• Title/Summary/Keyword: 수사 기법

Search Result 124, Processing Time 0.024 seconds

A Study on Twitter Crawling Techniques for Tracking Digital Sexual Crimes (디지털 성범죄 추적을 위한 트위터 크롤링 기법 연구)

  • Hyeon-Woo Lee;Su-Bin Lee;Dong-Hwi An;Jiyeon Kim;Chang-Hoon Kim
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2023.07a
    • /
    • pp.203-205
    • /
    • 2023
  • 소셜미디어 사용이 증가하면서 성 착취물, 불법 촬영물과 같은 디지털 성범죄 또한 확산되는 추세이다. 소셜미디어에서 검색어 차단 정책 등을 통해 디지털 성범죄를 제재하기 위한 노력이 이루어지고 있으나, 은어 및 다양한 변형어를 사용한 우회 검색을 모두 차단하는 것이 어려울 뿐 아니라, 단시간에도 방대한 양의 데이터가 생성되는 소셜미디어 특성상 범죄 관련 게시글을 모두 식별해 내는 것이 현실적으로 불가능하다. 따라서 능동적이고 고도화된 크롤링 기술 개발을 통해 소셜미디어상의 범죄를 실시간 탐지하는 연구가 필요하다. 본 논문에서는 디지털 성범죄 관련 데이터가 빈번하게 관찰되는 트위터를 대상으로 성 착취물 및 불법 촬영물 정보를 수집하기 위한 검색 키워드를 정의하고, 실제 트위터 크롤링을 수행하여 텔레그램, 디스코드, 라인 등과 같은 다른 소셜미디어에 성범죄물이 유포되는 정황을 URL, 코드, 해시태그 추출을 통해 확보하는 수사 기술을 개발한다.

  • PDF

The cutoff criterion and the accuracy of the polygraph test for crime investigation (범죄수사를 위한 거짓말탐지 검사(polygraph test)의 판정기준과 정확성)

  • Yu Hwa Han ;Kwangbai Park
    • Korean Journal of Culture and Social Issue
    • /
    • v.14 no.4
    • /
    • pp.103-117
    • /
    • 2008
  • The polygraph test administered by the Korean Prosecutors Office for crime investigations customarily uses the score of -12 as the cutoff point separating the subjects who lie from those who tell the truth. The criterion used by the KPO is different from the one (-13) suggested by Backster (1963) who invented the particular method for lie detection. Based on the signal detection theory applied to the real polygraph test data obtained from real crime suspects by the KPO, the present study identified the score of -8 as an optimal criterion resulting in the highest overall accuracy of the polygraph test. The classification of the subjects with the score of -8 as the criterion resulted in the highest accuracy (83.17%) compared with the accuracies of classifications with the Backster's criterion (76.24%) and the KPO's criterion (80.20%). However, the new criterion was also found to result in more false-positive cases. Based on the results from the present study, it was recommended to use the score of -8 as the criterion when the overall accuracy is important but the score of -12 or -13 when avoiding false-positive is more important than securing the overall accuracy.

  • PDF

Digital Forensic Technique Research through Messenger Analysis (메신저 사용정보 분석을 통한 디지털 포렌식 기법 연구)

  • Choi, Joon-Ho;Kwon, Hyuk-Don;Lee, Sang-Jin;Lim, Jong-In
    • Proceedings of the Korean Society of Broadcast Engineers Conference
    • /
    • 2007.02a
    • /
    • pp.45-48
    • /
    • 2007
  • 메신저는 인터넷을 통해 실시간으로 대화를 주고받을 수 있는 소프트웨어로서 사용률이 점차 증가하고 있는 추세이다. 메신저의 사용률이 증가함에 따라 메신저를 사이버 범죄의 하나의 도구로써 이용하는 사례가 발생하고 있다. 메신저가 사이버 범죄에 악용되는 사례가 늘어나면서 전 세계적으로 MSN Messenger, AOL Instant Messenger, ICQ와 같은 외산 메신저 소프트웨어 대한 포렌식 연구가 활발히 진행 되고 있다. 본 논문에서는 현재 국내에서 사용되고 있는 메신저에 대한 포렌식 기법 연구를 통하여 범죄 발생 당시 용의자들의 정보를 획득하고 이를 컴퓨터 범죄 수사에 활용하는 방안을 제시한다.

