• Journal of Korea Multimedia Society
• /
• v.10 no.3
• /
• pp.365-372
• /
• 2007

The information of world is most likely to be created as digital data. These digital productions need some legal protection mechanisms or techniques because users can illegally use them. Thus many researchers are developing various techniques. Currently most techniques are focusing on the physical and chemical methods like disk inspection for taking legal evidence about production infringement. This paper has developed a computer forensics-based copyrights protection system capable of detecting and notifying disobedience facts when user uses illegally a production. Furthermore if the user infringes continually the production the system stores the infringement facts to take the legal evidence by mapping to law for intellectual property right. The technique can protect data from digital evidence manipulation or destruction.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.3258-3279
• /
• 2019

Recently, ransomware has earned itself an infamous reputation as a force to reckon with in the cybercrime landscape. However, cybercriminals are adopting other unconventional means to seamlessly attain proceeds of cybercrime with little effort. Cybercriminals are now acquiring cryptocurrencies directly from benign Internet users without the need to extort a ransom from them, as is the case with ransomware. This paper investigates advances in the cryptovirology landscape by examining the state-of-the-art cryptoviral attacks. In our approach, we perform digital autopsy on the malware's source code and execute the different malware variants in a contained sandbox to deduce static and dynamic properties respectively. We examine three cryptoviral attack structures: browser-based crypto mining, memory resident crypto mining and cryptoviral extortion. These attack structures leave a trail of digital forensics evidence when the malware interacts with the file system and generates noise in form of network traffic when communicating with the C2 servers and crypto mining pools. The digital forensics evidence, which essentially are IOCs include network artifacts such as C2 server domains, IPs and cryptographic hash values of the downloaded files apart from the malware hash values. Such evidence can be used as seed into intrusion detection systems for mitigation purposes.

• Journal of Digital Convergence
• /
• v.14 no.11
• /
• pp.347-356
• /
• 2016

The purpose of this study was to develop and examine the effectiveness (knowledge, attitude, skills of Evidence-Based Practice, and problem solving skills) of nursing information literacy competency enhancement program for nursing students. It is a pre-post design study carried out with a single group of 72 sophomores in a nursing college. Nursing information literacy competency enhancement program of 6 times (8 hours) was provided to nursing students. Our results have demonstrated that knowledge, attitude, skills of evidence-based practice, and problem solving skills were significantly higher in nursing students. In conclusion, the nursing information literacy competency enhancement program was effective in promoting knowledge, attitude, skills of evidence-based practice and problem solving skills. Based on our results, the nursing information literacy competency enhancement program can provide a basis for enhancing evidence-based nursing practice competencies and problem solving skills of nursing students.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.417-428
• /
• 2020

With the rapid development of information and communication technology, mobile devices have become an essential tool in our lives. Mobile devices are used as important evidence in criminal proof, as they accumulate data simultaneously with PIM functions while working with users most of the time. The mobile forensics is a procedure for obtaining digital evidence from mobile devices and should be collected and analyzed in accordance with due process, just like other evidence, and the integrity of the evidence is essential because it has aspects that are easy to manipulate and delete. Also, the adoption of evidence relies on the judges' liberalism, which necessitates the presentation of generalized procedures. In this paper, a mobile forensics model is presented to ensure integrity through the generalization of procedures. It is expected that the proposed mobile forensics model will contribute to the formation of judges by ensuring the reliability and authenticity of evidence.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1153-1166
• /
• 2015

With the acceleration of information digitization caused by fast growth of Information Technology, the application of digital forensics has increased but it is underestimated because digital evidence is easy to forge. Especially, the evaluation of the reliability of digital forensics organization is judged only by judges domestically because there is no objective verification system or evaluation method of the capability of digital forensics organization. Therefore, the evaluation model and indices of the capability of digital forensics concentrated on the digital forensics organization, personnel, technology, facilities and the procedure in domestic justice system was presented in this research after reviewing the domestic and foreign evaluation method and the standard of the capability of digital forensics and information security. The standard for judicial evaluation of digital evidence and composition, management, evaluation of digital forensics organization would be presented based on this research.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.455-458
• /
• 2011

일명 일심회 사건으로 디지털 포렌식이 과학수사에서 활용되는 가운데 판결한 최근 사례로서 1심 판결과 2심 판결에서 디지털 증거의 채택여부를 달리하였다. 학계와 법조계의 의견이 분분한 가운데 일심회 판결문의 1심 판결에 대한 중요성은 수차례에 걸쳐 연구되고 논의되었으나 2심 판결에서 이를 번복하므로 디지털 증거의 인정여부를 위한 문제점과 해결, 절차에 대한 연구가 다시 시작할 시점에 이르렀다. 본 연구에서는 디지털 증거가 법적증거로 인정될 수 있는가에 대한 논의를 시작으로, 일심회 사건의 1심과 2심의 판결을 중심으로 디지털 포렌식 증거의 분석을 통해서 문제점과 해결방안을 제시한다. 본 연구결과 디지털 포렌식의 수사현장에서 필요한 조건을 검토하고, 이를 이행함으로써 과학수사의 일환으로 디지털 증거가 법정에서 채택할 수 있도록 한다.

