• The Bulletin of The Korean Astronomical Society
• /
• v.44 no.1
• /
• pp.33.3-33.3
• /
• 2019

Automatic, yet reliable methods to find and classify barred galaxies are going to be more important in the era of large galaxy surveys. Here, we introduce a new approach to classify barred galaxies by analyzing the butterfly pattern that Buta & Block (2001) reported as a bar signature on the potential map. We make it easy to find the pattern by moving the ratio map from a Cartesian coordinate to a polar coordinate. Our volume-limited sample consists of 1698 spiral galaxies brighter than Mr = -15.2 with z < 0.01 from the Sloan Digital Sky Survey/DR7 visually classified by Ann et al. (2015). We compared the results of the classification obtained by four different methods: visual inspection, ellipse fitting, Fourier analysis, and our new method. We obtain, for the same sample, different bar fractions of 63%, 48%, 36%, and 56% by visual inspection, ellipse fitting, Fourier analysis, and our new approach, respectively. Although automatic classifications detect visually determined, strongly barred galaxies with the concordance of 74% to 86%, automatically selected barred galaxies contain different amount of weak bars. We find a different dependence of bar fraction on the Hubble type for strong and weak bars: SBs are preponderant in early-type spirals, whereas SABs are in late-type spirals. Moreover, the ellipse fitting method often misses strongly barred galaxies in the bulge-dominated galaxies. These explain why previous works showed the contradictory dependence of the bar fraction on the host galaxy properties. Our new method has the highest agreement with visual inspection in terms of the individual classification and the overall bar fraction. In addition, we find another signature on the ratio map to classify barred galaxies into new two classes that are probably related to the age of the bar.

• Transactions of the Korean Society for Noise and Vibration Engineering
• /
• v.24 no.9
• /
• pp.675-681
• /
• 2014

This paper proposes a fault diagnosis system for an induction motor. This system uses empirical mode decomposition(EMD) to extract fault signatures and multi-layer perceptron(MLP) neural network to facilitate an accurate fault diagnosis. EMD can not only decompose a signal adaptively but also provide intrinsic mode functions(IMFs) containing natural oscillatory modes of the signal. However, every IMF does not represent fault signature, an IMF selection algorithm based on harmonics and their energy of each IMF is proposed. The selected IMFs are utilized for fault classification using MLP and this system shows approximately 98 % diagnosis accuracy for the fault vibration signal of the induction motor.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.1-13
• /
• 2022

As the information and communication environment develops, the environment of military facilities is also development remarkably. In proportion to this, cyber threats are also increasing, and in particular, APT attacks, which are difficult to prevent with existing signature-based cyber defense systems, are frequently targeting military and national infrastructure. It is important to identify attack groups for appropriate response, but it is very difficult to identify them due to the nature of cyber attacks conducted in secret using methods such as anti-forensics. In the past, after an attack was detected, a security expert had to perform high-level analysis for a long time based on the large amount of evidence collected to get a clue about the attack group. To solve this problem, in this paper, we proposed an automation technique that can classify an attack group within a short time after detection. In case of APT attacks, compared to general cyber attacks, the number of attacks is small, there is not much known data, and it is designed to bypass signature-based cyber defense techniques. As an attack model, we used MITRE ATT&CK® which modeled many parts of cyber attacks. We design an impact score considering the versatility of the attack techniques and proposed a group similarity score based on this. Experimental results show that the proposed method classified the attack group with a 72.62% probability based on Top-5 accuracy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.181-192
• /
• 2022

The emergence of new malware is incapacitating existing signature-based malware detection techniques., and applying various anti-analysis techniques makes it difficult to analyze. Recent studies related to signature-based malware detection have limitations in that malware creators can easily bypass them. Therefore, in this study, we try to build a machine learning model that can detect and classify the anti-analysis techniques of packers applied to malware, not using the characteristics of the malware itself. In this study, the n-gram opcodes are extracted from the malicious binary to which various anti-analysis techniques of the commercial packers are applied, and the features are extracted by using TF-IDF, and through this, each anti-analysis technique is detected and classified. In this study, real-world malware samples packed using The mida and VMProtect with multiple anti-analysis techniques were trained and tested with 6 machine learning models, and it constructed the optimal model showing 81.25% accuracy for The mida and 95.65% accuracy for VMProtect.

