• Title/Summary/Keyword: event detection

Search Result 637, Processing Time 0.028 seconds

A Study on The Complex Event Detection Methods Based on Bitmap Index for Stream data Processing (스트림 데이터 처리를 위한 비트맵 인덱스 기반 복합 이벤트 검출 기법에 관한 연구)

  • Park, Yong-Min;Oh, Young-Hwan
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.48 no.4
    • /
    • pp.61-68
    • /
    • 2011
  • Event-based service technology integrate service to detect events that occur in real time by analyzing the response. Is the core technology for real-time business and ubiquitous service environment construction. Is required event-based service technology on business processes in real-time business environment that providing rapid response to changing and custom service using a variety of information real-time monitoring and analysis in ubiquitous service environment. Last event-driven business processes can be used as a CEP(Complex Event Processing). The core of CEP technology, the event from multiple event sources analysis of events affecting and the way to handle action, is detect complex event to user. In previous studies, an event occurs that continue to perform without the need for partial operations. so many operations and spend a lot of memory is a problem. To solve these problems, event detection technique is proposed that large streams of data without processing any events, registered to configure a complex event occurs when all events in the application layer, complex event processing. The proposed method, first using a bitmap index to manage the event occurs. The complex events of the last event in response to define a trigger event. The occurrence of an event to display a bitmap index, a composite event occurrence of all event to configure the test through the point at which a trigger event occurs. Is proposed, If any event occurs to perform the operation. The proposed scheme perform operations when all event occurs without events having to perform each of the tests. As a result, avoid unnecessary operations and reducing the number of events to handle the increased efficiency of operations.

Fault-Tolerant, Distributed Detection of Complex Events and States in Distributed Systems (분산 시스템에서의 복잡한 사건/상태의 결함 허용 분산 탐지)

  • Shim, Young-Chul
    • The Transactions of the Korea Information Processing Society
    • /
    • v.4 no.6
    • /
    • pp.1464-1480
    • /
    • 1997
  • Distributed systems offer environments for attaining high performance, fault-tolerance, information sharing, resource sharing, etc. But we cannot benefit from these potential advantages without suitable management of events/states occurring in distributed systems. These events and states can be symptoms for performance degradation, erroneous functions, suspicious activities, etc. and are subject to further analysis. To properly manage events/states, we need to be able to specify and efficiently detect these events/states. In this paper we first describe an event/state specification language and a centralized algorithm for detecting events/states specified with this language. Then we describe an algorithm for distributing an event/state detection task in a distributed system which is hierarchically organized. The algorithm consists of decomposing an event/state detection task into subtasks and allocation these subtasks to the proper nodes. We also explain a method to make the distributed detection fault-tolerant.

  • PDF

The New Voltage Event Detection Method and Control System Design for DVR Applied to 22.9kV Distribution System (22.9kV 배전선로 적용을 위한 DVR의 새로운 외란검출 기법 및 제어시스템 설계)

  • Kim H.J.;Chung Y.H.;Kwon G.H.;Park T.B.;Moon J.I.;Jeon Y.S.
    • The Transactions of the Korean Institute of Electrical Engineers A
    • /
    • v.55 no.1
    • /
    • pp.7-12
    • /
    • 2006
  • This paper proposes the new voltage event detection method using the weight factor of neural network and describes control system design for the DVR(Dynamic Voltage Restorer) consisted of a rectifier and series inverter applied to 22.9kV distribution system. As this method can express the fault level of each phase, we expect the proposed method can make up for disadvantage of synchronous detection method. Also, in this paper, the control system was designed using double deadbeat controller, As it has an inner current control loop and an outer voltage control loop, we can easily limit the current level during the transient intervals by using the current control loop. Simulation and experiment are performed to prove the analysis of the voltage event detection method and double deadbeat controller.

