• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1113-1120
• /
• 2022

Recently, the investigation has been difficult due to the emergence of messengers that encrypt and store data for the purpose of protecting personal information and provide services such as end-to-end encryption with a focus on security. Accordingly, the number of crime cases using security messengers is increasing, but research on data decoding for security messengers is needed. Element security messengers provide end-to-end encryption functions so that only conversation participants can check conversation history, but research on decoding them is insufficient. Therefore, in this paper, we analyze the instant messenger Element, which provides end-to-end encryption, and propose a plaintext verification of the history of encrypted secure chat rooms using decryption keys stored in the Windows Credential Manager service without user passwords. In addition, we summarize the results of analyzing significant general and secure chat-related artifacts from a digital forensics investigation perspective.

• Journal of Korean Clinical Nursing Research
• /
• v.29 no.1
• /
• pp.1-11
• /
• 2023

Purpose: The purpose of this study was to identify the influencing effects of job stress, professional autonomy, and reciprocity on the job embeddedness among comprehensive nursing care unit nurses. Methods: The participants in this study were 147 nurses who have worked for over 6 months in Comprehensive Nursing Care Unit. Data were collected from January 3 to January 31, 2022 from six general hospitals with more than 300 beds in three cities in G, G and P. Results: As the results of hierarchical regression analysis, job embeddedness was lower when nurses had clinical experiences for 1 to under 5 years (β=-.49, p<.001), 5 to under 10 years (β=-.27, p=.035), 10 to under 20 years (β=-.54, p<.001) compared to those who had clinical experiences for more than 20 years. Also, job embeddedness was higher when there was greater balance within team caregiving of reciprocality (β=.27, p<.001) and intrinsic reward (β=.22, p=.003), and lower role conflict (β =-.27, p<.001). Conclusion: The results of the study showed that job embededness would increase if the role conflict of comprehensive nursing care unit nurses reduces, if there was a culture that the members can make cooperative relationship with other health care professionals and, if there was an appropriate intrinsic reward depending on their work experience.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.5
• /
• pp.149-156
• /
• 2009

Korean WiBro becomes international standard to IEEE 802.16e, and We are carrying out a WiBro network business from capital regions. We executed eavesdropping about voices and messenger program and the VoIP which frequently happened in WiBro networks at these papers. We have a lot in common with the Wireshark which is a packet collection and an analyzer, and We execute eavesdropping, and We reproduce eavesdropping data with bases to a SIP, H.263, TCP, UDP protocol through packets. In time of a copy of a packet negative the VoIP which verify time with bases, and was eavesdropped on integrity packet and a X-Lite call record, be matched that a packet is counterfeit forgery did not work, and We demonstrate, and verify integrity. The data which integrity was verified put in a seaming envelope, and we prepare so as it is to a liver of investigator, and execute, and to be able to do use to proof data after seaming in courts in order to utilize as criminal investigation data.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.45-55
• /
• 2023

With the widespread use of digital devices, anonymous communication technologies such as the dark web and deep web are becoming increasingly popular for criminal activity. Because these technologies leave little local data on the device, they are difficult to track using conventional crime investigation techniques. The United States and the United Kingdom have enacted laws and developed systems to address this issue, but South Korea has not yet taken any significant steps. This paper proposes a new blockchain-based crime investigation method that uses physical memory data analysis to track the behavior of anonymous network users. The proposed method minimizes infringement of basic rights by only collecting physical memory data from the device of the suspected user and storing the tracking information on a blockchain, which is tamper-proof and transparent. The paper evaluates the effectiveness of the proposed method using a simulation environment and finds that it can track the behavior of dark website users with a residual rate of 77.2%.

• Information Systems Review
• /
• v.21 no.3
• /
• pp.49-61
• /
• 2019

As the number of security incidents and damages increase steadily, interest in the security of society is growing, and the amount of academic interest and research is steadily increasing. However, despite these concerns and the quantitative increase in research, the terms 'security' and 'safety' have been mixed and studies have been conducted without the conceptual definition of various security terms being clearly defined. As a result, various forms of security concepts based on ICT environments have been misused. Therefore, we tried to derive the consensus of experts among the various security terms which are mixed in this study, and to summarize the concepts based on the analysis of domestic and foreign documents based on the concept of the terms. Through this research, we intend to contribute to the establishment of the academic identity of security by preventing related mistakes caused by the mixed use of terminology.

• Analytical Science and Technology
• /
• v.24 no.1
• /
• pp.51-59
• /
• 2011

Genetic Identification has become an important forensic investigation method which discerns identity through analysis of physical samples discovered in various crime scenes. Recently more samples are being requested to undergo A-STR analysis of low copy number (LCN) DNA, which is known as touch evidence-type sample and left on various objects such as a pen briefly used by the criminal, the gear of the car used for driving, the handle, and various buttons inside a car. This research attempted to extract the LCN DNA of the touch evidencetype left on crushed fingerprints on firearms, etc. and examine the genotyping success rate. Four types of firearms (M16, K1A, COLT 45 Pistol, M29 Revolver) were fired individually and physical samples were gathered from four parts of each firearm. Subsequently, in order to extract the LCN DNA, Microkit and $Prepfiler^{TM}$ were used to compare and analyze the quantity of DNA extracted and the genotyping success rate. Analysis results showed that the quantity of DNA extracted by $Prepfiler^{TM}$ was on average 1.7 times higher than that of Microkit, and in genotype analysis success rate $Prepfiler^{TM}$ also demonstrated 24.9% on average in contrast to 0% for Microkit. In regards to the grip part of the K1A, $Prepfiler^{TM}$'s success rate was as high as 50.6%.

