• Journal of the Korea Society of Computer and Information
• /
• v.12 no.1 s.45
• /
• pp.117-126
• /
• 2007

Web Forensics algorithm used to an extraction of technical Web Forensics data to be adopted to proof data regarding a crime cyber a computer at data of a great number of log History is an essential element. Propose Web Forensics algorithm, and design at these papers, and try to implement in a Web server system of an actual company. And make the Web dispatch Loging system configuration experiment that applied integrity regarding Web log History information or authentication regarding an information source. Design Web Forensics algorithm and the Flow which used for Web log History analyses at server of e-mail, webmail, HTTP (Web BBs. Blog etc.), FTP, Telnet and messengers (MSN, NateOn, Yahoo, DaumTouch, BuddyBuddy, MsLee, AOL, SoftMe) of a company, and implement through coding. Therefore have a purpose of these Paper to will contribute in scientific technical development regarding a crime cyber a computer through Web Forensics.

• The KIPS Transactions:PartC
• /
• v.17C no.5
• /
• pp.391-398
• /
• 2010

Most of digital forensics tools focus on file analysis of allocated area on storage. So, there is a lack of recovery methods for deleted files by suspects or previously used files. To efficiently analyze deleted files, digital forensic tools depend on data recovery tools. These process not appropriate for quick and efficient responses the incident or integrity preservation. This paper suggests the framework for data recovery and analysis tools from digital forensics point of view and presents implementation results.

• Journal of Digital Convergence
• /
• v.10 no.3
• /
• pp.99-104
• /
• 2012

The digital forensics are new kinds of security that investigate and verificate fact relation about activities based on digital data. In this paper, we implemented digital forensic tool that can be used in collecting, analyzing, and reporting evidences. This tool support intuitional GUI that everybody can analyze easily. And a simple operation can collect and analyze active data. Also, we can decrease much time and endeavor by using this forensic tool that support reliable data.

• International Journal of Internet, Broadcasting and Communication
• /
• v.14 no.1
• /
• pp.10-18
• /
• 2022

Since High Sierra, APFS has been used as the main file system. It is a well-established file system that has been used stably thus far. From the perspective of digital forensics, there are still many areas to be investigated. Apple File System Reference is provided to the apple developer site, but it is not satisfactory to fully analyze APFS. Researchers know more about the structure of APFS than before, but they have not yet fully analyzed its structure to a perfect level about it. In this paper, we develop APFS object identification tool for digital forensics. The most basic and essential object identification and analysis of the APFS filesystem will be conducted with the tool. The analysis in this study serves as the background for an analysis of the checkpoint operation principle and structure, including the more complex B-tree structure of APFS. There are several options for the developed tool, but the results of two use cases will be shown here. Based on the implemented tool, it is hoped that more functions will be added to make APFS a useful tool for faster and more accurate analyses.

• Biomedical Science Letters
• /
• v.24 no.4
• /
• pp.292-304
• /
• 2018

Microbes is becoming increasingly forensic possibility as a consequence of advances in massive parallel sequencing (MPS) and bioinformatics. Human DNA typing is the best identifier, but it is not always possible to extract a full DNA profile namely its degradation and low copy number, and it may have limitations for identical twins. To overcome these unsatisfactory limitations, forensic potential for bacteria found in evidence could be used to differentiate individuals. Prokaryotic cells have a cell wall that better protects the bacterial nucleoid compared to the cell membrane of eukaryotic cells. Humans have an extremely diverse microbiome that may prove useful in determining human identity and may even be possible to link the microbes to the person responsible for them. Microbial composition within the human microbiome varies across individuals. Therefore, MPS of human microbiome could be used to identify biological samples from the different individuals, specifically for twins and other cases where standard DNA typing doses not provide satisfactory results due to degradation of human DNA. Microbial forensics is a new discipline combining forensic science and microbiology, which can not to replace current STR analysis methods used for human identification but to be complementary. Among the fields of microbial forensics, this paper will briefly describe information on the current status of microbiome research such as metagenomic code, salivary microbiome, pubic hair microbiome, microbes as indicators of body fluids, soils microbes as forensic indicator, and review microbial forensics as the feasibility of microbiome-based human identification.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.12
• /
• pp.1662-1669
• /
• 2020

Google cloud includes data uploaded and synchronized by users, as well as synchronization history of all cloud services, users' smartphone usage, and location information. Therefore, Google cloud data can be useful for digital forensics from a user behavior analysis perspective. Through this paper, we have identified the types of cloud data that can be acquired using Google's Takeout service and developed a tool that can be usefully utilized in digital forensics research and investigation by screening and analyzing the data required for analyzing user behavior. Because Google cloud data is synchronized through Google accounts regardless of the type of computing device, Google service data used on various devices such as PCs, smartphones, and tablet PCs can be acquired through Google accounts without the device. Therefore, the results of this paper's research are expected to be very useful for digital forensics research and investigation in the current situation.

