• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.901-909
• /
• 2021

Since mobile devices have limited computational resources, it tends to use the cloud to compute or store data. As real-time becomes more important due to 5G, many studies have been conducted on edge clouds that computes at locations closer to users than central clouds. The farther the user's physical distance from the edge cloud connected to base station is, the slower the network transmits. So applications should be migrated and re-run to nearby edge cloud for smooth service use. We run applications in docker containers, which is independent of the host operating system and has a relatively light images size compared to the virtual machine. Existing migration studies have been experimented by using network simulators. It uses fixed values, so it is different from the results in the real-world environment. In addition, the method of migrating images through shared storage was used, which poses a risk of packet content exposure. In this paper, Containers are migrated with Secure CoPy(SCP) method, a data encryption transmission, by establishing an edge computing environment in a real-world environment. It compares migration time with Network File System, one of the shared storage methods, and analyzes network packets to verify safety.

• Convergence Security Journal
• /
• v.23 no.2
• /
• pp.27-36
• /
• 2023

In recent years, ransomware attacks have become more organized and specialized, with the sophistication of attacks targeting specific individuals or organizations using tactics such as social engineering, spear phishing, and even machine learning, some operating as business models. In order to effectively respond to this, various researches and solutions are being developed and operated to detect and prevent attacks before they cause serious damage. In particular, honeypots can be used to minimize the risk of attack on IT systems and networks, as well as act as an early warning and advanced security monitoring tool, but in cases where ransomware does not have priority access to the decoy file, or bypasses it completely. has a disadvantage that effective ransomware response is limited. In this paper, this honeypot is optimized for the user environment to create a reliable real-time dynamic honeypot file, minimizing the possibility of an attacker bypassing the honeypot, and increasing the detection rate by preventing the attacker from recognizing that it is a honeypot file. To this end, four models, including a basic data collection model for dynamic honeypot generation, were designed (basic data collection model / user-defined model / sample statistical model / experience accumulation model), and their validity was verified.

• Journal of Internet Computing and Services
• /
• v.24 no.5
• /
• pp.17-27
• /
• 2023

Today, as AI (Artificial Intelligence) technology develops and its practicality increases, it is widely used in various application fields in real life. At this time, the AI model is basically learned based on various statistical properties of the learning data and then distributed to the system, but unexpected changes in the data in a rapidly changing data situation cause a decrease in the model's performance. In particular, as it becomes important to find drift signals of deployed models in order to respond to new and unknown attacks that are constantly created in the security field, the need for lifecycle management of the entire model is gradually emerging. In general, it can be detected through performance changes in the model's accuracy and error rate (loss), but there are limitations in the usage environment in that an actual label for the model prediction result is required, and the detection of the point where the actual drift occurs is uncertain. there is. This is because the model's error rate is greatly influenced by various external environmental factors, model selection and parameter settings, and new input data, so it is necessary to precisely determine when actual drift in the data occurs based only on the corresponding value. There are limits to this. Therefore, this paper proposes a method to detect when actual drift occurs through an Anomaly analysis technique based on XAI (eXplainable Artificial Intelligence). As a result of testing a classification model that detects DGA (Domain Generation Algorithm), anomaly scores were extracted through the SHAP(Shapley Additive exPlanations) Value of the data after distribution, and as a result, it was confirmed that efficient drift point detection was possible.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.7
• /
• pp.492-498
• /
• 2016

It is well known that since abrupt faults in induction motors tend to lead to subsequent faults and deterioration of the drive apparatus, motor faults may lead to several operating restrictions, such as security problems and economic loss. A lot of research has been done in the area of diagnosis to detect machine faults and to prevent catastrophic hazards in the motor drive system. This paper presents a new method of motor current signature analysis in which the DC-link current of the inverter-driven induction motor system, where a single current sensor is employed instead of three AC current sensors, is measured, and fast Fourier transform analysis is performed. This proposed method makes it possible to easily discern and clearly separate the motor fault current signature from the normal operation current flowing through the stator and rotor windings.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.7
• /
• pp.3093-3115
• /
• 2020

Network anomaly detection system plays an essential role in detecting network anomaly and ensuring network security. Anomaly detection system based machine learning has become an increasingly popular solution. However, due to the unbalance and high-dimension characteristics of network traffic, the existing methods unable to achieve the excellent performance of high accuracy and low false alarm rate. To address this problem, a new network anomaly detection method based on data balancing and recursive feature addition is proposed. Firstly, data balancing algorithm based on improved KNN outlier detection is designed to select part respective data on each category. Combination optimization about parameters of improved KNN outlier detection is implemented by genetic algorithm. Next, recursive feature addition algorithm based on correlation analysis is proposed to select effective features, in which a cross contingency test is utilized to analyze correlation and obtain a features subset with a strong correlation. Then, random forests model is as the classification model to detection anomaly. Finally, the proposed algorithm is evaluated on benchmark datasets KDD Cup 1999 and UNSW_NB15. The result illustrates the proposed strategies enhance accuracy and recall, and decrease the false alarm rate. Compared with other algorithms, this algorithm still achieves significant effects, especially recall in the small category.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.2
• /
• pp.165-171
• /
• 2013

