• KSCI Review
• /
• v.14 no.2
• /
• pp.245-254
• /
• 2006

Web Forensics algorithm used to an extraction of technical Web Forensics data to be adopted to proof data regarding a crime cyber a computer at data of a great number of log History is an essential element. Propose Web Forensics algorithm, and design at these papers, and try to implement in a Web server system of an actual company. And make the Web dispatch Loging system configuration experiment that applied integrity regarding Web log History information or authentication regarding an information source. Design Web Forensics algorithm and the Flow which used for Web log History analyses at server of e-mail, webmail, HTTP (Web BBS, Blog etc.), FTP, Telnet and messengers (MSN, NateOn, Yahoo, DaumTouch. BuddyBuddy, MsLee, AOL, SoftMe) of a company, and implement through coding. Therefore have a purpose of these paper to will contribute in scientific technical development regarding a crime cyber a computer through Web Forensics.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.537-543
• /
• 2002

컴퓨터와 인터넷의 발전과 함께 컴퓨터 범죄가 급속히 증가하고 있는 추세이다. 이에 대응하기 위해 시작된 분야가 컴퓨터 포렌식스(Computer and Network Forensics)이다. 본 논문에서는 컴퓨터 포렌식스의 몇 가지 예를 통해 일반적인 단계와 각 단계에서 이루어지는 절차에 대해 알아본다. 그리고 컴퓨터 포렌식스의 중요한 구성요소로써 사용되는 IDS와 IDS를 적용한 컴퓨터 포렌식스 절차에 대해 살펴보며 마지막으로 보다 효율적이고 체계적인 컴퓨터 포렌식스 준비를 위한 로컬 정책 수립에 기본적인 기준을 제시한다.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.12
• /
• pp.161-169
• /
• 2014

Digital forensics is the process of proving criminal charges by collecting and analyzing digital evidence which is related to the crime in question. Most digital forensic research is focused on digital forensic techniques themselves or cyber crime. In this paper, we designed a digital forensics-criminal investigation linked model in order to effectively apply digital forensics to various types of criminal investigations. Digital forensic ontology was developed based on this model. For more effective application of digital forensics to criminal investigation we derived specific application fields. The ontology has legality rules and adequacy rules, so it can support investigative decision-making. The ontology can be developed into an intelligent criminal investigation system.

• Journal of the Ergonomics Society of Korea
• /
• v.30 no.2
• /
• pp.319-330
• /
• 2011

In computer forensics investigation, the investigators collect, protect, analyze and interpret massive amount of data which were used in cyber crime. However, due to its huge amount of information, it takes a great deal of time and errors often result even when they use forensics investigation tool in the process. The information visualization techniques will greatly help to improve the information processing ability of human when they deal with the overwhelming amount of data and have to find out significant information in it. The importance of Intrusion Detection System(IDS) among network forensics is being emphasized in computer forensics. In this study, we apply the information visualization techniques which are proposed to be a great help to IDS and carry out the usability test to find out the most effective information visualization techniques for IDS.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.571-580
• /
• 2014

Digital Records, which are created, stored, and managed in digital form, contains security vulnerability such as data modification, due to the characteristic of digital data. Therefore it is necessary to guarantee the reliability by verification of integrity and authenticity when managing digital records. This paper propose digital forensics based migration process for electronic records by analyzing legacy digital forensics process, and derives the requirements to develop digital forensics based electronic records migration tool through analyzing trends of abroad digital records migration technique and tool. Based on these develop digital forensic based digital records migration tool to guarantee integrity and authenticity of digital records.

