• International Journal of Fuzzy Logic and Intelligent Systems
• /
• v.12 no.1
• /
• pp.53-59
• /
• 2012

As the Privacy Act is in force in Korea, the subject of protection responsibility is increased, and continuous efforts are made to protect privacy in overseas countries, as can be seen by standard drafts related to privacy protection. However, the reality is that a formal privacy manual or guidelines are insufficient to help cope with the rapid changes and privacy leak caused by TGIF(Twitter-Google-iPhone-Facebook) these days, and practical effects cannot be expected, even though measures are taken. This paper propose a standard format for satisfying the ISO/IEC 29101 "Privacy Reference Architecture" and shows an implementation example for equipping with forensic readiness capturing indications of the incident rapidly and coming up with an effective counter measure when privacy information is disclosed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.79-90
• /
• 2017

If digital forensic investigators can utilize file access logs when they audit insider information leakage cases or incident cases, it would be helpful to understand user's behaviors more clearly. There are many known artifacts related to file access in MS Windows. But each of the artifacts often lacks critical information, and they are usually not preserved for enough time. So it is hard to track down what has happened in a real case. In this thesis, I suggest a method to utilize SACL(System Access Control List) which is one of the audit functions provided by MS Windows. By applying this method of strengthening the Windows's audit settings, even small organizations that cannot adopt security solutions can build better environment for conducting digital forensic when an incident occurs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.859-866
• /
• 2019

Cybersecurity attack targeting a specific user is rising in number, even enterprises are trying to strengthen their cybersecurity. Network segmentation environment where public network and private network are separated could block information coming from the outside, however, it is unable to control outside information for business efficiency and productivity. Even if enterprises try to enhance security policies and introduce the network segmentation system and a solution incorporating CDR technology to remove unnecessary data contained in files, it is still exposed to security threats. Therefore, we suggest a system that uses file format conversion to transmit a secure file in the network separation environment. The secure file is converted into an image file from a document, as it reflects attack patterns of inserting malicious code into the document file. Additionally, this paper proposes a system in the environment which functions that a document file can keep information for incident response, considering forensic readiness.

• Journal of Advanced Navigation Technology
• /
• v.15 no.6
• /
• pp.1212-1219
• /
• 2011

As recently Privacy Acts in Korea enforced in domestic companies' personal information management needs of a growing obligation for the safety measures and the right of personal information collection, use, limitations, management, and destroyed specifically for handling personal information. Such this regulations should be required technical and policy supports. Accordingly, for the enterprise incident has occurred, the personal information management system behave correctly operating to verify that the safety measures taken, and be determined by the specific preparation to be done. So the first, preparation phase corresponds to the upcoming digital forensic investigation model. On the other hand, the response team also carried these measures out correctly, it needs to be done to check the compliance of Privacy Act. Thus a digital forensics investigation model is strictly related with the implementation of the Privacy Acts and improve the coping strategies are needed. In this paper, we suggest a digital forensic investigation model corresponding to Privacy Act.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.302-305
• /
• 2017

최근 시간과 장소에 얽매이지 않고, 언제 어디서나 편리하게 근무함으로써 업무효율성을 향상시킬 수 있는 업무환경 개념인 스마트워크(Smartwork)가 각광을 받고 있다. 그러나 스마트워크 환경에서는 모든 업무가 정보통신망과 정보시스템을 통해 처리되기 때문에 정보유출 위협이 존재한다. 또한, 디지털 포렌식 분야에서 조사 및 수사대상이 점점 다양화되고 있다. 내부정보 유출과 같은 보안사고 발생 후, 디지털 증거는 대부분 제한적으로 수집될 수밖에 없으며, 전문업체 의뢰 시 높은 의뢰비용과 장기간의 분석 시간이 소요된다. 기존의 내부정보 유출 방지 시스템에만 의존할 것이 아니라, 유출 행위 탐지에 중점을 둔 선제적 감사 활동을 수행하기 위한 디지털 포렌식 준비도가 필요한 상황이다. 따라서, 본 논문에서는 다양한 디지털 포렌식 준비도 관련 모델들에 대한 분석을 기반으로 미래 스마트워크 환경에서 보안사고에 대응하기 위한 디지털 포렌식 준비도 모형을 연구하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.695-698
• /
• 2014

본 논문은 AHP의사결정 기법의 계층적 분석과 자산 및 부실채권에 대한 예측 평가르 수행하는 프레임워크를 설계하고 위험탐지 분석 시나리오 등을 통해 상황변화에 따른 모니터링에서 수집된 자료를 수집, 분석할 수 있는 포렌식 준비도 모형을 제안한다. 제안하는 시스템은 기업에서 운영하고 있는 기존의 레거시 시스템과 연계하여 자산 및 부실예측평가 항목을 다양한 속성에 따라 그룹화하고 분석을 수행함으로써 기업의 자산과 리스크를 보다 효율적이고 안정적으로 관리할 수 있으며, 부실 자산에 대한 관리와 회수를 통해 기업 경쟁력 및 수익률을 향상시킬 수 있다. 또한 포렌식 준비도와 분석 모니터링을 활용하여 민사 및 형사 소송 등의 기업 간 분쟁에 대하여 수집된 증거자료를 제공할 수 있으며, 민원발생과 기타 사고를 예방하고 처리비용을 줄일 수 있다.