• Proceedings of the Korean Society of Surveying, Geodesy, Photogrammetry, and Cartography Conference
• /
• 2007.04a
• /
• pp.447-450
• /
• 2007

Positioning technology for moving object is an important and essential component of ubiquitous. Also RFID(Radio Frequency IDentification) is a core technology of ubiquitous wireless communication. In this study we adapted kalman-filter theory to RFID-based Positioning System in order to trace a time-variant moving object and verify the positioning accuracy using RMSE (Roong technology for moving object is an important and essential component of ubiquitous Mean Square Error). The purpose of this study is to verify an effect of kalman-filter on the positioning accuracy and to analyze what does each design factor have an effect on the positioning accuracy by means of simulations and to suggest a standard of optimal design factor of a RFID-based Positioning System. From the results of simulations, Kalman-filer improved the positioning accuracy remarkably; the detection range of RFID tag is not a determining factor. The smaller standard deviation of detection range improves the positioning accuracy. However it accompanies a smaller fluctuation of the positioning accuracy. The larger detection rate of RFID tag yields the smaller fluctuation in the positioning accuracy and has more stable system and improves the positioning accuracy;

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.6
• /
• pp.1627-1648
• /
• 2012

We propose an adaptive method for detecting plagiarized pairs from a large set of source code. This method is adaptive in that it uses an adaptive algorithm and it provides an adaptive threshold for determining plagiarism. Conventional algorithms are based on greedy string tiling or on local alignments of two code strings. However, most of them are not adaptive; they do not consider the characteristics of the program set, thereby causing a problem for a program set in which all the programs are inherently similar. We propose adaptive local alignment-a variant of local alignment that uses an adaptive similarity matrix. Each entry of this matrix is the logarithm of the probabilities of the keywords based on their frequency in a given program set. We also propose an adaptive threshold based on the local outlier factor (LOF), which represents the likelihood of an entity being an outlier. Experimental results indicate that our method is more sensitive than JPlag, which uses greedy string tiling for detecting plagiarism-suspected code pairs. Further, the adaptive threshold based on the LOF is shown to be effective, and the detection performance shows high sensitivity with negligible loss of specificity, compared with that using a fixed threshold.

• Journal of Information Processing Systems
• /
• v.17 no.4
• /
• pp.851-865
• /
• 2021

Enterprise networks in the PyeongChang Winter Olympics were hacked in February 2018. According to a domestic security company's analysis report, attackers destroyed approximately 300 hosts with the aim of interfering with the Olympics. Enterprise have no choice but to rely on digital vaccines since it is overwhelming to analyze all programs executed in the host used by ordinary users. However, traditional vaccines cannot protect the host against variant or new malware because they cannot detect intrusions without signatures for malwares. To overcome this limitation of signature-based detection, there has been much research conducted on the behavior analysis of malwares. However, since most of them rely on a sandbox where only analysis target program is running, we cannot detect malwares intruding the host where many normal programs are running. Therefore, this study proposes a method to detect malware variants in the host through logs rather than the sandbox. The proposed method extracts common behaviors from variants group and finds characteristic behaviors optimized for querying. Through experimentation on 1,584,363 logs, generated by executing 6,430 malware samples, we prove that there exist the common behaviors that variants share and we demonstrate that these behaviors can be used to detect variants.

• Journal of The Korean Society of Inherited Metabolic disease
• /
• v.12 no.1
• /
• pp.58-63
• /
• 2012

Classical galactosemia (OMIM# 230400) is an autosomal recessive disorder of carbohydrate metabolism, due to a complete loss in galactose-1-phosphate uridyltransferase (GALT; E.C.2.7.7.12) enzyme activity. It caused by mutations in the GALT gene (OMIM$^*$ 606999) that is located at chromosome 9p13. The GALT enzyme deficiency results in a build-up of galactose and galactose-1-phosphate, causing life threatening complications such as feeding problems, failure to thrive, hepatocellular damage, bleeding and sepsis. However, Duarte galactosemia, a variant form of GALT deficiency, has residual GALT enzyme activities in erythrocytes and do not have manifest the symptoms of classical galactosemia. Since the advent of newborn screening (NBS) for galactosemia, we rarely encounter such overwhelmingly ill newborns. The positive NBS with no symptoms indicates the possibility of Duarte galactosemia besides a simple false positive and it has to be differentiated from classical galactosemia which is a medical emergency. In Korea, detection rate of Duarte galactosemia is very low and its genetic information is restrictive, too. We report a case of monozygotic twins with D/G galactosemia compound heterozygote in proven by the mutational analysis of GALT gene, which revealed N314D polymorphism and -119 to -116 delGTCA.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.593-603
• /
• 2020

The advent of malicious code has increased exponentially due to the spread of malicious code generation tools in accordance with the development of the network, but there is a limit to the response through existing malicious code detection methods. According to this situation, a machine learning-based malicious code detection method is evolving, and in this paper, the feature of data is extracted from the PE header for machine-learning-based malicious code detection, and then it is used to automate the malware through autoencoder. Research on how to extract the indicated features and feature importance. In this paper, 549 features composed of information such as DLL/API that can be identified from PE files that are commonly used in malware analysis are extracted, and autoencoder is used through the extracted features to improve the performance of malware detection in machine learning. It was proved to be successful in providing excellent accuracy and reducing the processing time by 2 times by effectively extracting the features of the data by compressively storing the data. The test results have been shown to be useful for classifying malware groups, and in the future, a classifier such as SVM will be introduced to continue research for more accurate malware detection.

