• Analytical Science and Technology
• /
• v.24 no.1
• /
• pp.51-59
• /
• 2011

Genetic Identification has become an important forensic investigation method which discerns identity through analysis of physical samples discovered in various crime scenes. Recently more samples are being requested to undergo A-STR analysis of low copy number (LCN) DNA, which is known as touch evidence-type sample and left on various objects such as a pen briefly used by the criminal, the gear of the car used for driving, the handle, and various buttons inside a car. This research attempted to extract the LCN DNA of the touch evidencetype left on crushed fingerprints on firearms, etc. and examine the genotyping success rate. Four types of firearms (M16, K1A, COLT 45 Pistol, M29 Revolver) were fired individually and physical samples were gathered from four parts of each firearm. Subsequently, in order to extract the LCN DNA, Microkit and $Prepfiler^{TM}$ were used to compare and analyze the quantity of DNA extracted and the genotyping success rate. Analysis results showed that the quantity of DNA extracted by $Prepfiler^{TM}$ was on average 1.7 times higher than that of Microkit, and in genotype analysis success rate $Prepfiler^{TM}$ also demonstrated 24.9% on average in contrast to 0% for Microkit. In regards to the grip part of the K1A, $Prepfiler^{TM}$'s success rate was as high as 50.6%.

• Analytical Science and Technology
• /
• v.22 no.3
• /
• pp.235-246
• /
• 2009

The analyses of minor and trace elements in glass debris were performed using LA-ICP-MS in order to identify manufacturers using real commercial samples. At first, a calibration curve was made using standard glass samples of NIST 610, 612, 614 and 616. $^{29}Si$ was used as an internal standard, and the ratios of metal/Si for each metal were compared with their concentrations. Based on elements in each sample and standard materials, 24 metals were quantified and the LOD in analysis, according to the blank sample, was in the range of 0.11 mg/kg (Ti)-4.91 mg/kg (Ca). Eleven samples from two manufacturers were collected and five sub-samples were taken from each sample for analysis. 15 elements (Co, Ce, Ca, Mn, Sr, Ba, Li, Rb, U, La, Th, Na, Al, Zr and Hf) were selected to identify manufacturers because some elements (Cu, Cr, Cd and Ni) were below the detection limit and some elements (Ti, Pr, Mg, Nb, Nd) were absent in the analysis of standards and others (Pb and Sn) had a problem of homogeneity. The attempts to identify manufacturers and the manufacturing period were performed through a triangular diagram. In the manufacturer discrimination by discriminant analysis, a canonical discriminant function was made based on Mn, Ce and Rb, and each sample could be identified.

• The Journal of Korean Association of Computer Education
• /
• v.17 no.3
• /
• pp.75-84
• /
• 2014

It is a current situation that a large number of physical and financial damages are increasing due to the growth of intellectual cyber crime and unexpected Internet incidents year by year. In the large scale security incidents, digital forensics techniques for computer crime investigations are essential to secure a place in the field. However, qualified digital forensics investigators who complete with digital security technology are practically insufficient in domestic. In this paper, as one of developing human resources plans regarding to scientific investigation of Internet security incidents, an undergraduate curriculum per stage in digital forensics was proposed. For the effective curriculum per stage, the interviews, group discussion on focused group of existing digital forensics investigators and related research were performed to select curriculum, and then the level of difficulty and practical suitability on each subject designed were analyzed through survey and interview to current investigators and security professionals. After collating the survey, the digital forensic curriculum per level was designed to highly adaptable workforce for the future for working and positive suggestions and proposals are addressed.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.12
• /
• pp.2961-2967
• /
• 2014

Nowadays, a private protection act has come into effect which demands for the protection of personal image information obtained by the CCTV. According to this act, the object out of interest has to be mosaicked such that it can not be identified before the image is sent to the investigation office. Meanwhile, the demand for digital videos obtained by CCTV is also increasing for digital forensic. Therefore, due to the two conflicting demands, the demand for a solution which can automatically mask an object in the CCTV video is increasing and related IT industry is expected to grow. The core technology in developing a target masking solution is the object tracking technique. In this paper, we propose an object tracking technique which suits for the application of CCTV video object masking as a postprocess. The proposed method simultaneously uses the motion and the color information to produce a stable tracking result. Furthermore, the proposed method is based on the centroid shifting method, which is a fast color based tracking method, and thus the overall tracking becomes fast.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.181-190
• /
• 2009