A Study on the Analysis of Validity and Importance of Event Log for the Detection of Insider Threats to Control System (제어시스템의 내부자 위협 탐지를 위한 Event Log 타당성 및 중요도 분석에 관한 연구)

  • Kim, Jongmin;Kim, DongMin;Lee, DongHwi
    • Convergence Security Journal
    • /
    • v.18 no.3
    • /
    • pp.77-85
    • /
    • 2018
  • With the convergence of communications network between control system and public network, such threats like information leakage/falsification could be fully shown in control system through diverse routes. Due to the recent diversification of security issues and violation cases of new attack techniques, the security system based on the information database that simply blocks and identifies, is not good enough to cope with the new types of threat. The current control system operates its security system focusing on the outside threats to the inside, and it is insufficient to detect the security threats by insiders with the authority of security access. Thus, this study conducted the importance analysis based on the main event log list of "Spotting the Adversary with Windows Event Log Monitoring" announced by NSA. In the results, the matter of importance of event log for the detection of insider threats to control system was understood, and the results of this study could be contributing to researches in this area.

  • PDF

Retrieval of Player Event in Golf Videos Using Spoken Content Analysis (음성정보 내용분석을 통한 골프 동영상에서의 선수별 이벤트 구간 검색)

  • Kim, Hyoung-Gook
    • The Journal of the Acoustical Society of Korea
    • /
    • v.28 no.7
    • /
    • pp.674-679
    • /
    • 2009
  • This paper proposes a method of player event retrieval using combination of two functions: detection of player name in speech information and detection of sound event from audio information in golf videos. The system consists of indexing module and retrieval module. At the indexing time audio segmentation and noise reduction are applied to audio stream demultiplexed from the golf videos. The noise-reduced speech is then fed into speech recognizer, which outputs spoken descriptors. The player name and sound event are indexed by the spoken descriptors. At search time, text query is converted into phoneme sequences. The lists of each query term are retrieved through a description matcher to identify full and partial phrase hits. For the retrieval of the player name, this paper compares the results of word-based, phoneme-based, and hybrid approach.

Improved Crash Detection Algorithm for Vehicle Crash Detection

  • An, Byoungman;Kim, YoungSeop
    • Journal of the Semiconductor & Display Technology
    • /
    • v.19 no.3
    • /
    • pp.93-99
    • /
    • 2020
  • A majority of car crash is affected by careless driving that causes extensive economic and social costs, as well as injuries and fatalities. Thus, the research of precise crash detection systems is very significant issues in automotive safety. A lot of crash detection algorithms have been developed, but the coverage of these algorithms has been limited to few scenarios. Road scenes and situations need to be considered in order to expand the scope of a collision detection system to include a variety of collision modes. The proposed algorithm effectively handles the x, y, and z axes of the sensor, while considering time and suggests a method suitable for various real worlds. To reduce nuisance and false crash detection events, the algorithm discriminated between driving mode and parking mode. The performance of the suggested algorithm was evaluated under various scenarios, and it successfully discriminated between driving and parking modes, and it adjusted crash detection events depending on the real scenario. The proposed algorithm is expected to efficiently manage the space and lifespan of the storage device by allowing the vehicle's black box system to store only necessary crash event's videos.

MITRE ATT&CK and Anomaly detection based abnormal attack detection technology research (MITRE ATT&CK 및 Anomaly Detection 기반 이상 공격징후 탐지기술 연구)

  • Hwang, Chan-Woong;Bae, Sung-Ho;Lee, Tae-Jin
    • Convergence Security Journal
    • /
    • v.21 no.3
    • /
    • pp.13-23
    • /
    • 2021
  • The attacker's techniques and tools are becoming intelligent and sophisticated. Existing Anti-Virus cannot prevent security accident. So the security threats on the endpoint should also be considered. Recently, EDR security solutions to protect endpoints have emerged, but they focus on visibility. There is still a lack of detection and responsiveness. In this paper, we use real-world EDR event logs to aggregate knowledge-based MITRE ATT&CK and autoencoder-based anomaly detection techniques to detect anomalies in order to screen effective analysis and analysis targets from a security manager perspective. After that, detected anomaly attack signs show the security manager an alarm along with log information and can be connected to legacy systems. The experiment detected EDR event logs for 5 days, and verified them with hybrid analysis search. Therefore, it is expected to produce results on when, which IPs and processes is suspected based on the EDR event log and create a secure endpoint environment through measures on the suspicious IP/Process.

