• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.751-770
• /
• 2019

Action recognition is an essential task in computer vision due to the variety of prospective applications, such as security surveillance, machine learning, and human-computer interaction. The availability of more video data than ever before and the lofty performance of deep convolutional neural networks also make it essential for action recognition in video. Unfortunately, limited crafted video features and the scarcity of benchmark datasets make it challenging to address the multi-person action recognition task in video data. In this work, we propose a deep convolutional neural network-based Effective Hybrid Learning (EHL) framework for two-person interaction classification in video data. Our approach exploits a pre-trained network model (the VGG16 from the University of Oxford Visual Geometry Group) and extends the Faster R-CNN (region-based convolutional neural network a state-of-the-art detector for image classification). We broaden a semi-supervised learning method combined with an active learning method to improve overall performance. Numerous types of two-person interactions exist in the real world, which makes this a challenging task. In our experiment, we consider a limited number of actions, such as hugging, fighting, linking arms, talking, and kidnapping in two environment such simple and complex. We show that our trained model with an active semi-supervised learning architecture gradually improves the performance. In a simple environment using an Intelligent Technology Laboratory (ITLab) dataset from Inha University, performance increased to 95.6% accuracy, and in a complex environment, performance reached 81% accuracy. Our method reduces data-labeling time, compared to supervised learning methods, for the ITLab dataset. We also conduct extensive experiment on Human Action Recognition benchmarks such as UT-Interaction dataset, HMDB51 dataset and obtain better performance than state-of-the-art approaches.

• Journal of the Korea Convergence Society
• /
• v.12 no.1
• /
• pp.49-55
• /
• 2021

Recently, with the development of database, it is possible to store a lot of data generated in finance, security, and networks. These data are being analyzed through classifiers based on machine learning. The main problem at this time is data imbalance. When we train imbalanced data, it may happen that classification accuracy is degraded due to over-fitting with majority class data. To overcome the problem of data imbalance, oversampling strategy that increases the quantity of data of minority class data is widely used. It requires to tuning process about suitable method and parameters for data distribution. To improve the process, In this study, we propose a strategy to explore and optimize oversampling combinations and ratio based on various methods such as synthetic minority oversampling technique and generative adversarial networks through genetic algorithms. After sampling credit card fraud detection which is a representative case of data imbalance, with the proposed strategy and single oversampling strategies, we compare the performance of trained classifiers with each data. As a result, a strategy that is optimized by exploring for ratio of each method with genetic algorithms was superior to previous strategies.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.8
• /
• pp.1071-1076
• /
• 2020

The importance of network separation is due to the use of the Internet with existing business PCs, resulting in an internal information leakage event, and an environment configured to allow servers to access the Internet, which causes service failures with malicious code. In order to overcome this problem, it is necessary to use network virtualization to separate networks and network interconnection systems. Therefore, in this study, the construction area was constructed into the network area for the Internet and the server farm area for the virtualization system, and then classified and constructed into the security system area and the data link system area between networks. In order to prove the excellence of the proposed method, a network separation construction study using network virtualization was conducted based on the basis of VM Density's conservative estimates of program loads and LOBs.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.10
• /
• pp.1477-1482
• /
• 2022

Haze is a local weather phenomenon in which very small droplets float in the atmosphere, and the amount and characteristics of haze may vary depending on the region. In particular, these haze reduce visibility, which can cause air traffic interference and vehicle traffic accidents, and degrade the quality of security CCTVs and so on. Therefore, in the past 10 years, research on haze removal has been actively conducted to reduce damage caused by haze. In this study, local haze removal is performed by weight generation using a haziness degree evaluator to adaptively respond to haze-free, homogeneous haze, and non-homogeneous haze cases. And the proposed method improves the limitations of the existing static haze removal method, which assumes that there is haze in the input image and removes the haze. We also demonstrate the superiority of the proposed method through quantitative and qualitative performance evaluations with benchmark algorithms.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.11
• /
• pp.1637-1643
• /
• 2022

In recent years, the demand for image-processing technology in digital marketing has increased due to the expansion and diversification of the digital market, such as video, security, and machine intelligence. Noise-processing is essential for image-correction and reconstruction, especially in the case of sensitive noises, such as in CT, MRI, X-ray, and scanners. The two main salt and pepper noises have been actively studied, but the details and edges are still unsatisfactory and tend to blur when there is a lot of noise. Therefore, this paper proposes an algorithm that applies a weight-based Euclidean distance equation to the partial mask and uses only the non-noisy pixels that are the most similar to the original as effective pixels. The proposed algorithm determines the type of filter based on the state of the internal pixels of the designed partial mask and the degree of mask deterioration, which results in superior noise cancellation even in highly damaged environments.

• KIPS Transactions on Software and Data Engineering
• /
• v.11 no.5
• /
• pp.197-202
• /
• 2022

IoT (Internet of Things) devices are being attacked by malware due to many security vulnerabilities, such as the use of weak IDs/passwords and unauthenticated firmware updates. However, due to the diversity of CPU architectures, it is difficult to set up a malware analysis environment and design features. In this paper, we design time series features using the byte sequence of executable files to represent independent features of CPU architectures, and analyze them using recurrent neural networks. The proposed feature is a fixed-length time series pattern extracted from the byte sequence by calculating partial entropy and applying linear interpolation. Temporary changes in the extracted feature are analyzed by RNN and LSTM. In the experiment, the IoT malware detection showed high performance, while low performance was analyzed in the malware family classification. When the entropy patterns for each malware family were compared visually, the Tsunami and Gafgyt families showed similar patterns, resulting in low performance. LSTM is more suitable than RNN for learning temporal changes in the proposed malware features.

