• Korean Journal of Remote Sensing
• /
• v.38 no.6_2
• /
• pp.1623-1631
• /
• 2022

Since oil spills can be a significant threat to the marine ecosystem, it is necessary to obtain information on the current contamination status quickly to minimize the damage. Satellite-based detection of marine oil spills has the advantage of spatiotemporal coverage because it can monitor a wide area compared to aircraft. Due to the recent development of computer vision and deep learning, marine oil spill detection can also be facilitated by deep learning. Unlike the existing studies based on Synthetic Aperture Radar (SAR) images, we conducted a deep learning modeling using PlanetScope optical satellite images. The blind test of the DeepLabV3+ model for oil spill detection showed the performance statistics with an accuracy of 0.885, a precision of 0.888, a recall of 0.886, an F1-score of 0.883, and a Mean Intersection over Union (mIOU) of 0.793.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.1
• /
• pp.23-34
• /
• 2022

With the development of network technology, the application area has also been diversified, and protocols for various purposes have been developed and the amount of traffic has exploded. Therefore, it is difficult for the network administrator to meet the stability and security standards of the network with the existing traditional switching and routing methods. Software Defined Networking (SDN) is a new networking paradigm proposed to solve this problem. SDN enables efficient network management by programming network operations. This has the advantage that network administrators can flexibly respond to various types of attacks. In this paper, we design a threat level management module, an attack detection module, a packet statistics module, and a flow rule generator that collects attack information through the controller and switch, which are components of SDN, and detects attacks based on these attributes of SDN. It proposes a method to block denial of service attacks (DoS) of advanced attackers by programming and applying honeypot. In the proposed system, the attack packet can be quickly delivered to the honeypot according to the modifiable flow rule, and the honeypot that received the attack packets analyzed the intelligent attack pattern based on this. According to the analysis results, the attack detection module and the threat level management module are adjusted to respond to intelligent attacks. The performance and feasibility of the proposed system was shown by actually implementing the proposed system, performing intelligent attacks with various attack patterns and attack levels, and checking the attack detection rate compared to the existing system.

• Journal of Convergence for Information Technology
• /
• v.12 no.5
• /
• pp.116-125
• /
• 2022

Recent aspects of terrorism varies in various ways according to means, targets, and regions. In particular, the 9/11 terrorist attacks in the United States in 2001 changed the paradigm of each country's terrorism, and the South Korea also participated in the enactment and enforcement of the Anti-Terrorism Act in 2016. Based on this, CBRN terrorism is included in general terrorism, and the National Police Agency plays the role of a control tower, and a system supported by related organizations such as the Ministry of Environment is being built and operated. However, restrictions were confirmed in the organizational system, manpower composition, and equipment and materials in operation in preparation for CBRN within the police. Based on the identified limitations, we proposed improvement plans to strengthen the capacity for CBRN terrorism: establishing a dedicated CBRN organization; creating research organization; and securing additional dedicated personnel. Based on this, as an improvement plan to strengthen the capability of CBRN, the establishment of an organization dedicated to CBRN and a research organization within the National Police Agency, and expansion of electronic equipment suitable for the characteristics of CBRN were proposed. It is expected that the police's on-site response capability system for CBRN terrorism will be strengthened via the proposed improvement measures to recover the various restrictions on the response to CBRN terrorism.

• Journal of Internet Computing and Services
• /
• v.23 no.5
• /
• pp.87-101
• /
• 2022

Cyber-attacks occur in the blink of an eye in cyberspace, and the damage is increasing all over the world. Therefore, it is necessary to develop a cyber common operational picture that can grasp the various assets belonging to the 3rd layer of cyberspace from various perspectives. By applying the method for grasping battlefield information used by the military, it is possible to achieve optimal cyberspace situational awareness. Therefore, in this study, the visualization screens necessary for the cyber common operational picture are identified and the criteria (response speed, user interface, object symbol, object size) are investigated. After that, the framework is designed by applying the identified and investigated items, and the visualization screens are implemented accordingly. Finally, among the criteria investigated by the visualization screen, an experiment is conducted on the response speed that cannot be recognized by a photograph. As a result, all the implemented visualization screens met the standard for response speed. Such research helps commanders and security officers to build a cyber common operational picture to prepare for cyber-attacks.

• Journal of Convergence for Information Technology
• /
• v.11 no.5
• /
• pp.30-37
• /
• 2021

Various devices are connected to the Internet, and attacks using the Internet are occurring. Among such attacks, there are attacks that use malicious URLs to make users access to wrong phishing sites or distribute malicious viruses. Therefore, how to detect such malicious URL attacks is one of the important security issues. Among recent deep learning technologies, neural networks are showing good performance in image recognition, speech recognition, and pattern recognition. This neural network can be applied to research that analyzes and detects patterns of malicious URL characteristics. In this paper, performance analysis according to various parameters was performed on a method of detecting malicious URLs using neural networks. In this paper, malicious URL detection performance was analyzed while changing the activation function, learning rate, and neural network structure. The experimental data was crawled by Alexa top 1 million and Whois to build the data, and the machine learning library used TensorFlow. As a result of the experiment, when the number of layers is 4, the learning rate is 0.005, and the number of nodes in each layer is 100, the accuracy of 97.8% and the f1 score of 92.94% are obtained.