Analysis and Comparison of Error Detection and Correction Codes for the Memory of STSAT-3 OBC and Mass Data Storage Unit (과학기술위성 3호 탑재 컴퓨터와 대용량 메모리에 적용될 오류 복구 코드의 비교 및 분석)

  • Kim, Byung-Jun;Seo, In-Ho;Kwak, Seong-Woo
    • The Transactions of The Korean Institute of Electrical Engineers
    • /
    • v.59 no.2
    • /
    • pp.417-422
    • /
    • 2010
  • When memory devices are exposed to space environments, they suffer various effects such as SEU(Single Event Upset). Memory systems for space applications are generally equipped with error detection and correction(EDAC) logics against SEUs. In this paper, several error detection and correction codes - RS(10,8) code, (7,4) Hamming code and (16,8) code - are analyzed and compared with each other. Each code is implemented using VHDL and its performances(encoding/decoding speed, required memory size) are compared. Also the failure probability equation of each EDAC code is derived, and the probability value is analyzed for various occurrence rates of SEUs which the STSAT-3 possibly suffers. Finally, the EDAC algorithm for STSAT-3 is determined based on the comparison results.

Video Event Detection according to Generating of Semantic Unit based on Moving Object (객체 움직임의 의미적 단위 생성을 통한 비디오 이벤트 검출)

  • Shin, Ju-Hyun;Baek, Sun-Kyoung;Kim, Pan-Koo
    • Journal of Korea Multimedia Society
    • /
    • v.11 no.2
    • /
    • pp.143-152
    • /
    • 2008
  • Nowadays, many investigators are studying various methodologies concerning event expression for semantic retrieval of video data. However, most of the parts are still using annotation based retrieval that is defined into annotation of each data and content based retrieval using low-level features. So, we propose a method of creation of the motion unit and extracting event through the unit for the more semantic retrieval than existing methods. First, we classify motions by event unit. Second, we define semantic unit about classified motion of object. For using these to event extraction, we create rules that are able to match the low-level features, from which we are able to retrieve semantic event as a unit of video shot. For the evaluation of availability, we execute an experiment of extraction of semantic event in video image and get approximately 80% precision rate.

  • PDF

Design of Intrusion Detection System Using Event Sequence Tracking (Event Sequence Tracking을 이용한 침입 감지 시스템의 설계)

  • 최송관;이필중
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 1995.11a
    • /
    • pp.115-125
    • /
    • 1995
  • 본 논문에서는 컴퓨터 시스템에서 침입 감지 시스템을 설계함에 있어서 사용될 수 있는 새로운 방법인 Event Sequence Tracking 방법을 제안하였다. Event Sequence Tracking 방법에서는 컴퓨터 시스템의 공격방법을 크게 두가지로 분류한다. 첫번째는 일련의 시스템 명령어를 이용한 공격방법이고 두번째는 침입자 자신이 만들었거나 다른 사람으로부터 얻은 프로그램을 이용하는 방법이다. 첫번째 공격방법에 대한 감지방법은 시스템을 공격할 때 사용한 일련의 시스템 명령어들을 감사 데이타를 분석하여 찾아내고 이 결과를 기존에 알려진 공격 시나리오들과 비교하여 침입자를 찾아내는 방식이다. 두번째 공격방법에 대한 감지 방법은 보안 관리자가 정해놓은, 시스템에서 일반 사용자가 할 수 없는 행위에 관한 보안 정책에 따라 Key-Event 데이타 베이스를 만들고 여기에 해당하는 event의 집합을 감사 데이타에서 찾아내는 방법이다. Event Sequence Tracking 방법은 Rule-based Penetration Identification 방법의 일종으로서 시스템의 공격방법을 분류하여 컴퓨터 시스템에의 침입을 효과적으로 감지할 수 있다는 것과 rule-base의 생성과 갱신을 함에 있어서 보다 간단하게 할 수 있다는 장점을 갖는다.

  • PDF