• Proceedings of the Safety Management and Science Conference
• /
• 2001.05a
• /
• pp.275-280
• /
• 2001

DESIGNIN AND OPERATION OF DIGITAL EVIDENCE MANAGEMENT SYSTEM APPLYING COMPUTER FORENSICS AND ELECTRONIC CERTIFICATION Digital evidence will be used as a term, which means the electronic form of information which is necessary to confirm or prove the factum of all kinds of behaviors committed through the devices which have data processing ability including computer. It is expected that there will be the increase of legal conflicts surrounding electronic commerce activities as well as the increase of cyber crimes, as the number of Internet users are getting bigger. In order to solve the problems of conflicts derived from electronic commerce, the factum of electronic commerce activities must be confirmed. In order to confirm the factum of electronic commerce activities, the evidence is prerequisite. Almost all evidences relating to the electronic commerce activities exist in digital form. For the reason that the digital evidence can be easily damaged and changed, special management is required to collect, analyze, and preserve the digital evidence. In order to meet this requirement, this study proposes a basic model of digital evidence management system applying computer forensics and electronic authentication.

• Journal of Information Processing Systems
• /
• v.14 no.2
• /
• pp.346-376
• /
• 2018

Digital forensics is a vital part of almost every criminal investigation given the amount of information available and the opportunities offered by electronic data to investigate and evidence a crime. However, in criminal justice proceedings, these electronic pieces of evidence are often considered with the utmost suspicion and uncertainty, although, on occasions are justifiable. Presently, the use of scientifically unproven forensic techniques are highly criticized in legal proceedings. Nevertheless, the exceedingly distinct and dynamic characteristics of electronic data, in addition to the current legislation and privacy laws remain as challenging aspects for systematically attesting evidence in a court of law. This article presents a comprehensive study to examine the issues that are considered essential to discuss and resolve, for the proper acceptance of evidence based on scientific grounds. Moreover, the article explains the state of forensics in emerging sub-fields of digital technology such as, cloud computing, social media, and the Internet of Things (IoT), and reviewing the challenges which may complicate the process of systematic validation of electronic evidence. The study further explores various solutions previously proposed, by researchers and academics, regarding their appropriateness based on their experimental evaluation. Additionally, this article suggests open research areas, highlighting many of the issues and problems associated with the empirical evaluation of these solutions for immediate attention by researchers and practitioners. Notably, academics must react to these challenges with appropriate emphasis on methodical verification. Therefore, for this purpose, the issues in the experiential validation of practices currently available are reviewed in this study. The review also discusses the struggle involved in demonstrating the reliability and validity of these approaches with contemporary evaluation methods. Furthermore, the development of best practices, reliable tools and the formulation of formal testing methods for digital forensic techniques are highlighted which could be extremely useful and of immense value to improve the trustworthiness of electronic evidence in legal proceedings.

• Journal of Arbitration Studies
• /
• v.21 no.2
• /
• pp.47-64
• /
• 2011

The China International Economic and Trade Arbitration Commission(CIETAC) released online arbitration rules which apply the resolution of disputes over electronic commerce transactions, as well as other economic and trade disputes in which the parties agree to do. The evidence submitted by the parties may be electronic evidence created, sent, received or stored by electronic, optical or magnetic means. Electronic evidence with a reliable electronic signature shall carry the same effect and probative force as a document with a hand-written signature. Where a case is tried in a tribunal, the arbitration tribunal shall conduct an online trial hearing using internet video conference or other electronic or computer communication means. Unless the parties have another agreement, summary procedure shall apply to cases where the amount in dispute exceeds RMB 100,000 but no more than RMB 1 million, or where the amount in dispute exceeds RMB 1 million and a party submits a written application for summary procedure after obtaining the written consent of the other party. Unless the parties have agreed otherwise, fast-track procedure shall apply to cases where the amount in dispute does not exceed RMB 100,000 or where the amount in dispute exceeds RMB 100,000 and a party submits a written application for fast-track procedure after obtaining the written consent of the other party. Notable features of the Online Rules are as follows; first, there is not detailed consideration for online arbitration. Second, communications between the parties and the tribunal are allowed only through the Secretariat. Third, elaborate provisions regarding the electronic submission and transmission of documents is provided for. Forth, various factors must be considered by the tribunal in deciding the evidence's reliability. Fifth, reasonable endeavours is levied on CIETAC to keep data communications secure and encrypted. Sixth, the tribunal has the right to investigate and collect relevant evidence. And finally different procedures are provided for in consideration of the various types of E-commerce.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.273-277
• /
• 2013

Recently, according with a sudden increase of records produced and stored by digital way, it becomes more important to maintain reliability and authenticity and to ensure legal effect when digital records are collected, preserved and managed. On the basis of domestic legal procedure law and record management-related legislation, this paper considered judicial admissibility of evidence on electronic records managed by National Archives of Korea and drew potential problems when these are submitted to court as a evidence. Also, this paper suggested a plan applying digital forensics technique to electronic records management to ensure admissibility of evidence about electronic records stored in National Archives of Korea.

