참고문헌
- I.R.Jeong, D.W.Hong and K.I.Chung, "Technologies and Trends of Digital Forensics", Vol.22, No.1, pp.97-104, 2007.
- S.H.Kim, E,C, Kim, J,M, Kim, S.Y.Hwang, J.H.Song and S.J.Lee, "macOS Forensic Analysis Technique", Vol.11, No.3, pp.14-28, 2017.
- I.Yoon, "The Research about the User Attribution Method of Digital Files", Vol.11, No.1, pp. 73-93, 2017. https://doi.org/10.22798/KDFS.2017.11.1.73
- J.S.Jun, "Windows System Forensic", Vol.26, No.5, pp.6-16, 2016.
- "[Tech Report] Analyze 'Time', Time is 'Imformation'", AhnLab, last modified Jan 8. 2013, accessed July 4. 2019, https://www.ahnlab.com/kr/site/securityinfo/secunews/secuNewsView.do?menu_dist=2&seq=20374
- S.R.Kang, S.R.Kim, J,Y.Cho and J.S.Kim, "Development of Integrated Jump Lists Parser and Its Utilization in Forensic", Vol.11, No.1, pp.1-15, 2017. https://doi.org/10.22798/KDFS.2017.11.1.1
- E.J.Kim, K.B,Kim and H,N,Hwang, "How To Identify Accessed Files Based On NTFS Filesystem", Vol.11, No.2, pp.1-17, 2017.
- H.G.Kim, D.W.Kim and J.S.Kim, "Study on Forensic Analysis with Access Control Modification for Registry", Vol.26, No.5, pp. 1131-1139, 2016. https://doi.org/10.13089/JKIISC.2016.26.5.1131
- S.J.Oh and K,H.Kim, "A Study on The Procedure Analysis Vulnerability for Security Incidents Using The Registry Parsing", The Institute of Electronics and Information Engineers, pp. 287-290, 2016.
- "Analysis of infringement incident using Windows registry analysis", IGLOOSECURITY, last modified Apr 4. 2018, accessed July 4. 2019, http://www.igloosec.co.kr/BLOG_%EC%9C%88%EB%8F%84%EC%9A%B0%20%EB%A0%88%EC%A7%80%EC%8A%A4%ED%8A%B8%EB%A6%AC%20%EB%B6%84%EC%84%9D%EC%9D%84%20%EC%9D%B4%EC%9A%A9%ED%95%9C%20%EC%B9%A8%ED%95%B4%EC%82%AC%EA%B3%A0%20%EB%B6%84%EC%84%9D%20%EA%B8%B0%EB%B2%95?searchItem=&searchWord=&bbsCateId=17&gotoPage=1
- S,R.Kang, S.R.Kim, M.S.Park and J.S.Kim, "Study on Windows Event Log-Based Corporate Security Audit and Malware Detection", Vol.28, No.3, pp.591-603, 2018. https://doi.org/10.13089/JKIISC.2018.28.3.591
- Y.H.Shin, J.Y.Cheon and J.S.Kim, "Study on Recovery Techniques for the Deleted or Damaged Event Log(EVTX) Files", Vol.26, No.2, pp.387-396, 2016. https://doi.org/10.13089/JKIISC.2016.26.2.387
- "Windows log management and analysis method", AhnLab, last modified May 8. 2006, accessed July 4. 2019, https://www.ahnlab.com/kr/site/securityinfo/secunews/se cuNewsView.do?menu_dist=3&seq=7887
- M.S.Lee and S.J.Lee, "A Study on the Setting Method of the File System Audit Function of Windows for Enhancing Forensic Readiness", Vol.27, No.1, pp.79-90, 2017. https://doi.org/10.13089/JKIISC.2017.27.1.79
- S.H.Kim, J.H.Han and S.J.Lee, "A Study on Detecting Data Hiding Area of Removable Storage Device Based on Flash Memory", Vol.12, No.2, pp.21-29, 2018.
- C.U.Park and S.J.Lee, "Digital Evidence Collection Procedure for Hardware Unique Information Collection", Vol.28, No.4, pp.839-845, 2018. https://doi.org/10.13089/jkiisc.2018.28.4.839