• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.223-226
• /
• 2010

iPhone and Smart Phone domestic markets are activated with domestic coming out of galaxy S together and the users are increasing. It follows hereupon and with forensic techniques for the cellular phone relation criminal evidence collection of data of existing the mobile forensic engineering research is necessary in about Smart Phone where it has become new techniques and WiFi etc. Convergence. It respects Smart Phone OS star forensic technique and a tool research, iPhone Apple MAC OS X and it researches galaxy S Google Android from the present paper. Smart it uses SYN methods with Phone OS star forensic techniques and it researches in order mobile forensic description below it observes it sees and forensic application methods computer forensic methods and the tools and it researches forensic techniques. The present paper research as IT powerful country will contribute in Smart Phone forensic technical advances of Korea.

• The KIPS Transactions:PartC
• /
• v.17C no.4
• /
• pp.335-346
• /
• 2010

Mac OS X is the Computer Operating System that develop in Apple Inc. Mac OS X is the successor to Mac OS 9 Version which had been Apple's primary operating system since 1984. Recently, Mac OS X 10.6 (Snow Leopard) has been manufactured and is distributed to user. Apple's Mac OS X Operating System is occupying about 10% in the world Operating System market share. But, Forensic tools that is utilized on digital forensic investigation can not forensic analysis about Mac OS X properly. To do forensic investigation about Mac OS X, information connected with user's action and trace can become important digital evidence in Operating System. This paper presents way about user trace data acquisition methodology in Mac OS X.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.7
• /
• pp.173-180
• /
• 2016

Since smartphones possess a variety of user information, we can derive useful data related to the case from app data analysis in the digital forensic perspective. However, it requires an appropriate forensic measure as smartphone has the property of high mobility and high possibility of data loss, forgery, and modulation. Especially the forged/modulated time-stamp impairs the credibility of digital proof and results in the perplexity during the timeline analysis. This paper provides traces of usage which could investigate whether the time-stamp has been forged/modulated or not within the range of iOS based devices.

• The Journal of Industrial Distribution & Business
• /
• v.12 no.6
• /
• pp.47-55
• /
• 2021

Purpose: Organizational crime is an offense committed by an individual or an official in a corporate entity for organizational gain. This study aims to explore the literature on challenges facing digital forensics and further discuss possible solutions to such challenges as far as the protection of corporate crime is concerned. Research design, data and methodology: Qualitative textual methodology matches the interpretative approach since it is a quality method meant to consider the inductivity of strategies. Also, a qualitative approach is vital because it is distinct from the techniques used in optimistic paradigms linked to science laws. Results: For achieving justice through the investigation of digital forensic, there is a need to eradicate corporate crimes. This study suggests several solutions to reduce corporate crime such as 'Solving a problem to Anti-forensic Techniques', 'Cloud computing technique', and 'Legal Framework' etc. Conclusion: As corporate crime increases in rate, the data collected by digital forensics increases. The challenge of analyzing chunks of data requires digital forensic experts, who need tools to analyze them. Research findings shows that a change of the operating system and digital evidence interpretation is becoming a challenge as the new computer application software is not compatible with older software's structure.

• Journal of the Korean Society of Safety
• /
• v.30 no.4
• /
• pp.56-63
• /
• 2015

Gas explosion accidents could cause a catastrophe. we need specialized and systematic accident investigation techniques to shed light on the cause and prevent similar accidents. In this study, we had performed LNG explosion simulation using AUTODYN which is the commercial explosion program and predicted the damage characteristics of the structures by LNG explosive power. In the first step, we could get LNG's physical and chemical explosion properties by calculation using TNT equivalency method. And then, by applying TNT equivalency value about the explosion limit concentration of LNG on the 2D-AUTODYN simulation, we could get the explosion pressure wave profiles (explosion pressure, explosion velocity, etc.). In the last step, we performed LNG explosion simulation by applying to the explosion pressure wave profiles as the input data on the 3D-AUTODYN simulation. As a result, we had performed analyzing of the explosion characteristics of LNG in accordance with concentration through the 3D-AUTODYN simulation in terms of the explosion pressure behavior and structure's destruction and damage behavior.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.6
• /
• pp.15-20
• /
• 2019

Fundamental processes in digital forensic investigation - such as disk imaging - were developed when digital investigation was relatively young. As digital forensic processes and procedures matured, these fundamental tools, that are the pillars of the reset of the data processing and analysis phases of an investigation, largely stayed the same. This work is a study of modern digital forensic imaging software tools. Specifically, we will examine the feature sets of modern digital forensic imaging tools, as well as their development and release cycles to understand patterns of fundamental tool development. Based on this survey, we show the weakness in current digital investigation fundamental software development and maintenance over time. We also provide recommendations on how to improve fundamental tools.

