• Convergence Security Journal
• /
• v.11 no.6
• /
• pp.25-30
• /
• 2011

MANET has a weak construction in security more because it is consisted of only moving nodes and doesn't have central management system. The DDoS attack is a serious attack among these attacks which threaten wireless network. The DDoS attack has various object and trick and become intelligent. In this paper, we propose the technique to raise DDoS detection rate by classifying abnormal traffic pattern. Cluster head performs sentinel agent after nodes which compose MANET are made into cluster. The decision tree is applied to detect abnormal traffic pattern after the sentinel agent collects all traffics and it judges traffic pattern and detects attack also. We confirm high attack detection rate of proposed detection technique in this study through experimentation.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.104-107
• /
• 2022

autoencoder deep learning model has excellent ability to restore abnormal data to normal data, so it is not appropriate for anomaly detection. In addition, the Inpainting method, which is a method of restoring hidden data after masking (masking) a part of the data, has a problem in that the restoring ability is poor for noisy images. In this paper, we use a method of modifying and improving the MLP-Mixer model to mask the image at a certain ratio and to reconstruct the image by delivering compressed information of the masked image to the model. After constructing a model learned with normal data from the MVTec AD dataset, a reconstruction error was obtained by inputting normal and abnormal images, respectively, and anomaly detection was performed through this. As a result of the performance evaluation, it was found that the proposed method has superior anomaly detection performance compared to the existing method.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.47 no.1
• /
• pp.9-19
• /
• 2024

Deep learning-based computer vision anomaly detection algorithms are widely utilized in various fields. Especially in the manufacturing industry, the difficulty in collecting abnormal data compared to normal data, and the challenge of defining all potential abnormalities in advance, have led to an increasing demand for unsupervised learning methods that rely on normal data. In this study, we conducted a comparative analysis of deep learning-based unsupervised learning algorithms that define and detect abnormalities that can occur when transparent contact lenses are immersed in liquid solution. We validated and applied the unsupervised learning algorithms used in this study to the existing anomaly detection benchmark dataset, MvTecAD. The existing anomaly detection benchmark dataset primarily consists of solid objects, whereas in our study, we compared unsupervised learning-based algorithms in experiments judging the shape and presence of lenses submerged in liquid. Among the algorithms analyzed, EfficientAD showed an AUROC and F1-score of 0.97 in image-level tests. However, the F1-score decreased to 0.18 in pixel-level tests, making it challenging to determine the locations where abnormalities occurred. Despite this, EfficientAD demonstrated excellent performance in image-level tests classifying normal and abnormal instances, suggesting that with the collection and training of large-scale data in real industrial settings, it is expected to exhibit even better performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.693-704
• /
• 2020

As a company's network structure is getting bigger and the number of security system is increasing, it is not easy to quickly detect abnormal traffic from huge amounts of security system events. In this paper, We propose traffic visualization analysis system(FDANT-PCSV) that can detect and analyze security events of information security systems such as firewalls in real time. FDANT-PCSV consists of Parallel Coordinates visualization using five factors(source IP, destination IP, destination port, packet length, processing status) and Sankey visualization using four factors(source IP, destination IP, number of events, data size) among security events. In addition, the use of big data-based SIEM enables real-time detection of network attacks and network failure traffic from the internet and intranet. FDANT-PCSV enables cyber security officers and network administrators to quickly and easily detect network abnormal traffic and respond quickly to network threats.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.10
• /
• pp.1-9
• /
• 2022

In this paper, we propose the Deep Learning-Based Companion Animal Abnormal Behavior Detection Service, which using video and sensor data. Due to the recent increase in households with companion animals, the pet tech industry with artificial intelligence is growing in the existing food and medical-oriented companion animal market. In this study, companion animal behavior was classified and abnormal behavior was detected based on a deep learning model using various data for health management of companion animals through artificial intelligence. Video data and sensor data of companion animals are collected using CCTV and the manufactured pet wearable device, and used as input data for the model. Image data was processed by combining the YOLO(You Only Look Once) model and DeepLabCut for extracting joint coordinates to detect companion animal objects for behavior classification. Also, in order to process sensor data, GAT(Graph Attention Network), which can identify the correlation and characteristics of each sensor, was used.

