• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.22 no.6
• /
• pp.1127-1136
• /
• 1997

A vector timestamp is used to satisfy message ordering in a group communications. In this paper, we propose a new vector timestamp compression method which is applicable to a single process group environment where one process belongs to only one precess group. An existing compression method compares the fields of the previously sent vector timestamp with thouse of the currently updated vector timestamp, then sends only the modified fields of the vector timestamp. Unlike the previous one, a proposed compression method performs individual compression for each process using the locally maintained vector timestamp information on other processes. Also, we logicallyproved the causal ordering algorithm using the new compression method and compared the performance of the proposed method with one of the previous compression method by computer simulation. Using the proposed compression method, the message overhead required for causal ordering can be reduced.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.9
• /
• pp.51-58
• /
• 2019

Temporal analysis is very useful and important for digital forensics for reconstructing the timeline of digital events. Forgery of a file's timestamp can lead to inconsistencies in the overall temporal relationship, making it difficult to analyze the timeline in reconstructing actions or events and the results of the analysis might not be reliable. The purpose of the timestamp change is to hide the data in a steganographic way, and the other purpose is for anti-forensics. In both cases, the time stamp change tools are requested to use. In this paper, we propose a classification method based on the behavior of the timestamp change tools. The timestamp change tools are categorized three types according to patterns of the changed timestamps after using the tools. By analyzing the changed timestamps, it can be decided what kind of tool is used. And we show that the three types of the patterns are closely related to API functions which are used to develop the tools.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.5
• /
• pp.1196-1210
• /
• 1997

Timestamp-Ordering Prltocol among trancaction scheduling alforithms can cause the priority teversion that a transaction with higher priority is processed after the teansaction the trancaction withe lower priority by assigning timestamp to transactions entering system and scheduling them based on the timestamp.To prevent this reversion,we suggest a data priority-based timestamp ordering prioity within the same timestamp group after grouping teansactions into constant time interval based on entering points.To evaluate the performance of this protocol,we compared the performance of this protocol with that of others after constructing the simulation environment with real time database system.We verified that the performance of proposed protocol is supweior to that of timestamp ordering protocol under the comdition of high load and high data conflicts.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.2
• /
• pp.162-170
• /
• 2016

The key exchange protocols are very important to provide the secure communication in broadband satellite access network. However key exchange protocol of ETSI(European Telecommunications Standards Institute) is vulnerable to man-in-the-middle-attack by using Diffie-Hellman algorithm. And the key exchange protocol using certification is not useful in satellite environment. We propose the key exchange protocol using Timestamp which have the resistant to man-in-the-middle-attack. Proposed protocol is able to prevent the man-in-the-middle-attack by calculated time value. Also showing experiment results, we prove that proposed protocol improve memory usage, communication amount and calculation amount than other protocols.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.5 no.1
• /
• pp.16-20
• /
• 2004

This paper developed a secure web-based digital notary system. The system conforms to international standards, and gives users very good accessibility to it. The technologies and the application systems for timestamp-related services are not yet popularized, but they are potentially meaningful to many kinds of areas such as ecommerces, digital right managements, and internet mail systems. The digital notary system uses the timestamp requests and responses which conforms to rfc 3161. The system supports secure communication between web-based notary server and its clients by using SSL(Secure Socket Layer), and use nonces for prevention of replay attacks.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.2
• /
• pp.377-387
• /
• 2009

Digital signatures not only provide a way of guaranteeing the integrity of data but also establish the identity of the signer. However, basic digital signature format which contains only the signature of the signer does not guarantee the correctness of its creation time, and it can not remain valid over long periods. This paper proposes a system which integrates timestamp service into digital signatures. The system provides online services for the creation and verification of long term digital signatures which can give the guarantee of the correctness of their creation times and can be proved to be valid over long periods. The proposed system can be used in the various areas such as e-commerce contracts, document archival services, and invoice applications, which requires long term digital signatures. The proposed system is tested with the KRISS timestamp service system.