• Journal of Korean Medical Science
• /
• v.33 no.52
• /
• pp.337.1-337.14
• /
• 2018

Background: Mitochondrial heteroplasmy, the co-existence of different mitochondrial polymorphisms within an individual, has various forensic and clinical implications. But there is still no guideline on the application of massively parallel sequencing (MPS) in heteroplasmy detection. We present here some critical issues that should be considered in heteroplasmy studies using MPS. Methods: Among five samples with known innate heteroplasmies, two pairs of mixture were generated for artificial heteroplasmies with target minor allele frequencies (MAFs) ranging from 50% to 1%. Each sample was amplified by two-amplicon method and sequenced by Ion Torrent system. The outcomes of two different analysis tools, Torrent Suite Variant Caller (TVC) and mtDNA-Server (mDS), were compared. Results: All the innate heteroplasmies were detected correctly by both analysis tools. Average MAFs of artificial heteroplasmies correlated well to the target values. The detection rates were almost 90% for high-level heteroplasmies, but decreased for low-level heteroplasmies. TVC generally showed lower detection rates than mDS, which seems to be due to their own computation algorithms which drop out some reference-dominant heteroplasmies. Meanwhile, mDS reported several unintended low-level heteroplasmies which were suggested as nuclear mitochondrial DNA sequences. The average coverage depth of each sample placed on the same chip showed considerable variation. The increase of coverage depth had no effect on the detection rates. Conclusion: In addition to the general accuracy of the MPS application on detecting heteroplasmy, our study indicates that the understanding of the nature of mitochondrial DNA and analysis algorithm would be crucial for appropriate interpretation of MPS results.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.17-28
• /
• 2006

The appearance of variant malicious codes using obfuscation techniques is accelerating the spread of malicious codes around the detection by a vaccine. n a system does not patch detection patterns for vulnerabilities and worms to the vaccine, it can be infected by the worms and malicious codes can be spreaded rapidly to other systems and networks in a few minute. Moreover, It is limited to the conventional pattern based detection and treatment for variants or new malicious codes. In this paper, we propose a method of behavior based detection by the static analysis, the dynamic analysis and the dynamic monitoring to detect a malicious code using obfuscation techniques with the PE compression. Also we show that dynamic monitoring can detect worms with the PE compression which accesses to important resources such as a registry, a cpu, a memory and files with the proposed method for similarity.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.16 no.3
• /
• pp.161-166
• /
• 2023

In recent years, new and variant hacking of binary codes has increased, and the limitations of techniques for detecting malicious codes in source programs and defending against attacks are often exposed. Advanced software security vulnerability detection technology using machine learning and deep learning technology for binary code and defense and response capabilities against attacks are required. In this paper, we propose a malware clustering method that groups malware based on the characteristics of the taint information after entering dynamic taint information by tracing the execution path of binary code. Malware vulnerability detection was applied to a three-layered Few-shot learning model, and F1-scores were calculated for each layer's CPU and GPU. We obtained 97~98% performance in the learning process and 80~81% detection performance in the test process.

• Journal of Digital Convergence
• /
• v.10 no.10
• /
• pp.215-220
• /
• 2012

This paper proposes a ontology of tree structure approach for adaptive object recognition in a situation-variant environment. In this paper, we introduce a new concept, ontology of tree structure ontology, for context sensitivity, as we found that many developed systems work in a context-invariant environment. Due to the effects of illumination on a supreme obstinate designing context-sensitive recognition system, we have focused on designing such a context-variant system using ontology of tree structure. Ontology can be defined as an explicit specification of conceptualization of a domain typically captured in an abstract model of how people think about things in the domain. People produce ontologies to understand and explain underlying principles and environmental factors. In this research, we have proposed context ontology, context modeling, context adaptation, and context categorization to design ontology of tree structure based on illumination criteria. After selecting the proper light-ontology domain, we benefit from selecting a set of actions that produces better performance on that domain. We have carried out extensive experiments on these concepts in the area of object recognition in a dynamic changing environment, and we have achieved enormous success, which will enable us to proceed on our basic concepts.

• Clinical and Experimental Pediatrics
• /
• v.58 no.9
• /
• pp.317-324
• /
• 2015

Kabuki syndrome (KS) is a rare syndrome characterized by multiple congenital anomalies and mental retardation. Other characteristics include a peculiar facial gestalt, short stature, skeletal and visceral abnormalities, cardiac anomalies, and immunological defects. Whole exome sequencing has uncovered the genetic basis of KS. Prior to 2013, there was no molecular genetic information about KS in Korean patients. More recently, direct Sanger sequencing and exome sequencing revealed KMT2D variants in 11 Korean patients and a KDM6A variant in one Korean patient. The high detection rate of KMT2D and KDM6A mutations (92.3%) is expected owing to the strict criteria used to establish a clinical diagnosis. Increased awareness and understanding of KS among clinicians is important for diagnosis and management of KS and for primary care of KS patients. Because mutation detection rates rely on the accuracy of the clinical diagnosis and the inclusion or exclusion of atypical cases, recognition of KS will facilitate the identification of novel mutations. A brief review of KS is provided, highlighting the clinical and genetic characteristics of patients with KS.