• Journal of Information Technology Services
• /
• v.19 no.3
• /
• pp.57-73
• /
• 2020

The proportion of digital evidence in criminal cases has increased, while at the same time, the spread of the Internet has made it easy to delete information that is stored in another place and thus, the Internet is being used to delete online criminal evidence. To respond quickly and effectively to cybercrime, 29 countries signed the Convention on Cybercrime in 2001 through the Council of Europe. Article 16 of the Convention relates to the expedited preservation of stored computer data and requires signatories to adopt legislative measures to enable its competent authorities to order expeditious preservation of specified computer data where there are grounds to believe that the data is particularly vulnerable to loss or modification. More than 60 countries have joined the Convention since 2001 and have made efforts to improve their legal system in line with it. The United States legislated 18 U.S.C. § 2703(f) to preserve electronic evidence pending the issuance of a court order. The German Code of Criminal Procedure §§ 94~95 allows prosecution authorities to seize evidence or issue production orders without court control in urgent circumstances. A custodian shall be obliged to surrender evidence upon a request that evidence be preserved, and non-compliance results in punishment. Japan legislated the Criminal Procedure Act § 197(3) and (4) to establish a legal base for requesting that electronic records that are stored by an ISP not be deleted. The Korean Criminal Procedure Act § 184 outlines procedures for the preservation of evidence but does not adequately address the expeditious preservation of digital evidence that may be vulnerable to deletion. This paper analyzes nine considerations, including request subjects, requirements, and cost reimbursement to establish directions to improve the legal system for the expedited preservation of digital evidence. A new method to preserve online digital evidence in urgent cases is necessary.

• Journal of the Korean Society for information Management
• /
• v.38 no.2
• /
• pp.201-226
• /
• 2021

Discovery's collection was originally paper documents, but with the advent of the digital age, its collection expanded. Resolving the issue of ESI has now become important in litigation. Therefore, this study analyzes the requirements of each domain for electronic records to be recognized as evidence. It also explained the factors that should be considered in record management. In addition, eDiscovery in the United States was selected as an advanced case to utilize records as evidence. This study investigated the Commentary on Legal Holdings: The Trigger & The Process and analyzed which functions must be considered in order for electronic records to be preserved as evidence. To this end, we analyze the functional requirements of the eDiscovery solution. Through this, necessary functional requirements are derived to help implement the system in preparation for eDiscovery.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.13 no.1
• /
• pp.163-168
• /
• 2018

With the advent of the fourth industrial revolution era, the use of drone has been progressing rapidly in various fields. Now the drones will be used extensively in the area of investigation. Until now the criminal photographs stayed in 2D digital images, it would be possible to reproduce not only 3D images but also make a crime scene with 3D printer. Firstly, the video images taken by the investigation agency using the drones are digital image evidence, and the requirements for securing the evidence capability are not different from the conditions for obtaining the proof of digital evidence. However, when the drones become a new area of scientific investigation, it is essential to systematize the authenticity of the images taken by the drones so that they can be used as evidence. In this paper, I propose a method to secure the evidence capability of digital images taken by drone.

• International Journal of Fuzzy Logic and Intelligent Systems
• /
• v.16 no.4
• /
• pp.308-317
• /
• 2016

Multiple evidences based decision making is an important functionality for computers and robots. To combine multiple evidences, mathematical theory of evidence has been developed, and it involves the most vital part called Dempster's rule of combination. The rule is used for combining multiple evidences. However, the combined result gives a counterintuitive conclusion when highly conflicting evidences exist. In particular, when we obtain two different sources of evidence for a single hypothesis, only one of the sources may contain evidence. In this paper, we introduce a modified combination rule based on the partial conflict measurement by using an absolute difference between two evidences' basic probability numbers. The basic probability number is described in details in Section 2 "Mathematical Theory of Evidence". As a result, the proposed combination rule outperforms Dempster's rule of combination. More precisely, the modified combination rule provides a reasonable conclusion when combining highly conflicting evidences and shows similar results with Dempster's rule of combination in the case of the both sources of evidence are not conflicting. In addition, when obtained evidences contain multiple hypotheses, our proposed combination rule shows more logically acceptable results in compared with the results of Dempster's rule.

• ETRI Journal
• /
• v.42 no.5
• /
• pp.799-804
• /
• 2020

Network security situation prediction is difficult due to its strong uncertainty, but DS evidence theory performs well in solving the problem of uncertainty. Based on DS evidence theory, this study analyzed the prediction of the network security situation, designed a prediction model based on the improved DS evidence theory, and carried out a simulation experiment. The experimental results showed that the improved method could predict accurately in the case of a large conflict, and had strong anti-jamming abilities as compared with the original method. The experimental results prove the effectiveness of the improved method in the prediction of the network security situation and provide some theoretical basis for the further application of DS evidence theory.

• 한국경영정보학회:학술대회논문집
• /
• 2007.11a
• /
• pp.284-293
• /
• 2007

In the present competitive organizational environment more organizations are implementing knowledge management initiatives to gain strategic advantage. One such initiative is that of implementing electronic knowledge repositories (EKR) which often leads to a rapid increase in the quantity of information employees have to process daily; raising concerns of employees being overloaded. This is especially true for current EKRs using distributive technology, enabling customizable individual workspaces which can result in loose knowledge structures. This paper identifies a new type of information overload (IO), extending the concept as occurring in both knowledge seekers and contributors and uses cognitive dissonance theory to provide evidence that IO can change employees' perception of EKR usage. This research paper provides the first empirical evidence that overload has no sufficient affect on EKR continuance intention directly, but has significant negative affect on the two main success measures; perceived usefulness and satisfaction of the system.