• Proceedings of the Korean Society of Computer Information Conference
• /
• 2019.07a
• /
• pp.391-392
• /
• 2019

본 논문에서는 타임스탬프의 위변조를 위한 안티포렌식의 도구로 사용되는 타임스탬프 변경도구들에 기능에 대하여 디지털 포렌식 관점에서 분석을 수행한다. 타임스탬프 변경도구들로써 수행할 수 있는 타임스탬프 변경작업의 범위와 특징을 찾아본다. NTFS파일시스템에서 사용하는 타임스탬프 변경도구들의 기능상의 분류는 그것들이 변경할 수 있는 타임스탬프 종류와 정밀도를 기준으로 정하고 그 도구들을 사용한 후에 기록된 타임스탬프의 특징들을 디지털 포렌식 관점에서 분석을 수행하기로 한다. 이 연구에서의 분류 형태 중 타입 I은 FileTouch.exe, SKTimeStamp, BulkFileChanger류의 도구들과 타입 II는 timestomp, 타입 III은 SetMACE로 분류하고 각 도구들을 사용한 후에 변경된 타임스탬프들의 특징을 살펴보기로 한다.

• Review of KIISC
• /
• v.10 no.4
• /
• pp.23-32
• /
• 2000

본 논문에서는 전자서명법 제20조에서 명문화된 시점확인서비스(타임스탬프)에 대한 동향을 분석하였다. 현재 타임스탬프 서비스는 IETF PKIX에서 1997년 처음 인터넷 드래프트가 발표된 이후 RFC로 표준화가 추진 중이며 ISO/IEC JTC1/SC27에서도 표준화가 추진 중이다. 공개키기반구조의 필수적 요소로서 전자서명 인증 서비스와 함께 구현이 필요한 타임스탬프 서비스에 대한 표준화 동향 및 타임스탬프 서비스 프로토콜에 대한 분석과 국외 서비스 업체의 서비스 제공 현황을 분석하여 타임스탬프 응용 서비스 개발에 활용할 수 있도록 작성하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.861-864
• /
• 2012

타임스탬프 서비스 형태에서 서비스제공자, 이용자에 따라 현재의 타임스탬프 모델보다 보안의 강도를 높이면서 최적의 성능을 보장할 수 있도록 모델을 설계하고 비교 분석한다. 문서를 그룹하여 타임스탬프를 발급 받으려는 이용자는 Multi Linear Hash Tree 구조를 제안하고 타임스탬프 서비스 제공업체는 Multi Prefix 이진 트리 구조를 제안한다.

• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.817-822
• /
• 2002

We want to find a timestamping method which improves efficient performance and have high-level security to send secured messages in the digital signature and the law of e-commerces. Our paper shows a H-binary tree of time stamp to use a time stamp protocol with high suity and performance in the packets of sending messages. We implement and analyze the protocols, show to compare with previous RSA methods. Our proposed protocol has O(log n) time complexity and high-performance.

• Review of KIISC
• /
• v.8 no.3
• /
• pp.71-82
• /
• 1998

공개키 기반구조에서는 인증서를 사용 함으로서 기본적으로 암호 및 인증기능을 제공한다. 이와 더불어 신뢰성 있는 부인방지기능을 제공하기 위하여 사위등급의 보안기능을 가진 인증기관 혹은 제3의 신뢰성 있는 공증기관을 별도로 둠으로서 타임스탬프 기능과 공증기능을 부가하여 전자공증 서비스를 제공할 수 있다. 사용자의 요구에 따라 데이타 혹은 인증서에 대하여 타임스탬프를 발행하는 타임스탬프 발행당국(TSA)과 공증을 행하는 공증당국(NA)을 살펴보고, 현재까지 제안된 타임스탬프 및 공증 프로토콜에 대한 분석과 더불어 전자공증 서비스에 대한 국제동향을 검토, 분석한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2001.10a
• /
• pp.541-544
• /
• 2001

The difference of transfer mode between TDMA and ATM causes cell delay variation(CDV) to be generated in the receiving station. I proposed a optimization method of timestamps for discrete-timestamps mechanism to compensate CDV and an application method in multiple timestamps mechanism.

• Journal of Internet of Things and Convergence
• /
• v.9 no.6
• /
• pp.23-28
• /
• 2023

Windows operating system generates various logs with timestamps. Timestamp tampering is an act of anti-forensics in which a suspect manipulates the timestamps of data related to a crime to conceal traces, making it difficult for analysts to reconstruct the situation of the incident. This can delay investigations or lead to the failure of obtaining crucial digital evidence. Therefore, various techniques have been developed to detect timestamp tampering. However, there is a limitation in detection if a suspect is aware of timestamp patterns and manipulates timestamps skillfully or alters system artifacts used in timestamp tampering detection. In this paper, a method is designed to detect changes in timestamps, even if a suspect alters the timestamp of a file on a storage device, it is challenging to do so with precision beyond millisecond order. In the proposed detection method, the first step involves verifying the timestamp of a file suspected of tampering to determine its write time. Subsequently, the confirmed time is compared with the file size recorded within that time, taking into consideration the performance of the storage device. Finally, the total capacity of files written at a specific time is calculated, and this is compared with the maximum input and output performance of the storage device to detect any potential file tampering.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.2
• /
• pp.7-13
• /
• 2017

Many systems rely on reliable timestamps to determine the time of a particular action or event. This is especially true in digital investigations where investigators are attempting to determine when a suspect actually committed an action. The challenge, however, is that objects are not updated at the exact moment that an event occurs, but within some time-span after the actual event. In this work we define a simple model of digital systems with objects that have associated timestamps. The model is used to predict object update patterns for objects with associated timestamps, and make predictions about these update time-spans. Through empirical studies of digital systems, we show that timestamp update patterns are not instantaneous. We then provide a method for calculating the distribution of timestamp updates on a particular system to determine more accurate action instance times.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.7
• /
• pp.173-180
• /
• 2016

Since smartphones possess a variety of user information, we can derive useful data related to the case from app data analysis in the digital forensic perspective. However, it requires an appropriate forensic measure as smartphone has the property of high mobility and high possibility of data loss, forgery, and modulation. Especially the forged/modulated time-stamp impairs the credibility of digital proof and results in the perplexity during the timeline analysis. This paper provides traces of usage which could investigate whether the time-stamp has been forged/modulated or not within the range of iOS based devices.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.5 no.1
• /
• pp.16-20
• /
• 2004

This paper developed a secure web-based digital notary system. The system conforms to international standards, and gives users very good accessibility to it. The technologies and the application systems for timestamp-related services are not yet popularized, but they are potentially meaningful to many kinds of areas such as ecommerces, digital right managements, and internet mail systems. The digital notary system uses the timestamp requests and responses which conforms to rfc 3161. The system supports secure communication between web-based notary server and its clients by using SSL(Secure Socket Layer), and use nonces for prevention of replay attacks.