WAVE(Wireless Access in Vehicular Environments) is a representative V2V communication protocol and its standards of MAC and PHY parts except for security were published. In order to control traffic flow and ensure driver's safety using V2V communication, various projects are conducting. In particular, safety application has been researched. Therefore, in this paper, we designed the safety application algorithm, which informs a driver of the dangerous status when driver tries to turn left in an intersection and we also implemented the algorithm. Proposed algorithm configures a model for a host vehicle and a vehicle coming in opposite lane and in case that there is collision hazard it provides warning message to driver by using HMI. In order to evaluate the proposed algorithm's performance, we configured the test bed using test vehicles and we tested the algorithm on proving ground with the composed test scenarios. As test results, our system showed excellent performance. If the infrastructures for V2I communications are constructed, we will optimize our system more precisely and stably.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.44 no.3
• /
• pp.64-72
• /
• 2021

Manned-unmanned teaming can be a very promising air-to-air combat tactic since it can maximize the advantage of combining human insight with the robustness of the machine. The rapid advances in artificial intelligence and autonomous control technology will speed up the development of manned-unmanned teaming air-to-air combat system. In this paper, we introduce a manned-unmanned teaming air-to-air combat tactic which is composed of a manned aircraft and an UAV. In this tactic, a manned aircraft equipped with radar is functioning both as a sensor to detect the hostile aircraft and as a controller to direct the UAV to engage the hostile aircraft. The UAV equipped with missiles is functioning as an actor to engage the hostile aircraft. We also developed a combat scenario of executing this tactic where the manned-unmanned teaming is engaging a hostile aircraft. The hostile aircraft is equipped with both missiles and radar. To demonstrate the efficiency of the tactic, we run the simulation of the scenario of the tactic. Using the simulation, we found the optimal formation and maneuver for the manned-unmanned teaming where the manned-unmanned teaming can survive while the hostile aircraft is shot-downed. The result of this study can provide an insight to how manned aircraft can collaborate with UAV to carry out air-to-air combat missions.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.7
• /
• pp.63-71
• /
• 2018

A flower support was developed for real flower decoration automation production system using an ultrasonic wave sealer to automatically produce a system. Because a flower support for real flower decoration that was produced manually could not meet the needs of the consumers, this study developed an automated manufacturing system to increase productivity. A flower support for real flower decoration was constructed using a cap consisting of plastic and plate made from non-woven fabric. The guide was designed to transport the cap to the ultrasonic wave sealer and optimal guide was developed from the test according to the material and shape. To produce the entire system, the guides and accessories were weighed and appropriate motors and pulleys were calculated. Control of the automation production system was based on a PCB board, which increased the reliability and security, and a remote controller with manual and automatic modes was prepared. After development, tests of the transfer precision and repetition accuracy revealed an X-axis of 2.7mm, a Y-axis of 1 mm, and a repetition of 0 mm. The productivity was also checked. The automated machine worked 8 hours/day to make 35 supports and 70 Therefore, the automatic system produces 200% more output than manual work

• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.45-55
• /
• 2020

Due to the development of information and communication technology, the number of new / variant malicious codes is increasing rapidly every year, and various types of malicious codes are spreading due to the development of Internet of things and cloud computing technology. In this paper, we propose a malware analysis method based on string information that can be used regardless of operating system environment and represents library call information related to malicious behavior. Attackers can easily create malware using existing code or by using automated authoring tools, and the generated malware operates in a similar way to existing malware. Since most of the strings that can be extracted from malicious code are composed of information closely related to malicious behavior, it is processed by weighting data features using text mining based method to extract them as effective features for malware analysis. Based on the processed data, a model is constructed using various machine learning algorithms to perform experiments on detection of malicious status and classification of malicious groups. Data has been compared and verified against all files used on Windows and Linux operating systems. The accuracy of malicious detection is about 93.5%, the accuracy of group classification is about 90%. The proposed technique has a wide range of applications because it is relatively simple, fast, and operating system independent as a single model because it is not necessary to build a model for each group when classifying malicious groups. In addition, since the string information is extracted through static analysis, it can be processed faster than the analysis method that directly executes the code.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2023.05a
• /
• pp.30-30
• /
• 2023

This study aims to establish the multi-reservoir operation system model in the Upper Mun River Basin which includes 5 main dams namely, Mun Bon (MB), Lamchae (LC), Lam Takhong (LTK), Lam Phraphoeng (LPP), and Lower Lam Chiengkrai (LLCK) Dams. The knowledge and AI technology were applied aiming to develop innovative prototype for SMART dam-reservoir operation in future. Two different sorts of reservoir operation system model namely, Fuzzy Logic (FL) and Constraint Programming (CP) as well as the development of rainfall and reservoir inflow prediction models using Machine Learning (ML) technique were made to help specify the right amount of daily reservoir releases for the Royal Irrigation Department (RID). The model could also provide the essential information particularly for the Office of National Water Resource of Thailand (ONWR) to determine the short-term and long-term water resource management plan and strengthen water security against flood and drought in this region. The simulated results of base case scenario for reservoir operation in the Upper Mun from 2008 to 2021 indicated that in the same circumstances, FL and CP models could specify the new release schemes to increase the reservoir water storages at the beginning of dry season of approximately 125.25 and 142.20 MCM per year. This means that supplying the agricultural water to farmers in dry season could be well managed. In other words, water scarcity problem could substantially be moderated at some extent in case of incapability to control the expansion of cultivated area size properly. Moreover, using AI technology to determine the new reservoir release schemes plays important role in reducing the actual volume of water shortfall in the basin although the drought situation at LTK and LLCK Dams were still existed in some periods of time. Meanwhile, considering the predicted inflow and hydrologic factors downstream of 5 main dams by FL model and minimizing the flood volume by CP model could ensure that flood risk was considerably minimized as a result of new release schemes.