /
• 2021

There frequently exists inadequacy regarding the number of boreholes installed along tunnel alignment. While geophysical imaging techniques are available for pre-tunnelling geological characterization, they aim to detect specific object (e.g., water body and karst cave). There remains great motivation for the industry to develop a real-time identification technology relating complex geological conditions with the existing tunnelling parameters. This study explores the potential for the use of machine learning-based data driven approaches to identify the change in geology during tunnel excavation. Further, the feasibility for machine learning-based anomaly detection approaches to detect the development of clayey clogging is also assessed. The results of an application of the machine learning-based approaches to Xi'an Metro line 4 are presented in this paper where two tunnels buried in the water-rich sandy soils at depths of 12-14 m are excavated using a 6.288 m diameter EPB shield machine. A reasonable agreement with the measurements verifies their applicability towards widening the application horizon of machine learning-based approaches.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.3
• /
• pp.1-7
• /
• 2020

With the increase in cyber attacks, automated IDS using machine learning is being studied. According to recent research, the IDS using the recursive learning model shows high detection performance. However, the simple application of the recursive model may be difficult to reflect the associated session characteristics, as the overlapping session environment may degrade the performance. In this paper, we designed the session management module and applied it to LSTM (Long Short-Term Memory) recursive model. For the experiment, the CSE-CIC-IDS 2018 dataset is used and increased the normal session ratio to reduce the association of mal-session. The results show that the proposed model is able to maintain high detection performance even in the environment where session relevance is difficult to find.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.365-371
• /
• 2021

With the rapid growth in Internet users, web applications are becoming the main target of hackers. Most previous WAFs (Web Application Firewalls) target every single HTTP request packet rather than the overall behavior of the attacker, and are known to be difficult to detect new types of attacks. In this paper, we propose a web attack detection system based on user behavior using machine learning to detect attacks of unknown patterns. In order to define user behavior, we focus on features excluding areas where an attacker can camouflage as a normal user. The experimental results shows that by using the path and query information to define users' behaviors, best results for an accuracy of 99% with Decision forest.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.649-653
• /
• 2006

In this paper, we propose a hybrid feature extraction method in which Principal Components Analysis is combined with optimized k-Means clustering technique. Our approach hierarchically reduces the redundancy of features with high explanation in principal components analysis for choosing a good subset of features critical to improve the performance of classifiers. Based on this result, we evaluate the performance of intrusion detection by using Support Vector Machine and a nonparametric approach based on k-Nearest Neighbor over data sets with reduced features. The Experiment results with KDD Cup 1999 dataset show several advantages in terms of computational complexity and our method achieves significant detection rate which shows possibility of detecting successfully attacks.

• Structural Engineering and Mechanics
• /
• v.81 no.5
• /
• pp.647-664
• /
• 2022

The powerful data mapping capability of computational deep learning methods has been recently explored in academic works to develop strategies for structural health monitoring through appropriate characterization of dynamic responses. In many cases, these studies concern laboratory prototypes and finite element models to validate the proposed methodologies. Therefore, the present work aims to investigate the capability of a deep learning algorithm called Sparse Autoencoder (SAE) specifically focused on detecting structural alterations in real-case studies. The idea is to characterize the dynamic responses via SAE models and, subsequently, to detect the onset of abnormal behavior through the Shewhart T control chart, calculated with SAE extracted features. The anomaly detection approach is exemplified using data from the Z24 bridge, a classical benchmark, and data from the continuous monitoring of the San Vittore bell-tower, Italy. In both cases, the influence of temperature is also evaluated. The proposed approach achieved good performance, detecting structural changes even under temperature variations.