• Journal of the Korea Society of Computer and Information
• /
• v.25 no.11
• /
• pp.123-129
• /
• 2020

Recently, cybercrime has become increasingly difficult to track by applying new technologies such as virtualization technology and distribution tracking avoidance. etc. Therefore, there is a limit to the technology of tracking distributors based on malicious code information through static and dynamic analysis methods. In addition, in the field of cyber investigation, it is more important to track down malicious code distributors than to analyze malicious codes themselves. Accordingly, in this paper, we propose a next-generation malicious code information collection architecture to efficiently track down malicious code distributors by converging traditional analysis methods and recent information collection methods such as OSINT and Intelligence. The architecture we propose in this paper is based on the differences between the existing malicious code analysis system and the investigation point's analysis system, which relates the necessary elemental technologies from the perspective of cybercrime. Thus, the proposed architecture could be a key approach to tracking distributors in cyber criminal investigations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.767-780
• /
• 2015

In recent years, as smart phone penetration rate is growing explosively, new forms of cyber crime data is poured out beyond the limits of management system for cyber crime investigation. These new forms of data are collected and stored in police station but, some of data are not systematically managed. As a result, investigators sometimes miss the hidden data which can be critical for a case. Crime data is usually generated by computer which produces complex and huge data and records many logs automatically, so it is necessary to simplify a collected data and cluster by crime pattern. In this paper, we categorize all kinds of cyber crime and simplify crime database and extract critical clues relative to other cases. Through data mining and network-visualization, we found there is correlation between clues of a case. From this result, we conclude cyber crime data mining helps crime prevention, early blocking and increasing the efficiency of the investigation.

• Journal of Digital Forensics
• /
• v.12 no.3
• /
• pp.9-17
• /
• 2018

Smartphone have become commonplace because they have the advantage of facilitating communication with others and making life easier. The smartphone's system log stores various data related to the user actions. Since 2015, Huawei has been growing rapidly, with its sales volume increasing and it was ranked second in the world in three years. The use of Huawei smartphones by many users means that Huawei smartphones are likely to be used to detect traces of criminal investigations, so we need to study system logs of Huawei smartphones. Therefore, in this paper, we analyze system log which is forensically meaningful for Huawei smartphone. We also propose how to use logs in forensic investigation.

• Korean Security Journal
• /
• no.17
• /
• pp.301-316
• /
• 2008

The occurrence of complicating, multilateral social condition demands the strategy for facing many social state and consolidating public security against criminal loss. The lacking ability of local police for preventing crime can't satisfy the demand of security and can't get rid of fear of crime. At last, it brings a distrust of public confidence and became a factor of serious social crisis. We have problems - not only making an alternative plan for preventing crime, but also introducing CPTED(Crime Prevention Through Environmental Design) by environmental design, to expect crime prevention and to select systemic crime prevention system and the most suitable model. And we have a goal - to recognize the importance of guard activity for local crime, analyse public safety activity in community & focusing guard activity as a strategy for them, apply CPTED in police and private security company as a local crime prevention & setting effective model, and, make it as an index for preventing & dealing with intellectual, brutal crime. The rapid growth in the guarding-activity field lighten the burden of police for crime-prevention. But the misjudgement of some people blocks it to be settled institutionally. It needs to reconsider what is the effective crime-prevention method, at this point of time when the all parts of a nation changing into unlimited competitive, private self-control system.

