• The korean journal of orthodontics
• /
• v.53 no.3
• /
• pp.194-204
• /
• 2023

Objective: To investigate sex-specific correlations between the dimensions of permanent canines and the anterior Bolton ratio and to construct a statistical model capable of identifying the sex of an unknown subject. Methods: Odontometric data were collected from 121 plaster study models derived from Caucasian orthodontic patients aged 12-17 years at the pretreatment stage by measuring the dimensions of the permanent canines and Bolton's anterior ratio. Sixteen variables were collected for each subject: 12 dimensions of the permanent canines, sex, age, anterior Bolton ratio, and Angle's classification. Data were analyzed using inferential statistics, principal component analysis, and artificial neural network modeling. Results: Sex-specific differences were identified in all odontometric variables, and an artificial neural network model was prepared that used odontometric variables for predicting the sex of the participants with an accuracy of > 80%. This model can be applied for forensic purposes, and its accuracy can be further improved by adding data collected from new subjects or adding new variables for existing subjects. The improvement in the accuracy of the model was demonstrated by an increase in the percentage of accurate predictions from 72.0-78.1% to 77.8-85.7% after the anterior Bolton ratio and age were added. Conclusions: The described artificial neural network model combines forensic dentistry and orthodontics to improve subject recognition by expanding the initial space of odontometric variables and adding orthodontic parameters.

• Journal of KIISE
• /
• v.45 no.3
• /
• pp.311-320
• /
• 2018

Recently, the use of digital audio and video as proof in criminal and all kinds of litigation is increasing, and scientific investigation using digital forensic technique is developing. With the development of computing and file editing technologies, anyone can simply manipulate video files, and the number of cases of manipulating digital data is increasing. As a result, the integrity of the evidence and the reliability of the evidence Is required. In this paper, we propose a technique for extracting the Electrical Network Frequency (ENF) through a grid of power grids according to the geographical environment for power supply, and then performing signal processing for peak detection using QIFFT. Through the detection algorithm using the standard deviation, it was confirmed that the video file was falsified with 73% accuracy and the forgery point was found.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.2
• /
• pp.95-104
• /
• 2017

As the technology in smart device is growing and Social Network Services(SNS) are becoming more common, the data which is difficult to be processed by existing RDBMS are increasing. As a result of this, NoSQL databases are getting popular as an alternative for processing massive and unstructured data generated in real time. The demand for the technique of digital investigation of NoSQL databases is increasing as the businesses introducing NoSQL database in their system are increasing, although the technique of digital investigation of databases has been researched centered on RDMBS. New techniques of digital forensic investigation are needed as NoSQL Database has no schema to normalize and the storage method differs depending on the type of database and operation environment. Research on document-based database of NoSQL has been done but it is not applicable as itself to other types of NoSQL Database. Therefore, the way of operation and data model, grasp of operation environment, collection and analysis of artifacts and recovery technique of deleted data in HBase which is a NoSQL column-based database are presented in this paper. Also the proposed technique of digital forensic investigation to HBase is verified by an experimental scenario.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2019.11a
• /
• pp.58-60
• /
• 2019

Double JPEG compression detection is one of the most important ways of exposing the integrity of the JPEG image in image forensics. Several methods have been proposed for discriminating against the double JPEG image. In this paper, we propose a new method for restoring the JPEG compressed image and making the detector confused by introducing a Generative Adversarial Network (GAN). First, a generator network is designed for restoring the JPEG compressed image and analyzed the quality. Then, the restored image is tested with the double compression detector for evaluating the robustness of the proposed GAN model. The detection accuracy reduces from 98% to 58%.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06a
• /
• pp.113-114
• /
• 2007

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.591-603
• /
• 2018

Windows Event Log is a format that records system log in Windows operating system and methodically manages information about system operation. An event can be caused by system itself or by user's specific actions, and some event logs can be used for corporate security audits, malware detection and so on. In this paper, we choose actions related to corporate security audit and malware detection (External storage connection, Application install, Shared folder usage, Printer usage, Remote connection/disconnection, File/Registry manipulation, Process creation, DNS query, Windows service, PC startup/shutdown, Log on/off, Power saving mode, Network connection/disconnection, Event log deletion and System time change), which can be detected through event log analysis and classify event IDs that occur in each situation. Also, the existing event log tools only include functions related to the EVTX file parse and it is difficult to track user's behavior when used in a forensic investigation. So we implemented new analysis tool in this study which parses EVTX files and user behaviors.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.10
• /
• pp.111-121
• /
• 2009

Public Information Documental of the administrative, legislative and judicial etc. is lastingness documental and need administration. Whenever the crime event happens, judicature's documental is lent frequently to reference data and is returned, event posting of documental, hysteresis inquiry, lending/return, conservation search, documental exhaust management must consist for administration of lastingness documental. RFID is utilized by the practical use plan of recent Ubiquitous information. Because attaching tag to lastingness documental that use RFID in this treatise, register and manage documental, and chase hysteresis, and design upkeep, present condition analysis of lastingness documental to search, S/W, H/W, network layout, Ubiquitous RFID lastingness recording administration system. Construct lastingness recording administration system after a performance experiment and a chase experiment that is applied in spot that attach 900MHz important duty's RFID tag. After construction practice, create link sex with connection system, security analysis and Forensic data and analyze improvement effect. Is going to contribute Ubiquitous information technology application and Forensic technology development in country documental administration through. research of this treatise.

• Journal of Korea Multimedia Society
• /
• v.12 no.4
• /
• pp.550-558
• /
• 2009

In ubiquitous environment, more small, lightweight, cheap and movable device is used than one device used in wired network environment. Multimedia service which is anytime, anywhere, is provided by device. However, it does not ensure the fair use of multimedia contents and causes damage to the contents providers because of illegal copy and distribution and indiscriminate use of digital contents. For solving this problems, DRM is applied to wired network but it has the problems does not protect stored license and manage license completely because of depending on simple protection such as device authentication and cryptographic algorithm. This paper proposes the license management model using digital forensic and DRM that prevents contents and licenses from distributing illegally and also enables the creation of evidence for legal countermeasure and the protection of license in whole life cycle.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.407-416
• /
• 2018

Instagram is a Social Network Service(SNS) that has recently become popular among people of all ages and it makes people to construct social relations and share hobbies, daily routines, and useful information. However, since the uploaded information can be accessed by arbitrary users and it is easily shared with others, frauds, stalking, misrepresentation, impersonation, an infringement of copyright and malware distribution are reported. For this reason, it is necessary to analyze Instagram from a view of digital forensics but the research involved is very insufficient. So in this paper, We performed reverse engineering and dynamic analysis of Instagram from a view of digital forensics in the Android environment. As a result, we checked three database files that contain user behavior analysis data such as chat content, chat targets, posted photos, and cookie information. And we found the path to save 4 files and the xml file to save various data. Also we propose ways to use the above results in digital forensics.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.6
• /
• pp.1360-1364
• /
• 2013

Internet phone, communication cost and easy-to-use low-cost compared to the PSTN is a mobile phone of a conventional, and use of the Internet phone is spreading. Construction as part of the broadband convergence network(BCN), Internet service provider(KT, SKT, LGU+) has converted to Internet phone telephone network to all government agencies. In addition, members of the public also have an Internet phone service that you are using. In this paper, we analyze the hacking attack on IP-PBX in the IETF SIP-based that are used in Internet telephony, to the study. The test bed is constructed in the same way as the Internet telephone system to perform studies carried hacking attacks on IP-PBX, analyze the results and to extract evidence forensics. When used in crime by hacking the Internet telephone, we propose a method which can be used as evidence in forensic having legal effect.