• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.4
• /
• pp.29-39
• /
• 2002

In general, the intrusion detection method of anomalous behaviors has high false alarm rate which contains false-positive and false-negative. To increase the sensitivity of intrusion detection, we propose a method of aggregate detection to reduce false alarm rate by using correlation between misuse activity detection sensors and anomalous ones. For each normal behavior and anomalous one, we produce the reflection rate between the result from one sensor and another in off-line. Then, we apply this rate to the result of real-time detection to reduce false alarm rate.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.51 no.1
• /
• pp.37-41
• /
• 2014

Recently, a lot of research efforts has been directed toward spectrum sensing techniques exploiting the some characteristics of power spectrum. Among them, a sensing technique employing the maximum of power spectrum as a test statistic has appeared in the literature and its false alarm probability was also derived under the assumption that the test statistic follows the Gaussian distribution. This paper provides an exact form of the false alarm probability without using the assumption and compares it with the previous work.

• Journal of Satellite, Information and Communications
• /
• v.8 no.1
• /
• pp.66-70
• /
• 2013

In this paper, Threshold setting method is proposed to improve detection probability for cooperative sensing. Even if cooperative users have all same false alarm rate, each user has different threshold due to pass ad-hoc channel. threshold level is related to detection probability. So, we select the highest threshold among cooperative users and then share threshold information for getting the high detection probability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.4
• /
• pp.989-1005
• /
• 2012

In this paper, throughput of IEEE 802.11 carrier-sense multiple access (CSMA) with collision-avoidance (CA) protocols in non-saturated traffic conditions is presented taking into account the impact of imperfect channel sensing. The imperfect channel sensing includes both missed-detection and false alarm and their impact on the utilization of IEEE 802.11 analyzed and expressed as a closed form. To include the imperfect channel sensing at the physical layer, we modified the state transition probabilities of well-known two state Markov process model. Simulation results closely match the theoretical expressions confirming the effectiveness of the proposed model. Based on both theoretical and simulated results, the choice of the best probability detection while maintaining probability of false alarm is less than 0.5 is a key factor for maximizing utilization of IEEE 802.11.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.11
• /
• pp.3638-3654
• /
• 2014

Cognitive Radio (CR) users need to sense the environment or channel at regular time interval for sharing the spectrum band of the primary users (PUs). Once find the spectrum idle, CR users start their transmission through it. Even while transmitting, they need to continue the sensing process so that they can leave the spectrum immediately whenever find a PU wanting to use the band. Therefore, detecting PUs is one of the main functions of cognitive radio before transmission and higher the detection probability ensures better protection to the primary users. However, it is not possible to attain a high detection probability (or a low miss detection probability) and low false alarm probability simultaneously as there is a tradeoff between false alarm probability ($P_{fa}$) and the probability of detection ($P_d$). In this paper, the author has provided a comprehensive study on different sensing techniques and discussed their advantages and disadvantages. Moreover, it is expected that, with this article, readers can have a through understanding of sensing techniques in CR and the current research trends in this area.

• ETRI Journal
• /
• v.16 no.1
• /
• pp.17-34
• /
• 1994

In this paper, we present an architecture of the constant false alarm rate (CFAR) detector called the generalized order statistics (GOS) CFAR detector, which covers various order statistics (OS) and cell-averaging (CA) CFAR detectors as special cases. For the proposed GOS CFAR detector, we obtain unified formulas for the false alarm and detection probabilities. By properly choosing coefficients of the GOS CFAR detector, one can utilize any combination of ordered samples to estimate the background noise level. Thus, if we use a reference window of size N, we can realize $(2^N-1)$ kinds of CFAR processors and obtain their performances from the unified formulas. Some examples are the CA, the OS, the censored mean level, and the trimmed mean CFAR detectors. As an application of the GOS CFAR detector to multiple target detection, we propose an algorithm called the adaptive mean level detector, which censors adaptively the interfering target returns in a reference window.

• Journal of the Korean Institute of Telematics and Electronics B
• /
• v.29B no.1
• /
• pp.50-57
• /
• 1992

This paper proposes and analyzes a new CFAR(Constant False Alarm Rate) detector called the EXGO(Excision Greatest Of)-CFAR. This is the combination of the EXCA(Excision Cell Averaging)-CFAR that shows a good performance under the influence of interferences and the GO(Greatest Of)-CFAR that fights well with clutter edges. For the performance analysis, the formulas for the detection probability and the false alarm probability are derived and computed, and the results are compared with other existing CFAR detectors. Our analysis shows that the proposed EXGO-CFAR considerably improves the false-alarm-rate performance of the EXCA-CFAR at clutter edges while maintaining the high detection probability performance of the EXCA-CFAR in the homogeneous and/or interference noise environment.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.14 no.1
• /
• pp.11-18
• /
• 2019

In this paper, we consider interferences from other automobile pulse radars using same frequency spectrum. In order to eliminate the interference, we propose the PN code modulation method. This method uses the cross-correlation between PN codes with different seed. The ROC performance is used for comparing the proposed detector to conventional method. And the proposed detector can decide the present or absent of targets and measure the range of the targets by using memory buffer of range gate. Especially, we use false alarm probability for all range gates. That is the false alarm if in any one range gate the false alarm occurs. From the simulation result, we can see that the proposed detector with using PN code is not influenced by interferences.

• Proceedings of the KIEE Conference
• /
• 2001.04a
• /
• pp.209-212
• /
• 2001

A flame detector responds either to radiant energy visible to the human eye or outside the range of human vision. Such a detector is sensitive to glowing embers, coals, or flames which radiate energy of sufficient intensity and spectral quality to actuate the alarm. An infra-red detectors can respond to the total IR component of the flame alone or in combination with flame flicker in the frequency range of 5 to 30 Hz. A major problem in the use of infrared detectors receiving total IR radiation is the possible interference of solar radiation in the infrared region. When detectors are located in places shielded from the sun, such as vaults, filtering or shielding the unit from the sun's rays is unnecessary. In this study, we proposed method for redue a false alarm with using filtering & sensor technology for distinguish of causes of raise a false alarm and pure flame.

• Journal of Internet Computing and Services
• /
• v.7 no.3
• /
• pp.119-132
• /
• 2006

The network based security techniques well-known until now have week points to be passive in attacks and susceptible to roundabout attacks so that the misuse detection based intrusion prevention system which enables positive correspondence to the attacks of inline mode are used widely. But because the Misuse detection based Intrusion prevention system is proportional to the detection rules, it causes excessive false alarm and is linked to wrong correspondence which prevents the regular network flow and is insufficient to detect transformed attacks, This study suggests an Intrusion prevention system which uses Support Vector machines(hereinafter referred to as SVM) as one of rule based Intrusion prevention system and Anomaly System in order to supplement these problems, When this compared with existing intrusion prevention system, show performance result that improve about 20% and could through intrusion prevention system that propose false positive minimize and know that can detect effectively about new variant attack.