• Korean Security Journal
• /
• no.21
• /
• pp.75-94
• /
• 2009

Since mechanical security systems are mostly composed of electronic, information and communication devices, they have effects in the aspects of overall social environment and crime-oriented environment. Also, the importance is increasing for wireless recognition of RFID and tracing function, which will be usefully utilized in controlling the incomings and outgoings of people/vehicles or allowance, surveillance and control. This is resulting from the increase in the care for the elderly according to the overall social environment, namely, the aging society, and the number of women entering, as well as the increase in the number of heinous crimes. The purpose of this study is to examine the theoretical considerations on ubiquitous sensor network and present a direction for securities companies for their development by focusing on the technological and application areas. To present strategies of response to a new environment for security companies, First, a diversification strategy is needed for security companies. The survival of only high level of security companies in accordance with the principle of liberal market competition will bring forth qualitative growth and competitiveness of security market. Second, active promotion by security companies is needed. It is no exaggeration to say that we are living in the modern society in the sea of advertisements and propaganda. The promotional activities that emphasize the areas of activity or importance of security need to be actively carried out using the mass media to change the aware of people regarding security companies, and they need to come up with a plan to simultaneously carry out the promotional activities that emphasize the public aspect of security by well utilizing the recent trend that the activities of security agents are being used as a topic in movies or TV dramas. Third, technically complementary establishment of ubiquitous sensor network and electronic tag is needed. Since they are used in mobile electronic tag services such as U-Home and U-Health Care, they are used throughout our lives by forming electronic tag environment within safe ubiquitous sensor network based on the existing privacy guideline for the support of mobile electronic tag terminal commercialization, reduction in communication and information usage costs, continuous technical development and strengthening of privacy protection, and the system of cooperation of academic-industrial-research needs to be established among the academic world and private research institutes for these parts.

• Journal of Digital Forensics
• /
• v.12 no.3
• /
• pp.109-120
• /
• 2018

The smartphone is the communication device that is the most personal to the user, and it keeps a lot of information related to the user and makes information communication with other devices. With these characteristics, forensics on smartphones are one of the most basic methods of investigation in criminal investigations, and have actually contributed to the settlement of the case by providing many clues. However, recently, it is designed to encrypt data stored as a social issue related to the protection of user's personal information, or to delete deleted data or to delete log data together. So, any solutions? In this paper, I try to find the answer from cloud data stored by smartphone user account. Cloud forensics should approach complementary relationships rather than smartphone forensics. There are a lot of data stored in the cloud that can be meaningfully used in the investigation. Online activity information of users, such as Internet usage, YouTube view, and contents purchase information, cloud service such as e-mail, cloud drive, and location information are the most representative data. These data can be unvaluable, but here are some important clues in various types of criminal investigations. In this paper, I propose a method to extract data from the google cloud so that the data can be used for investigation, and to utilize the extracted data for investigation. And it explains the role of the extracted artifacts in the actual investigation business through virtual cases and proves its value.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.77-91
• /
• 2019

Recent Linux operating systems having been increasingly used, ranging from automotive consoles, CCTV, IoT devices, and mobile devices to various versions of the kernel. Because these devices can be used as strong evidence in criminal investigations, there is a risk of destroying evidence through file deletion. Ext filesystem forensics has been studied in depth because it can recovery deleted files without depending on the kind of device. However, studies have been carried out without consideration of characteristics of file system which may vary depending on the kernel. This problem can lead to serious situations, such as those that can impair investigative ability and cause doubt of evidence ability, when an actual investigation attempts to analyze a different version of the kernel. Because investigations can be performed on various distribution and kernel versions of Linux file systems at the actual investigation site, analysis of the metadata changes that occur when files are deleted by Linux distribution and kernel versions is required. Therefore, in this paper, we analyze the difference of metadata according to the Linux kernel as a solution to this and recovery deleted file. After that, the investigating agency needs to consider the metadata change caused by the difference of Linux kernel version when performing Ext filesystem forensics.

• Journal of Digital Forensics
• /
• v.12 no.3
• /
• pp.1-8
• /
• 2018

A random chat application is a type of social dating application that helps people find a lover or spouse by randomly connecting and providing services such as text, voice and video chat. Recently, there has been globally a rapid increase in its use due to the fact that it provides people to quick and convenient encounters at low cost. However, it is used as one of method to prostitute or to trade drugs and become a cause of violent crimes due to various criminal occurring after actual meeting between app users. For this reason, a random chat application is likely to provide proof of prostitution or drug trade and clues to arrest rape, kidnapping and murder suspects. Thus, it is necessary to analyse random chat applications from the viewpoint of digital forensics investigation, but there is no related research at all. Therefore, in this paper, we analyzed artifacts of 6 Korea random chat application's user behaviors; Ranchat, AngTalk, SsumgThing, DaTalk, EveryTalk and Sail. As a result, we found that it is remain on mobile device that time and contents of message transmission/reception, sender/receiver, friend profile and user account creation time when user is using the applications.

• Convergence Security Journal
• /
• v.23 no.3
• /
• pp.13-20
• /
• 2023

This study conducted a digital forensic analysis of Signal and Telegram, two secure messengers widely used in the Android environment. As mobile messengers currently play an important role in daily life, data management and security within these apps have become very important issues. Signal and Telegram, among others, are secure messengers that are highly reliable among users, and they safely protect users' personal information based on encryption technology. However, much research is still needed on how to analyze these encrypted data. In order to solve these problems, in this study, an in-depth analysis was conducted on the message encryption of Signal and Telegram and the database structure and encryption method in Android devices. In the case of Signal, we were able to successfully decrypt encrypted messages that are difficult to access from the outside due to complex algorithms and confirm the contents. In addition, the database structure of the two messenger apps was analyzed in detail and the information was organized into a folder structure and file format that could be used at any time. It is expected that more accurate and detailed digital forensic analysis will be possible in the future by applying more advanced technology and methodology based on the analyzed information. It is expected that this research will help increase understanding of secure messengers such as Signal and Telegram, which will open up possibilities for use in various aspects such as personal information protection and crime prevention.