• The Journal of the Acoustical Society of Korea
• /
• v.40 no.4
• /
• pp.297-303
• /
• 2021

When sound waves propagate over long distances in shallow water, measured transmission loss is greater than predicted one using underwater acoustic model with the Rayleigh reflection model due to inhomogeneity of the bottom. Accordingly, the US Navy predicts sound wave propagation by applying the empirical formula-based High Frequency Bottom Loss (HFBL) model. In this study, the measurement and analysis of transmission loss was conducted using mid-frequency (2.3 kHz, 3 kHz) in the shallow water of the East Sea in summer. BELLHOP eigenray tracing output shows that only sound waves with lower grazing angle than the critical angle propagate long distances for several kilometers or more, and the difference between the predicted transmission loss based on the Rayleigh reflection model and the measured transmission loss tend to increase along the propagation range. By comparing the Rayleigh reflection model and the HFBL model at the high grazing angle region, the bottom province, the input value of the HFBL model, is estimated and BELLHOP transmission loss with HFBL model is compared to measured transmission loss. As a result, it agrees well with the measurements of transmission loss.

• Journal of Digital Convergence
• /
• v.20 no.2
• /
• pp.203-215
• /
• 2022

The study is to investigate research trends and knowledge structures in the Smart Farm field. To achieve the research purpose, keywords and the relationship among keywords were analyzed targeting 104 Korean academic journals related to the Smart Farm in KCI(Korea Citation Index), and topics were analyzed using the LDA Topic Modeling technique. As a result of the analysis, the main keywords in the Korean Smart Farm-related research field were 'environment', 'system', 'use', 'technology', 'cultivation', etc. The results of Degree, Betweenness, and Eigenvector Centrality were presented. There were 7 topics, such as 'Introduction analysis of Smart Farm', 'Eco-friendly Smart Farm and economic efficiency of Smart Farm', 'Smart Farm platform design', 'Smart Farm production optimization', 'Smart Farm ecosystem', 'Smart Farm system implementation', and 'Government policy for Smart Farm' in the results of Topic Modeling. This study will be expected to serve as basic data for policy development necessary to advance Korean Smart Farm research in the future by examining research trends related to Korean Smart Farm.

• KIPS Transactions on Software and Data Engineering
• /
• v.10 no.11
• /
• pp.449-456
• /
• 2021

An intrusion detection system is a technology that detects abnormal behaviors that violate security, and detects abnormal operations and prevents system attacks. Existing intrusion detection systems have been designed using statistical analysis or anomaly detection techniques for traffic patterns, but modern systems generate a variety of traffic different from existing systems due to rapidly growing technologies, so the existing methods have limitations. In order to overcome this limitation, study on intrusion detection methods applying various machine learning techniques is being actively conducted. In this study, a comparative study was conducted on data preprocessing techniques that can improve the accuracy of anomaly detection using NGIDS-DS (Next Generation IDS Database) generated by simulation equipment for traffic in various network environments. Padding and sliding window were used as data preprocessing, and an oversampling technique with Adversarial Auto-Encoder (AAE) was applied to solve the problem of imbalance between the normal data rate and the abnormal data rate. In addition, the performance improvement of detection accuracy was confirmed by using Skip-gram among the Word2Vec techniques that can extract feature vectors of preprocessed sequence data. PCA-SVM and GRU were used as models for comparative experiments, and the experimental results showed better performance when sliding window, skip-gram, AAE, and GRU were applied.

• Journal of Convergence for Information Technology
• /
• v.12 no.5
• /
• pp.1-14
• /
• 2022

This study tried to suggest crisis management compliance to prevent personal information infringement accidents that may occur in the process because the data including personal information is being processed in the artificial intelligence (AI) service process. To this end, first, the AI service provision process is divided into 3 processes such as service planning/data design and collection process, data pre-processing and purification process, and algorithm development and utilization process. And 3 processes are subdivided into 9 stages following to personal information processing stages to infringe personal information. All processes were investigated with literature and experts' Delphi. Second, the investigated personal information infringement factors were selected through FGI, Delphi, etc. for experts. Third, a survey was conducted with experts on the severity and possibility of each personal information infringement factor, and the validity and adequacy of the 94 responses were verified. Fourth, to present appropriate risk management compliance for personal information infringement factors in AI services, a method for calculating the risk level of personal information infringement is prepared by utilizing the asset value of personal information, personal information infringement factors, and the possibility of infringement accidents. Through this, the countermeasures for personal information infringement incidents were suggested according to the scored risk level.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.115-127
• /
• 2021

With the development of science and technology around the world, the realm of cyberspace, following land, sea, air, and space, is also recognized as a battlefield area. Accordingly, it is necessary to design and establish various elements such as definitions, systems, procedures, and plans for not only physical operations in land, sea, air, and space but also cyber operations in cyberspace. In this research, the importance of cyber targets that can be considered when prioritizing the list of cyber targets selected through intermediate target development in the target development and prioritization stage of targeting processing of cyber operations was selected as a factor to be considered. We propose a method to calculate the score for the cyber target and use it as a part of the cyber target prioritization score. Accordingly, in the cyber target prioritization process, the cyber target importance category is set, and the cyber target importance concept and reference item are derived. We propose a TIR (Target Importance Rank) algorithm that synthesizes parameters such as Event Prioritization Framework based on PageRank algorithm for score calculation and synthesis for each derived standard item. And, by constructing the Stuxnet case-based network topology and scenario data, a cyber target importance score is derived with the proposed algorithm, and the cyber target is prioritized to verify the proposed algorithm.