• Journal of Electrical Engineering and Technology
• /
• v.10 no.4
• /
• pp.1886-1898
• /
• 2015

In today’s era of advanced technological developments, the threats to the authenticity and integrity of digital images, in a nutshell, the threats to the Image Forensics Research communities have also increased proportionately. This happened as even for the ‘non-expert’ forgers, the availability of image processing tools has become a cakewalk. This image forgery poses a great problem for judicial authorities in any context of trade and commerce. Block matching based image cloning detection system is widely researched over the last 2-3 decades but this was discouraged by higher computational complexity and more time requirement at the algorithm level. Thus, for reducing time need, various dimension reduction techniques have been employed. Since a single technique cannot cope up with all the transformations like addition of noise, blurring, intensity variation, etc. we employ multiple techniques to a single image. In this paper, we have used Fuzzy logic approach for decision making and getting a global response of all the techniques, since their individual outputs depend on various parameters. Experimental results have given enthusiastic elicitations as regards various transformations to the digital image. Hence this paper proposes Fuzzy based cloning detection and classification system. Experimental results have shown that our detection system achieves classification accuracy of 94.12%. Detection accuracy (DAR) while in case of 81×81 sized copied portion the maximum accuracy achieved is 99.17% as regards subjection to transformations like Blurring, Intensity Variation and Gaussian Noise Addition.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10d
• /
• pp.71-76
• /
• 2007

정보 통신기술의 발전으로 단말기와 네트워크에 독립적인 부가서비스를 이용할 수 있는 개방형 가입자인증 카드인 USIM(Universal Subscriber Identification Module) 카드가 이용되고 있다. 모바일 정보기기의 성능 향상으로 다양한 기능이 추가되고 USIM에 저장된 개인정보의 중요성이 부각되어 범죄 도구로 이용될 가능성이 높아 졌으며 법정 증거자료로서의 중요성도 증가되었다. 모바일 포렌식은 기존의 데이터 저장장치와는 다른 파일시스템을 가지고 있기 때문에 거기에 맞는 전용 포렌식 툴들이 필요하며, USIM과 관련된 범죄가 일어날 때, 자료의 복구와 빠른 검사를 통해 법적 증거화 시킬 수 있는 USIM 포렌식 틀을 요구한다. 본 논문에서는 USIM의 기본적인 구조와 파일시스템을 분석하고 USIM 포렌식 관점에서 증거화 시킬 수 있는 다양한 유형과 절차들을 알아보고, 현재 사용 중인 USIM 포렌식 툴들에 대해 비교 분석한다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.11
• /
• pp.461-470
• /
• 2013

This paper proposes high speed kernel data collection method for analysis of memory workload, using technique of direct access to process's memory management structure. The conventional analysis tools have a slower data collection speed and they are lack of scalability due to collection only formalized memory information. The proposed method collects kernel data much faster than the conventional methods using technique of direct collect to process's memory information, page table, page structure in the memory management structure, and it can collect data which user wanted. We collect memory management data of the running process, and analyze its memory workload.

• Korean Journal of Culture and Social Issue
• /
• v.10 no.2
• /
• pp.39-77
• /
• 2004

This literature review introduced the concept of psychopathy which has never been defined academically in Korea. Also it is reviewed how this concept could be applied as latent factor of criminal behavior in the forensic settings. For this purpose, first of all, the periodical change of psychopathy definition was explored. Then it was investigated which determinants might develop psychopathy and what would be the behavioral characteristics of psychopaths. Finally, risk assessment tools measuring psychopathy were introduced and their predictive efficacy and applicability in Korean criminal justice system was discussed.

• KIPS Transactions on Software and Data Engineering
• /
• v.10 no.10
• /
• pp.421-428
• /
• 2021

The High Efficiency Image File Format (HEIF) is an MPEG-developed image format that utilizes the video codec H.265 to store still screens in a single image format. The iPhone has been using HEIF since 2017, and Android devices such as the Galaxy S10 have also supported the format since 2019. The format can provide images with good compression rates, but it has a complex internal structure and lacks significant compatibility between devices and software, making it not popular to replace commonly used JPEG (or JPG) files. However, despite the fact that many devices are already using HEIF, digital forensics research regarding it is lacking. This means that we can be exposed to the risk of missing potential evidence due to insufficient understanding of the information contained inside the file during digital forensics investigations. Therefore, in this paper, we analyze the HEIF formatted photo file taken on the iPhone and the motion photo file taken on the Galaxy to find out the information and features contained inside the file. We also investigate whether or not the software we tested support HEIF and present the requirement of forensic tools to analyze HEIF.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.41-55
• /
• 2007

