• Title/Summary/Keyword: Forensic Tools

Search Result 68, Processing Time 0.038 seconds

Design and Implementation of Forensic Tool on Window Live System (윈도우 활성 시스템상의 디지털 증거 수집 도구 설계 및 구현)

  • Baek, Eun-Ju;Sung, Jin-Won;Lim, Kyoung-Su;Lee, Sang-Jin
    • Convergence Security Journal
    • /
    • v.7 no.2
    • /
    • pp.91-100
    • /
    • 2007
  • Nowadays, there exist many forensic tools in forensic investigation. For common investigator it may cause some difficulty in handling the existing forensic tools. In case of urgent condition, if it takes long time to get the useful evidence from data, then it makes the investigation process difficult. Thus, the common investigator can collect the evidence easily by simple clicking the mouse. The only thing he needs is a tool for examination before investigating in details. Therefore, in this paper we refer to useful information in the forensic investigation, discuss the design and the implementation of tool.

  • PDF

The Role of Forensic Engineering in the Diagnosis of Electrocution Fatalities: Two Case Reports

  • Mohammad Alqassim;Raneem Ewiss;Hamdah Al Ali
    • Safety and Health at Work
    • /
    • v.14 no.1
    • /
    • pp.124-130
    • /
    • 2023
  • The increase in the number of fatal electric accidents over the years has escalated the demand for specialized forensic engineers to determine their relevant technical causes. Likewise, the complexities associated with identifying the causes of electrocution accidents have prompted the General Department of Forensic Science and Criminology at Dubai Police to adopt a new methodology to diagnose electrocution accidents, consisting of an approach that involves medico-legal examination, electrical diagnosis of the evidence, and trace evidence analysis. This paper will discuss the application of the adopted method in further detail by unfolding two case reports. The first report outlines a case in which a worker got electrocuted at a construction site while attempting to turn on a lamp. The second case report involves the death of a technician in a workshop after trying to disconnect a washing machine from its plug. The methodology was utilized during the investigation of both cases, which were attended by the appointed forensic engineers and showed promising results.

Tools for forensic analysis of concrete structures

  • Vecchios, Frank J.;Bentz, Evan C.;Collins, Michael P.
    • Computers and Concrete
    • /
    • v.1 no.1
    • /
    • pp.1-14
    • /
    • 2004
  • Computer-based analysis tools for forensic assessment of reinforced concrete structures are presented. The analysis tools, mostly in the form of nonlinear finite element procedures, are based on the concepts and formulations of the Modified Compression Field Theory. Relevant details regarding their formulation are provided. Development of realistic constitutive models and corroboration of the analysis procedures, through comprehensive experimental programs, are discussed. Also presented are graphics-based pre- and post-processors, which are of significant aid in structural modeling, input of data, and interpretation of analysis results. The details and results of a case study, illustrating the application and value of such analytical tools, are also discussed.

On Artifact Analysis for User Behaviors in Collaboration Tools - Using differential forensics for distinct operating environments (협업 툴의 사용자 행위별 아티팩트 분석 연구 - 운영환경에 따른 differential forensic 개념을 이용하여)

  • Kim, Young-hoon;Kwon, Tae-kyoung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.3
    • /
    • pp.353-363
    • /
    • 2021
  • As the Untact era is rapidly changing, collaboration tools are increasing their utilization and value as digital technologies for non-face-to-face work. While instant messenger-based collaboration tools support a variety of functions, crime and accident concerns are also increasing in proportion to their convenience, such as information leakage and security incidents. Meanwhile, the digital forensics perspective on collaborative tools is not enough, so forensics research is needed. This study analyzes significant artifacts in the two operating environments through Windows and Android forensics research on Microsoft Teams, the collaboration tool with the highest share in the world. Also, based on differences in artifacts and data attributes according to the operating environment, by applying 'differential forensic', we proved that the usefulness of evidence can be improved by presenting a complementary analysis method and timeline configuration through information linkage.

A Method of Forensic Authentication via File Structure and Media Log Analysis of Digital Images Captured by iPhone (아이폰으로 촬영된 디지털 이미지의 파일 구조 및 미디어 로그 분석을 통한 법과학적 진본 확인 방법)

  • Park, Nam In;Lee, Ji Woo;Jeon, Oc-Yeub;Kim, Yong Jin;Lee, Jung Hwan
    • Journal of Korea Multimedia Society
    • /
    • v.24 no.4
    • /
    • pp.558-568
    • /
    • 2021
  • The digital image to be accepted as legal evidence, it is important to verify the authentication of the digital image. This study proposes a method of authenticating digital images through three steps of comparing the file structure of digital images taken with iPhone, analyzing the encoding information as well as media logs of the iPhone storing the digital images. For the experiment, digital image samples were acquired from nine iPhones through a camera application built into the iPhone. And the characteristics of file structure and media log were compared between digital images generated on the iPhone and digital images edited through a variety of image editing tools. As a result of examining those registered during the digital image creation process, it was confirmed that differences from the original characteristics occurred in file structure and media logs when manipulating digital images on the iPhone, and digital images take with the iPhone. In this way, it shows that it can prove its forensic authentication in iPhone.