• Journal of Internet Technology
• /
• v.19 no.6
• /
• pp.1741-1752
• /
• 2018

The best known software developers all offer cloud storage services. Microsoft offers Onedrive to its users, Apple offers iCloud Drive and Google offers Google Drive or GDrive. The battle between these software developers is ongoing and they will always strive to give the best services to their users. It is not only technology that is evolving, however, but also ways in which security can be breached and data abused. The security of information on the Internet is increasingly at risk and there are many threats to cloud storage platforms. This research used the mobile forensics approach to help in identifying and analyzing user behavior that may occur while using GDrive application for cybercrime. The novelty of comparison and analyzing methods performed in this research can help to find remnant data from all activities performed by GDrive users in Android smartphones. Hence, this proposed method can assist investigators in finding remnant data on GDrive client and can provide knowledge for legal practitioners.

• Mass Spectrometry Letters
• /
• v.7 no.2
• /
• pp.31-40
• /
• 2016

The analysis of nuclear materials and environmental samples is an important issue in nuclear safeguards and nuclear forensics. An analysis technique for safeguard samples has been developed for the detection of undeclared nuclear activities and verification of declared nuclear activities, while nuclear forensics has been developed to trace the origins and intended use of illicitly trafficked nuclear or radioactive materials. In these two analytical techniques, mass spectrometry has played an important role in determining the isotope ratio of various nuclides, contents of trace elements, and production dates. These two techniques typically use similar analytical instruments, but the analytical procedure and the interpretation of analytical results differ depending on the analytical purpose. The isotopic ratio of the samples is considered the most important result in an environmental sample analysis, while age dating and impurity analysis may also be important for nuclear forensics. In this review, important aspects of these techniques are compared and the role of mass spectrometry, along with recent progress in related technologies, are discussed.

• Convergence Security Journal
• /
• v.23 no.3
• /
• pp.37-47
• /
• 2023

The growth of the metaverse has been accelerated by the increased demand for non-face-to-face interactions due to COVID-19 and advancements in technologies such as blockchain and NFTs. However, with the emergence of various metaverse platforms and the corresponding rise in users, criminal cases such as ransomware attacks, copyright infringements, and sexual offenses have occurred within the metaverse. Consequently, the need for artifacts that can be utilized as digital evidence within metaverse systems has increased. However, there is a lack of information about artifacts that can be used as digital evidence. Furthermore, metaverse security evaluation and forensic analysis are also insufficient, and the absence of attack scenarios and related guidelines makes forensics challenging. To address these issues, this paper presents artifacts that can be used for user behavior analysis and timeline analysis through dynamic analysis of Roblox, a representative metaverse gaming solution. Based on analyzing interrelationship between identified artifacts through memory forensics and log file analysis, this paper suggests the potential usability of artifacts in metaverse crime scenarios. Moreover, it proposes improvements by analyzing the current legal and regulatory aspects to address institutional deficiencies.

• Journal of Digital Forensics
• /
• v.12 no.3
• /
• pp.39-54
• /
• 2018

Recently, discussions for the eradication of illegal shooting have been carried out in a socially-oriented way. The government has established comprehensive measures to eradicate cyber sexual violence crimes such as illegal shooting. Although the social interest in illegal shooting has increased, the illegal film shooting case is evolving more and more due to the development of information and communication technology. Applications that can hide confused videos are constantly circulating around the market and community sites. As a result, field investigators and professional analysts are experiencing difficulties in collecting and analyzing evidence. In this paper, we propose an evidence collection and analysis framework for illegal shooting cases in order to give practical help to illegal shooting investigation. We also proposed a system that can detect hidden applications, which is one of the main obstacles in evidence collection and analysis. We developed a detection tool to evaluate the effectiveness of the proposed system and confirmed the feasibility and scalability of the system through experiments using commercially available concealed apps.