Browse > Article
http://dx.doi.org/10.13089/JKIISC.2018.28.4.839

Digital Evidence Collection Procedure for Hardware Unique Information Collection  

Pak, Chan-ung (Center for Information Security Technologies, Korea University)
Lee, Sang-jin (Center for Information Security Technologies, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.28, no.4, 2018 , pp. 839-845 More about this Journal
Abstract
Sensitive data is encrypted and stored as privacy policy is strengthened through frequent leakage of personal information. For this reason, the cryptographically owned encrypted data is a very important analysis from the viewpoint of digital forensics. Until now, the digital evidence collection procedure only considers imaging, so hardware specific information is not collected. If the encryption key is generated by information that is not left in the disk image, the encrypted data can not be decrypted. Recently, an application for performing encryption using hardware specific information has appeared. Therefore, in this paper, hardware specific information which does not remain in file form in auxiliary storage device is studied, and hardware specific information collection method is introduced.
Keywords
Encryption; Database; Hardware information; Digital evidence;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Gal Beniamini, "TrustZone TEEs - An Attacker's Perspective", BlueHat IL 2017, 2017.01.24.
2 Supreme Prosecutor's Office, "Regulation for the collection, analysis and management of digital evidence" 2017.3.1.
3 National Police Agency, "Digital Evidence Processing Standards Guidelines", 2006.12.28.
4 National Police Agency, "Rules for the collection and processing of digital evidence", 2017.09.01.
5 Sammons, J, "The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics "USA:Syngress, pp.70-71, 2012
6 Telecommunications Technology Association, "Guidelines for Collection, Acquisition and Preservation of Digital-Evidence", TTAS.KO-12.0058/R1, 2017.12.13.
7 S. H. Jeong, Y. H. Lee, and S. J. Lee, "A Study of Acquisition and Analysis on the Bios Firmware Image File in the Digital Forensics," KIPS Transactions on Computer and Communication Systems, Vol.5, No.12, pp.491-498, 2016, DOI: 10.3745/KTCCS.2016.5.12.491.   DOI
8 Distributed Management Task Force, Inc, "System Management BIOS (SMBIOS) Reference Specification", DSP0134, 2017.01.13
9 Sung-min Jang, Jung-heum Park and Chan-ung Pak, "The Research for Digital Evidence Acquisition Procedure within a Full Disk Encryption Environment", KIISC, 25(1), pp. 39-48, Feb. 2015