  • PDF

A Korean Revision System Using the governal and collocational relation between words (단어 간 지배 관계 및 연관 관계를 이용한 한국어 교열 시스템)

  • Sim, Chul-Min;Kim, Min-Jung;Lee, Young-Sik;Kwon, Hyuk-Chul
    • Annual Conference on Human and Language Technology
    • /
    • 1993.10a
    • /
    • pp.303-316
    • /
    • 1993
  • 스펠러와 같은 오류 처리 기법은 한 어절 사이의 처리에 국한되거나, 또는 수사 처리와 같이 일부 제한된 품사 영역에서만 어절을 넘어선 처리가 행해지고 있다. 한편 교열과 같은 어절 단위를 넘어선 오류 처리는 완벽한 통사 분석과 의미 해석을 반드시 필요로 한다고 생각되어져 왔다. 그리고 현재 한국어 처리에서는 완벽한 통사적, 의미적 처리가 불가능하기 때문에 교열 시스템 또는 어절 단위를 넘어선 오류 처리에 대한 연구가 거의 전무한 실정이다. 본 논문은 어절을 넘어선 오류의 유형을 분류하고, 문장 단위로 관련된 단어 사용오류를 검사하는 기법과 관련 단어 처리를 위한 규칙 데이타 베이스의 구조를 제안한다. 단어 사이에 존재하는 통사적, 의미적 지배 관계와 연관 관계를 어휘선택 제약으로 이용함으로써 완벽한 통사 분석과 의미 분석이 없이도 교열이 가능하게 하였다.

  • PDF

Criminal Cases and Trends in Forensic Techniques on the Dark Web (다크웹 상의 범죄 사례 및 포렌식 기법 동향)

  • So-Hee Park;Eun-Jeong Do;Hoon-Jae Lee
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2023.07a
    • /
    • pp.221-223
    • /
    • 2023
  • 오늘날 전 세계적으로 연결되어 있는 인터넷을 통해 사용자들은 아무런 제약 없이 의사소통 및 거래 등 다양한 활동을 할 수 있게 되었다. 그러나 이러한 인터넷상의 자유를 범죄의 수단으로 한 인터넷상의 사이버 범죄가 급속하게 증가하고 있다. 특히 인터넷 중 하나로 분류되는 다크웹에서는 심각한 중대 범죄들이 많이 발생하고 있는데, 다크웹은 일반 네트워크와 달리 암호화 기술을 사용하는 특정 네트워크를 통해서만 접속이 가능하기 때문에 사용자에게 익명성과 비밀성을 제공할 수 웹 사이트이다. 이러한 다크웹의 특성으로 인해 마약 거래, 아동 포르노 유포, 개인정보 유출 등 다양한 사이버 범죄가 발생하고 있다. 본 논문에서는 이러한 다크웹 상에서 발생하는 주요 범죄 사례를 알아보고 이에 대한 포렌식 수사 기법의 동향을 살펴보고자 한다.

  • PDF

A Study on the Reality and Improvement of Autonomous Police System in Jeju Special Self-Government Province (제주자치경찰 시스템의 실태와 발전모델에 관한 연구)

  • Cho, Chul-Ok
    • Korean Security Journal
    • /
    • no.14
    • /
    • pp.485-516
    • /
    • 2007
  • Jeju Special Self-Government Province adopted an autonomous police system for the first time since 60 years in Korean police. The purpose of autonomous police system is to offer a police service to be suitable in regional conditions. But Jeju autonomous police system for nearly one year after adoption is criticized to be established on the ground of political reason but not local decentralization. Actually Jeju autonomous police has not a clear cut jurisdiction and operation scope because of the jurisdiction duplication between national and autonomous police. The original task is confined on environment and sightseeing so on given to administration police for local self-government. So criminal investigation authority on general crimes is not to Jeuju autonomous police on account of special judicial police. First, it is the structural rationalization of Jeju autonomous police system. It speaks that Jeju provincial police bureau and police station have to be as national police institution, on the other hand, patrol district station and police box have to be as autonomous police institution. Of course, functional division has to be followed. National police performs managing all the assembly and demonstration by the management law on assembly and demonstration including the suppression against any large scale demonstration and disturbance, also the investigation on serious crimes just as international crimes and broaden area crimes including all the felony. Together national police performs the duty concerned to all the foreign affairs and national securities in along with the investigation on traffic accidents. On the other hand, autonomous police performs the function for citizen's life safety as crime prevention and the enforcement on the violation against police operation law, together the traffic management and the regulation on traffic violations. and the investigation on minor crime as simple violence or petty larceny including the management on local big events. Second, the budgetary of autonomous police is rationalized by the share of budgeting between Korean government and Jeju special self-government province. Third, urgent arrest authority on general crime and the rights of claims for the summary trial on minor crimes are given to autonomous police. Of course, this problem is resolved naturally in case of giving the investigation rights to autonomous police on minor crimes.

