• Journal of forensic and investigative science
• /
• v.1 no.2
• /
• pp.5-19
• /
• 2006

Data mining is an information extraction activity to discover hidden facts contained in databases. Using a combination of machine learning, statistical analysis, modeling techniques and database technology, data mining finds patterns and subtle relationships in data and infers rules that allow the prediction of future results. Typical applications include market segmentation, customer profiling, fraud detection, evaluation of retail promotions, and credit risk analysis. Law enforcement agencies deal with mass data to investigate the crime and its amount is increasing due to the development of processing the data by using computer. Now new challenge to discover knowledge in that data is confronted to us. It can be applied in criminal investigation to find offenders by analysis of complex and relational data structures and free texts using their criminal records or statement texts. This study was aimed to evaluate possibile application of data mining and its limitation in practical criminal investigation. Clustering of the criminal cases will be possible in habitual crimes such as fraud and burglary when using data mining to identify the crime pattern. Neural network modelling, one of tools in data mining, can be applied to differentiating suspect's photograph or handwriting with that of convict or criminal profiling. A case study of in practical insurance fraud showed that data mining was useful in organized crimes such as gang, terrorism and money laundering. But the products of data mining in criminal investigation should be cautious for evaluating because data mining just offer a clue instead of conclusion. The legal regulation is needed to control the abuse of law enforcement agencies and to protect personal privacy or human rights.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.6 s.44
• /
• pp.175-184
• /
• 2006

Computer Forensics functions by defending the effects and extracting the evidence of the side effects for production at the court. Has the faultlessness of the digital evidence been compromised during the investigation, a critical evidence may be denied or not even be presented at the trial. The presented monograph will deliberate the faultlessness-establishing chain procedures in disk forensics, system forensics, network forensics, mobile forensics and database forensics. Once the faultlessness is established by the methods proposed, the products of investigation will be adopted as a leading evidence. Moreover, the issues and alternatives in the reality of digital investigation are presented along with the actual computer forensics cases, hopefully contributing to the advances in computer digital forensics and the field research of information security.

• Journal of Korea Society of Industrial Information Systems
• /
• v.15 no.5
• /
• pp.105-111
• /
• 2010

SWF(Shock Wave Flash) file is a format file for vector graphics produced by Adobe. It is widely used for a variety of contents such as advertising at websites, widgets, games, education, and videos and it contains various types of data such as sound sources, script, API and images. Many SWF files contain URL information on action script for communication in the network and they can be used as important research data as well as PC users' Web Browser history in terms of forensic investigation. And a decompiler for analyzing SWF files exists by which SWF files can be analysed and URL information can be verified. However, it takes a long time to verify the URL information on action scripts of multiple SWF files by the decompiler. In this paper, analysis of URL information on action scripts and extraction of URL information from multiple SWF files by designing analysis tools for URL information in SWF files is studied.

• KIPS Transactions on Software and Data Engineering
• /
• v.6 no.1
• /
• pp.15-22
• /
• 2017

With the advance of Internet Technology, various social network services are created and used by users. Especially, the use of smart devices makes that multimedia contents can be used and distributed on social network services. However, since the crime rate also is increased by users with illegal purposes, there are needs to protect contents and block illegal usage of contents with multimedia forensics. In this paper, we propose a multimedia forensic technique which is identifying the video source. First, the scheme to acquire the sensor pattern noise (SPN) using morphology filtering is presented, which comes from the imperfection of photon detector. Using this scheme, the SPN of reference videos from the reference device is estimated and the SPN of an unknown video is estimated. Then, the similarity between two SPNs is measured to identify whether the unknown video is acquired using the reference device. For the performance analysis of the proposed technique, 30 devices including DSLR camera, compact camera, camcorder, action cam and smart phone are tested and quantitatively analyzed. Based on the results, the proposed technique can achieve the 96% accuracy in identification.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1043-1057
• /
• 2015

