• Journal of Information Processing Systems
• /
• v.15 no.1
• /
• pp.203-216
• /
• 2019

The nature of wireless transmission has made wireless sensor networks defenseless against various attacks. This paper presents warning message counter method (WMC) to detect blackhole attack, grayhole attack and sinkhole attack in wireless sensor networks. The objective of these attackers are, to draw the nearby network traffic by false routing information and disrupt the network operation through dropping all the received packets (blackhole attack), selectively dropping the received packets (grayhole and sinkhole attack) and modifying the content of the packet (sinkhole attack). We have also attempted light weighted symmetric key cryptography to find data modification by the sinkhole node. Simulation results shows that, WMC detects sinkhole attack, blackhole attack and grayhole attack with less false positive 8% and less false negative 6%.

• The Korean Journal of Nuclear Medicine
• /
• v.20 no.2
• /
• pp.101-104
• /
• 1986

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1043-1057
• /
• 2015

In order to recognize intelligent threats quickly and detect and respond to them actively, major public bodies and private institutions operate and administer an Intrusion Detection Systems (IDS), which plays a very important role in finding and detecting attacks. However, most IDS alerts have a problem that they generate false positives. In addition, in order to detect unknown malicious codes and recognize and respond to their threats in advance, APT response solutions or actions based systems are introduced and operated. These execute malicious codes directly using virtual technology and detect abnormal activities in virtual environments or unknown attacks with other methods. However, these, too, have weaknesses such as the avoidance of the virtual environments, the problem of performance about total inspection of traffic and errors in policy. Accordingly, for the effective detection of intrusion, it is very important to enhance security monitoring, consequentially. This study discusses a plan for the reduction of false positives as a plan for the enhancement of security monitoring. As a result of an experiment based on the empirical data of G, rules were drawn in three types and 11 kinds. As a result of a test following these rules, it was verified that the overall detection rate decreased by 30% to 50%, and the performance was improved by over 30%.

• The Korean Journal of Cytopathology
• /
• v.19 no.2
• /
• pp.111-118
• /
• 2008

Background : Cervicovaginal cytology is a screening test of uterine cervical cancer. The sensitivity of cervicovaginal cytology is less than 50%, but studies of cytologic/histologic correlation are limited. We analyzed the diagnostic accuracy of cervicovaginal cytology in the detection of the squamous epithelial lesions of the uterine cervix and investigate the cause of diagnostic discordance. Materials and Methods : We collected a total of 481 sets of cervicovaginal cytology and biopsies over 5 years. The cytologic diagnoses were categorized based on The Bethesda System and the histologic diagnoses were classified as negative, flat condyloma, cervical intraepithelial neoplasia (CIN) I, CIN II, CIN III, or squamous cell carcinoma. Cytohistologic discrepancies were reviewed. Results: The concordance rate between the cytological and the histological diagnosis was 79.0%. The sensitivity and specificity of cervicovaginal cytology were 80.6% and 92.6%, respectively. Its positive predictive value and negative predictive value were 93.7% and 77.7%, respectively. The false negative rate was 19.4%. Among 54 false negative cytology cases, they were confirmed by histology as 50 flat condylomas, 2 CIN I, 1 CIN III, and 1 squamous cell carcinoma. The causes of false negative cytology were sampling errors in 75.6% and interpretation errors in 24.4%. The false positive rate was 7.4%. Among 15 false positive cytology cases, they were confirmed by histology as 12 atypical squamous cells of undetermined significance (ASCUS) and 3 low grade squamous intraepithelial lesions (LSIL). The cause of error was interpretation error in all cases. The overall diagnostic accuracy of cervicovaginal cytology was 85.7%. Conclusions : Cervicovaginal cytology shows high overall diagnostic accuracy and is a useful primary screen of uterine cervical cancer.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1131-1139
• /
• 2020

The static analysis of the source code is to find the remaining security weaknesses for a wide range of source codes. The static analysis tool is used to check the result, and the static analysis expert performs spying and false detection analysis on the result. In this process, the amount of analysis is large and the rate of false positives is high, so a lot of time and effort is required, and a method of efficient analysis is required. In addition, it is rare for experts to analyze only the source code of the line where the defect occurred when performing positive/false detection analysis. Depending on the type of defect, the surrounding source code is analyzed together and the final analysis result is delivered. In order to solve the difficulty of experts discriminating positive and false positives using these static analysis tools, this paper proposes a method of determining whether or not the security weakness found by the static analysis tools is a spy detection through artificial intelligence rather than an expert. In addition, the optimal size was confirmed through an experiment to see how the size of the training data (source code around the defects) used for such machine learning affects the performance. This result is expected to help the static analysis expert's job of classifying positive and false positives after static analysis.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.6
• /
• pp.1113-1120
• /
• 2017

