The Journal of Society for e-Business Studies (한국전자거래학회지)

Society for e-Business Studies (한국전자거래학회)
권호 표지
DOI QR코드

DOI QR Code

Deriving Priorities of Competences Required for Digital Forensic Experts using AHP

AHP 방법을 활용한 디지털포렌식 전문가 역량의 우선순위 도출

  • Yun, Haejung (College of Science & Industry Convergence, Ewha Womans University) ;
  • Lee, Seung Yong (Graduate School of Information, Yonsei University) ;
  • Lee, Choong C. (Graduate School of Information, Yonsei University)
  • Received : 2017.01.23
  • Accepted : 2017.02.19
  • Published : 2017.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

Nowadays, digital forensic experts are not only computer experts who restore and find deleted files, but also general experts who posses various capabilities including knowledge about processes/laws, communication skills, and ethics. However, there have been few studies about qualifications or competencies required for digital forensic experts comparing with their importance. Therefore, in this study, AHP questionnaires were distributed to digital forensic experts and analyzed to derive priorities of competencies; the first-tier questions which consisted of knowledge, technology, and attitude, and the second-tier ones which have 20 items. Research findings showed that the most important competency was knowledge, followed by technology and attitude but no significant difference was found. Among 20 items of the second-tier competencies, the most important competency was "digital forensics equipment/tool program utilization skill" and it was followed by "data extraction and imaging skill from storage devices." Attitude such as "judgment," "morality," "communication skill," "concentration" were subsequently followed. The least critical one was "substantial law related to actual cases." Previous studies on training/education for digital forensics experts focused on law, IT knowledge, and usage of analytic tools while attitude-related competencies have not given proper attention. We hope this study can provide helpful implications to design curriculum and qualifying exam to foster digital forensic experts.

오늘날 디지털포렌식 전문가는 삭제된 파일을 복구해서 찾아내는 컴퓨터 전문가 역할에만 그치는 것이 아니기 때문에, 기술 뿐 아니라 절차와 법규에 대한 지식과 소통능력, 윤리의식 등 다양한 역량이 필요하다. 하지만, 디지털포렌식을 직접 수행하는 전문가에 대한 자격 요건이나 필요한 역량에 대한 연구는 기술에 대한 연구에 비해 상대적으로 많지 않다. 따라서 본 연구에서는 미래의 다양한 난제에 대응하고 해결책을 찾아야 하는 디지털포렌식 전문가에게 필요한 역량들의 우선순위를 AHP 방법론을 활용하여 도출해 보고자 하였다. 디지털포렌식 전문가를 대상으로한 AHP 설문에서 디지털포렌식 전문가 역량을 지식, 기술, 태도로 구성된 1계층과 디지털 증거 관련 법률/규정/판례 등 총 20개 항목의 2계층으로 구분하여 우선순위를 비교하였다. 분석 결과 1계층에서 가장 중요한 항목은 지식이었고 그 다음이 기술과 태도 순이었으나 그 차이는 그리 크지 않았다. 2계층 20개 항목 중에서 가장 중요한 항목은 "디지털포렌식 장비/도구 프로그램 활용 기술"이었고, 2위는 "디지털장비에서 저장매체 데이터 추출 및 이미징 기술" 이었다. 3위부터는 "판단력", "도덕성", "소통능력", "집중력" 등 태도와 관련된 항목 순으로 나타났으며, 가장 중요하지 않은 항목은 "사건관련 실체법"으로 나타났다. 선행연구에서 디지털포렌식 전문가에 대한 교육과정은 대부분 관련법, IT지식 및 디지털포렌식 분석도구 사용법에 집중되어 있었고 자격제도도 디지털포렌식 분석도구 사용능력을 주로 평가하고 있었다. 하지만 본 연구에서 중요하게 나타난 태도 관련 항목에 대한 고려는 상대적으로 부족한 것으로 나타났다. 향후 디지털포렌식 전문가 교육과정과 자격제도 설계에 있어서 본 연구결과가 도움이 되길 기대한다.