In order to recognize intelligent threats quickly and detect and respond to them actively, major public bodies and private institutions operate and administer an Intrusion Detection Systems (IDS), which plays a very important role in finding and detecting attacks. However, most IDS alerts have a problem that they generate false positives. In addition, in order to detect unknown malicious codes and recognize and respond to their threats in advance, APT response solutions or actions based systems are introduced and operated. These execute malicious codes directly using virtual technology and detect abnormal activities in virtual environments or unknown attacks with other methods. However, these, too, have weaknesses such as the avoidance of the virtual environments, the problem of performance about total inspection of traffic and errors in policy. Accordingly, for the effective detection of intrusion, it is very important to enhance security monitoring, consequentially. This study discusses a plan for the reduction of false positives as a plan for the enhancement of security monitoring. As a result of an experiment based on the empirical data of G, rules were drawn in three types and 11 kinds. As a result of a test following these rules, it was verified that the overall detection rate decreased by 30% to 50%, and the performance was improved by over 30%.

• Journal of Korean Neurosurgical Society
• /
• v.63 no.2
• /
• pp.178-187
• /
• 2020

Objective : The extensive vasa vasorum network functions as a conduit for the entry of inflammatory cells or factors that promote the progression of angiogenesis and plaque formation. Therefore, we investigated the correlation between the carotid vasa vasorum activities and carotid plaque vulnerability using indocyanine green video angiography (ICG-VA) during carotid endarterectomy (CEA). Methods : Sixty-nine patients who underwent CEA were enrolled prospectively from September 2015 to December 2017. During CEA, a bolus of ICG was injected intravenously before and after resecting the atheroma. Additionally, we performed immunohistochemistry using CD68 (a surface marker of macrophages), CD117 (a surface marker of mast cells), and CD4 and CD8 (surface markers of T-cells) antibodies to analyze the resected plaque specimens. Results : The density of active vasa vasorum was observed in all patients using ICG-VA. The vasa vasorum externa (VVE) and interna (VVI) were seen in 11 (16%) and 57 patients (82.6%), respectively. Macroscopically, the VVE-type patterns were strongly associated with preoperative angiographic instability (81.8%, p=0.005) and carotid plaque vulnerability (90.9%, p=0.017). In contrast, the VVI-type patterns were weakly associated with angiographic instability (31.6%) and plaque vulnerability (49.1%). CD68-stained macrophages and CD117-stained mast cells were observed more frequently in unstable plaques than in stable plaques (p<0.0001, p=0.002, respectively). Conclusion : The early appearance of VVE, along with the presence of many microvessel channels that provided nutrients to the developing and expanding atheroma during ICG-VA, was strongly associated with unstable carotid plaques. The degree of infiltration of macrophages and mast cells is possibly related to the formation of unstable plaques.

• Journal of Internet Computing and Services
• /
• v.23 no.5
• /
• pp.69-78
• /
• 2022

As the use of Internet of Things (IoT) devices has expanded, digital forensics coverage of the National Police Agency has expanded to smart home areas. Accordingly, most of the existing studies conducted to acquire smart home platform data were mainly conducted to analyze local data of mobile devices and analyze network perspectives. However, meaningful data for evidence analysis is mainly stored on cloud storage on smart home platforms. Therefore, in this paper, we study how to acquire stored in the cloud in a Hey Home Air environment by extracting accessToken of user accounts through a cookie database of browsers such as Microsoft Edge, Google Chrome, Mozilia Firefox, and Opera, which are recorded on a PC when users use the Hey Home app-based "Hey Home Square" service. In this paper, the it was configured with smart temperature and humidity sensors, smart door sensors, and smart motion sensors, and artifacts such as temperature and humidity data by date and place, device list used, and motion detection records were collected. Information such as temperature and humidity at the time of the incident can be seen from the results of the artifact analysis and can be used in the forensic investigation process. In addition, the cloud data acquisition method using OpenAPI proposed in this paper excludes the possibility of modulation during the data collection process and uses the API method, so it follows the principle of integrity and reproducibility, which are the principles of digital forensics.