As the size of the data is getting larger and larger due to improvement of the telecommunication techniques, it would be main issues to develop and process the database. The bloom filter used to lookup a particular element under the given set is very useful structure because of the space efficiency. In this paper, we analyse the main factor of the false positive and propose the new parallel type bloom filter in order to minimize the false positive which is caused by other hash functions. The proposed method uses the memory as large as the conventional bloom filter use, but it can improve the processing speed using parallel processing. In addition, if we use the perfect hash function, the insertion and deletion function in the proposed bloom filter would be possible.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.11B
• /
• pp.730-735
• /
• 2005

While the E-mail is a important way of fast communication in these days. it is real that the E-mail is often misused as a commercial advertisement method and creates many social problems. Even though various filtering techniques for blocking spam mails have been developed, reliability of mail systems is decreased by misreading normal mails as spam mails, i.e. false-positive errors. In this paper, the SMBC(Spam Mail Blocking Center) platform employing spam mail recovery method based on privacy information is proposed and designed. The SMBC is designed in frame layer based on spam blocking system of proxy sewer and can be physically implemented in various topology so that flexible development with layered module is possible. Using privacy information makes the proposed SMBC platform minimize processing load and false-positive error rates so that it can improve mail system reliabilities.

• Journal of Microbiology
• /
• v.43 no.3
• /
• pp.257-259
• /
• 2005

Although automated continuous-monitoring blood culture systems are both rapid and sensitive, false-positive and false-negative results still occur. The objective of this study, then, was to evaluate negative results occurring with BacT/Alert 3D blood culture systems. A total of 1032 samples were cultured with the BacT/Alert 3D automated blood culture system, using both aerobic (BPA) and anaerobic (BPN) media, and 128 of these samples yielded positive results. A total of 904 negative blood samples were then subcultured in $5\%$ sheep blood agar, eosin methylene blue, chocolate agar, and sabouraud-dextrose agar. Organisms growing on these subcultures were subsequently identified using both Vitek32 (bioMerieux, Durham, NC) and conventional methods. Twenty four $(2.6\%)$ of the 904 subcultures grew on the subculture media. The majority $(83.3\%)$ of these were determined to be gram-positive microorganisms. Fourteen $(58.3\%)$ were coagulase-negative staphylococci, two $(8.3\%)$ were Bacillus spp., one $(4.2\%)$ was Staphylococcus aureus, and one $(4.2\%)$ was identified as Enterococcus faecium. Streptococcus pneumoniae and Neisseria spp. were isolated together in two $(8.3\%)$ vials. Gram-negative microorganisms comprised $12.5\%$ of the subcultures, of which two $(8.3\%)$ were found to be Pseudomonas aeruginosa, and one $(4.2\%)$ was Pseudomonas fluorescens. The other isolate $(4.2\%)$ was identified as Candida albicans. We conclude that the subculture of negative results is valuable in the BacT/Alert 3D system, especially in situations in which only one set of blood cultures is taken.

• Annual Conference of KIPS
• /
• 2004.05a
• /
• pp.1083-1086
• /
• 2004

Switched Network는 Shared Network 에 비해서 스니핑에 안전하다. 하지만 비교우위일뿐 절대적으로 스니핑에 안전한 것은 아니다. 이미 Switched Network 상에서 스니핑을 할 수 있는 공격툴들이 많이 소개되어 있다. 본 논문에서는 Switched Network 상에서 ARP(Address Resolution Protocol) 스푸핑을 통한 ARP 캐시 오염을 통하여 스니핑이 가능한 시나리오를 기술한다. 이러한 시나리오를 탐지하기 위한 기존의 방법은 DHCP와 같은 동적인 환경이 포함된 경우 False Positive 를 자주 발생시키기 때문에 문제가 된다. 여기에서는 이러한 False Positive를 줄인 탐지 방법을 제시하고자 한다.

• Journal of Genetic Medicine
• /
• v.15 no.2
• /
• pp.79-86
• /
• 2018

Purpose: This study aimed to evaluate the clinical usefulness of non-invasive prenatal testing (NIPT) as an alternative testing of invasive diagnostic testing in pregnancies with ultrasound abnormalities. Materials and Methods: This was a retrospective study of pregnant women with abnormal ultrasound findings before 24 weeks of gestation between April 2016 and March 2017. Abnormal ultrasound findings included isolated increased nuchal translucency, structural anomalies, and soft markers. The NIPT or diagnostic test was conducted and NIPT detected trisomy 21 (T21), T18, T13 and sex chromosomal abnormalities. We analyzed the false positive and residual risks of NIPT based on the ultrasound findings. Results: During the study period, 824 pregnant women had abnormal ultrasound findings. Among the study population, 139 patients (16.9%) underwent NIPT. When NIPT was solely performed in the patients with abnormal ultrasound findings, overall false positive risk was 2.2% and this study found residual risks of NIPT. However, the discordant results of NIPT differed according to the type of abnormal ultrasound findings. Discordant results were significant in the group with structural anomalies with 4.4% false positive rate. However, no discordant results were found in the group with single soft markers. Conclusion: This study found different efficacy of NIPT according to the ultrasound findings. The results emphasize the importance of individualized counseling for prenatal screening or diagnostic test based on the type of abnormal ultrasound.