참고문헌
- S. Garfinkel, "Digital forensics XML and the DFXML toolset," Digital Investigation, vol. 8, no. 3-4, pp. 161-174, 2012. https://doi.org/10.1016/j.diin.2011.11.002
- C. Chen, X. Zhao, and M. C. Stamm, "Mislgan: an anti-forensic camera model falsification framework using a generative adversarial network," in Proceedings of 2018 25th IEEE International Conference on Image Processing (ICIP), Athens, Greece, 2018, pp. 535-539.
- H. Pomeranz, "Understanding EXT4 (Part 4): Demolition Derby," 2011 [Online]. Available: https://www.sans.org/blog/understanding-ext4-part-4-demolition-derby/.
- Wikipedia, "Comparison of file systems," 2015 [Online]. Available: https://en.wikipedia.org/wiki/Comparison_of_file_systems.
- B. Carrier, File System Forensic Analysis. Upper Saddle River, NJ: Addison-Wesley, 2005.
- D. Palmbach and F. Breitinger, "Artifacts for detecting timestamp manipulation in NTFS on windows and their reliability," Forensic Science International: Digital Investigation, vol. 32, article no. 300920, 2020. https://doi.org/10.1016/j.fsidi.2020.300920
- C. G. Lim, Y. S. Jeong, and H. J. Choi, "Survey of temporal information extraction," Journal of Information Processing Systems, vol. 15, no. 4, pp. 931-956, 2019. https://doi.org/10.3745/JIPS.04.0129
- Date and time-Representations for information interchange-Part 1: Basic rules, ISO 8601-1:2019, 2019.
- Microsoft, "MS-DOS Date and Time," 2021 [Online]. Available: https://docs.microsoft.com/enus/windows/win32/sysinfo/ms-dos-date-and-time.
- Microsoft, "File times," 2021 [Online]. Available: https://docs.microsoft.com/en-us/windows/win32/sysinfo/file-times.
- P. Harvey, "ExifTool version 12.14," 2022 [Online]. Available: https://exiftool.org/.
- Digital Detective, "DCode version 5.2," 2022 [Online]. Available: https://www.digital-detective.net/dcode/.
- J. O. Nelson, "Comparative analysis of iPhone image data across various transfer methods," Ph.D. dissertation, University of Colorado, Denver, CO, 2020
- P. Yacovetta, "Benefits of using multiple timestamps during timeline analysis in digital forensics," 2010 [Online]. Available: https://www.sans.org/blog/benefits-of-using-multiple-timestamps-during-timeline-analy sis-in-digital-forensics/.
- E. Antsilevich, "Capturing timestamp precision for digital forensics," James Madison University, Harrisonburg, VA, Report No. JMU-INFOSEC-TR-2009-002, 2009.
- T. Gobel and H. Baier, "Anti-forensics in ext4: on secrecy and usability of timestamp-based data hiding," Digital Investigation, vol. 24, pp. S111-S120, 2018. https://doi.org/10.1016/j.diin.2018.01.014
- T. Knutson, "Filesystem timestamps: what makes them tick?," 2016 [Online]. Available: https://www.sans.org/white-papers/36842/.
- A. Nieto and R. Rios, "Cybersecurity profiles based on human-centric IoT devices," Human-centric Computing and Information Sciences, vol. 9, article no. 39, 2019. https://doi.org/10.1186/s13673-019-0200-y
- M. A. Alqarni, S. H. Chauhdary, M. N. Malik, M. Ehatisham-ul-Haq, and M. A. Azam, "Identifying smartphone users based on how they interact with their phones," Human-centric Computing and Information Sciences, vol. 10, article no. 7, 2020. https://doi.org/10.1186/s13673-020-0212-7
- S. Hayat, A. Rextin, A. Idris, and M. Nasim, "Text and phone calls: user behaviour and dual-channel communication prediction," Human-centric Computing and Information Sciences, vol. 10, article no. 11, 2020. https://doi.org/10.1186/s13673-020-00217-x
- J. Jeong, D. Kim, B. Lee, and Y. Son, "Design and implementation of a digital evidence management model based on Hyperledger Fabric," Journal of Information Processing Systems, vol. 16, no. 4, pp. 760-773, 2020. https://doi.org/10.3745/JIPS.04.0178