Detection of Innate and Artificial Mitochondrial DNA Heteroplasmy by Massively Parallel Sequencing: Considerations for Analysis

  • Kim, Moon-Young;Cho, Sohee;Lee, Ji Hyun;Seo, Hee Jin;Lee, Soong Deok
    • Journal of Korean Medical Science
    • /
    • v.33 no.52
    • /
    • pp.337.1-337.14
    • /
    • 2018
  • Background: Mitochondrial heteroplasmy, the co-existence of different mitochondrial polymorphisms within an individual, has various forensic and clinical implications. But there is still no guideline on the application of massively parallel sequencing (MPS) in heteroplasmy detection. We present here some critical issues that should be considered in heteroplasmy studies using MPS. Methods: Among five samples with known innate heteroplasmies, two pairs of mixture were generated for artificial heteroplasmies with target minor allele frequencies (MAFs) ranging from 50% to 1%. Each sample was amplified by two-amplicon method and sequenced by Ion Torrent system. The outcomes of two different analysis tools, Torrent Suite Variant Caller (TVC) and mtDNA-Server (mDS), were compared. Results: All the innate heteroplasmies were detected correctly by both analysis tools. Average MAFs of artificial heteroplasmies correlated well to the target values. The detection rates were almost 90% for high-level heteroplasmies, but decreased for low-level heteroplasmies. TVC generally showed lower detection rates than mDS, which seems to be due to their own computation algorithms which drop out some reference-dominant heteroplasmies. Meanwhile, mDS reported several unintended low-level heteroplasmies which were suggested as nuclear mitochondrial DNA sequences. The average coverage depth of each sample placed on the same chip showed considerable variation. The increase of coverage depth had no effect on the detection rates. Conclusion: In addition to the general accuracy of the MPS application on detecting heteroplasmy, our study indicates that the understanding of the nature of mitochondrial DNA and analysis algorithm would be crucial for appropriate interpretation of MPS results.

Design and Implementation of Car Blackbox Forensic Analysis Tool Through the Analysis of Data Structure (차량용 블랙박스 데이터 저장구조 분석을 통한 포렌식 분석도구 설계 및 구현)

  • Cha, In Hwan;Lee, Kuk Heon;Lee, Sang Jin
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.5 no.11
    • /
    • pp.427-438
    • /
    • 2016
  • Car blackboxes record the information and status of driving. Since blackboxes are commonly used in daily life, the usage of video data recorded from blackboxes is increasing for investigating. Investigators use a own analysis tool suitable for their blackbox provided by the manufacturer in order to check the data. But the tools are not enough to use in the digital forensic analysis because they are dependent on a specific model of blackbox and provides ungeneralized functions. Moreover, if the manufacturer is bankrupt, then their own tools can not be obtained also. Therefore, the way data are stored in the blackboxes which are now in the market are investigated and the features and limitations which have blackbox's own analysis tools are checked. And a comprehensive tool for the analysis of blackboxes is designed and implemented as in this paper.

Development of Windows forensic tool for verifying a set of data (윈도우 포렌식 도구의 검증용 데이터 세트의 개발)

  • Kim, Min-Seo;Lee, Sang-jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.6
    • /
    • pp.1421-1433
    • /
    • 2015
  • For an accurate analysis through the forensic of digital devices and computer, it is a very important validation of the reliability of digital forensic tools. To verify the reliability of the tool, it is necessary to research and development of the data set to be input to the tool. In many-used Windows operating system of the computer, there is a Window forensic artifacts associated with time and system behavior. In this paper, we developed a set of data in the Windows operating system to be able to analyze all of the two Windows artifacts and we conducted a test with published digital forensic tools. Therefore, the developed data set presents the use of the following method. First, artefacts education for growing ability can be analyzed acts standards. Secondly, the purpose of tool tests for verifying the reliability of digital forensics. Lastly, recyclability for new artifact analysis.

A Study on Hard Disk Drive ATA Passwords (하드디스크 드라이브 ATA 패스워드에 관한 연구)

  • Lee, Ju-young;Lee, Sang-jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.5
    • /
    • pp.1059-1065
    • /
    • 2015
  • Hard disk passwords are commonly not well known. If the passwords are set, forensic investigators are not allowed to access data on hard disks, so they can be used to obstruct investigations. Expensive tools such as PC-3000 are necessary for unlocking such hard disk passwords. But it would be a burden on both organizations that should pay for these tools and forensic investigators that are unfamiliar with these tools. This paper discusses knowledge required for unlocking hard disk passwords and proposes methods for unlocking the passwords without high-priced tools. And with a vendor-specific method, this paper provides procedures for acquiring passwords and unlocking hard disk drives.

Forensic Analysis Technology of Smart phone backup data via synchronization (동기화 스마트폰 백업 데이터 포렌식 분석 기술)

  • Lee, Jae-Hyun;Park, Dea-Woo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2011.10a
    • /
    • pp.287-290
    • /
    • 2011
  • The synchronization feature on the smartphone by default (default) value is set. Smartphone synchronization has been set is stored that smartphone data is automatically backed up is stored When connected to a PC with a smartphone dedicated cable. The backup data is a common technique to analyze the content to be difficult to apply forensic techniques can find out information on criminal suspects. In this paper, the backup data is synchronized to the smartphone through forensic analysis is the study of forensic evidence. In a lab environment to send personal financial information on smartphone, smartphone is assumed that the experiment is compromised. Smartphone's backup data by using the forensic tools in crime associated with personal financial information and analyze data. And, to be adopted by the court will study the evidence leveraging forensic technology. Through this paper as a basis for smartphone forensic analysis will be utilized.

  • PDF