• Analytical Science and Technology
• /
• v.21 no.4
• /
• pp.338-343
• /
• 2008

Extraction of DNA from skeletal material is of great importance in the identification of human remains, but is particularly difficult because the high amount of microbial DNA was often co-extracted with human bone DNA. We found that a phenol/chloroform extraction, followed by ultrafiltration, and cleanup by via the $QIAquick^{(R)}$ PCR purification kit yields higher amounts of human genomic DNA compared with extraction by the column affinity $method^{(R)}$ alone. Ultrafiltration extraction of human DNA from ten exhumed bone samples yielded $0.041-1.120ng/{\mu}L$ DNA (mean = $0.498ng/{\mu}L$ DNA), and purification using the column affinity resulted in $0.016-0.064ng/{\mu}L$ DNA (mean = $0.034ng/{\mu}L$ DNA). Although the STR genotyping by the column affinity method was partially successful, all DNA samples by the ultrafiltration method produced full profiles from the multiplex PCR. The efficiency of STR genotyping was in accordance with the amounts of the human DNA extracted.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.27 no.4
• /
• pp.507-515
• /
• 2024

Microbial forensics is a scientific discipline for analyzing evidence related to biological crimes by identifying the origin of microorganisms. Multiple locus variable number tandem repeat analysis(MLVA) is one of the microbiological analysis methods used to specify subtypes within a species based on the number of tandem repeat in the genome, and advances in next generation sequencing(NGS) technology have enabled in silico anlysis of full-length whole genome sequences. In this paper, we analyzed unknown samples provided by Robert Koch Institute(RKI) through The United Nations Secretary-General's Mechanism(UNSGM)'s external quality assessment exercise(EQAE) project, which we officially participated in 2023. We confirmed that the 3 unknown samples were B. anthracis through nucleic acid isolation and genetic sequence analysis studies. MLVA results on 32 loci of B. anthracis were analysed by using genome sequences obtained from NGS(NextSeq and MinION) and Sanger sequencing. The MLVA typing using short-reads based NGS platform(NextSeq) showed a high probability of causing assembly error when a size of the tandem repeats was grater than 200 bp, while long-reads based NGS platform(MinION) showed higher accuracy than NextSeq, although insertion and deletion was observed. We also showed hybrid assembly can correct most indel error caused by MinION. Based on the MLVA results, genetic identification was performed compared to the 2,975 published MLVA databases of B. anthracis, and MLVA results of 10 strains were identical with 3 unkonwn samples. As a result of whole genome alignment of the 10 strains and 3 unknown samples, all samples were identified as B. anthracis strain A4564 which is associated with injectional anthrax isolates in heroin users.

• Applied Biological Chemistry
• /
• v.51 no.3
• /
• pp.171-176
• /
• 2008

The comparative molecular similarity indices analysis (CoMSIA) models between 3${\beta}$-Hydroxy-12-oleanen-28-oic acid (1-30) analogues as substrate molecule and their inhibitory activities ($pI_{50}$) against protein tyrosine phosphatase (PTP)-1B were derived and discussed quantitatively. Listing in order, the CoMFA>CoMSIA${\geq}$HQSAR>2D-QSAR model, these QSAR models had the better statistical values. The optimized CoMSIA F1 model at grid 3.0${\AA}$ had the best predictability and fitness ($q^2$=0.754 and $r^2$=0.976) by field fit alignment. The order of contribution ratio (%) of CoMSIA fields concerning the inhibitory activities was a H-bond acceptor (48.9%), steric field (25.8%) and hydrophobic field (25.4%), respectively. Therefore, the inhibitory activities of substrate molecules against PTP-1B were dependent upon H-bond acceptor field (A) of $R_4$-group. From the analytical results of CoMSIA contour maps, oleanolic acid derivatives will have better inhibition activities if $R_1$ group has H-bond acceptor disfavor, $R_3$group has steric disfavor and $R_4$ group has steric, hydrophobic, H-bond favor.

• Journal of Internet Computing and Services
• /
• v.23 no.2
• /
• pp.61-70
• /
• 2022

General users who use smartphone apps often use the Vault app to protect personal information such as photos and videos owned by individuals. However, there are increasing cases of criminals using the Vault app function for anti-forensic purposes to hide illegal videos. These apps are one of the apps registered on Google Play. This paper proposes a methodology for extracting feature points through XML-based keyword frequency analysis to explore Vault apps used by criminals, and text mining techniques are applied to extract feature points. In this paper, XML syntax was compared and analyzed using strings.xml files included in the app for 15 hidden Vault anti-forensics apps and non-hidden Vault apps, respectively. In hidden Vault anti-forensics apps, more hidden-related words are found at a higher frequency in the first and second rounds of terminology processing. Unlike most conventional methods of static analysis of APK files from an engineering point of view, this paper is meaningful in that it approached from a humanities and sociological point of view to find a feature of classifying anti-forensics apps. In conclusion, applying text mining techniques through XML parsing can be used as basic data for exploring hidden Vault anti-forensics apps.