Acknowledgement
This research was supported by the Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (No. NRF-2017R1D1A3B03032637).
References
- A. Nieto and R. Rios, "Cybersecurity profiles based on human-centric IoT devices," Human-centric Computing and Information Sciences, vol. 9, article no. 39, 2019. https://doi.org/10.1186/s13673-019-0200-y
- P. K. Sharma, J. H. Ryu, K. Y. Park, J. H. Park, and J. H. Park, "Li-Fi based on security cloud framework for future IT environment," Human-centric Computing and Information Sciences, vol. 8, article no. 23, 2018. https://doi.org/10.1186/s13673-018-0146-5
- OpenText, "EnCase software," 2021 [Online]. Available: https://www.guidancesoftware.com.
- Exterro Inc., "Forensic Toolkit (FTK)," 2021 [Online]. Available: https://www.exterro.com/forensic-toolkit.
- Magnet Forensics, "AXIOM," 2021 [Online]. Available: https://www.magnetforensics.com.
- CaTalk, "Top 7 PCs shared by world/domestic," 2020 [Online]. Available: http://catalk.kr/information/desktop-operating-systems.html.
- G2 Inc., "Best Operating System," 2021 [Online]. Available: https://www.g2.com/categories/operating-system.
- Z. Zhang, C. Wang, and X. Zhou, "A survey on passive image copy-move forgery detection," Journal of Information Processing Systems, vol. 14, no. 1, pp. 6-31, 2018. https://doi.org/10.3745/JIPS.02.0078
- C. Wang, H. Zhang, and X. Zhou, "LBP and DWT based fragile watermarking for image authentication," Journal of Information Processing Systems, vol. 14, no. 3, pp. 666-679, 2018. https://doi.org/10.3745/JIPS.03.0096
- Microsoft, "Active Directory Domain Services overview," 2017 [Online]. Available: https://docs.microsoft.com/ko-kr/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview.
- J. Kim, M. Kwak, S. Lee, and T. Cho, "File tracking technique with active directory event log," in Proceedings of the 2020 World Congress on Information Technology Applications and Services, Seoul, Korea, 2020.
- Microsoft, "Audit policy," 2017 [Online]. Available: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/audit-policy.
- Microsoft, "Advanced security audit policy settings," 2017 [Online]. Available: https://docs.microsoft.com/en-us/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.
- Microsoft, "Basic security audit policies," 2017 [Online]. Available: https://docs.microsoft.com/en-us/windows/security/threat-protection/auditing/basic-security-audit-policies.
- Microsoft, "5145(S, F): a network share object was checked to see whether client can be granted desired access," 2017 [Online]. Available: https://docs.microsoft.com/ko-kr/windows/security/threat-protection/auditing/event-5145.
- K. Kim and Y. Cho, "Multi-index approach to search Chinese, Japanese, and Korean text with Elasticsearch 6.6," Proceedings of International Conference on Future Information & Communication Engineering , vol. 11, no. 1, pp. 257-260, 2019.
- S. Persada, A. Oktavianto, B. Miraja, R. Nadlifatin, P. Belgiawan, and A. P. Redi, "Public perceptions of online learning in developing countries: a study using the ELK Stack for sentiment analysis on twitter," International Journal of Emerging Technologies in Learning (iJET), vol. 15, no. 9, pp. 94-109, 2020. https://doi.org/10.3991/ijet.v15i09.11579
- ElasticSearch, "ELK Stack," 2021 [Online]. Available: https://www.elastic.co/what-is/elk-stack.
- J. Park and J. Hyun, "Web artifacts visualization using ElasticSearch and Kibana," in Proceedings of the IEEK Summer Conference, 2019, pp. 1350-1353.
- Y. Kim and T. Shon, "Cyber-threat detection of ICS using Sysmon and ELK," Journal of the Korea Institute of Information Security & Cryptology, vol. 29, no. 2, pp. 331-346, 2019. https://doi.org/10.13089/JKIISC.2019.29.2.331
- B. H. Lee and D. M. Yang, "A security log analysis system using Logstash based on Apache Elasticsearch," Journal of the Korea Institute of Information and Communication Engineering, vol. 22, no. 2, pp. 382-389, 2018. https://doi.org/10.6109/jkiice.2018.22.2.382
- J. Kim, M. Kwak, S. Lee, and T. Cho, "File tracking technique with active directory event log," in Proceedings of the 14th KIPS International Conference on Ubiquitous Information Technologies and Applications, Macau, China, 2019.
- J. Krause, Mastering Windows Server 2016. Birmingham, UK: Packt Publishing, 2016.