• Convergence Security Journal
• /
• v.18 no.2
• /
• pp.25-32
• /
• 2018

As the use of smartphones become more common, the communication via instant messenger becomes natural. However, it is important to secure the relevant information promptly since the chat room between participants can be used as a space for a criminal conspiracy, and crime-related contents can be stored and deleted easily on smartphones. Therefore, this study aims to identify the available data and to use it as proof by comparing and analyzing the instant messengers with high usage rate.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.1 s.45
• /
• pp.127-135
• /
• 2007

As the Internet is used widely, criminal offense that use computer is increasing, and an information security technology to remove this crime is becoming competitive power of the country. In this paper, we suggest network-based intrusion detection system that use fuzzy expert system. This system can decide quick intrusion decision from attack pattern applying fuzzy rule through the packet classification method that is done similarity of protocol and fixed time interval. Proposed system uses fuzzy logic to detect attack from network traffic, and gets analysis result that is automated through fuzzy reasoning. In present network environment that must handle mass traffic, this system can reduce time and expense of security

• The Journal of the Korea Contents Association
• /
• v.12 no.7
• /
• pp.176-182
• /
• 2012

Voice Phishing finds out personal information illegally using electrification and it is confidence game that withdraw deposit on the basis of this. It appeared by new social problem as damage instances increase rapidly. Target of the damage is invading indiscriminately to good civilian and is crime that commit by foreigners such as a most Chinese, Formosan. Voice Phishing can be crime type of new form in terms of criminal practice is achieved in the foreign countries. Therefore, this study wishes to analyze present occurrence actual conditions and example, and search effective confrontation plan regarding Voice Phishing. Voice Phishing criminal offense is growing as crime is not eradicated in spite of continuous public relations and control, and technique is diversified and specializes preferably. Hereafter, confrontation plan about problem may have to be readied in banking communication investigation to eradicate Voice Phishing. Also, polices control activity may have to be reinforce through quick investigation's practice and development of investigation technique, and relevant government ministry and international mutual assistance cooperation such as the Interpol should be reinforced because is shown international crime personality.

• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.10
• /
• pp.411-420
• /
• 2019

Camera model identification has been a subject of steady study in the field of digital forensics. Among the increasingly sophisticated crimes, crimes such as illegal filming are taking up a high number of crimes because they are hard to detect as cameras become smaller. Therefore, technology that can specify which camera a particular image was taken on could be used as evidence to prove a criminal's suspicion when a criminal denies his or her criminal behavior. This paper proposes a deep learning model to identify the camera model used to acquire the image. The proposed model consists of four convolution layers and two fully connection layers, and a high pass filter is used as a filter for data pre-processing. To verify the performance of the proposed model, Dresden Image Database was used and the dataset was generated by applying the sequential partition method. To show the performance of the proposed model, it is compared with existing studies using 3 layers model or model with GLCM. The proposed model achieves 98% accuracy which is similar to that of the latest technology.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.287-290
• /
• 2011

The synchronization feature on the smartphone by default (default) value is set. Smartphone synchronization has been set is stored that smartphone data is automatically backed up is stored When connected to a PC with a smartphone dedicated cable. The backup data is a common technique to analyze the content to be difficult to apply forensic techniques can find out information on criminal suspects. In this paper, the backup data is synchronized to the smartphone through forensic analysis is the study of forensic evidence. In a lab environment to send personal financial information on smartphone, smartphone is assumed that the experiment is compromised. Smartphone's backup data by using the forensic tools in crime associated with personal financial information and analyze data. And, to be adopted by the court will study the evidence leveraging forensic technology. Through this paper as a basis for smartphone forensic analysis will be utilized.

• The Journal of the Korea Contents Association
• /
• v.9 no.3
• /
• pp.312-319
• /
• 2009

The purpose of the paper is to offer an analysis of adult probationers and their recidivism and to suggest a policy to prevent recidivism. Various data analysis methods like frequency analysis, cross-tabulation analysis, regression analysis and logistic regression analysis were used to determine which of a second offense factors and recidivism included in initial data investigation could effectively explain or forecast reference values. This study focused on identifying relations associated with follow-up misconducts of adults under probation, and supposing that those factors could be associated with their second offenses. But it failed to yield so much significant findings. Nevertheless, this study has its own significance in a sense that it explored various risk factors and desires of adults under probation according to empirical data, and suggested formulated measures useful in practice to select and categorize appropriate treatments.