• International Journal of Internet, Broadcasting and Communication
• /
• v.8 no.3
• /
• pp.31-40
• /
• 2016

In this paper, we propose a new anti-forensic method for hiding data in the timestamp of a file in the Windows NTFS filesystem. The main idea of the proposed method is to utilize the 16 least significant bits of the 64 bits in the timestamps. The 64-bit timestamp format represents a number of 100-nanosecond intervals, which are small enough to appear in less than a second, and are not commonly displayed with full precision in the Windows Explorer window or the file browsers of forensic tools. This allows them to be manipulated for other purposes. Every file has $STANDARD_INFORMATION and $FILE_NAME attributes, and each attribute has four timestamps respectively, so we can use 16 bytes to hide data. Without any changes in an original timestamp of "year-month-day hour:min:sec" format, we intentionally put manipulated data into the 16 least significant bits, making the existence of the hidden data in the timestamps difficult to uncover or detect. We demonstrated the applicability and feasibility of the proposed method with a test case.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.8A
• /
• pp.830-836
• /
• 2006

One of the seminal operation parameters of AODV is the node-to-node travel time of data, which is currently set to fixed value of 40 ms in the RFC3561 and widely used to compute other parameters such as the expected round-trip time of the connection setup message, etc. We have naturally thought the network performance could be improved by dynamically varying the node-to-node travel time with respect to the traffic condition in the networt rather than using the fixed value, which motivates this work. To this end, we apply the idea of using timestamp; every node places the current time in the message before sending it out, and the receiver node computes the node travel time based on the moving average algorithm by considering not only the current value but also the previous ones in an accumulated and exponentially decreasing fashion with time. We evaluate the performance of the proposed scheme in respect of the number of RREQ messages generated, throughput, and delay as a function of traffic load and node mobility, and compare the result with the original AODV scheme. The results show that the proposed scheme presents noticeable performance improvements, expecially under the condition of high node mobility and high traffic load.

• Journal of Internet of Things and Convergence
• /
• v.9 no.6
• /
• pp.23-28
• /
• 2023

Windows operating system generates various logs with timestamps. Timestamp tampering is an act of anti-forensics in which a suspect manipulates the timestamps of data related to a crime to conceal traces, making it difficult for analysts to reconstruct the situation of the incident. This can delay investigations or lead to the failure of obtaining crucial digital evidence. Therefore, various techniques have been developed to detect timestamp tampering. However, there is a limitation in detection if a suspect is aware of timestamp patterns and manipulates timestamps skillfully or alters system artifacts used in timestamp tampering detection. In this paper, a method is designed to detect changes in timestamps, even if a suspect alters the timestamp of a file on a storage device, it is challenging to do so with precision beyond millisecond order. In the proposed detection method, the first step involves verifying the timestamp of a file suspected of tampering to determine its write time. Subsequently, the confirmed time is compared with the file size recorded within that time, taking into consideration the performance of the storage device. Finally, the total capacity of files written at a specific time is calculated, and this is compared with the maximum input and output performance of the storage device to detect any potential file tampering.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.2
• /
• pp.73-90
• /
• 2015

When we apply file commands on files in a directory, the directory as well as the file suffer changes in timestamps of MFT entry. Based on understanding of these changes, this work provides a digital forensic analysis on the timestamp changes of the directory influenced by execution of file commands. NTFS utilizes B-tree indexing structure for managing efficient storage of a huge number of files and fast lookups, which changes an index tree of the directory index when files are operated by commands. From a digital forensic point of view, we try to understand behaviors of the B-tree indexes and are looking for traces of files to collect information. But it is not easy to analyze the directory index entry when the file commands are executed. And researches on a digital forensic about NTFS directory and B-tree indexing are comparatively rare. Focusing on the fact, we present, in this paper, directory timestamp changes after executing file commands including a creation, a copy, a deletion etc are analyzed and a method for finding forensic evidences of a deletion of directory containing files. With some cases, i.e. examples of file copy and file deletion command, analyses on the problem of timestamp changes of the directory are given and the problem of finding evidences of a deletion of directory containging files are shown.