• Journal of the Korea Society of Computer and Information
• /
• v.13 no.2
• /
• pp.143-151
• /
• 2008

74% of Internet users use the UCC, and You Tube using firearms in a crime occurred. Internet crime occurred in the online, non-face transaction, anonymous, encapsulation. In this paper, we are studied a Network Forensic Way and a technique analyze an aspect criminal the Internet haying appeared at Internet UCC, and to chase. Study ID, IP back-tracking and position chase through corroborative facts collections of the UCC which used UCC search way study of the police and a public prosecutor and storage way and network forensic related to crimes of Internet UCC. Proof data encrypt, and store, and study through approach control and user authentication so that they are adopted to legal proof data through integrity verification after transmission and storages. This research via the Internet and criminal conspiracy to block the advance promotion, and for the criminal investigative agencies of the Internet will contribute to the advancement forensics research.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.353-363
• /
• 2021

As the Untact era is rapidly changing, collaboration tools are increasing their utilization and value as digital technologies for non-face-to-face work. While instant messenger-based collaboration tools support a variety of functions, crime and accident concerns are also increasing in proportion to their convenience, such as information leakage and security incidents. Meanwhile, the digital forensics perspective on collaborative tools is not enough, so forensics research is needed. This study analyzes significant artifacts in the two operating environments through Windows and Android forensics research on Microsoft Teams, the collaboration tool with the highest share in the world. Also, based on differences in artifacts and data attributes according to the operating environment, by applying 'differential forensic', we proved that the usefulness of evidence can be improved by presenting a complementary analysis method and timeline configuration through information linkage.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.05a
• /
• pp.652-654
• /
• 2022

소셜 미디어와 스마트폰의 대중화로 인해 디지털 이미지와 비디오를 만들어 내는 일이 매우 흔해졌다. 전통적인 이미지 포렌식 기술 압축 방법은 데이터를 손상시킨다는 점에서 비디오에 적용하기 부적절하다. 따라서 본 논문에서는 딥러닝과 MesoNet을 이용한 모델을 통해 참 혹은 거짓만 나타내는 기존의 결과 산출 방법에서 더 나아가 네가지의 분류 방법으로 딥페이크 감지 흐름을 살펴보고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.273-277
• /
• 2013

Recently, according with a sudden increase of records produced and stored by digital way, it becomes more important to maintain reliability and authenticity and to ensure legal effect when digital records are collected, preserved and managed. On the basis of domestic legal procedure law and record management-related legislation, this paper considered judicial admissibility of evidence on electronic records managed by National Archives of Korea and drew potential problems when these are submitted to court as a evidence. Also, this paper suggested a plan applying digital forensics technique to electronic records management to ensure admissibility of evidence about electronic records stored in National Archives of Korea.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.655-666
• /
• 2013

As the capacity of storage devices becomes larger, most users divide them into several logical partitions for convenience of storing and controlling data. Therefore, recovering partitions stably which are artificially hidden or damaged is the most important issue in the perspective of digital forensic. This research suggests partition recovery algorithm that makes stable and effective analysis using characteristics of each file system. This algorithm is available when partition is not distinguishable due to concealment of partition or damage in partition area.

• Convergence Security Journal
• /
• v.18 no.4
• /
• pp.35-43
• /
• 2018

Currently, digital evidence takes judicial discretion in adopting it, which does not clarify the criteria for adoption, and it can shorten the analysis time of digital evidence with distributed processing techniques. However, due to the development of cryptographic techniques, there is a problem in that it is not suitable for the 48 hour limit of the warrant request. In this paper, we analyze the precedents for admissibility of evidence and the probative power in the civil/criminal proceedings, and discuss the need for objective and detailed adoption criteria to replace judicial discretion. In addition, we'd like to propose a preliminary application form for analysis of digital evidence as a problem for limit time for warrant claims from the perspective of forensics and a solution to the problem.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.10
• /
• pp.2427-2432
• /
• 2014

Color-$X^2$ is used as a method for scene change detection. It extracts a violent scene in an elevator and then could be used for real-time surveillance of criminal acts. The scene could be also used to secure after-discovered evidences and to prove analysis processes. Video Forensic is defined as a research on various methods to efficiently analyze evidences upon crime-related visual images in the field of digital forensic. The method to use differences of color-histogram detects the difference values of histogram for RGB color from two frames respectively. Our paper uses Color-$X^2$ histogram that is composed of merits of color histogram and ones of $X^2$ histogram, in order to efficiently extract violent scenes in elevator. Also, we use a threshold so as to find out key frame, by use of existing Color-$X^2$ histogram. To increase the probability that discerns whether a real violent scene or not, we take advantage of statistical judgments with 20 sample visual images.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.671-685
• /
• 2023

By applying artificial intelligence to image editing technology, it has become possible to generate high-quality images with minimal traces of manipulation. However, since these technologies can be misused for criminal activities such as dissemination of false information, destruction of evidence, and denial of facts, it is crucial to implement strong countermeasures. In this study, image file and mobile forensic artifacts analysis were conducted for detecting image manipulation. Image file analysis involves parsing the metadata of manipulated images and comparing them with a Reference DB to detect manipulation. The Reference DB is a database that collects manipulation-related traces left in image metadata, which serves as a criterion for detecting image manipulation. In the mobile forensic artifacts analysis, packages related to image editing tools were extracted and analyzed to aid the detection of image manipulation. The proposed methodology overcomes the limitations of existing graphic feature-based analysis and combines with image processing techniques, providing the advantage of reducing false positives. The research results demonstrate the significant role of such methodology in digital forensic investigation and analysis. Additionally, We provide the code for parsing image metadata and the Reference DB along with the dataset of manipulated images, aiming to contribute to related research.

• Journal of Advanced Navigation Technology
• /
• v.18 no.5
• /
• pp.494-500
• /
• 2014

Recently the leak of personal information from in-house and contract-managed companies has been continually increasing, which leads a regular observation on outsourcing companies that perform the personal information management system to prevent dangers from the leakage, stolen and loss of personal information. However, analyzing many numbers of computers in limited time has found few difficulties in some circumstances-such as outsourcing companies that own computers that have personal information system or task continuities that being related to company's profits. For the reason, it is necessary to select an object of examination through identifying a high-risk of personal data leak. In this paper, this study will formulate a proposal for the selection of high-risk subjects, which is based on the user interface, by digital forensic. The study designs the integrated analysis tool and demonstrates the effects of the tool through the test results.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.515-530
• /
• 2013

The results of investigations into marine incidents have become an important basis in determining not only possible causes, but also the extent of negligence between the perpetrator and victim. However, marine incidents occur under special circumstances i.e. the marine environment, and this leads to difficulties in identifying causes due to problems in scene preservation, reenactment and acquisition of witnesses. Given the aforementioned characteristic of marine incidents, the International Convention for the Safety of Life at Sea (SOLAS) has adopted mandatory regulations on the carriage of Voyage Data Recorders (VDRs) and Automatic Identification Systems (AIS) for ships of a certain gross tonnage and upwards, so as to reflect recent developments in radio communication and marine technology. Adopted to provide an international standard for investigations and to promote cooperation, the Code of the International Standards and Recommended Practices for a Safety Investigation into a Marine Casualty or Marine Incident (Casualty Investigation Code) recommends member states to build capacity for analysis of VDR data. Against this backdrop, this paper presents methods for efficient investigations into the causes behind marine incidents based on data analysis of VDR, which serves as the black box of ships, as well as digital forensic techniques.