  • PDF

A Study on Bernard Lamy's La Rhétorique ou L'Art de Parler (베르나르 라미의 『수사학 또는 말하는 기법(1675)』에 관한 연구)

  • LEE, Jong Oh
    • Journal of International Area Studies (JIAS)
    • /
    • v.13 no.1
    • /
    • pp.345-368
    • /
    • 2009
  • Our research task have goal to describe a treaty rhetoric known as 『La Rhétorique ou L'Art de Parler』(1688) which corresponds to a very wide field of which the step is not yet dubious in our country. Thus to study the rhetoric of Lamy borrowed from the thought of Descartes, we left the concept d' origin of language in traditional rhetoric in connection with logic and grammar (in first part). Also the second part is devoted to the tropes and the figures that are modified and deteriorated by the language of passion called 'rhetoric of passion or psychological of figure', etc. And the third part interests in the body of the speech being the character of l' heart. Under the influence of the rhetoric of Lamy, French rhetoric at the 17th century is held for an essential text when one interests in the history of the ideas and rhetoric, marked in its specificity (passion). The project of Lamy registered in the concept of passion like 'manners of speaking'. To close this study, which does one have to retain? The first remark to note is that Lamy founds his rhetoric in opposition to traditional designs dating from the beginning of Aristote. Second remark is the idea that one finds based in famous the books of Dumarsais at the 18th century and Fontanier at the 19th century. Admittedly, Lamy is a true rhetorician, grammairien which interests in the question of passions in the speech forces to reconsider the idea spread since Mr. Foucault, and makes it possible to understand the passage of the Great century at the Century of Lumuères. Even if this opinion is not shared, it will be agreed that the work of Lamy on passions or the phenomena sensory and psychological in the center of the language deserves reflexion.

A Design of Timestamp Manipulation Detection Method using Storage Performance in NTFS (NTFS에서 저장장치 성능을 활용한 타임스탬프 변조 탐지 기법 설계)

  • Jong-Hwa Song;Hyun-Seob Lee
    • Journal of Internet of Things and Convergence
    • /
    • v.9 no.6
    • /
    • pp.23-28
    • /
    • 2023
  • Windows operating system generates various logs with timestamps. Timestamp tampering is an act of anti-forensics in which a suspect manipulates the timestamps of data related to a crime to conceal traces, making it difficult for analysts to reconstruct the situation of the incident. This can delay investigations or lead to the failure of obtaining crucial digital evidence. Therefore, various techniques have been developed to detect timestamp tampering. However, there is a limitation in detection if a suspect is aware of timestamp patterns and manipulates timestamps skillfully or alters system artifacts used in timestamp tampering detection. In this paper, a method is designed to detect changes in timestamps, even if a suspect alters the timestamp of a file on a storage device, it is challenging to do so with precision beyond millisecond order. In the proposed detection method, the first step involves verifying the timestamp of a file suspected of tampering to determine its write time. Subsequently, the confirmed time is compared with the file size recorded within that time, taking into consideration the performance of the storage device. Finally, the total capacity of files written at a specific time is calculated, and this is compared with the maximum input and output performance of the storage device to detect any potential file tampering.

Detecting Methods of the Database Block Size for Digital Forensics (디지털 포렌식을 위한 데이터베이스 블록 크기의 탐지 기법)

  • Kim, Sunkyung;Park, Ji Su;Shon, Jin Gon
    • KIPS Transactions on Software and Data Engineering
    • /
    • v.9 no.4
    • /
    • pp.123-128
    • /
    • 2020
  • As the use of digital devices is becoming more commonplace, digital forensics techniques recover data to collect physical evidence during the investigation. Among them, the file forensics technique recovers deleted files, therefore, it can recover the database by recovering all files which compose the database itself. However, if the record is deleted from the database, the modified record contents will not be restored even if the file is recovered. For this reason, the database forensics technique is required to recover deleted records. Database forensics obtains metadata from database configuration files and recovers deleted records from data files. However, record recovery is difficult if database metadata such as block size cannot be obtained from the database. In this paper, we propose three methods for obtaining block size, which is database metadata. The first method uses the maximum size of free space in the block, and the second method uses the location where the block appears. The third method improves the second method to find the block size faster. The experimental results show that three methods can correctly find the block size of three DBMSes.

A Study of IP Spoofing Attack and Defense Through Proxy Server (Proxy Server를 통한 IP Spoofing 공격과 방어 연구)

  • Lee, Bo-Man;Park, Dea-Woo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2010.05a
    • /
    • pp.281-284
    • /
    • 2010
  • The characteristics of International Hacking is that because even if with tracing techniques, nobody can find Real IP address of the attacker so it is true that Great difficulty in the investigation. so that an attacker goes through the Proxy Server Many times and they use techniques of IP Spoofing to hide their IP address. In this paper, study How attackers use IP Spoofing Technique and the application of Proxy Server. In addition, to Propose IP Spoofing attacks through the Proxy Server attack and defend methods also IP traceback methods so this study materials will contribute to the development of International Hacking and Security Protection Technology.

  • PDF