• KNOM Review
• /
• v.24 no.2
• /
• pp.24-34
• /
• 2021

Service providers using edge computing provide a high level of service. As a result, devices store important information in inner storage and have become a target of the latest cyberattacks, which are more difficult to detect. Although experts use a security system such as intrusion detection systems, the existing intrusion systems have low detection accuracy. Therefore, in this paper, we proposed a machine learning model for more accurate intrusion detections of devices in edge computing. The proposed model is a hybrid model that combines a stacked sparse autoencoder (SSAE) and a convolutional neural network (CNN) to extract important feature vectors from the input data using sparsity constraints. To find the optimal model, we compared and analyzed the performance as adjusting the sparsity coefficient of SSAE. As a result, the model showed the highest accuracy as a 96.9% using the sparsity constraints. Therefore, the model showed the highest performance when model trains only important features.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.12
• /
• pp.4008-4023
• /
• 2022

Since machine learning was introduced into cross-site scripting (XSS) attack detection, many researchers have conducted related studies and achieved significant results, such as saving time and labor costs by not maintaining a rule database, which is required by traditional XSS attack detection methods. However, this topic came across some problems, such as poor generalization ability, significant false negative rate (FNR) and false positive rate (FPR). Moreover, the automatic clustering property of graph convolutional networks (GCN) has attracted the attention of researchers. In the field of natural language process (NLP), the results of graph embedding based on GCN are automatically clustered in space without any training, which means that text data can be classified just by the embedding process based on GCN. Previously, other methods required training with the help of labeled data after embedding to complete data classification. With the help of the GCN auto-clustering feature and labeled data, this research proposes an approach to detect XSS attacks (called GCNXSS) to mine the dependencies between the units that constitute an XSS payload. First, GCNXSS transforms a URL into a word homogeneous graph based on word co-occurrence relationships. Then, GCNXSS inputs the graph into the GCN model for graph embedding and gets the classification results. Experimental results show that GCNXSS achieved successful results with accuracy, precision, recall, F1-score, FNR, FPR, and predicted time scores of 99.97%, 99.75%, 99.97%, 99.86%, 0.03%, 0.03%, and 0.0461ms. Compared with existing methods, GCNXSS has a lower FNR and FPR with stronger generalization ability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.6
• /
• pp.1706-1727
• /
• 2023

Under Water Sensor Networks (UWSN) has gained attraction among various communities for its potential applications like acoustic monitoring, 3D mapping, tsunami detection, oil spill monitoring, and target tracking. Unlike terrestrial sensor networks, it performs an acoustic mode of communication to carry out collaborative tasks. Typically, surface sink nodes are deployed for aggregating acoustic phenomena collected from the underwater sensors through the multi-hop path. In this context, UWSN is constrained by factors such as lower bandwidth, high propagation delay, and limited battery power. Also, the vulnerabilities to compromise the aquatic environment are in growing numbers. The paper proposes an Energy-Efficient standalone Intrusion Detection System (EEIDS) to entail the acoustic environment against malicious attacks and improve the network lifetime. In EEIDS, attributes such as node ID, residual energy, and depth value are verified for forwarding the data packets in a secured path and stabilizing the nodes' energy levels. Initially, for each node, three agents are modeled to perform the assigned responsibilities. For instance, ID agent verifies the node's authentication of the node, EN agent checks for the residual energy of the node, and D agent substantiates the depth value of each node. Next, the classification of normal and malevolent nodes is performed by determining the score for each node. Furthermore, the proposed system utilizes the sheep-flock heredity algorithm to validate the input attributes using the optimized probability values stored in the training dataset. This assists in finding out the best-fit motes in the UWSN. Significantly, the proposed system detects and isolates the malicious nodes with tampered credentials and nodes with lower residual energy in minimal time. The parameters such as the time taken for malicious node detection, network lifetime, energy consumption, and delivery ratio are investigated using simulation tools. Comparison results show that the proposed EEIDS outperforms the existing acoustic security systems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.5
• /
• pp.1310-1338
• /
• 2023

As Internet of Things (IoT) applications and devices rapidly grow, cyber-attacks on IoT networks/systems also have an increasing trend, thus increasing the threat to security and privacy. Botnet is one of the threats that dominate the attacks as it can easily compromise devices attached to an IoT networks/systems. The compromised devices will behave like the normal ones, thus it is difficult to recognize them. Several intelligent approaches have been introduced to improve the detection accuracy of this type of cyber-attack, including deep learning and machine learning techniques. Moreover, dimensionality reduction methods are implemented during the preprocessing stage. This research work proposes deep Autoencoder dimensionality reduction method combined with Artificial Neural Network (ANN) classifier as botnet detection system for IoT networks/systems. Experiments were carried out using 3- layer, 4-layer and 5-layer pre-processing data from the MedBIoT dataset. Experimental results show that using a 5-layer Autoencoder has better results, with details of accuracy value of 99.72%, Precision of 99.82%, Sensitivity of 99.82%, Specificity of 99.31%, and F1-score value of 99.82%. On the other hand, the 5-layer Autoencoder model succeeded in reducing the dataset size from 152 MB to 12.6 MB (equivalent to a reduction of 91.2%). Besides that, experiments on the N_BaIoT dataset also have a very high level of accuracy, up to 99.99%.