• Analytical Science and Technology
• /
• v.19 no.1
• /
• pp.103-106
• /
• 2006

A 35-year-old Perubian who suffered from grand mal seizures died in the aircraft on his way from the United States to Hongkong via Incheon international airport of Korea. While performing the autopsy, 115 packs made with double layer of transparent film and black plastic bag containing cocaine were found in the ileum and large intestine. Among of them, 3 packs were ruptured. To determine the concentration of cocaine and its metabolites, blood, urine, bile, liver, spleen, heart, kidney, brain and gastric contents were taken and toxicological analysis was performed. Gas chromatography/mass spectrometry (GC/MS) following liquid-phase extraction using chloroform:isopropanol (=9:1) and derivatization with bis(trimethylsilyl)-trifluoroacetamide (contains 1% trimethylchlorosilane) was performed. High levels of cocaine, benzoylecgonine (BE) and ecgonine methylester (EME) were found in the postmortem blood (0.96, 3.09 and $5.59{\mu}g/mL$) and urine (32.85, 145.35 and $53.17{\mu}g/mL$), respectively. Cocaine and its metabolites were also detected in all other biological specimen.

• Convergence Security Journal
• /
• v.7 no.4
• /
• pp.93-105
• /
• 2007

A digital forensic technology and tools are used much in the rapidly increased cyber intrusion accident investigation. But, almost the identification and gathering tools of digital forensic evidence are very difficultly integrated and simply poor-skill. Thereby, Important digital evidences at intrusion accident investigation of public institution and a private enterprise can be omitted or demaged. In this paper, therefore, we refer to 'The digital forensic tool for identification and gathering evidence' based only Window OS by using 'Log Parser', discuss the methodology for the identification and gathering of digital forensic evidence by cyber intrusion accident types.

• Journal of Information Science Theory and Practice
• /
• v.12 no.1
• /
• pp.39-59
• /
• 2024

An online social network is a platform that is continuously expanding, which enables groups of people to share their views and communicate with one another using the Internet. The social relations among members of the public are significantly improved because of this gesture. Despite these advantages and opportunities, criminals are continuing to broaden their attempts to exploit people by making use of techniques and approaches designed to undermine and exploit their victims for criminal activities. The field of digital forensics, on the other hand, has made significant progress in reducing the impact of this risk. Even though most of these digital forensic investigation techniques are carried out manually, most of these methods are not usually appropriate for use with online social networks due to their complexity, growth in data volumes, and technical issues that are present in these environments. In both civil and criminal cases, including sexual harassment, intellectual property theft, cyberstalking, online terrorism, and cyberbullying, forensic investigations on social media platforms have become more crucial. This study explores the use of machine learning techniques for addressing criminal incidents on social media platforms, particularly during forensic investigations. In addition, it outlines some of the difficulties encountered by forensic investigators while investigating crimes on social networking sites.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.4
• /
• pp.95-102
• /
• 2016

Computer security incident such as confidential information leak and data destruction are constantly growing and it becomes threat to information in digital devices. To respond against the incident, digital forensic techniques are also developing to help digital incident investigation. With the development of digital forensic technology, a variety of forensic artifact has been developed to trace the behavior of users. Also, a diversity of forensic tool has been developed to extract information from forensic artifact. However, there is a issue that information from forensic tools has its own forms. To solve this problem, it needs to process data when it is output from forensic tools. Then it needs to compare and analyze processed data to identify how data is related each other and interpret the implications. To reach this, it calls for effective method to store and output data in the course of data processing. This paper aims to propose DFIOC (Digital Forensic Indicators Of Compromise) that is capable of transcribing a variety of forensic artifact information effectively during incident analysis and response. DFIOC, which is XML based format, provides "Evidence" to represent various forensic artifacts in the incident investigation. Furthermore, It provides "Forensic Analysis" to report forensic analysis result and also gives "Indicator" to investigate the trace of incidence quickly. By logging data into one sheet in DFIOC format for forensic analysis process, it is capable of avoiding unnecessary data processing. Lastly, since collected information is recorded in a normalized format, data input and output becomes much easier as well as it will be convenient to use for identification of collected information and analysis of data relationship.

