• Journal of the Korea Society of Computer and Information
• /
• v.25 no.3
• /
• pp.117-127
• /
• 2020

Recently, proving insurance fraud has become increasingly difficult because it occurs intentionally and secretly via organized and intelligent conspiracy by specialists such as medical personnel, maintenance companies, insurance planners, and insurance subscribers. In the case of car accidents, it is difficult to prove intentions; in particular, an insurance company with no investigation rights has practical limitations in proving the suspicions. This paper aims reveal that the detection of organized and conspired insurance fraud, which had previously been difficult, could be dramatically improved through conspiring insurance fraud detection modeling using social network analysis and visualization of the relation between suspected group entities and by seeking developmental research possibilities of data analysis techniques.

• The KIPS Transactions:PartC
• /
• v.12C no.1 s.97
• /
• pp.45-52
• /
• 2005

A damage scale of information property has been increasing rapidly by various illegal actions of information systems, which result from dysfunction of a knowledge society. Reinforcement in criminal investigation requests of network security has accelerated research and development of Intrusion Detection Systems(IDSs), which report intrusion-detection about these illegal actions. Due to limited designs of early IDSs, it is hard for the IDSs to cope with tricks to go around IDS as well as false-positive and false-negative trials in various network environments. In this paper, we showed that this kind of problems can be solved by using a Virtual Protocol Stack(VPS) that possesses automatic learning ability through an optimum-adaptive mobile code. Therefore, the enhanced IDS adapts dynamically to various network environments in consideration of monitored and self-learned network status. Moreover, it is shown that Insertion/Evasion attacks can be actively detected. Finally, we discussed that this method can be expanded to an intrusion detection technique that possesses adaptability in the various mixed network environments.

• Journal of the Society of Disaster Information
• /
• v.13 no.2
• /
• pp.267-275
• /
• 2017

This research is about the development of e-forensic tool that extract & analyze different forms of digital evidence that individuals come across in a disaster scene. The tool utilizes digital forensic techniques which makes the tool efficient in any disaster analysis situation. In order for the forensic evidence to be selected as legal evidence, the evidence needs to be proven that it is in its original state with no forgery involved. This is where the e-forensic tool comes in, as its ability to collect digital evidence during investigation has proven; that the tool can keep the evidence in its original state and increase the integrity by generating hash TAG and adding the forensic evidence to a password encoded file.

• The KIPS Transactions:PartC
• /
• v.19C no.4
• /
• pp.215-224
• /
• 2012

Today, individuals and businesses are a lot of paperwork through a computer. So many documents files are creating to digital type. And the digital type files are copied, moved by various media such as USB, E-mail and so on. A careful analysis of these digital materials can be tracked that occurred during the document editing work history. About these research are on the compound document file format, but has not been studied about the new OOXML format that how to analyze linkages between different document files, tracking an internal order, finding unsaved file for identify the process of creating the file. Future, the use of OOXML format digital documents will further increase, these document work history traceability in digital forensic investigation would be a big help. Therefore, this paper on the new OOXML format(has a forensic viewpoint) will show you how to track the internal order and analyze linkages between the files.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2015.05a
• /
• pp.614-614
• /
• 2015

하천수는 하천의 지표면에 흐르거나 하천 바닥에 스며들어 흐르는 물 또는 하천에 저장되어 있는 물을 말하며, 인구의 증가나 산업화로 인하여 물 사용이 증대되고 있는 실정이다. 이에 따라 국가에서는 하천법 제50조에 의거하여 생활 공업 농업 환경개선 발전 주운 등의 용도로 하천수를 사용하려는 자는 국토교통부장관(홍수통제소장)의 허가를 받아야 한다. 우리나라 수문특성상 우기에 집중되어 있는 물을 갈수기에 이용할 수 있도록 분배하고 관리하는 것이 어려운 실정이다. 하천법 제51조에 의하면 하천유지유량은 생활, 공업, 농업, 환경개선, 발전, 주운 등의 하천수 사용을 고려하여 하천의 정상적인 기능과 상태를 유지하기 위한 최소한의 유량을 말하며, 2006년 고시된 낙동강 수계의 하천유지유량은 대부분 국가하천을 기준지점으로 산정되었고, 산정방법은 평균갈수량 13개, 기준갈수량 2개, 하천생태계 2개 지점이다. 또한, 하천관리유량은 하천유지유량과 이수유량의 합으로 산정된다. 본 연구에서는 2013년도 말 기준으로 하천수 사용허가 현황을 정리하였으며, 용도별, 수계별, 행정구역별, 하천등급별로 하천수 사용허가 건수와 허가량을 분석하였다. 낙동강본류를 대상으로 하천시설물을 고려하여 하천관리유량을 산정하였으며, 하천유지유량의 적절성을 검토함으로써 향후 낙동강권역의 물관리방안을 모색하였다. 낙동강본류구간은 하천관리유량이 기준갈수량에 비하여 큰 형태로써 하천관리유량 확보를 위한 노력이 필요한 것으로 나타났으며, 향후 하천수 사용허가 시설물의 회귀율에 대한 실제적인 자료 수집과 함께 정확한 분석을 통한 하천의 회귀유량을 산정하고, 하폐수 방류시설을 고려하여 산정한 결과와 비교하여 보다 정확한 물수지 분석 체계를 확립하여야 할 것이다.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.4 s.42
• /
• pp.231-241
• /
• 2006