• Journal of Information Processing Systems
• /
• v.14 no.3
• /
• pp.680-693
• /
• 2018

Nowadays, third-party applications form an important part of the mobile environment, and social networking applications in particular can leave a variety of user footprints compared to other applications. Digital forensics of mobile third-party applications can provide important evidence to forensics investigators. However, most mobile operating systems are now updated on a frequent basis, and developers are constantly releasing new versions of them. For these reasons, forensic investigators experience difficulties in finding the locations and meanings of data during digital investigations. Therefore, this paper presents scenario-based methods of forensic analysis for a specific third-party social networking service application on a specific mobile device. When applied to certain third-party applications, digital forensics can provide forensic investigators with useful data for the investigation process. The main purpose of the forensic analysis proposed in the present paper is to determine whether the general use of third-party applications leaves data in the mobile internal storage of mobile devices and whether such data are meaningful for forensic purposes.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.2
• /
• pp.93-102
• /
• 2013

These days digital data have become essential for digital investigation because most of the crime was occurred by using the digital devices. However, digital data is very easier to falsify or delete. If digital data was deleted, it is necessary to recover the deleted data for obtain digital evidence. Even though file carving is the most important thing to gather. digital evidence in digital forensic investigation, most of popular carving tools don't contemplate methods of selection or restoration for digital forensic investigation. The goal of this research is suggested files which can obtain useful information for digital forensic investigation and proposed new record file carving technique to be able to recover data effectively than before it.

• Journal of Distribution Science
• /
• v.20 no.7
• /
• pp.107-117
• /
• 2022

Purpose: The scope of forensic investigations serves to identify malicious activities, including leakage of crucial corporate information. The investigations also identify security lapses in available networks. The purpose of the present study is to explore how to block distribution channels to protect illegal leakage in supply chain through digital forensic method. Research design, data and methodology: The present study conducted the qualitative textual analysis and its data collection process entails five steps: identifying and collecting data, determining coding categories, coding the content, checking validity and reliability, and analyzing and presenting the results. This methodology is a significant research method due to its high quality of previous resources. Results: Applying previous literature analysis to the results of this study, the author figured out that there are four solutions as an evidences to block distribution channels, preventing illegal leakage regarding company information. The following subtitles show clear solutions: (1) Communicate with Stakeholders, (2) Preventing and addressing illegal leakage, (3) Victims of Data Breach, (4) Focusing Solely on Technical Teams. Conclusion: There are difficult scenarios that continue to introduce difficult questions surrounding engagement with digital evidence. Consequently, it is important to enhance data handling to provide answers for organizations that suffer due to illegal leakages of sensitive information.

• International Journal of Internet, Broadcasting and Communication
• /
• v.8 no.3
• /
• pp.31-40
• /
• 2016

In this paper, we propose a new anti-forensic method for hiding data in the timestamp of a file in the Windows NTFS filesystem. The main idea of the proposed method is to utilize the 16 least significant bits of the 64 bits in the timestamps. The 64-bit timestamp format represents a number of 100-nanosecond intervals, which are small enough to appear in less than a second, and are not commonly displayed with full precision in the Windows Explorer window or the file browsers of forensic tools. This allows them to be manipulated for other purposes. Every file has $STANDARD_INFORMATION and $FILE_NAME attributes, and each attribute has four timestamps respectively, so we can use 16 bytes to hide data. Without any changes in an original timestamp of "year-month-day hour:min:sec" format, we intentionally put manipulated data into the 16 least significant bits, making the existence of the hidden data in the timestamps difficult to uncover or detect. We demonstrated the applicability and feasibility of the proposed method with a test case.