• Title/Summary/Keyword: Forgery Analysis

Search Result 70, Processing Time 0.03 seconds

Block based Smart Carving System for Forgery Analysis and Fragmented File Identification

  • Lee, Hanseong;Lee, Hyung-Woo
    • Journal of Internet Computing and Services
    • /
    • v.21 no.3
    • /
    • pp.93-102
    • /
    • 2020
  • In order for data obtained through all stages of digital crime investigation to be recognized as evidence capability, it must satisfy legal / technical requirements. In this paper, we propose a mechanism and implement software to provide digital forensic evidence by automatically recovering files by scanning / inspecting the unallocated area inside the storage disk block without relying on information provided by the file system. The proposed technique checks / analyzes the RAW disk data of the system under analysis in 512-byte block units based on information on the storage format / file structure of various files stored on the disk without referring to the file system-related information provided by the operating system. The file carving process was implemented, and a smart carving mechanism was proposed to intelligently restore deleted or damaged files in the storage device. As a result, we have provided a block based smart carving method to intelligently identify fragmented and damaged files in storage efficiently for forgery analysis on digital forensic investigation.

Detection of Video Tampering Using Compression Pattern Analysis (부호화 패턴 분석을 통한 영상 조작 검출 기술)

  • Hong, Jin Hyung;Yang, Yoonmo;Oh, Byung Tae
    • Proceedings of the Korean Society of Broadcast Engineers Conference
    • /
    • 2017.06a
    • /
    • pp.63-65
    • /
    • 2017
  • This paper proposes a detection algorithm of video tampering by investigating the change of HEVC coding pattern. When a part of video is deleted and re-compressed, the characteristic patterns are generated by forgery. The proposed algorithm uses these patterns to classify whether video is forged. Experimental results show that the proposed method detects video forgery effectively.

  • PDF

Analysis and Detection of Malicious Data Hidden in Slack Space on OOXML-based Corrupted MS-Office Digital Files

  • Sangwon Na;Hyung-Woo Lee
    • International journal of advanced smart convergence
    • /
    • v.12 no.1
    • /
    • pp.149-156
    • /
    • 2023
  • OOXML-based MS-Office digital files are extensively utilized by businesses and organizations worldwide. However, OOXML-based MS-Office digital files are vulnerable to forgery and corruption attack by including hidden suspicious information, which can lead to activating malware or shell code being hidden in the file. Such malicious code can cause a computer system to malfunction or become infected with ransomware. To prevent such attacks, it is necessary to analyze and detect the corruption of OOXML-based MS-Office files. In this paper, we examine the weaknesses of the existing OOXML-based MS-Office file structure and analyzes how concealment and forgery are performed on MS-Office digital files. As a result, we propose a system to detect hidden data effectively and proactively respond to ransomware attacks exploiting MS-Office security vulnerabilities. Proposed system is designed to provide reliable and efficient detection of hidden data in OOXML-based MS-Office files, which can help organizations protect against potential security threats.

Detection of Frame Deletion Using Coding Pattern Analysis (부호화 패턴 분석을 이용한 동영상 삭제 검출 기법)

  • Hong, Jin Hyung;Yang, Yoonmo;Oh, Byung Tae
    • Journal of Broadcast Engineering
    • /
    • v.22 no.6
    • /
    • pp.734-743
    • /
    • 2017
  • In this paper, we introduce a technique to detect the video forgery using coding pattern analysis. In the proposed method, the recently developed standard HEVC codec, which is expected to be widely used in the future, is used. First, HEVC coding patterns of the forged and the original videos are analyzed to select the discriminative features, and the selected feature vectors are learned through the machine learning technique to model the classification criteria between two groups. Experimental results show that the proposed method is more effective to detect frame deletions for HEVC-coded videos than existing works.

Security analysis of a threshold proxy signature scheme using a self-certified public key (자체인증 공개키를 사용하는 threshold 대리서명 기법의 안전성 분석)

  • Park, Je-Hong;Kang, Bo-Gyeong;Hahn, Sang-Geun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.3
    • /
    • pp.109-114
    • /
    • 2005
  • On the research for constructing secure group-oriented proxy signature schemes, there are several proposals of threshold proxy signature schemes which combine the notions of proxy signature with threshold signature. Recently, Hsu and Wu proposed a threshold proxy signature scheme which uses a self-certified public key based on discrete logarithm problem. In this paper, we show that this scheme is vulnerable to original signer's forgery attack. So our attack provides the evidence that this scheme does not satisfy nonrepudiation property.