• Journal of Korea Multimedia Society
• /
• v.20 no.11
• /
• pp.1759-1767
• /
• 2017

Although Open API has been invigorated by advancements in the software industry, diverse types of malicious code have also increased. Thus, many studies have been carried out to discriminate the behaviors of malicious code based on API data, and to determine whether malicious code is included in a specific executable file. Existing methods detect malicious code by analyzing signature data, which requires a long time to detect mutated malicious code and has a high false detection rate. Accordingly, in this paper, we propose a method that analyzes and detects malicious code using association rule mining and an Naive Bayes classification. The proposed method reduces the false detection rate by mining the rules of malicious and normal code APIs in the PE file and grouping patterns using the DHP(Direct Hashing and Pruning) algorithm, and classifies malicious and normal files using the Naive Bayes.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.21 no.2
• /
• pp.147-157
• /
• 2018

There are increasing demands to provide early warning against intruding drones and cope with potential threats. Commercial anti-drone systems are mostly based on simple target detection by radar reflections. In real scenario, however, it becomes essential to obtain drone radar signatures so that hostile targets are recognized in advance. We present experimental test results that micro-Doppler radar signature delivers partial information on multi-rotor platforms and exhibits limited performance in drone recognition and classification. Afterward, we attempt to generate high resolution profile of flying drone targets. To this purpose, wide bands radar signals are employed to carry out inverse synthetic aperture radar(ISAR) imaging against moving drones. Following theoretical analysis, experimental field tests are carried out to acquire real target signals. Our preliminary tests demonstrate that high resolution ISAR imaging provides effective measures to detect and classify multiple drone targets in air.

• Smart Structures and Systems
• /
• v.29 no.6
• /
• pp.785-790
• /
• 2022

Condition monitoring of permanent magnet synchronous motors (PMSMs) and detecting faults such as eccentricity and demagnetization are essential for ensuring system reliability. Motor current signal analysis is the most commonly used precursor for detecting faults in the PMSM drive system. However, the current signature responds sensitively to the load and temperature of the motor, thereby making it difficult to monitor faults in real- applications. Therefore, in this study, a condition monitoring methodology that detects motor faults, including their classification with standstill conditions, is proposed. The objective is to detect and classify faults of PMSMs by using programmable inverter without additional sensors and systems for detection. Both DC and AC were applied through the d-axis of a three-phase motor, and the change in incremental inductance was investigated to detect and classify faults. Simulation with finite element analysis and experiments were performed on PMSMs in healthy conditions as well as with eccentricity and demagnetization faults. Based on the results obtained from experiments, the proposed method was confirmed to detect and classify types of faults, including their severity.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.2B
• /
• pp.131-140
• /
• 2011

As the number of Internet users and applications is increasing, the importance of application traffic classification is growing more and more for efficient network management. While a number of methods for traffic classification have been introduced, such as signature-based and machine learning-based methods, Skype application, which uses encrypted communication on its own P2P network, is known as one of the most difficult traffic to identify. In this paper we propose a novel method to identify Skype application traffic on the fly. The main idea is to setup a list of Skype host information {IP, port} by examining the packets generated in the Skype login process and utilizes the list to identify other Skype traffic. By implementing the identification system and deploying it on our campus network, we proved the performance and feasibility of the proposed method.

• Journal of the Korea Convergence Society
• /
• v.9 no.6
• /
• pp.33-38
• /
• 2018

In this study, we try to detect new attacks for vehicle by learning only one class. We use Car-Hacking dataset, an intrusion detection dataset, which is used to evaluate classification performance. The dataset are created by logging CAN (Controller Area Network) traffic through OBD-II port from a real vehicle. The dataset have four attack types. One class classification is one of unsupervised learning methods that classifies attack class by learning only normal class. When using unsupervised learning, it difficult to achieve high efficiency because it does not use negative instances for learning. However, unsupervised learning has the advantage for classifying unlabeled data, which are new attacks. In this study, we use one class classifier to detect new attacks that are difficult to detect using signature-based rules on network intrusion detection system. The proposed method suggests a combination of parameters that detect all new attacks and show efficient classification performance for normal dataset.

• Journal of the Korean Society of Surveying, Geodesy, Photogrammetry and Cartography
• /
• v.32 no.6
• /
• pp.581-590
• /
• 2014

With rapid land development, land category should be updated on a regular basis. However, manual field surveys have certain limitations. In this study, attempts were made to extract a feature vector considering spectral signature by parcel, PIMP (Percent Imperviousness), texture, and VIs (Vegetation Indices) based on RapidEye satellite image and cadastral map. A total of nine land categories in which feature vectors were significantly extracted from the images were selected and classified using SVM (Support Vector Machine). According to accuracy assessment, by comparing the cadastral map and classification result, the overall accuracy was 0.74. In the paddy-field category, in particular, PO acc. (producer's accuracy) and US acc. (user's accuracy) were highest at 0.85 and 0.86, respectively.