• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.12
• /
• pp.491-498
• /
• 2016

Recently leakages of confidential information and internal date have been steadily increasing by using booting technique on portable OS such as Windows PE stored in portable storage devices (USB or CD/DVD etc). This method allows to bypass security software such as USB security or media control solution installed in the target PC, to extract data or insert malicious code by mounting the PC's storage devices after booting up the portable OS. Also this booting method doesn't record a log file such as traces of removable storage devices. Thus it is difficult to identify whether the data are leaked and use trace-back technique. In this paper is to propose method to help facilitate the process of digital forensic investigation or audit of a company by collecting and analyzing BIOS firmware images that record data relating to BIOS settings in flash memory and finding traces of portable storage devices that can be regarded as abnormal events.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.8
• /
• pp.1735-1742
• /
• 2011

Now a days, as a mass-storage USB becomes comfortable to carry, function of USB is being developed fast. However, there is a problem that the personal information which is stored in USB could be exposed being used with negative purpose without other certification process. This paper suggests OTP(One-Time Password)-based certification protocol of USB to securely protect personal information stored in USB without additional certification information. The proposed OTP based certification protocol of USB not only demands low calculations but also prevents physical approach of USB of other network and does not allow unnecessary service access of user because it conducts simple action and uses one-way hash function. Therefore, communication overhead and service delay is improved. In the experiment, the proposed protocol compares and evaluates throughput of certification server according to the numbers of USB and delay time of packet certification with a device(USB driver) which simply save device and a device(USB Token) which can calculate by oneself. As a result, it is improved as the number of 12.5% in the certification delay time on average and is improved as the number of 10.8% in the throughput of certification server according to the numbers of USB.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.1
• /
• pp.17-24
• /
• 2017

As the prevalence of removable device, critical intelligences are often stored in the removable device. For that reason, in seizure and search, the removable device became a important evidence of while it could be has a salient key for prove a crime. When we acquired a removable device for proof, we image it by a imaging device or software with a write protection. However, these are high-priced exclusive equipments and sometimes it could be out of order. In addition, we found that some secure USB and inbuilt vaccine USB are failed to connect to the imaging device. Therefore, in this paper, we provide a suitable digital evidence collection procedure for real.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.585-594
• /
• 2015

As the storage market has been expanded due to growing data size, the research on various kinds of storages such as cloud, USB, and external HDD(Hard Disk Drive) has been conducted in digital forensic aspects. NAS(Network-Attached Storage) can store the data over one TB(Tera Byte) and it is well used for private storage as well as for enterprise, but there is almost no research on NAS. This paper selects three NAS products that has the highest market share in domestic and foreign market, and suggests the process and method for data acquisition in live NAS System.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.48 no.6
• /
• pp.47-55
• /
• 2011

The performance of data transmission from mobile devices to cloud storages is limited by the amount of data being transferred, communication speed and battery consumption of mobile devices. Especially, when the large-scale data communication takes place using mobile devices, such as smart phones, the performance turbulence and power consumption become an obstacle to establish the reliable communication environment. In this paper, we present an efficient data transmission method using USB Hijacking. In our approach, the synchronization to transfer a large amount of data between mobile devices and user PC is executed by using USB Hijacking. Also, there is no need to concern about data capacity and battery consumption in the data communication. We presented several experimental results to verify the effectiveness and suitability of our approach.

• The Journal of the Korea Contents Association
• /
• v.14 no.11
• /
• pp.533-540
• /
• 2014

As for the application system or the user authentication scheme that is used in the system, various technologies including simple ID/PW, certificate, fingerprint/iris, phone, security card, and OTP are being used. But simple ID/PW and phone certification lack security features. As for the certificate, fingerprint/iris, and security card/OTP, the weakness in security has been quite strengthened, but there are costs and complexity involved to use these. This paper proposes a new measure of much safer and low-cost user authentication that improves the security level and uses mobile external storage media such as USB that people commonly have.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2016.01a
• /
• pp.317-320
• /
• 2016

본 논문에서는 PC가 사용자를 구분하지 못하여 발생하는 보안 문제점과 개인이 PC를 관리하는 시간이 증가함에 따라 관리자가 미처 신경 쓰지 못하게 되는 보안 문제를 해결하고자 USB 저장 장치와 스마트폰을 이용한 사용자 PC인증 및 PC환경에서의 물리적 외부 접근 차단, 기업 차원이 아닌 개인 차원에서의 저 비용 보안 기술을 적용한 시스템을 구현하였다.

• Convergence Security Journal
• /
• v.18 no.5_2
• /
• pp.21-27
• /
• 2018

Most of the Internet users in Korea are issued certificates and use them for various tasks. For this reason, it is recommended that accredited certification authorities and security related companies and use public certificates on USB memory and portable storage devices rather than on the user's desktop. Despite these efforts, the hacking of the certificate has been continuously occurring and the financial damage has been continuing. Also, for security reasons, our military has disabled USB to general military users. Therefore, this study proposes a two-factor method using the unique information of the USB memory and the PC which is owned by the user, and suggests a method of managing the private key file secure to the general user. Furthermore, it will be applied to national defense to contribute to the prevention of important data and prevention of access by unauthorized persons.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.1355-1358
• /
• 2006

임베디드 리눅스 디바이스 드라이버의 개발이 증가하면서 이에 대한 오류 테스트 기능을 가진 모듈의 필요성이 증가되고 있다. 본 논문은 리눅스 디바이스 드라이버를 위한 freed 메모리 오류 테스트 모듈의 기본 개념을 제시하며, 기본 개념을 바탕으로 오류 테스트 모듈을 설계한다. freed 메모리 오류 테스트 모듈 설계를 위해 리눅스 USB 디바이스 드라이버에 설계하고, 오류가 발생할 가능성이 존재하는 부분에 대한 검증을 위한 코드를 추가하여 테스트 모듈을 작성한다. 오류 테스트 모듈 설계를 위해서 usb storage 디바이스 드라이버를 대상으로 하였다. 또한 작성된 오류 테스트 모듈의 실험을 진행하였다. 실험을 통해 리눅스 디바이스 드라이버의 오류 테스트 모듈의 동작을 확인할 수 있다.

• Proceedings of the IEEK Conference
• /
• 2008.06a
• /
• pp.1105-1106
• /
• 2008

In this paper we construct a portable storage device (USB memory) for personal health information management system which guarantees control of one's information. (1) Development of system for inquiry hospital visit history, check-up results, and medication details (2) Establishment of personal emergency information management system for rapid and accurate treatment by an authorized person in case of an emergency (3) Development of a health diary program in which individual patients can input and manage their health information such as blood pressure, blood sugar level, weight, and pulse that they measured.