The certificate is used to confirm and prove the user's identity in online finance and stocks business. A user's public key is stored in the certificate(for e.g., SignCert.der) and the private key, corresponding to public key, is stored in the private key file(for e.g., SignPri.key) after encryption using the password that he/she created for security. In this paper, we show that the certificate, deleted by the commercial certificate software, can be recovered without limitation using the commercial forensic tools. In addition, we explain the problem that the private key encryption password can be detected using the SignCert.der and the SignPri.key in off-line and propose the countermeasure about the problem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.605-616
• /
• 2020

Obfuscation technology delays the analysis of a program by modifying internal logic such as data structure and control flow while maintaining the program's functionality. However, the application of such obfuscation technology to malicious code frequently occurs to reduce the detection rate of malware in antivirus software. The obfuscation technology applied to protect software intellectual property is applied to the malicious code in reverse, which not only lowers the detection rate of the malicious code but also makes it difficult to analyze and thus makes it difficult to identify the functionality of the malicious code. The study of reverse obfuscation techniques that can be closely restored should also continue. This paper analyzes the characteristics of obfuscated code with the option of Pack the Output File and Import Protection among detailed obfuscation technologies provided by VMProtect 3.4.0, a popular tool among commercial obfuscation tools. We present a de-obfuscation algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.223-232
• /
• 2017

Previous research on data recovery in Microsoft SQL Server has focused on restoring data based on in the transaction log that might have deleted records exist. However, there was a limit that was not applicable if the related transaction log did not exist or the physical database file was not connected to Server. Since the suspect in the crime scene may delete the data records using a different deletion statements besides "delete", we need to check the remaining data and a recovery possibility of the deleted record. In this paper, we examined the changes "Page Allocation information" of the table, "Unallocation deleted data", "Row Offset Array" in the page according to "delete", "truncate" and "drop" events. Finally it confirmed the possibility of data recovery and availability of management tools in Microsoft SQL Server digital forensic investigation.

• Computers and Concrete
• /
• v.31 no.5
• /
• pp.419-432
• /
• 2023

Beam-column joints are a critical component of reinforced concrete frame structures. They are responsible for transferring forces between adjoining beams and columns while limiting story drifts and maintaining structural integrity. During severe loading, beam-column joints deform significantly, affecting, and sometimes governing, the overall response of frame structures. While most failure modes for beam and column elements are commonly considered in plastic-hinge-based global frame analyses, the beam-column joint failure modes, such as concrete shear and reinforcement bond slip, are frequently omitted. One reason for this is the dearth of published guidance on what type of hinges to use, how to derive the joint hinge properties, and where to place these hinges. Many beam-column joint models are available in literature but their adoption by practicing structural engineers has been limited due to their complex nature and lack of practical application tools. The objective of this study is to provide a comparative review of the available beam-column joint models and present a practical joint modeling approach for integration into commonly used global frame analysis software. The presented modeling approach uses rotational spring models and is capable of modeling both interior and exterior joints with or without transverse reinforcement. A spreadsheet tool is also developed to execute the mathematical calculations and derive the shear stress-strain and moment-rotation curves ready for inputting into the global frame analysis. The application of the approach is presented by modeling a beam column joint specimen which was tested experimentally. Important modeling considerations are also presented to assist practitioners in properly modeling beam-column joints in frame analyses.

• Journal of forensic and investigative science
• /
• v.1 no.2
• /
• pp.5-19
• /
• 2006

Data mining is an information extraction activity to discover hidden facts contained in databases. Using a combination of machine learning, statistical analysis, modeling techniques and database technology, data mining finds patterns and subtle relationships in data and infers rules that allow the prediction of future results. Typical applications include market segmentation, customer profiling, fraud detection, evaluation of retail promotions, and credit risk analysis. Law enforcement agencies deal with mass data to investigate the crime and its amount is increasing due to the development of processing the data by using computer. Now new challenge to discover knowledge in that data is confronted to us. It can be applied in criminal investigation to find offenders by analysis of complex and relational data structures and free texts using their criminal records or statement texts. This study was aimed to evaluate possibile application of data mining and its limitation in practical criminal investigation. Clustering of the criminal cases will be possible in habitual crimes such as fraud and burglary when using data mining to identify the crime pattern. Neural network modelling, one of tools in data mining, can be applied to differentiating suspect's photograph or handwriting with that of convict or criminal profiling. A case study of in practical insurance fraud showed that data mining was useful in organized crimes such as gang, terrorism and money laundering. But the products of data mining in criminal investigation should be cautious for evaluating because data mining just offer a clue instead of conclusion. The legal regulation is needed to control the abuse of law enforcement agencies and to protect personal privacy or human rights.