• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.69-78
• /
• 2023

With the global rise of digital data, the uncontrolled quantity of data is susceptible to cyber warfare or cyber attacks. Therefore, it is necessary to improve cyber security systems. This research studies the behavior of malicious acts and uses Higuchi Fractal Dimension (HFD), which is a non-linear mathematical method to examine the intricacy of the behavior of these malicious acts and anomalies within the cyber physical system. The HFD algorithm was tested successfully using synthetic time series network data and validated on real-time network data, producing accurate results. It was found that the highest fractal dimension value was computed from the DoS attack time series data. Furthermore, the difference in the HFD values between the DoS attack data and the normal traffic data was the highest. The malicious network data and the non-malicious network data were successfully classified using the Receiver Operating Characteristics (ROC) method in conjunction with a scaling stationary index that helps to boost the ROC technique in classifying normal and malicious traffic. Hence, the suggested methodology may be utilized to rapidly detect the existence of abnormalities in traffic with the aim of further using other methods of cyber-attack detection.

• Structural Engineering and Mechanics
• /
• v.92 no.2
• /
• pp.121-131
• /
• 2024

This paper proposes a fault detection method for blade pitch systems of floating wind turbines using transformer-based deep-learning models. Transformers leverage self-attention mechanisms, efficiently process time-series data, and capture long-term dependencies more effectively than traditional recurrent neural networks (RNNs). The model was trained using normal operational data to detect anomalies through high reconstruction losses when encountering abnormal data. In this study, various fault conditions in a blade pitch system, including environmental load cases, were simulated using a detailed model of a spar-type floating wind turbine, the data collected from these simulations were used to train and test the transformer models. The model demonstrated superior fault-detection capabilities with high accuracy, precision, recall, and F1 scores. The results show that the proposed method successfully identifies faults and achieves high-performance metrics, outperforming existing traditional multi-layer perceptron (MLP) models and long short-term memory-autoencoder (LSTM-AE) models. This study highlights the potential of transformer models for real-time fault detection in wind turbines, contributing to more advanced condition-monitoring systems with minimal human intervention.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.38 no.1
• /
• pp.58-63
• /
• 2010

In this paper, we propose a simple technique for the detection of a frequency jump in the GPS clock behavior. GPS satellite atomic clocks have characteristics of a second order polynomial in the long term and a non-periodic frequency drift in the short term, showing a sudden frequency jump occasionally. As satellite clock anomalies influence on GPS measurements, it requires to develop a real time technique for the detection of the clock anomaly on the real-time GPS precise point positioning. The proposed technique is based on Teager energy which is mainly used in the field of various signal processing for the detection of a specific signal or symptom. Therefore, we employed the Teager energy for the detection of the jump phenomenon of GPS satellite atomic clocks, and it showed that the proposed clock anomaly detection strategy outperforms a conventional detection methodology.

• Database Research
• /
• v.34 no.3
• /
• pp.58-68
• /
• 2018

Distributed computing helps to efficiently store and process large data on a cluster of multiple machines. The performance of distributed computing is greatly influenced depending on the state of the servers constituting the distributed system. In this paper, we propose a self-diagnosis system that collects log data in a distributed system, detects anomalies and visualizes the results in real time. First, we divide the self-diagnosis process into five stages: collecting, delivering, analyzing, storing, and visualizing stages. Next, we design a real-time self-diagnosis system that meets the goals of real-time, scalability, and high availability. The proposed system is based on Apache Flume, Apache Kafka, and Apache Storm, which are representative real-time distributed techniques. In addition, we use simple but effective moving average and 3-sigma based anomaly detection technique to minimize the delay of log data processing during the self-diagnosis process. Through the results of this paper, we can construct a distributed real-time self-diagnosis solution that can diagnose server status in real time in a complicated distributed system.

• Annual Conference of KIPS
• /
• 2018.10a
• /
• pp.1001-1004
• /
• 2018

As the industry generates a lot of data, it is increasingly dependent on the IoT platform. For this reason, the performance and anomaly detection of IoT platform is becoming an important factor. In this paper, we propose a system model of IoT platform that detects device anomaly without performance issue. The proposed system uses Micro Batch which calculates the data transmission cycle to provide Soft Real-time service. In the industry, it was difficult to collect abnormal data, so the Hotelling's $T^2$ model was applied to the data analysis experiment. And the Hotelling's $T^2$ model successfully detected anomalies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.1-12
• /
• 2023

It is very time-intensive to obtain data with labels on anomaly detection tasks for multivariate time series. Therefore, several studies have been conducted on unsupervised learning that does not require any labels. However, a well-done integrative survey has not been conducted on in-depth discussion of learning architecture and property for multivariate time series anomaly detection. This study aims to explore the characteristic of well-known architectures in anomaly detection of multivariate time series. Additionally, architecture was categorized by using top-down and bottom-up approaches. In order toconsider real-world anomaly detection situation, we trained models with dataset such as power grids or Cyber Physical Systems that contains realistic anomalies. From experimental results, we compared and analyzed the comprehensive performance of each architecture. Quantitative performance were measured using precision, recall, and F1 scores.