• Journal of Advanced Navigation Technology
• /
• v.15 no.6
• /
• pp.1212-1219
• /
• 2011

As recently Privacy Acts in Korea enforced in domestic companies' personal information management needs of a growing obligation for the safety measures and the right of personal information collection, use, limitations, management, and destroyed specifically for handling personal information. Such this regulations should be required technical and policy supports. Accordingly, for the enterprise incident has occurred, the personal information management system behave correctly operating to verify that the safety measures taken, and be determined by the specific preparation to be done. So the first, preparation phase corresponds to the upcoming digital forensic investigation model. On the other hand, the response team also carried these measures out correctly, it needs to be done to check the compliance of Privacy Act. Thus a digital forensics investigation model is strictly related with the implementation of the Privacy Acts and improve the coping strategies are needed. In this paper, we suggest a digital forensic investigation model corresponding to Privacy Act.

• Analytical Science and Technology
• /
• v.11 no.2
• /
• pp.1013-1024
• /
• 1998

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.7
• /
• pp.1495-1504
• /
• 2014

Currently information related service such as internet banking, chatting, social network services are quite well smeared into our daily life. Moreover, a rapid growth of service using smart devices brought an importance of security in internet services and a research activation of digital forensic in a crime investigation. This paper presented a previous digital forensic research trend and based on this, suggested a technology-strategy integrated digital forensic process platform, taking a mid-long term government leading ICT R&D strategy and ICT paradigm shift into account.

• Analytical Science and Technology
• /
• v.31 no.2
• /
• pp.71-77
• /
• 2018

Detection of bloodstains is a very important process in scientific investigations, and luminol is often used for the detection of bloodstains that are not visible. Recently, new preparation methods of blood detection reagents based on luminol (BloodFlareA, B) were developed and reported to have higher active persistence and to be more economical than conventional blood detection reagent, BlueStar forensic. In this paper, we tested the specificity and effect of the BloodFlares (A and B) on DNA and compared them with those of BlueStar forensic. False positive results for the BloodFlares were not observed in semen, saliva, vaginal fluids, urine, sweat, and nasal discharge, but were observed in $CuSO_4$, $FeSO_4$, and bleach solutions, and the observed patterns were similar to those of BlueStar forensic. The effect on DNA was determined by analyzing the DNA yield, degradation index, and DNA profiling. Based on these results, we concluded that the BloodFlares based on luminol do not affect DNA stability and are applicable in forensics.

• Analytical Science and Technology
• /
• v.10 no.5
• /
• pp.325-331
• /
• 1997

Among various CE separation methods, micellar electrokinetic capillary chromatography(MECC) method using sodium dodecylsulfate(SDS) provides rapid and accurate separation of organic explosive constituents with easy. The running buffer was composed with 2.5 mM borate and 25mM SDS(pH 8.5). Addition of 1M urea and 10% organic modifiers (acetonitrile, methanol and ethanol) improves the resolution of adjacent explosive constituents. When 15 explosive constituents were developed in MECC, most constituents were separated successively while RDX/TNB and DNN/DEP were not, and detection limits of separated compounds are in range of 1 to 4 ppm.

• Analytical Science and Technology
• /
• v.12 no.6
• /
• pp.577-582
• /
• 1999

The blood toluene concentration was determined by using the GC/MSD with HS-SPME technique in postmortem blood, quantitatively. Butane gases was analyzed by using the GC/FID with HS technique in postmortem blood, qualitatively. Seventy five cases of dead associated with inhalation of glue or butane gases happened in Korea for the last 3 years (1996-1998). In 27 cases of deah due to glue sniffing, nine persons died as a result of a fall while intoxication and their blood tolucne concentration was fairly high in the range of $1.3{\sim}21.6{\mu}g/mL$. In case of death due to butane sniffing, fifty four persons died of acute butane gases inhalation or suffocation, and 6 persons died of butane gases as well as glue inhalation.