• International Journal of Computer Science & Network Security
• /
• v.24 no.1
• /
• pp.52-60
• /
• 2024

APT (Advanced Persistent Threat) attack is a dangerous, targeted attack form with clear targets. APT attack campaigns have huge consequences. Therefore, the problem of researching and developing the APT attack detection solution is very urgent and necessary nowadays. On the other hand, no matter how advanced the APT attack, it has clear processes and lifecycles. Taking advantage of this point, security experts recommend that could develop APT attack detection solutions for each of their life cycles and processes. In APT attacks, hackers often use phishing techniques to perform attacks and steal data. If this attack and phishing phase is detected, the entire APT attack campaign will be crash. Therefore, it is necessary to research and deploy technology and solutions that could detect early the APT attack when it is in the stages of attacking and stealing data. This paper proposes an APT attack detection framework based on the Network traffic analysis technique using open-source tools and deep learning models. This research focuses on analyzing Network traffic into different components, then finds ways to extract abnormal behaviors on those components, and finally uses deep learning algorithms to classify Network traffic based on the extracted abnormal behaviors. The abnormal behavior analysis process is presented in detail in section III.A of the paper. The APT attack detection method based on Network traffic is presented in section III.B of this paper. Finally, the experimental process of the proposal is performed in section IV of the paper.

• Journal of Korean Society of Steel Construction
• /
• v.10 no.3 s.36
• /
• pp.383-391
• /
• 1998

Launching truss used for constructing the precast segmental concrete bridge has upper chord, lower chord and diagonal members. And the pin is used for connecting these members. From the field loading test carried out for investigating the actual behavior of launching truss, the great difference is analyzed between measured stress and calculated stress. Based on measured value, the structural analysis are carried out about assumed abnormal behavior of connection part. From the results of analysis, it is analyzed that the abnormal behavior of connection part greatly affect the structural behavior of launching truss. In addition, from the investigation of safety of launching truss, it is evaluated that the launching truss has enough safety with normal behavior of connection part.

• Journal of the Korean Data and Information Science Society
• /
• v.27 no.1
• /
• pp.1-8
• /
• 2016

In the recently, violent crime and accidental crime has been generated continuously. Consequently, people anxiety has been heightened. The Closed Circuit Television (CCTV) has been used to ensure the security and evidence for the crimes. However, the video captured from CCTV has being used in the post-processing to apply to the evidence. In this paper, we propose a flexible multi-level models for estimating whether dangerous behavior and the environment and context for pedestrians. The situation analysis builds the knowledge for the pedestrians tracking. Finally, the decision step decides and notifies the threat situation when the behavior observed object is determined to abnormal behavior. Thereby, tracking the behavior of objects in a multi-region, it can be seen that the risk of the object behavior. It can be predicted by the behavior prediction of crime.

• Annual Conference of KIPS
• /
• 2019.05a
• /
• pp.542-544
• /
• 2019

Changes in a person's health affect one's lifestyle and work activities. According to the World Health Organization (WHO), abnormal activity is growing faster in people aged 60 or more than any other age group in almost every country. This trend steadily continues and expected to increase further in the near future. Abnormal activity put these people at high risk of expected incidents since most of these people live alone. Human abnormal activity analysis is a challenging, useful and interesting problem among the researchers and its particularly crucial task in life and health care areas. In this paper, we discuss the problem of abnormal activities of old people lives alone at home. We propose Convolutional Neural Network (CNN) based model to detect the abnormal behaviors of elderlies by utilizing six simulated action data from daily life actions.

• Proceedings of the Korean Information Science Society Conference
• /
• 2010.06c
• /
• pp.463-468
• /
• 2010

본 논문은 본 연구팀이 행동패턴 분석을 위하여 개발한 BPP(Behavior Pattern Prediction)알고리즘의 가중치(weight) 속성을 객관적으로 수식화 하는 방법과 가중치와 행동 프로파일을 이용하여 정상/비정상 행동여부를 판단하는 ABA(Abnormal Behavior Analysis) 알고리즘을 제안한다. 가중치는 거주자의 방과 행동 사이의 연관성을 나타내며 가중치가 제한된 범위 내에서 증가 할수록 행동에 대한 관심이 크다. 구축한 사용자 프로파일의 주요 구성 요소로는 행동이 지속된 시간 과 행동 발생 횟수이다. ABA 알고리즘은 가중치와 행동 발생 횟수, 행동 지속시간과의 상관분석 결과를 참조 하였으며, 이산 가중치 데이터를 분석하여 비정상적인 행동을 탐지한다.