• Journal of the Korea Society for Simulation
• /
• v.31 no.3
• /
• pp.55-61
• /
• 2022

Currently police and fire departments use a Network/Wifi/GPS based emergency location positioning system established by mobile carriers to directly link with the device of the people who request the rescue to accurately position the expected location in the call area. However in the case of mountain rescue it is difficult to rescue the victim in golden time because the location of the search area cannot be limited when the victim is located in a radio shadow area of the mountain or the device power is off and this situation become worse if victim fail to report 911 by himself due to the injury. In this paper, we are expected to solve the previous problem by propose the mobile telecommunication forensic simulator consist of time series of cell information, human mobility model which include some general and specific features (age, gender, behavioral characteristics of victim, etc.) and intelligent infer system. The results of analysis appear in heatmap of polygons on the map based on the probability of the expected location information of the victim. With this technology we are expected to contribute to rapid and accurate lifesaving by reducing the search area of rescue team.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.295-303
• /
• 2023

As the cloud computing market grows, a variety of cloud services are now reliably delivered. Administrative agencies and public institutions of South Korea are transferring all their information systems to cloud systems. It is essential to develop security solutions in advance in order to safely operate cloud services, as protecting cloud services from misuse and malicious access by insiders and outsiders over the Internet is challenging. In this paper, we propose a zero trust model for cloud storage services that store sensitive data. We then verify the effectiveness of the proposed model by operating a cloud storage service. Memory, web, and network forensics are also performed to track access and usage of cloud users depending on the adoption of the zero trust model. As a cloud storage service, we use Amazon S3(Simple Storage Service) and deploy zero trust techniques such as access control lists and key management systems. In order to consider the different types of access to S3, furthermore, we generate service requests inside and outside AWS(Amazon Web Services) and then analyze the results of the zero trust techniques depending on the location of the service request.

• Journal of Veterinary Science
• /
• v.24 no.3
• /
• pp.44.1-44.17
• /
• 2023

Background: Antibiotic resistance is a significant public health concern around the globe. Antimicrobial peptides exhibit broad-spectrum and efficient antibacterial activity with an added advantage of low drug resistance. The higher water content and 3D network structure of the hydrogels are beneficial for maintaining antimicrobial peptide activity and help to prevent degradation. The antimicrobial peptide released from hydrogels also hasten the local wound healing by promoting epithelial tissue regeneration and granulation tissue formation. Objective: This study aimed at developing sodium alginate based hydrogel loaded with a novel antimicrobial peptide Chol-37(F34-R) and to investigate the characteristics in vitro and in vivo as an alternative antibacterial wound dressing to treat infectious wounds. Methods: Hydrogels were developed and optimized by varying the concentrations of crosslinkers and subjected to various characterization tests like cross-sectional morphology, swelling index, percent water contents, water retention ratio, drug release and antibacterial activity in vitro, and Pseudomonas aeruginosa infected wound mice model in vivo. Results: The results indicated that the hydrogel C proved superior in terms of cross-sectional morphology having uniformly sized interconnected pores, a good swelling index, with the capacity to retain a higher quantity of water. Furthermore, the optimized hydrogel has been found to exert a significant antimicrobial activity against bacteria and was also found to prevent bacterial infiltration into the wound site due to forming an impermeable barrier between the wound bed and external environment. The optimized hydrogel was found to significantly hasten skin regeneration in animal models when compared to other treatments in addition to strong inhibitory effect on the release of pro-inflammatory cytokines (interleukin-1β and tumor necrosis factor-α). Conclusions: Our results suggest that sodium alginate -based hydrogels loaded with Chol-37(F34-R) hold the potential to be used as an alternative to conventional antibiotics in treating infectious skin wounds.