• Journal of Information Science Theory and Practice
• /
• v.11 no.4
• /
• pp.14-39
• /
• 2023

Cybercrime is a significant threat to Internet users, involving crimes committed using computers or computer networks. The landscape of cyberspace presents a complex terrain, making the task of tracing the origins of sensitive data a formidable and often elusive endeavor. However, tracing the source of sensitive data in online cyberspace is critically challenging, and detecting cyber-criminals on the other hand remains a time-consuming process, especially in social networks. Cyber-criminals target individuals for financial gain or to cause harm to their assets, resulting in the loss or theft of millions of user data over the past few decades. Forensic professionals play a vital role in conducting successful investigations and acquiring legally acceptable evidence admissible in court proceedings using modern techniques. This study aims to provide an overview of forensic investigation methods for extracting digital evidence from computer systems and mobile devices to combat persistent cybercrime. It also discusses current cybercrime issues and mitigation procedures.

• Journal of Platform Technology
• /
• v.11 no.4
• /
• pp.35-49
• /
• 2023

Recently, real-time cyber threats are constantly occurring for various reasons. Most companies have the characteristic of digitizing important internal information and storing it centrally, so it can be said that the impact is very high when an Computer Security Incident occurs. All electronic device information collected and analyzed in the process of responding to an Computer Security Incident has the characteristic of being subject to change at any time. Submission of related evidence is required in future investigations and courts. At this time, the basic principles of digital forensics, such as the principle of integrity and the principle of chain of custody, must be followed to ensure legitimacy and accuracy of the evidence. In this paper, we propose a digital forensic-based Computer Security Incident Inspection and Response procedure in the Windows 10 environment to secure the legitimacy and accuracy of digital evidence collected and analyzed when an intrusion occurs, prevent intrusion in advance, and quickly recognize it.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.3
• /
• pp.1557-1569
• /
• 2017

In recent times, the Internet of Things (IoT) has rapidly emerged as one of the most influential information and communication technologies (ICT). The various constituents of the IoT together offer novel technological opportunities by facilitating the so-called "hyper-connected world." The fundamental tasks that need to be performed to provide such a function involve the transceiving, storing, and analyzing of digital data. However, it is challenging to handle voluminous data with IoT devices because such devices generally lack sufficient computational capability. In this study, we examine the IoT from the perspective of security and digital forensics. SQLite is a light-weight database management system (DBMS) used in many IoT applications that stores private information. This information can be used in digital forensics as evidence. However, it is difficult to obtain critical evidence from IoT devices because the digital data stored in these devices is frequently deleted or updated. To address this issue, we propose Schema Pattern-based Recovery (SPaRe), an SQLite recovery scheme that leverages the pattern of a database schema. In particular, SPaRe exhaustively explores an SQLite database file and identifies all schematic patterns of a database record. We implemented SPaRe on an iPhone 6 running iOS 7 in order to test its performance. The results confirmed that SPaRe recovers an SQLite record at a high recovery rate.

• Korean journal of communication and information
• /
• v.54
• /
• pp.98-117
• /
• 2011

This paper is a theoretical inquiry of the changing roles of digital technologies in the representation of risk. Critically examining existing perspectives on risk society and risk communication, this paper argues that digital technologies and images in risk communication have been relatively understudied. Having said that, this paper suggests that Actor-network Theory provide useful theoretical tools for current studies on how digital technologies affect contemporary risk communication practices. Furthermore, this paper examines varied recent studies investigating how digital technologies of visualization are at play in risk communication practices. In doing so, this paper demonstrates how digital images and technologies interrupt the processes that scientific evidence is presented and facts are constructed in varied contemporary scientific reasoning. It will focus on the emerging mode of seeing and visual regime made possible by the increased usage of digital image and technologies, which are characterized by networked connection, sensor, computerized algorithm, and increased storage space. Finally this paper will discuss on the implications on future studies on the roles of digital images and technologies in risk communication practices in Korean context.