DBMS access that used high speed internet web service through WAS is increasing. Need application of DB security technology for 3-Tier about DBMS by unspecified majority and access about roundabout way connection and competence control. If do roundabout way connection to DBMS through WAS, DBMS server stores WAS's information that is user who do not store roundabout way connection user's IP information, and connects to verge system. To DBMS in this investigation roundabout way connection through WAS do curie information that know chasing station security thanks recording and Forensic data study. Store session about user and query information that do login through web constructing MetaDB in communication route, and to DBMS server log storing done query information time stamp query because do comparison mapping actuality user discriminate. Apply making Rule after Pattern analysis receiving log by elevation method of security authoritativeness, and develop Module and keep in the data storing place through collection and compression of information. Kept information can minimize false positives of station chase through control of analysis and policy base administration module that utilize intelligence style DBMS security client.

• Journal of Internet Computing and Services
• /
• v.23 no.5
• /
• pp.69-78
• /
• 2022

As the use of Internet of Things (IoT) devices has expanded, digital forensics coverage of the National Police Agency has expanded to smart home areas. Accordingly, most of the existing studies conducted to acquire smart home platform data were mainly conducted to analyze local data of mobile devices and analyze network perspectives. However, meaningful data for evidence analysis is mainly stored on cloud storage on smart home platforms. Therefore, in this paper, we study how to acquire stored in the cloud in a Hey Home Air environment by extracting accessToken of user accounts through a cookie database of browsers such as Microsoft Edge, Google Chrome, Mozilia Firefox, and Opera, which are recorded on a PC when users use the Hey Home app-based "Hey Home Square" service. In this paper, the it was configured with smart temperature and humidity sensors, smart door sensors, and smart motion sensors, and artifacts such as temperature and humidity data by date and place, device list used, and motion detection records were collected. Information such as temperature and humidity at the time of the incident can be seen from the results of the artifact analysis and can be used in the forensic investigation process. In addition, the cloud data acquisition method using OpenAPI proposed in this paper excludes the possibility of modulation during the data collection process and uses the API method, so it follows the principle of integrity and reproducibility, which are the principles of digital forensics.

• Analytical Science and Technology
• /
• v.23 no.4
• /
• pp.423-428
• /
• 2010

In this study, VOCs of black gel pen inks was screening to identify individual characteristic of gel pen inks. Detected VOCs was total 20 species(isopropylalcohol, 2-methyl-2-propanol, 2-butanone, hydrazinecarbothioamide, benzeneacetic acid (ethyl ester), benzeneacetic acid, dimethoxymethy-silane, 2,2-dimethoxybutane, tetrahydro-2-methyl-furan, 1,2-ethanediol, silicic acid (tetramethyl ester), 1,2-propanediol, propyleneglycol, 3-ethyl-3-hexanol, 1,1-dipropoxy-propane, 2-butoxy-ethanol, 2,2'-oxybisethanol, 1-butyl-benzene, 2-pyrrolidinone, 2-(2-butoxyethoxy)-ethanol). We detected 2,2-dimethoxybutane (3.02~47% ratio) and tetrahydro-2-methyl-furan (1.19~52.19% ratio), 1,2-ethanediol (52.83~95.84% ratio). In case of manufacturer, manufactured ink was able to discriminate between Japan and Korea by distinct characteristics (Japan: 1,2-ethanediol, 52.83~95.84%, Korea: 1,2-propanediol, 76.17~93.51%). The results of this study indicated that distinct characteristic about manufacturers and brands could make a classifring tool of inks for identification of between gel pen inks.

• The Journal of Society for e-Business Studies
• /
• v.23 no.3
• /
• pp.129-143
• /
• 2018

Recently, the use of digital media such as computers and smart devices has been rapidly increasing, The vast and diverse information contained in the warrant of the investigating agency also includes the one irrelevant to the crime. Therefore, when confiscating the information, the basic rights, defense rights and privacy invasion of the person to be seized have been the center of criticism. Although the investigation agency guarantees the right to participate, it does not have specific guidelines, so they are various by the contexts and environments. In this process, the abuse of the participation right is detrimental to the speed and integrity of the investigation, and there is a side effect that the digital evidence might be destroyed by remote initialization. In this study, we conducted surveys of digital evidence analysts across the country based on four domains and thirty measurement items for enabling environment for participation in information storage media export and digital evidence search process. The difference between the level of importance and the performance was analyzed by the IPA matrix based on process, location, people, and technology dimensions. Seven items belonging to "concentrate here" area are one process-related, three location-related, and three people-related items. This study is meaningful to be a basis for establishing the proper policies and strategies for ensuring participation right, as well as for minimizing the side effects.