• Journal of Software Assessment and Valuation
• /
• v.15 no.2
• /
• pp.43-50
• /
• 2019

With the development of IT technology, computer-related crimes are rapidly increasing, and in recent years, the damage to ransomware infections is increasing rapidly at home and abroad. Conventional security solutions are not sufficient to prevent ransomware infections, and to prevent threats such as malware and ransomware that are evolving, a combination of deep learning technologies is needed to detect abnormal behavior and abnormal symptoms. In this paper, a method is proposed to detect user abnormal behavior using CNN-LSTM model and various deep learning models. Among the proposed models, CNN-LSTM model detects user abnormal behavior with 99% accuracy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.2
• /
• pp.348-369
• /
• 2024

With the advancement of Industry 4.0 and Industrial Internet of Things (IIoT), manufacturing increasingly seeks automation and intelligence. Temperature and vibration monitoring are essential for machinery health. Traditional abnormal state detection methodologies often overlook the intricate frequency characteristics inherent in vibration time series and are susceptible to erroneously reconstructing temperature abnormalities due to the highly similar waveforms. To address these limitations, we introduce synergistic, end-to-end, unsupervised Frequency-Time Domain Memory-Enhanced Autoencoders (FTD-MAE) capable of identifying abnormalities in both temperature and vibration datasets. This model is adept at accommodating time series with variable frequency complexities and mitigates the risk of overgeneralization. Initially, the frequency domain encoder processes the spectrogram generated through Short-Time Fourier Transform (STFT), while the time domain encoder interprets the raw time series. This results in two disparate sets of latent representations. Subsequently, these are subjected to a memory mechanism and a limiting function, which numerically constrain each memory term. These processed terms are then amalgamated to create two unified, novel representations that the decoder leverages to produce reconstructed samples. Furthermore, the model employs Spectral Entropy to dynamically assess the frequency complexity of the time series, which, in turn, calibrates the weightage attributed to the loss functions of the individual branches, thereby generating definitive abnormal scores. Through extensive experiments, FTD-MAE achieved an average ACC and F1 of 0.9826 and 0.9808 on the CMHS and CWRU datasets, respectively. Compared to the best representative model, the ACC increased by 0.2114 and the F1 by 0.1876.

• Journal of the Institute of Convergence Signal Processing
• /
• v.12 no.2
• /
• pp.96-101
• /
• 2011

In recent days, the demand for the remote ECG monitoring system has been increasing and the automation of the monitoring system is becoming quite of a concern. Automatic detection of the abnormal ECG beats must be a necessity for the successful commercialization of these real time remote ECG monitoring system. From these viewpoints, in this paper, we proposed an automatic detection algorithm for the abnormal ECG beats using QRS width and RR interval patterns. In the previous research, many efforts have been done to classify the ECG beats into detailed categories. But, these approaches have disadvantages such that they produce lots of misclassification errors and variabilities in the classification performance. Also, they require large amount of training data for the accurate classification and heavy computation during the classification process. But, we think that the detection of abnormality from the ECG beats is more important that the detailed classification for the automatic ECG monitoring system. In this paper, we tried to detect the VEB which is most frequently occurring among the abnormal ECG beats and we could achieve satisfactory detection performance when applied the proposed algorithm to the MIT/BIH database.

• Proceedings of the Korean Society of Precision Engineering Conference
• /
• 2009.06a
• /
• pp.477-478
• /
• 2009

• Proceedings of the Korean Society of Precision Engineering Conference
• /
• 2011.06a
• /
• pp.1031-1032
• /
• 2011