Browse > Article

A Study on the Improvement of the Malware Evidence Collection Module Based On Windows  

Heo, Geon-Il (서울과학기술대학교 산업정보시스템공학과)
Park, Chan-Uk (서울과학기술대학교 산업정보시스템공학과)
Park, Won-Hyung (서울과학기술대학교 산업정보시스템공학과)
Kuk, Kwang-Ho (서울과학기술대학교 산업정보시스템공학과)
Publication Information
Convergence Security Journal / v.10, no.3, 2010 , pp. 61-68 More about this Journal
Abstract
Recently a malware is increasing for leaking personal data, credit information, financial information, etc. The secondary damage is also rapidly increasing such as the illegal use of stolen name, financial fraud, etc. But when a system is infected by a malware of leaking information, the existing malware evidence collection tools do not provide evidences conveniently or sometimes cannot provide necessary evidences. So security officials have much difficulty in responding to malwares. This paper analyzes the current status and problems of the existing malware evidence collection tools and suggests new ways to improve those problems.
Keywords
Forensics; Evidence Collection; Malware;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 http://www.forensic-proof.com/20, index.dat 분석.
2 김용호, 디지털증거확보를 위한 파일 삭제 탐지 모델, 경기대학교 박사논문, 2008.
3 장영준, 차민석, 정진성, 조시행, "악성 코드 동향과 그 미래 전망", 한국정보보호학회, 2008.   과학기술학회마을
4 ASEC Report, 안철수연구소, 2010.
5 인터넷 침해사고 동향 및 분석 월보, KISA 인터넷 침해대응센터, 2010.
6 임채영, "AhnReport 분석", 안철수연구소 ASEC, 2009.
7 Special Agent Jesse Kornblum, "Preservation of Fragile Digital Evidence by First Responders", Air Force Office of Special Investigations, 2002.
8 Special Agent Jesse Kornblum, "Simple but Sound Tools for First Responders", Air Force Office of Special Investigations, 2002.
9 침해사고 분석 절차 안내서, KISA 해킹대응팀, 2010.
10 Greg Shultz, "Windows XP SP2 adds a new parameter for Netstat", TechRepublic, 2005.
11 http://en.wikipedia.org/wiki/Netstat.
12 http://en.wikipedia.org/wiki/Domain_Name_System.