• The Journal of the Korea Contents Association
• /
• v.7 no.12
• /
• pp.355-364
• /
• 2007

The paradigm of war is basically changed by development of information and communication technologies. One of the paradigms in future war is NCW(Network-Centric Warfare) that is purposed of achievement in information-superiority. In this future war, the level of menace and fragility is rapidly increased in information-security according to the massive information and complex system. Therefore the Korean army is developing the information-security technologies for NCW. But, until now patent analysis concerning NCW has not performed. In this paper, we suggest a meaningful data for efficient R&D through patent analysis of information-security technologies on NCW.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.705-719
• /
• 2014

Recently the importance of operational risk is gradually increasing in risk management of financial institute. Especially the service interruption caused by system failure can lead to customer complaints, decrease of profit and customer secession. Thus, financial industry makes diverse effort to minimize the impact caused by the system failure of IT application. Common modules are used in IT system in financial industry to exclude redundant development and to use the system efficiently. However, when a failure in common module is occurred, the risk that affects all the tasks using the common module exists. In this study, the damage affected by a failure in application program is prevented separating common module which has a large risk by task in the perspective of IT operational risk. In order to cope with damage, the research on the factors related to common module is conducted and proposes the separating common module standard for decrease of operational risk of the financial IT.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.655-667
• /
• 2014

A disaster is the time-excess case that computerized service can tolerate a failure and financial industry is being set up the disaster recovery system based on the disaster recovery plan and the business continuity plan for preparing these disasters. However, existing system can not guarantee the business continuity when it comes to cyber terror. This paper analyzes the building type and building technology of disaster recovery system for the financial fields. Also this paper explain the type of data backup using online redo log and type of archive log backup using WORM storage. And this paper proposes the model of improved data recovery combining above two types. Lastly this paper confirm the effectiveness and reliability for proposal rocovery model through the implementation of the test environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.593-605
• /
• 2014

In this paper, we propose the efficient HW/SW co-design method of light-weight cryptography such as HIGHT, PRESENT and PRINTcipher using GEZEL. At first the symmetric cryptographic algorithms were designed using the GEZEL language which is efficiently used for HW/SW co-design. And for the improvement of performance the HW optimization theory such as unfolding, retiming and so forth were adapted to the cryptographic HW module conducted by FSMD. Also, the operation modes of those algorithms were implemented using C language in 8051 microprocessor, it can be compatible to various platforms. For providing reliable communication between HW/SW and preventing the time delay the improved handshake protocol was chosen for enhancing the performance of the connection between HW/SW. The improved protocol can process the communication-core and cryptography-core on the HW in parallel so that the messages can be transmitted to SW after HW operation and received from SW during encryption operation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.885-896
• /
• 2014

The files in computer storages can be deleted due to unexpected failures or accidents. Some malicious users often delete data by himself for anti-forensics. If deleted files are associated with crimes or important documents in business, they should be recovered and the recovery tool is necessary. The recovery methods and tools for some filesystems such as NTFS, FAT, and EXT have been developed actively. However, there has not been any researches for recovering deleted files in XFS filesystem applied to NAS or CCTV. In addition, since the current related tools are based on the traditional signature detection methods, they have low recovery rates. Therefore, this paper suggests the recovery methods for deleted files based on metadata and signature detection in XFS filesystem, and verifies the results by conducting experiment in real environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.319-325
• /
• 2014

Since smart phones or tablet PCs have been widely used recently, the users can create and edit documents anywhere in real time. If the input and edit flows of documents can be traced, it can be used as evidence in digital forensic investigation. The typical document application is the MS(Microsoft) Office. As the MS Office applications consist of two file formats that Compound Document File Format which had been used from version 97 to 2003 and OOXML(Office Open XML) File Format which has been used from version 2007 to now. The studies on MS Office files were for making a decision whether the file has been tampered or not through detection of concealed items or analysis of documents properties so far. This paper analyzed the input order of text cells on MS Excel files and shows how to figure out what cell is the last edited in digital forensic perspective.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.311-318
• /
• 2014

As modern computer graphics technology has been developed, it is hard to discriminate computer graphics from photographic images with the naked eye. Advances in graphics technology has brought a lot of convenience to human, it has side effects such as image forgery, malicious edit and fraudulent means. In order to cope with such problems, studies of various algorithms using a feature that represents a characteristic of an image has been processed. In this paper, we verify directly the existing algorithm, and provide new features based a noise that represents the characteristics of the computer graphics well. And this paper introduces the method of using SVM(Support Vector Machine) with features proposed in previous research to improve the discrimination accuracy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1099-1105
• /
• 2017

Enterprises use different accounting programs to process vast amounts of accounting data. Due to the characteristic of the accounting program, in addition to the accounting data used by the accounting program, there is a variety of information to help detect accounting fraud. Existing forensic accounting techniques have limited scope of analysis because they analyze only accounting data like accounting ledger without using such information. When you do accounting fraud detection, information obtained from characteristics of accounting program can be used to obtain various information that can not be obtained by accounting data analysis alone. In this paper, we try to contribute to effective accounting fraud investigation by suggesting a technique to effectively detect accounting fraud by using other data obtained from characteristics of accounting program used in Windows system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1107-1115
• /
• 2017

The most commonly used PKZIP format is a ZIP file, as well as a file format used in MS Office files and application files for Android smartphones. PKZIP format files, which are widely used in various areas, require structural analysis from the viewpoint of digital forensics and should be able to recover when files are damaged. However, previous studies have focused only on recovering data or extracting meaningful data using the Deflate compression algorithm used in ZIP files. Although most of the data resides in compressed data in the ZIP file, there is also forensically meaningful data in the rest of the ZIP file, so you need to restore it to a normal ZIP file format. Therefore, this paper presents a technique to recover a damaged ZIP file to a normal ZIP file when given.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.143-154
• /
• 2008

Information hiding is a very important technology recently. Having this technology can be a competitive power for secure communication. In this paper, it will be showed that hiding data in MS Office 2007 file is possible. Considering Microsoft (MS) Office 2007 file format is based on Open XML format, the feature of Open XML format makes it possible to hide data in MS Office 2007 file. In Open XML format, unknown XML files and their relationships can be defined by user. These parts and relationships are used to hide data in MS Office 2007 file. Considering unknown parts and unknown relationships are not in normal MS Office 2007 file, the hidden data can be detected by confirming of unknown parts and unknown relationships.