• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.41-56
• /
• 2007

In this paper, we propose a specification-based intrusion detection system for WIPI(Wireless Internet Platform for Interoperability). In proposing the system, we focused on providing lightweight code, supporting multiple languages and hardware independence. The proposed system is based on an algorithm which detects an intrusion to main API of WIPI-HAL(Handset Adaptation Layer) and defines the prototype of mIDS(mobile IDS) API group that it can be added on the HAL. Moreover, we prove apply possibility through a WIPI emulator using java library.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.81-90
• /
• 2003

The presence of the intrusion is judged by intrusion detection system based on the audit log and the Performance of this system depends on how correctly and effectively it has been described about the intrusion pattern with audit log. In this paper, the relativity concerning intrusion is demonstrated among the information those are ‘System call, Network packet and Syslog’ and the related pattern of the state-transition-based method and those rule-based pattern is identified. By applying this correlation to them, the accuracy rate of detection was able to be improved. Especially, the availability of detection with correlation pattern through Covert Channel detection test has been substantiated.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.12
• /
• pp.3889-3903
• /
• 2022

To address the problem of low detection accuracy due to training noise caused by mislabeling when Tri-training for network intrusion detection (NID), we propose a Tri-training algorithm based on cross entropy and K-nearest neighbors (TCK) for network intrusion detection. The proposed algorithm uses cross-entropy to replace the classification error rate to better identify the difference between the practical and predicted distributions of the model and reduce the prediction bias of mislabeled data to unlabeled data; K-nearest neighbors are used to remove the mislabeled data and reduce the number of mislabeled data. In order to verify the effectiveness of the algorithm proposed in this paper, experiments were conducted on 12 UCI datasets and NSL-KDD network intrusion datasets, and four indexes including accuracy, recall, F-measure and precision were used for comparison. The experimental results revealed that the TCK has superior performance than the conventional Tri-training algorithms and the Tri-training algorithms using only cross-entropy or K-nearest neighbor strategy.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.666-669
• /
• 2008

A number of intrusion detection systems have been developed to detect intrusive activity on individual hosts and networks. The systems developed rely almost exclusively on a software approach to intrusion detection analysis and response. In addition, the network systems developed apply a centralized approach to the detection of intrusive activity. The problems introduced by this approach are twofold. First the centralization of these functions becomes untenable as the size of the network increases.

• Proceedings of the Korean Geotechical Society Conference
• /
• 2003.03a
• /
• pp.503-508
• /
• 2003

In this study, we peformed ahead a field geological investigation, boring investigation for slope stability analysis in large scale slope failure area. But the geological stratum was not clearly grasped, because ground was very disturbed by large scale Granite intrusion. Furthermore, the existing test data was not pertinent to the large scale Granite intrusion site like here. Therefore, various kind of field test were performed to grasp clearly for geological stratum. And the results of back analysis, various kind tests used to slope stability analysis.

• Proceedings of the Korean Society of Soil and Groundwater Environment Conference
• /
• 2002.04a
• /
• pp.148-154
• /
• 2002

Groundwater Dam is one of the reliable techniques to get huge amount of groundwater abstraction for municipal, agricultural, drinking, industrial water supply system. It can be a major technique to solve water shortage problems when it based on the sufficient watershed, proper topology, and adequate aquifer distribution and pollution control. It is suggested that the two consecutive underground wall in the coastal area to prevent seawater intrusion beneath a single wall.

• Proceedings of the Korean Institute of Intelligent Systems Conference
• /
• 2006.05a
• /
• pp.279-282
• /
• 2006

네트워크를 기반으로 한 컴퓨터 시스템이 현대 사회에 있어서 더욱 더 불가결한 역할을 하는 것에 따라, 네트워크 기반 컴퓨터 시스템은 침입자의 침입 목표가 되고 있다. 이를 보호하기 위한 침입탐지시스템(Intrusion Detection System : IDS)은 점차 중요한 기술이 되었다. 침입탐지시스템에서 패턴들을 분석한 후 정상/비정상을 판단 및 예측하기 위해서는 초기단계인 특징추출이나 선택이 매우 중요한 부분이 되고 있다. 본 논문에서는 IDS에서 중요한 부분인 feature selection을 Data Mining 기법인 Genetic Algorithm(GA)과 Decision Tree(DT)를 적용해서 구현했다.

• Journal of information and communication convergence engineering
• /
• v.2 no.2
• /
• pp.84-88
• /
• 2004

Firewall is not perfectly prevent hacker, Intrusion Detection System(IDS) is considered a next generation security solution for more trusted network i and system security. We propose a agent IDS model in the different platforms that can detect intrusions in the expanded distributed host environment, since that is a drawback of existing IDS. Then we implement a prototype and verify validity. We use a pattern extraction agent so that we extract audit files needed in intrusion detection automatically even in other platforms.

• 제어로봇시스템학회:학술대회논문집
• /
• 2001.10a
• /
• pp.31.1-31
• /
• 2001

Computer security is a very important issue these days. Computer viruses, worms, Trojan horses, and cracking are prevalent and causing serious damages. There are also many ways developed to defend against such attacks including cryptography and firewalls. However, it is not possible to guarantee complete security of computer systems or networks. Recently much attention has been directed to ways to detect intrusions and recover from damages. Although there have been a lot of research efforts to develop efficient intrusion detection systems, little has been done to facilitate the interaction between intrusion detection systems and users ...

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.857-860
• /
• 2009

Intrusion detection in Wireless Sensor Network (WSN) is of practical interest in many applications such as detecting an intruder in a battlefield. The intrusion detection is defined as a mechanism for a WSN to detect the existence of inappropriate, incorrect, or anomalous moving attackers. For this purpose, it is a fundamental issue to characterize the WSN parameters such as node density and sensing range in terms of a desirable detection probability. In this paper, we consider this issue according to two WSN models: homogeneous and heterogeneous WSN.