Keywords

References

  1. Al Fahdi, M., Clarke, N. L., and Furnell, S. M., "Challenges to Digital Forensics: A Survey of Researchers & Practitioners Attitudes and Opinions," Information Security for South Africa, pp. 1-8, 2013.
  2. Biswas, S., Yoo, J. H., and Jung, C. Y, "A Study on Priorities of the Components of Big Data Information Security Service by AHP," The Journal of Society for e-Business Studies, Vol. 18, No. 4, pp. 301-314, 2013. https://doi.org/10.7838/jsebs.2013.18.4.301
  3. Garfinkel, S. L., "Digital Forensics Research: The Next 10 Years," Digital Investigation, Vol. 7, pp. S64-S73, 2010. https://doi.org/10.1016/j.diin.2010.05.009
  4. Kim, B. W., "AHP Methodology," Kims Information Strategy Lab, Seoul, Korea, 2015.
  5. Kim, G. B., Chang, K. S., Jang, Y. S., Lee, S. J., and Lim, J. I., "A Study on Developing Certificate Program Model for Digital Forensic Examiner," Journal of Digital Forensics, Vol. 3, pp. 29-51, 2008.
  6. Kim, J. M., Choi, K. H., and Kim, K. J., "Research about the Development of Education Courses for Nurturing Digital Forensic Experts," Journal of Information and Security, Vol, 12, No. 5, pp. 79-85, 2012.
  7. Kim, Y. H., and Kook, K. H., "A Study on the Relative Importance of the Administrative and Technical Measures for the Personal Information Protection," The Journal of Society for e-Business Studies, Vol. 19, No. 4, pp. 135-150, 2014. https://doi.org/10.7838/jsebs.2014.19.4.135
  8. Lee K. A., Park, D. W., and Koh, C. S., Digital Forensics for Scientific Investigation, GS Intervision, Seoul, Korea, 2011.
  9. Lee S. J., Introduction to Digital Forensics, Irun Publishing, Seoul, Korea, 2011.
  10. Lee, C. C., Kim, J., and Lee, C. H., "A Comparative Study on the Priorities between Perceived Importance and Investment of the Areas for Information Security Management System," Journal of the Korea Institute of Information Security & Cryptology, Vol. 24, No. 5, pp. 919-929, 2014. https://doi.org/10.13089/JKIISC.2014.24.5.919
  11. Lee, H., Na, O., Sung, S., and Chang, H., "A Design on Information Security Core Knowledge for Security Experts by Occupational Classification Framework," The Journal of Society for e-Business Studies, Vol. 20, No. 3, pp. 113-125, 2015. https://doi.org/10.7838/jsebs.2015.20.3.113
  12. McClelland, D. C., "Testing for Competence Rather than for Intelligence," American Psychologist, Vol. 28, No. 1, pp. 1-14, 1973. https://doi.org/10.1037/h0034092
  13. Money Today, "Police cybercrime department is struggling with iPhone," 2016. http://news.mt.co.kr/mtview.php?no=2016092615337650285.
  14. Park, H. I., Yoon, J. S., and Lee, S. J., "A Study on Development of Digital Forensic Capability Evaluation Indices," Journal of the Korea Institute of Information Security & Cryptology, Vol. 25, No. 5, pp. 1153-1166, 2015. https://doi.org/10.13089/JKIISC.2015.25.5.1153
  15. Park, N. S., "Development of Education/Training System to Strengthen Cybercrime Response Capacity of the Police," Korean National Police Agency, 2015.
  16. Park, Y. and Park, T., Decision Making Theory for AHP, Ja-Yoo Academy, Seoul, Korea, 2001.
  17. Rha, H. D., Kim, C., and Lee, N., "A Study on Designing an Undergraduate Curriculum in Digital Forensics per Stages for Developing Human Resource," Journal of Korean Association of Computer Education, Vol. 17, No. 3, pp. 75-84, 2014.
  18. Rogers, M., "The Role of Criminal Profiling in the Computer Forensics Process," Computers & Security, Vol. 22, No. 4, pp. 292-298, 2003. https://doi.org/10.1016/S0167-4048(03)00405-X
  19. Saaty, T. L., The Analytic Hierarchy Process," McGraw Hill, New York, 1980.
  20. Shin, J. W., "A Study on Digital Forensic Human Training Method," Journal of the Korea Institute of Information and Communication Engineering, Vol. 18, No. 4, pp. 779-789, 2014. https://doi.org/10.6109/jkiice.2014.18.4.779

Cited by

  1. 한국 석재산업의 IT 도입 및 활성화를 위한 탐색적 연구 vol.17, pp.2, 2018, https://doi.org/10.9716/kits.2018.17.2.083
  2. 정보저장매체 반출 및 디지털 증거탐색 과정에서의 참여권 보장 환경에 대한 중요도-이행도 분석 vol.23, pp.3, 2017, https://doi.org/10.7838/jsebs.2018.23.3.129
  3. A Study on the Selective Factors of SmartHome Contents Service in CPND ValueChain vol.20, pp.2, 2017, https://doi.org/10.9728/dcs.2019.20.2.423
  4. A Study on the Strengthening of the Police's Competency in Industrial Technology Protection using AHP Method vol.18, pp.12, 2017, https://doi.org/10.14801/jkiit.2020.18.12.103
  5. 창업기업관점에서 바라본 투자자의 투자결정요인에 관한 연구 : 물산업 창업기업을 중심으로 vol.16, pp.1, 2021, https://doi.org/10.16972/apjbve.16.1.202102.1
  6. 창업기업관점에서 바라본 투자자의 투자결정요인에 관한 연구 : 물산업 창업기업을 중심으로 vol.16, pp.1, 2021, https://doi.org/10.16972/apjbve.16.1.202102.1