• Journal of KIISE
• /
• v.41 no.12
• /
• pp.1152-1159
• /
• 2014

In this paper, we presents a system to ensure the safety of residents through appropriate action or alarm in case the residents occurs an emergency situation and abnormal activity. We collect and analysis real-time data of living environment of the residents using video and sensor. The existing system have been determined by using only the sensor data it have several problems. Our system attach camera to solve the existing system problem. We use weighted difference image and motion vector. The existing system, it takes about 48 hours to determine that an abnormal activity occurs. However, our system takes less than 1 hour.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1027-1041
• /
• 2015

Recently, there are rapidly increasing cases of APT (Advanced Persistent Threat) attacks such as Verizon(2010), Nonghyup(2011), SK Communications(2011), and 3.20 Cyber Terror(2013), which cause leak of confidential information and tremendous damage to valuable assets without being noticed. Several anomaly detection technologies were studied to defend the APT attacks, mostly focusing on detection of obvious anomalies based on known malicious codes' signature. However, they are limited in detecting APT attacks and suffering from high false-negative detection accuracy because APT attacks consistently use zero-day vulnerabilities and have long latent period. Detecting APT attacks requires long-term analysis of data from a diverse set of sources collected over the long time, real-time analysis of the ingested data, and correlation analysis of individual attacks. However, traditional security systems lack sophisticated analytic capabilities, compute power, and agility. In this paper, we propose a Fast Data based real-time abnormal behavior detection system to overcome the traditional systems' real-time processing and analysis limitation.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.131-139
• /
• 2021

In current time, anomaly detection is the primary concern of the administrative authorities. Suspicious activity identification is shifting from a human operator to a machine-assisted monitoring in order to assist the human operator and react to an unexpected incident quickly. These automatic surveillance systems face many challenges due to the intrinsic complex characteristics of video sequences and foreground human motion patterns. In this paper, we propose a novel approach to detect anomalous human activity using a hybrid approach of statistical model and Genetic Programming. The feature-set of local motion patterns is generated by a statistical model from the video data in an unsupervised way. This features set is inserted to an enhanced Genetic Programming based classifier to classify normal and abnormal patterns. The experiments are performed using publicly available benchmark datasets under different real-life scenarios. Results show that the proposed methodology is capable to detect and locate the anomalous activity in the real time. The accuracy of the proposed scheme exceeds those of the existing state of the art in term of anomalous activity detection.

• Tribology and Lubricants
• /
• v.33 no.2
• /
• pp.37-44
• /
• 2017

A DE-side LBP tilting pad journal bearing of a 1-stage overhung heat-pump compressor in a propylene process exhibited abnormal high-temperature behavior. Its temperature had been relatively high at $78^{\circ}C$ from the beginning of operation. In 2014, after three years of operation, it increased suddenly and reached $103^{\circ}C$. Installing a varnish removal equipment and others managed to stabilize the temperature at $95^{\circ}C$. We undertook a troubleshooting approach for reviewing the comprehensive status and integrity of the temperature design of the bearing. We performed lubrication and heat-balance analysis, based on the design engineering data and documents supplied by the OEM. For the base design data of DE-side TPJB, evaluating the effects of key design variables on bearing metal temperature showed that firstly, increasing the bearing clearance and supply oil flow-rate, and next, changing the oil type, and finally, increasing the machined pad clearance and offset, are more effective in reducing the bearing metal temperature. Furthermore, a clarification meeting with the OEM revealed that an incorrect decision had been made to decrease the bearing clearance to eliminate the SSV harshness issue, while not maintaining a sufficient oil flow-rate. We conducted a detailed retrofit design analysis, wherein we increased the oil flow-rate and bearing clearance by decreasing the preload. We predicted that the bearing temperature would decrease to $63^{\circ}C$ from $75.7^{\circ}C$ even at the rerate condition. Finally, after installing and operating a retrofit replacement bearing in 2015, the bearing temperature stabilized at a low temperature of $65^{\circ}C$. Currently (January. 2017), two year later, the bearing metal temperature remains at $65^{\circ}C$. Therefore, we can conclude that the abnormal high-temperature behavior of the bearing has been resolved completely.

• KSCE Journal of Civil and Environmental Engineering Research
• /
• v.39 no.1
• /
• pp.1-12
• /
• 2019

This study defined abnormal behaviors such as bending deformations or buckling behaviors occurred in high strength steel pipe strut system, and carried out a full-scale bending test for different connection types. A parametric study was carried out to gain an insight about structural performances considering abnormal behavior effects in high strength steel pipe strut system. Five abnormal behaviors were considered as undesirable deflections of strut structures, which are basic load combination, excessive excavation situations, impact loading effects, additional overburden loads, load combinations, and strut lengths. Subsequent simulation results present various influences of parameters on structural performances of the strut system. Based on the results, we propose methods to prevent unusual behaviors of pipe-type strut structures made of high strength steels.