When current cyber attacks to information and communication facilities are examined, technologies such as chase evasion technology and defense deviation technology have been rapidly advanced and many weak systems worldwide are often used as passages. And when newly-developed cyber attack instruments are examined, technologies for prefect crimes such as weakness attack, chase evasion and evidence destruction have been developed and distributed in packages. Therefore, there is a limit to simple prevention technology and according to cases, special procedures such as real-time chase are required to overcome cyber crimes. Further, cyber crimes beyond national boundaries require to be treated in international cooperation and relevant procedural arrangements through which the world can fight against them together. However, in current laws, there are only regulations such as substantial laws including simple regulations on Punishment against violation. In procedure, they are treated based on the same procedure as that of general criminal cases which are offline crimes. In respect to international cooperation system, international criminal private law cooperation is applied based on general criminals, which brings many problems. Therefore, this study speculates the procedural law on cyber crimes and presents actual problems of our country and its countermeasures.

• Journal of Digital Convergence
• /
• v.19 no.5
• /
• pp.229-239
• /
• 2021

For this study, we have extensively analyzed the presentation data of the government's financial-related departments and the data of each financial institution and electronic financial institution.. As a result, In Korea's electronic financial environment, real changes such as first) expansion of non-face-to-face finance, second) teleworking in the financial sector, third) abolition of accredited certification, fourth) advanced voice phishing, fifth) openness of the financial industry and diversification of forms, sixth) the'walletless society'. In addition to the above, however, global changes triggered by the Fourth Industrial Revolution spread to the financial security sector, making it difficult to respond to problems such as artificial intelligence/ deep learning/ user analysis/ deepfake technology. As the proportion of electronic finance is increasing socially, it should be studied in the fields of electronic finance and its environment, and crime and criminal investigation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.175-185
• /
• 2008

It is meaningful to investigate data in unallocated space because we can investigate the deleted data. However the data in unallocated space is formed to fragmented and it cannot be read by application in most cases. Especially in case of being compressed or encrypted, the data is more difficult to be read. If the fragmented data is encrypted and damaged, it is almost impossible to be read. If the fragmented data is compressed and damaged, it is very difficult to be read but we can read and interpret it sometimes. Therefore if the computer forensic investigator wants to investigate data in unallocated space, formal work of determining the data is encrypted of compressed and decompressing the damaged compressed data. In this paper, I suggest the method of analyzing data in unallocated space from a viewpoint of computer forensics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.55-65
• /
• 2011

Recently, use of cloud computing service is dramatically increasing due to wired and wireless communications network diffusion in a field of high performance Internet technique. Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. In a view of digital forensic investigation, it is difficult to obtain data from cloud computing service environments. therefore, this paper suggests analysis method of AWS(Amazon Web Service) and Rackspace which take most part in cloud computing service where IaaS formats presented for data acquisition in order to get an evidence.

• The Korean Journal of Archival Studies
• /
• no.77
• /
• pp.109-150
• /
• 2023

Prior researchers interpreted the records of criminal cases involving the Progressive Party from a historical perspective. In marked contrast to existing trends, this study examines the Progressive Party case records through the lens of archival science. This study dissects the Progressive Party case records as a single and complete record group and at each stage of their life cycle from police investigation through criminal prosecution to trial. This approach enables a holistic analysis of archival characteristics of the records. This study begins with an appraisal of the nature and types of case records generated and maintained by the various agencies in light of the investigatory authorities delegated to each institution. This study then dissects the police, prosecution, and Counter Intelligence Corps records leading up to the indictment of Progressive Party members as well as the court records of the trial that followed. In particular, this study reveals the insufficiency and illegality of the evidence against the defendants in the Progressive Party case from an archival standpoint. Setting aside the admissibility or strength of the evidence under criminal law, the present study demonstrates that the records lack reliability, authenticity, and integrity-the fundamental attributes required for evidentiary efficacy of records from an archival standpoint.