• Journal of Internet Computing and Services
• /
• v.23 no.5
• /
• pp.69-78
• /
• 2022

As the use of Internet of Things (IoT) devices has expanded, digital forensics coverage of the National Police Agency has expanded to smart home areas. Accordingly, most of the existing studies conducted to acquire smart home platform data were mainly conducted to analyze local data of mobile devices and analyze network perspectives. However, meaningful data for evidence analysis is mainly stored on cloud storage on smart home platforms. Therefore, in this paper, we study how to acquire stored in the cloud in a Hey Home Air environment by extracting accessToken of user accounts through a cookie database of browsers such as Microsoft Edge, Google Chrome, Mozilia Firefox, and Opera, which are recorded on a PC when users use the Hey Home app-based "Hey Home Square" service. In this paper, the it was configured with smart temperature and humidity sensors, smart door sensors, and smart motion sensors, and artifacts such as temperature and humidity data by date and place, device list used, and motion detection records were collected. Information such as temperature and humidity at the time of the incident can be seen from the results of the artifact analysis and can be used in the forensic investigation process. In addition, the cloud data acquisition method using OpenAPI proposed in this paper excludes the possibility of modulation during the data collection process and uses the API method, so it follows the principle of integrity and reproducibility, which are the principles of digital forensics.

• Journal of Platform Technology
• /
• v.11 no.3
• /
• pp.32-44
• /
• 2023

A blockchain bridge (hereinafter referred to as "bridge") is a service that enables the transfer of assets between blockchains. A bridge accepts virtual assets from users and delivers the same virtual assets to users on other blockchains. Users use bridges because they cannot transfer assets to other blockchains in the usual way because each blockchain environment is independent. Therefore, the movement of assets through bridges is not traceable in the usual way. If a malicious actor moves funds through a bridge, existing asset tracking tools are limited in their ability to trace it. Therefore, this paper proposes a method to obtain information on bridge usage by identifying the structure of the bridge and analyzing the event logs of bridge requests. First, to understand the structure of bridges, we analyzed bridges operating on Ethereum Virtual Machine(EVM) based blockchains. Based on the analysis, we applied the method to arbitrary bridge events. Furthermore, we created an automated tool that continuously collects and stores bridge usage information so that it can be used for actual tracking. We also validated the automated tool and tracking method based on an asset transfer scenario. By extracting the usage information through the tool after using the bridge, we were able to check important information for tracking, such as the sending blockchain, the receiving blockchain, the receiving wallet address, and the type and quantity of tokens transferred. This showed that it is possible to overcome the limitations of tracking asset movements using blockchain bridges.