• The KIPS Transactions:PartC
• /
• v.19C no.4
• /
• pp.215-224
• /
• 2012

Today, individuals and businesses are a lot of paperwork through a computer. So many documents files are creating to digital type. And the digital type files are copied, moved by various media such as USB, E-mail and so on. A careful analysis of these digital materials can be tracked that occurred during the document editing work history. About these research are on the compound document file format, but has not been studied about the new OOXML format that how to analyze linkages between different document files, tracking an internal order, finding unsaved file for identify the process of creating the file. Future, the use of OOXML format digital documents will further increase, these document work history traceability in digital forensic investigation would be a big help. Therefore, this paper on the new OOXML format(has a forensic viewpoint) will show you how to track the internal order and analyze linkages between the files.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.319-325
• /
• 2014

Since smart phones or tablet PCs have been widely used recently, the users can create and edit documents anywhere in real time. If the input and edit flows of documents can be traced, it can be used as evidence in digital forensic investigation. The typical document application is the MS(Microsoft) Office. As the MS Office applications consist of two file formats that Compound Document File Format which had been used from version 97 to 2003 and OOXML(Office Open XML) File Format which has been used from version 2007 to now. The studies on MS Office files were for making a decision whether the file has been tampered or not through detection of concealed items or analysis of documents properties so far. This paper analyzed the input order of text cells on MS Excel files and shows how to figure out what cell is the last edited in digital forensic perspective.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.295-298
• /
• 2014

In recently, a climatic change(such as subtropical climate and frequent unusual high temperature) and the open-trade policies of agricultural & livestock products are increasing the outbreak risk of highly pathogenic avian influenza(HPAI) and foot and mouth disease(FMD), and accordingly the socio-economic damage and impacts are also increasing due to the cases such as damage from the last 5 times of FMD outbreak(3,800 billion won), from 10 years public control cost of Pine Wilt Disease (PWD)(238.3 billion won), and from the increased invasive pests of exotic plant like isoptera. Therefore, the establishment of new operation strategy of IoT(Internet of Things) based satellite early warning system(SEWS) for plants and animals as a subsystem of national disaster response and management system is being required, where the forensic technology & measures should be applied as a government policy to estimate the post compensation and to carry out the legal responsibility.

• Proceedings of the Korea Contents Association Conference
• /
• 2016.05a
• /
• pp.409-410
• /
• 2016

본 논문에서는 승강기 내에서 흡연을 하는 사람을 추출하도록 한다. 흰색 막대를 입에 물거나, 연기를 내품는 사람을 추출하는 것이다. 추출 방법은 장면 전환 검출에서 Average Intensity Measure를 이용하여 추출하도록 한다. 이렇게 추출하여 경찰청이나 법원에 포렌식 증거 자료로 제출하기 위해서이다.

• Journal of Korea Society of Industrial Information Systems
• /
• v.17 no.7
• /
• pp.89-94
• /
• 2012

In fact, smoking is prohibited in elevators. It is morally wrong to smoke in elevators. In addition, smoking can be very fatal for our children and for women. In this paper, forensic evidence is submitted to court by people who smoke in elevators. Shots around the face of the person in the elevator extracted partially by scene change detection. Smokers is extracted that the white bar is at the mouth biter. People spouting smoke extraction will proceed in the future. It is extracted by using technology of color histogram, one of the scene change detection method. The extract is a much more accurate extraction ratio than the methods that do not use scene change detection.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.343-345
• /
• 2017

With the development of IoT technology, terminals connected with IoT are being used. However, security incidents are occurring as IoT is applied to society as a whole. IoT security incidents can be linked to personal risk and social disruption. In this study, we extract the evidence of security breach in IoT device. Analyze IoT security breach environment and extract Hashing function to secure original integrity and integrity. Then, the Forensic evidence is extracted from the IoT security device to verify the integrity of the original and Forensic reports should be written and studied to be used as legal evidence.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.41-43
• /
• 2012

Pickpockets occurs most crowded in a crowded place. However, the current occurs more commonly in a secluded place and unfrequented place. In this paper, we classified to the scene for submitting to image forensics evidence target for pickpockets of theft. We wish to submit evidence by classifying as a pickpocket scene video.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2008.06a
• /
• pp.175-182
• /
• 2008

2008년에 있었던 우리나라 금융기관과 정부기관에 대한 DoS 공격에 대한 연구이다. 실험실 환경에서 실제 DoS 공격 툴을 이용하여 공격을 실시한다. DoS 공격을 탐지하기 위하여 네트워크 상에서 Snort를 이용한 N-IDS를 설치하고, 패킷을 탐지하기 위한 Winpcap과 패킷의 저장 및 분석하기 위한 MySQL, HSC, .NET Framework 등을 설치한다. e-Watch 등의 패킷 분석 도구를 통해 해커의 DoS 공격에 대한 패킷량과 TCP, UDP 등의 정보, Port, MAC과 IP 정보 등을 분석한다. 본 논문 연구를 통하여 유비쿼터스 정보화 사회의 역기능인 사이버 DoS, DDoS 공격에 대한 자료를 분석하여 공격자에 대한 포렌식자료 및 역추적 분석 자료를 생성하여 안전한 인터넷 정보 시스템을 확보하는데 의의가 있다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.353-355
• /
• 2017

Recently developed digital devices are being used in cyberspace. Digital device users are engaged in activities such as financial settlement and e-commerce using cyber-connected terminals. With the activation of cyber trading, cyber crimes against users are increasing. Forensic evidence should be obtained from investigations of cybercrime. However, there is a lot of information to analyze digital forensic evidence. In many of these digital information, Scripts are an effective way to secure evidence for cybercrime. In this paper, we study how to secure forensic evidence using scripts. Extract evidence from EnCase and study how to obtain evidence using scripts. This study will be used as the basic data for cyber security for the safe life of the people.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.10
• /
• pp.2427-2432
• /
• 2014

Color-$X^2$ is used as a method for scene change detection. It extracts a violent scene in an elevator and then could be used for real-time surveillance of criminal acts. The scene could be also used to secure after-discovered evidences and to prove analysis processes. Video Forensic is defined as a research on various methods to efficiently analyze evidences upon crime-related visual images in the field of digital forensic. The method to use differences of color-histogram detects the difference values of histogram for RGB color from two frames respectively. Our paper uses Color-$X^2$ histogram that is composed of merits of color histogram and ones of $X^2$ histogram, in order to efficiently extract violent scenes in elevator. Also, we use a threshold so as to find out key frame, by use of existing Color-$X^2$ histogram. To increase the probability that discerns whether a real violent scene or not, we take advantage of statistical judgments with 20 sample visual images.