BubbleDoc: Document Forgery and Tamper Detection through the Agent-Free File System-Awareness in Cloud Environment (BubbleDoc: 클라우드 환경에서의 agent-free 파일시스템 분석을 통한 문서 위/변조 탐지)

  • Jeon, Woo-Jin;Hong, Dowon;Park, Ki-Woong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.2
    • /
    • pp.429-436
    • /
    • 2018
  • Electronic documents are efficient to be created and managed, but they are liable to lose their originality because copies are created during distribution and delivery. For this reason, various security technologies for electronic documents have been applied. However, most security technologies currently used are for document management such as file access privilege control, file version and history management, and therefore can not be used in environments where authenticity is absolutely required, such as confidential documents. In this paper, we propose a method to detect document forgery and tampering through analysis of file system without installing an agent inside the instance operating system in cloud computing environment. BubbleDoc monitors the minimum amount of virtual volume storage in an instance, so it can efficiently detect forgery and tampering of documents. Experimental results show that the proposed technique has 0.16% disk read operation overhead when it is set to 1,000ms cycle for monitoring for document falsification and modulation detection.

Forgery Protection System and 2D Bar-code inserted Watermark (워터마크가 삽입된 이차원 바코드와 위.변조 방지 시스템)

  • Lee, Sang-Kyung;Ko, Kwang-Enu;Sim, Kwee-Bo
    • Journal of the Korean Institute of Intelligent Systems
    • /
    • v.20 no.6
    • /
    • pp.825-830
    • /
    • 2010
  • Generally, the copy protection mark and 2D bar-code techniques are widely used for forgery protection in printed public documents. But, it is hard to discriminate truth from the copy documents by using exisiting methods, because of that existing 2D-barcode is separated from the copy protection mark and it can be only recognized by specified optical barcord scanner. Therefor, in this paper, we proposed the forgery protection tehchnique for discriminating truth from the copy document by using watermark inserted 2D-barcord, which can be accurately distinguished not only by naked eye, but also by scanner. The copy protection mark consists of deformed patterns that are caused by the lowpass filter characteristic of digital I/O device. From these, we verified the performance of the proposed techniques by applying the histogram analysis based on the original, copy, and scanned copy image of the printed documents. Also, we suggested 2D-barcord confirmation system which can be accessed through the online server by using certification key data which is detected by web-camera, cell phone camera.

Security Analysis of a Secure Dynamic ID based Remote User Authentication Scheme for Multi-server Environment (멀티서버를 위한 안전한 동적 ID 기반 원격 사용자 인증 방식에 대한 안전성 분석)

  • Yang, Hyung-Kyu
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.13 no.1
    • /
    • pp.273-278
    • /
    • 2013
  • Recently, user authentication schemes using smart cards for multi-server environment have been proposed for practical applications. In 2009, Liao-Wang proposed a secure dynamic ID based remote user authentication scheme for multi-server environment that can withstand the various possible attacks and provide user anonymity. In this paper, we analyze the security of Liao-Wang's scheme, and we show that Liao-Wang's scheme is still insecure against the forgery attack, the password guessing attack, the session key attack, and the insider attack. In addition, Liao-Wang's scheme does not provide user anonymity between the user and the server.

Feature selection and similarity comparison system for identification of unknown paintings (미확인 작품 식별을 위한 Feature 선정 및 유사도 비교 시스템 구축)

  • Park, Kyung-Yeob;Kim, Joo-Sung;Kim, Hyun-Soo;Shin, Dong-Myung
    • Journal of Software Assessment and Valuation
    • /
    • v.17 no.1
    • /
    • pp.17-24
    • /
    • 2021
  • There is a problem that unknown paintings are sophisticated in the level of forgery, making it difficult for even experts to determine whether they are genuine or counterfeit. These problems can be suspected of forgery even if the genuine product is submitted, which can lead to a decline in the value of the work and the artist. To address these issues, in this paper, we propose a system to classify chromaticity data among extracted data through objective analysis into quadrants, extracting comparisons and intersections, and estimating authors of unknown paintings using XRF and hyperspectral spectrum data from corresponding points.

Analysis on Popscu's Group Signature Scheme for Large Groups

  • Park, Hyungki;Kim, Kwangjo
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2003.07a
    • /
    • pp.43-46
    • /
    • 2003
  • At SIC 2001, Popescu proposed m efficient group signature scheme for large groups[1]. However, this paper shows that his scheme is to be insecure by presenting a signature forgery. Using our attack, anyone (not necessarily a group member) can forge a signature on a message m, and sine the attacker doesn't have to be the group member, the revocation manager cannot reveal the identity of the signer. Additionally, we modify Popescue's scheme to prevent the forgeary.

  • PDF