• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.11
• /
• pp.4553-4562
• /
• 2010

With developing networks, information security is going to be important and therefore lots of intrusion detection system has been developed. Intrusion detection system has abilities to detect abnormal behavior and unknown intrusions also it can detect intrusions by using patterns studied from various penetration methods. Various algorithms are studying now such as the statistical method for detecting abnormal behavior, extracting abnormal behavior, and developing patterns that can be expected. Etc. This study using clustering of data mining and association rule analyzes detecting areas based on two models and helps design detection system which detecting abnormal behavior, unknown attack, misuse attack in a large network.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.1
• /
• pp.125-137
• /
• 2012

As the Internet use explodes recently, the malicious attacks and hacking for a system connected to network occur frequently. For such reason, lots of intrusion detection system has been developed. Intrusion detection system has abilities to detect abnormal behavior and unknown intrusions also it can detect intrusions by using patterns studied from various penetration methods. Various algorithms are studying now such as the statistical method for detecting abnormal behavior, extracting abnormal behavior, and developing patterns that can be expected. Etc. This study using clustering of data mining and association rule analyzes detecting areas based on two models and helps design detection system which detecting abnormal behavior, unknown attack, misuse attack in a large network.

• International journal of advanced smart convergence
• /
• v.9 no.4
• /
• pp.115-119
• /
• 2020

Recently, CCTV installations are rapidly increasing in the public and private sectors to prevent various crimes. In accordance with the increasing number of CCTVs, video-based abnormal behavior detection in control systems is one of the key technologies for safety. This is because it is difficult for the surveillance personnel who control multiple CCTVs to manually monitor all abnormal behaviors in the video. In order to solve this problem, research to recognize abnormal behavior using deep learning is being actively conducted. In this paper, we propose a model for detecting abnormal behavior based on the deep learning model that is currently widely used. Based on the abnormal behavior video data provided by AI Hub, we performed a comparative experiment to detect anomalous behavior through violence learning and fainting in videos using 2D CNN-LSTM, 3D CNN, and I3D models. We hope that the experimental results of this abnormal behavior learning model will be helpful in developing intelligent CCTV.

• International Commerce and Information Review
• /
• v.9 no.3
• /
• pp.305-320
• /
• 2007

With expanded use of B2B(between enterprises), B2G(between enterprises and government) and EDI(Electronic Data Interchange), and increased amount of available network information and information protection threat, as it was judged that security can not be perfectly assured only with security technology such as electronic signature/authorization and access control, Bayesian networks have been developed for protection of information. Therefore, this study speculates Bayesian networks system, centering on ERP(Enterprise Resource Planning). The Bayesian networks system is one of the methods to resolve uncertainty in electronic data interchange and is applied to overcome uncertainty of abnormal invasion detection in ERP. Bayesian networks are applied to construct profiling for system call and network data, and simulate against abnormal invasion detection. The host-based abnormal invasion detection system in electronic trade analyses system call, applies Bayesian probability values, and constructs normal behavior profile to detect abnormal behaviors. This study assumes before and after of delivery behavior of the electronic document through Bayesian probability value and expresses before and after of the delivery behavior or events based on Bayesian networks. Therefore, profiling process using Bayesian networks can be applied for abnormal invasion detection based on host and network. In respect to transmission and reception of electronic documents, we need further studies on standards that classify abnormal invasion of various patterns in ERP and evaluate them by Bayesian probability values, and on classification of B2B invasion pattern genealogy to effectively detect deformed abnormal invasion patterns.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.131-139
• /
• 2021

In current time, anomaly detection is the primary concern of the administrative authorities. Suspicious activity identification is shifting from a human operator to a machine-assisted monitoring in order to assist the human operator and react to an unexpected incident quickly. These automatic surveillance systems face many challenges due to the intrinsic complex characteristics of video sequences and foreground human motion patterns. In this paper, we propose a novel approach to detect anomalous human activity using a hybrid approach of statistical model and Genetic Programming. The feature-set of local motion patterns is generated by a statistical model from the video data in an unsupervised way. This features set is inserted to an enhanced Genetic Programming based classifier to classify normal and abnormal patterns. The experiments are performed using publicly available benchmark datasets under different real-life scenarios. Results show that the proposed methodology is capable to detect and locate the anomalous activity in the real time. The accuracy of the proposed scheme exceeds those of the existing state of the art in term of anomalous activity detection.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.12C
• /
• pp.744-752
• /
• 2011

In intelligent surveillance system, various methods for detecting abnormal behavior were proposed recently. However, most researches are not robust enough to be utilized for actual reality which often has occlusions because of assumption the researches have that individual objects can be tracked. This paper presents a novel method to detect abnormal behavior by analysing major motion of the scene for complex environment in which object tracking cannot work. First, we generate Visual Word and Visual Document from motion information extracted from input video and process them through LDA(Latent Dirichlet Allocation) algorithm which is one of document analysis technique to obtain major motion information(location, magnitude, direction, distribution) of the scene. Using acquired information, we compare similarity between motion appeared in input video and analysed major motion in order to detect motions which does not match to major motions as abnormal behavior.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.8
• /
• pp.731-737
• /
• 2014

This paper presents abnormal behavior detection in crowd within surveillance video. We have defined below two cases as a abnormal behavior; first as a sporadically spread phenomenon and second as a sudden running in same direction. In order to detect these two abnormal behaviors, we first extract the motion vector and propose a new descriptor which is combined MHOF(Multi-scale Histogram of Optical Flow) and DCHOF(Directional Change Histogram of Optical Flow). Also, binary classifier SVM(Support Vector Machine) is used for detection. The accuracy of the proposed algorithm is evaluated by both UMN and PETS 2009 dataset and comparisons with the state-of-the-art method validate the advantages of our algorithm.

• Journal of Software Assessment and Valuation
• /
• v.15 no.2
• /
• pp.43-50
• /
• 2019

With the development of IT technology, computer-related crimes are rapidly increasing, and in recent years, the damage to ransomware infections is increasing rapidly at home and abroad. Conventional security solutions are not sufficient to prevent ransomware infections, and to prevent threats such as malware and ransomware that are evolving, a combination of deep learning technologies is needed to detect abnormal behavior and abnormal symptoms. In this paper, a method is proposed to detect user abnormal behavior using CNN-LSTM model and various deep learning models. Among the proposed models, CNN-LSTM model detects user abnormal behavior with 99% accuracy.

• Journal of the Institute of Electronics Engineers of Korea SC
• /
• v.48 no.5
• /
• pp.25-30
• /
• 2011

This paper present a method for abnormal traffic behavior, or trajectory, detection in static traffic surveillance camera with user-defined trajectories. The method computes the abnormality of moving object with a trajectory of the object and user-defined trajectories. Because of using user-define based information, the presented method have more accurate and faster performance than models need a learning about normal behaviors. The method also have adaptation process of assigned rule, so it can handle scene variation for more robust performance. The experimental results show that our method can detect abnormal traffic behaviors in various situation.

• Journal of the Korean Geotechnical Society
• /
• v.26 no.10
• /
• pp.69-79
• /
• 2010

To detect abnormal events in slopes, Principal Component Analysis (PCA) is applied to the slope that was collapsed during monitoring. Principal component analysis is a kind of statical methods and is called non-parametric modeling. In this analysis, principal component score indicates an abnormal behavior of slope. In an abnormal event, principal component score is relatively higher or lower compared to a normal situation so that there is a big score change in the case of abnormal. The results confirm that the abnormal events and collapses of slope were detected by using principal component analysis. It could be possible to predict quantitatively the slope behavior and abnormal events using principal component analysis.