• ETRI Journal
• /
• v.38 no.6
• /
• pp.1145-1152
• /
• 2016

Because the nodes in a wireless sensor network (WSN) are mobile and the network is highly dynamic, monitoring every node at all times is impractical. As a result, an intruder can attack the network easily, thus impairing the system. Hence, detecting anomalies in the network is very essential for handling efficient and safe communication. To overcome these issues, in this paper, we propose a rule-based anomaly detection technique using roaming honeypots. Initially, the honeypots are deployed in such a way that all nodes in the network are covered by at least one honeypot. Honeypots check every new connection by letting the centralized administrator collect the information regarding the new connection by slowing down the communication with the new node. Certain predefined rules are applied on the new node to make a decision regarding the anomality of the node. When the timer value of each honeypot expires, other sensor nodes are appointed as honeypots. Owing to this honeypot rotation, the intruder will not be able to track a honeypot to impair the network. Simulation results show that this technique can efficiently handle the anomaly detection in a WSN.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.1
• /
• pp.169-189
• /
• 2015

Detection of anomalous events from video streams is a challenging problem in many video surveillance applications. One such application that has received significant attention from the computer vision community is traffic video surveillance. In this paper, a Lossy Count based Sequential Temporal Pattern mining approach (LC-STP) is proposed for detecting spatio-temporal abnormal events (such as a traffic violation at junction) from sequences of video streams. The proposed approach relies mainly on spatial abstractions of each object, mining frequent temporal patterns in a sequence of video frames to form a regular temporal pattern. In order to detect each object in every frame, the input video is first pre-processed by applying Gaussian Mixture Models. After the detection of foreground objects, the tracking is carried out using block motion estimation by the three-step search method. The primitive events of the object are represented by assigning spatial and temporal symbols corresponding to their location and time information. These primitive events are analyzed to form a temporal pattern in a sequence of video frames, representing temporal relation between various object's primitive events. This is repeated for each window of sequences, and the support for temporal sequence is obtained based on LC-STP to discover regular patterns of normal events. Events deviating from these patterns are identified as anomalies. Unlike the traditional frequent item set mining methods, the proposed method generates maximal frequent patterns without candidate generation. Furthermore, experimental results show that the proposed method performs well and can detect video anomalies in real traffic video data.

• Design & Manufacturing
• /
• v.16 no.4
• /
• pp.52-59
• /
• 2022

Currently, Korea is an aging society and is expected to become a super-aged society in about four years. X-ray devices are widely used for early diagnosis in hospitals, and many X-ray technologies are being developed. The development of X-ray device technology is important, but it is also important to increase the reliability of the device through accurate data management. Sensor nodes such as temperature, voltage, and current of the diagnosis device may malfunction or transmit inaccurate data due to various causes such as failure or power outage. Therefore, in this study, the temperature, tube voltage, and tube current data related to each sensor and detection circuit of the diagnostic X-ray imaging device were measured and analyzed. Based on QC data, device failure prediction and diagnosis algorithms were designed and performed. The fault diagnosis algorithm can configure a simulator capable of setting user parameter values, displaying sensor output graphs, and displaying signs of sensor abnormalities, and can check the detection results when each sensor is operating normally and when the sensor is abnormal. It is judged that efficient device management and diagnosis is possible because it monitors abnormal data values (temperature, voltage, current) in real time and automatically diagnoses failures by feeding back the abnormal values detected at each stage. Although this algorithm cannot predict all failures related to temperature, voltage, and current of diagnostic X-ray imaging devices, it can detect temperature rise, bouncing values, device physical limits, input/output values, and radiation-related anomalies. exposure. If a value exceeding the maximum variation value of each data occurs, it is judged that it will be possible to check and respond in preparation for device failure. If a device's sensor fails, unexpected accidents may occur, increasing costs and risks, and regular maintenance cannot cope with all errors or failures. Therefore, since real-time maintenance through continuous data monitoring is possible, reliability improvement, maintenance cost reduction, and efficient management of equipment are expected to be possible.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.553-558
• /
• 2003

The boundary estimation problem is used to estimate the shape of organic depend on the phase of the cardiac cycle or interested in the detection of the location and size of anomalies with resistivity values different from the background tissues such as nuclear reactor. And we can use the method to solve the optimal solution such as modified Newton raphson, kalman filter, extended kalman filter, etc. But, this method consumes much time and is sensitive to the initial value and noise in the estimation of the unknown shape. In the paper, we propose that multi-layer neural networks estimate the boundary of the unknown object using Fourier coefficient. This method can be used at the real time estimation and have strong characteristics at the noise and initial value. It uses voltage change; difference the homogeneous voltage to the non-homogeneous voltage, and change of Fourier coefficient change to train multi-layer neural network. After train, we can have real time estimation using this method.