• Journal of Information Science Theory and Practice
• /
• v.11 no.4
• /
• pp.14-39
• /
• 2023

Cybercrime is a significant threat to Internet users, involving crimes committed using computers or computer networks. The landscape of cyberspace presents a complex terrain, making the task of tracing the origins of sensitive data a formidable and often elusive endeavor. However, tracing the source of sensitive data in online cyberspace is critically challenging, and detecting cyber-criminals on the other hand remains a time-consuming process, especially in social networks. Cyber-criminals target individuals for financial gain or to cause harm to their assets, resulting in the loss or theft of millions of user data over the past few decades. Forensic professionals play a vital role in conducting successful investigations and acquiring legally acceptable evidence admissible in court proceedings using modern techniques. This study aims to provide an overview of forensic investigation methods for extracting digital evidence from computer systems and mobile devices to combat persistent cybercrime. It also discusses current cybercrime issues and mitigation procedures.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.221-239
• /
• 2020

In this paper, a visualization digital forensics tool, called JumpList Analyzer, is implemented. The tool can analyze the complicated Jump Lists files, and then the results are demonstrated by visualization. To compare the proposed tool with the other Jump Lists tools, the proposed tool is the only one can display the analyzed results by visualization. The visualization will help the investigators more easily to find the evidence than the other tools showing the analyzed results by texts only. In the experiment, the proposed JumpList Analyzer is demonstrated its convenience at identifying artifacts for doing digital forensics in a financial fraud case. In addition, the proposed tool can also be used to reveal the computer user's behavior or background.

• Proceedings of the Safety Management and Science Conference
• /
• 2001.05a
• /
• pp.275-280
• /
• 2001

DESIGNIN AND OPERATION OF DIGITAL EVIDENCE MANAGEMENT SYSTEM APPLYING COMPUTER FORENSICS AND ELECTRONIC CERTIFICATION Digital evidence will be used as a term, which means the electronic form of information which is necessary to confirm or prove the factum of all kinds of behaviors committed through the devices which have data processing ability including computer. It is expected that there will be the increase of legal conflicts surrounding electronic commerce activities as well as the increase of cyber crimes, as the number of Internet users are getting bigger. In order to solve the problems of conflicts derived from electronic commerce, the factum of electronic commerce activities must be confirmed. In order to confirm the factum of electronic commerce activities, the evidence is prerequisite. Almost all evidences relating to the electronic commerce activities exist in digital form. For the reason that the digital evidence can be easily damaged and changed, special management is required to collect, analyze, and preserve the digital evidence. In order to meet this requirement, this study proposes a basic model of digital evidence management system applying computer forensics and electronic authentication.

• The Journal of Korean Association of Computer Education
• /
• v.17 no.3
• /
• pp.75-84
• /
• 2014

It is a current situation that a large number of physical and financial damages are increasing due to the growth of intellectual cyber crime and unexpected Internet incidents year by year. In the large scale security incidents, digital forensics techniques for computer crime investigations are essential to secure a place in the field. However, qualified digital forensics investigators who complete with digital security technology are practically insufficient in domestic. In this paper, as one of developing human resources plans regarding to scientific investigation of Internet security incidents, an undergraduate curriculum per stage in digital forensics was proposed. For the effective curriculum per stage, the interviews, group discussion on focused group of existing digital forensics investigators and related research were performed to select curriculum, and then the level of difficulty and practical suitability on each subject designed were analyzed through survey and interview to current investigators and security professionals. After collating the survey, the digital forensic curriculum per level was designed to highly adaptable workforce for the future for working and positive suggestions and proposals are addressed.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.95-102
• /
• 2023

The emergence of Internet of Things (IoT) into our daily lives has grown rapidly. It's been integrated to our homes, cars, and cities, increasing the intelligence of devices involved in communications. Enormous amount of data is exchanged over smart devices through the internet, which raises security concerns in regards of privacy evasion. This paper is focused on the forensics and intrusion detection on one of the most common protocols in IoT environments, especially smart home environments, which is the Message Queuing Telemetry Transport (MQTT) protocol. The paper covers general IoT infrastructure, MQTT protocol and attacks conducted on it, and multiple network forensics frameworks in smart homes. Furthermore, a machine learning model is developed and tested to detect several types of attacks in an IoT network. A forensics tool (MQTTracker) is proposed to contribute to the investigation of MQTT protocol in order to provide a safer technological future in the warmth of people's homes. The MQTT-IOT-IDS2020 dataset is used to train the machine learning model. In addition, different attack detection algorithms are compared to ensure the suitable algorithm is chosen to perform accurate classification of attacks within MQTT traffic.