• Journal of the Korea Society of Computer and Information
• /
• v.27 no.10
• /
• pp.115-121
• /
• 2022

In this paper, we analyze trends in the use of mobile forensic technology, focusing on cases where mobile forensics are used, and we predict the development of future mobile forensics technology using linear regression used in future prediction models. For the current status and outlook analysis, we extracted a total of 8 variables by analyzing 1,397 domestic and foreign mobile forensics-related cases and newspaper articles. We analyzed the prospects for each variable using the year of occurrence as an independent variable, seven variables such as text (text message usage information), communication information (cell phone communication information), Internet usage information, messenger usage information, stored files, GPS, and others as dependent variables. As a result of the analysis, among various aspects of the use of mobile devices, the use of Internet usage information, messenger usage information, and data stored in mobile devices is expected to increase. Therefore, it is expected that continuous research on technologies that can effectively extract and analyze characteristic information of mobile devices such as file systems, the Internet, and messengers will be needed As mobile devices increase performance and utilization in the future and security technology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.609-619
• /
• 2023

Recently, crimes using drones, one of the IoT industries have been continuously reported. In particular, drones are characterized by easy access and free movement, so they are used for various crimes such as transporting explosives, transporting drugs, and illegal recording. In order to analyze and investigate these criminal acts, drone forensic research is highly emphasized. Media data, PII, and flight records are digital forensic artifacts that can be acquired from drones, in particluar flight records are important artifacts since they can be used to trace drone activities. Therefore, in this paper, the characteristics of the deleted flight record files of DJI drones are presented and verified using the Phantom3, Phantom4 andMini2 models, two drones with differences in characteristics. Additionally, the recovery level is analyzed using the flight record file characteristics, and lastly, drones with the capacity to recover flight records for each drone model and drone models without it are classified.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.223-230
• /
• 2013

Recently, a large number of corporations are adopting cloud solution in order to reduce IT-related costs. By the way, Digital Trace should have admissibility to be accepted as digital evidence in court, and integrity is one of the factors for admissibility. In this context, this research implemented integrity verification test to VM Data which was collected by well-known private cloud solutions such as Citrix, VMware, and MS Hyper-V. This paper suggests the effective way to verify integrity of VM data collected in private cloud computing environment based on the experiment and introduces the error that EnCase fails to mount VHD (Virtual Hard Disk) files properly.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1345-1354
• /
• 2012

The modern society with the wide spread USB memory, witnesses the acceleration in the development of USB products that applied secure technology. Secure USB is protecting the data using the method as device-based access control, encryption of stored files, and etc. In terms of forensic analyst, to access the data is a lot of troubles. In this paper, we studied software-based data en/decryption technology and proposed for analysis mechanism to validation vulnerability that secured on removable storage media. We performed a vulnerability analysis for USB storage device that applied security mechanism. As a result, we found vulnerabilities that extracts a source file without a password.

• Journal of forensic and investigative science
• /
• v.2 no.2
• /
• pp.67-91
• /
• 2007

The nature of deaths occurred at sea may be revealed the differences from that in the land, but there is no comprehensive statistical analysis of deaths occurred at Korean Sea so far. Therefore, the cases of deaths or missing in the period 1993 - 2006 were analyzed by the cause, place of death, and results of preliminary investigation. In the period from 1993 to 2006, over 1000 peoples were died or missing every year. The cases of marine safety accidents including self-carelessness and mishap were approached over 60% and cases of homicide were less than 1%. The closure cases of preliminary investigation were reached over 70% and the most of deaths occurred in fishing vessels (the range of 20 ~ 99 tonnage). The suspension cases of preliminary investigation were reached to 70% of all missing and drowning cases. The results showed that the most of deaths occurred at sea could be prevented by the safety regulations including mandatory report of accidents, marine safety education and training, punishment the people responsible for the accidents. For the unidentified bodies, data should be collected and recorded for the future identification. The crime scene investigators should be trained to ensure the quality of their professional skills regularly.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1059-1065
• /
• 2015

Hard disk passwords are commonly not well known. If the passwords are set, forensic investigators are not allowed to access data on hard disks, so they can be used to obstruct investigations. Expensive tools such as PC-3000 are necessary for unlocking such hard disk passwords. But it would be a burden on both organizations that should pay for these tools and forensic investigators that are unfamiliar with these tools. This paper discusses knowledge required for unlocking hard disk passwords and proposes methods for unlocking the passwords without high-priced tools. And with a vendor-specific method, this paper provides procedures for acquiring passwords and unlocking hard disk drives.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.655-666
• /
• 2013

As the capacity of storage devices becomes larger, most users divide them into several logical partitions for convenience of storing and controlling data. Therefore, recovering partitions stably which are artificially hidden or damaged is the most important issue in the perspective of digital forensic. This research suggests partition recovery algorithm that makes stable and effective analysis using characteristics of each file system. This algorithm is available when partition is not distinguishable due to concealment of partition or damage in partition area.

• Transactions of the Korean Society of Automotive Engineers
• /
• v.25 no.3
• /
• pp.374-379
• /
• 2017

In vehicle to pedestrian accidents, cracks occur in the vehicle laminated glass due to impact of a pedestrian's head. In this study, FMH(Free Motion Headform) was used to experiment on and analyze the crack patterns on a vehicle laminated glass that collides with an adult headform at speeds of 20 km/h, 30 km/h, and 40 km/h, respectively. Applying the acquired experimental data and material property of the vehicle laminated glass to the structural analysis program LS-Dyna, we could develop the FE model of vehicle laminated glass similar to real vehicle laminated glass. We could estimate the head impact velocity and pedestrian's vehicle impact velocity using the Madymo program.

• The KIPS Transactions:PartC
• /
• v.15C no.3
• /
• pp.141-148
• /
• 2008

Windows Vista published by Microsoft provides more powerful security mechanisms than previous Windows operating systems. In the forensics point of view, new security mechanisms make it more difficult to get data related to the criminals in a storage device. In this paper, we analyze BitLocker introduced as an new security mechanism in Windows Vista. Also, compared to the previous Windows operating systems, the changes and security issues of UAC and EFS in Windows Vista are discussed in the forensics point of view. Futhermore, we discuss other characteristics of Windows Vista useful for forensic examinations.

• Anatomy and Cell Biology
• /
• v.50 no.1
• /
• pp.41-47
• /
• 2017

This study investigated the topographic relationships among the eyeball and four orbital margins with the aim of identifying the correlation between orbital geometry and eyeball protrusion in Koreans. Three-dimensional (3D) volume rendering of the face was performed using serial computed-tomography images of 141 Koreans, and several landmarks on the bony orbit and the cornea were directly marked on the 3D volumes. The anterior-posterior distances from the apex of the cornea to each orbital margin and between the orbital margins were measured in both eyes. The distances from the apex of the cornea to the superior, medial, inferior, and lateral orbital margins were 5.8, 5.8, 12.0, and 17.9 mm, respectively. Differences between sides were observed in all of the orbital margins, and the distances from the apex of the cornea to the superior and inferior orbital margins were significantly greater in females than in males. The anterior-posterior distance between the superior and inferior orbital margins did not differ significantly between males (6.3 mm) and females (6.2 mm). The data obtained in this study will be useful when developing practical guidelines applicable to forensic facial reconstruction and orbitofacial surgeries.