• Proceedings of the Korean Society of Disaster Information Conference
• /
• 2017.11a
• /
• pp.199-200
• /
• 2017

본 연구는 붕괴사고에 대해 원인을 도출하기 위한 조사방법으로 과학적 재난원인 조사기법은 포렌식 기법을 국내에 적용하는데 목적이 있다. 목적달성을 위한 과정의 일환으로 본 연구에서는 조사를 수행하는 일련의 프레임워크를 국내의 실정에 적합하도록 개발하여 적용하기 위해 국외 붕괴사고 조사절차와 포렌식 기법이 적용된 사례를 분석하였다. 그리고 가설의 수집단계-증거수집-가설분석 및 검증-결론도출의 조사 전 단계에서 공학적 검증이 필요한 요소를 도출하고, 붕괴의 사고유형에 따라 요구되는 기법을 도출하고자 하였다. 본 연구는 재난원인조사 분석에 있어 아직 국내에 명확하게 정착하기 못한 포렌식 조사기법의 기본적인 틀을 구축할 수 있다는데 의의가 있다. 특히, 화학사고나, 화재사고 등 다른 재난에 비해 붕괴사고의 경우 국내 외에서 포렌식 조사기법을 적용한 연구나 사례가 상대적으로 부족한 실정이기 때문에 본 연구는 향후 선도적인 가이드라인의 형태로 활용될 수 있을 것이라 판단된다.

• Journal of KIISE:Databases
• /
• v.36 no.2
• /
• pp.63-72
• /
• 2009

Digital forensics refers to finding electronic evidences related to crimes. As cyber crimes are increasing daily, digital forensics for finding electronic evidences is also becoming important. At present, various aspects of digital forensics have being researched including the overall process model and analysis techniques such as network forensics, system forensics and database forensics for digital forensics. Regarding database forensics, only analysis techniques dependent on specific vendors have been suggested. And general process models and analysis techniques which can be used in various databases have not been studied. This paper proposes an integrated process model and analysis technique for database forensics. The proposed database forensics model (DFM) allows us to solve problems and analyze databases according to the situation and purpose, and to use a standard model and techniques for various database analyses. In order to test our model(DFM), we applied it to various database analyses. And we confirmed the results of our experiment that it can be applicable to acquisition in the scene as well as analysis of data relationships.

• Review of KIISC
• /
• v.32 no.2
• /
• pp.29-36
• /
• 2022

클라우드 스토리지는 다양한 리소스에서 인터넷을 통해 데이터를 저장하고 접근하는 형태의 데이터 스토리지를 말한다. 클라우드 스토리지는 서비스 접근성, 용량 조절의 용이성이 높아 꾸준히 사용자가 증가해왔다. 특히 모바일 기기와 연동하여 자동 동기화함으로써 사용자와 관련한 다양한 데이터가 실시간으로 업·다운로드 된다. 이에 따라 클라우드 스토리지에는 디지털 포렌식 관점에서 특정 사실을 증명하거나 사건의 실마리가 되는 중요한 단서가 저장되어 있을 가능성이 크다. 따라서, 본 논문에서는 클라우드 스토리지의 정의와 종류를 살펴보고 디지털 포렌식 관점에서 클라우드 스토리지의 데이터 수집 및 분석 기술에 관한 연구 동향을 분석한다. 또한, 현재 클라우드 스토리지 데이터 수집 기술의 한계를 분석하고 향후 연구 방향에 관해 논의한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.866-867
• /
• 2011

정보화 시대가 빠르게 진행됨에 따라, 우리는 디지털 기기들을 항상 휴대하고 생활한다. 하지만 디지털 장치의 보급은 사이버 범죄의 수단으로 악용되고 있다. 이런 문제를 해결하기 위해 디지털 포렌식에 대한 다양한 연구가 활발히 진행 중이다. 본 논문에서는 디지털 포렌식 기술 연구 동향에 대해 살펴본 후 최근 문제점 및 이유 사항에 대해 논의 한다.

• Journal of Digital Forensics
• /
• v.12 no.3
• /
• pp.1-8
• /
• 2018

A random chat application is a type of social dating application that helps people find a lover or spouse by randomly connecting and providing services such as text, voice and video chat. Recently, there has been globally a rapid increase in its use due to the fact that it provides people to quick and convenient encounters at low cost. However, it is used as one of method to prostitute or to trade drugs and become a cause of violent crimes due to various criminal occurring after actual meeting between app users. For this reason, a random chat application is likely to provide proof of prostitution or drug trade and clues to arrest rape, kidnapping and murder suspects. Thus, it is necessary to analyse random chat applications from the viewpoint of digital forensics investigation, but there is no related research at all. Therefore, in this paper, we analyzed artifacts of 6 Korea random chat application's user behaviors; Ranchat, AngTalk, SsumgThing, DaTalk, EveryTalk and Sail. As a result, we found that it is remain on mobile device that time and contents of message transmission/reception, sender/receiver, friend profile and user account creation time when user is using the applications.

• The Journal of Korean Association of Computer Education
• /
• v.17 no.3
• /
• pp.75-84
• /
• 2014

It is a current situation that a large number of physical and financial damages are increasing due to the growth of intellectual cyber crime and unexpected Internet incidents year by year. In the large scale security incidents, digital forensics techniques for computer crime investigations are essential to secure a place in the field. However, qualified digital forensics investigators who complete with digital security technology are practically insufficient in domestic. In this paper, as one of developing human resources plans regarding to scientific investigation of Internet security incidents, an undergraduate curriculum per stage in digital forensics was proposed. For the effective curriculum per stage, the interviews, group discussion on focused group of existing digital forensics investigators and related research were performed to select curriculum, and then the level of difficulty and practical suitability on each subject designed were analyzed through survey and interview to current investigators and security professionals. After collating the survey, the digital forensic curriculum per level was designed to highly adaptable workforce for the future for working and positive suggestions and proposals are addressed.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.4
• /
• pp.497-501
• /
• 2010

A software montage means information that can be extracted quickly from software and includes inherent characteristics. If a montage is made from well-known programs, we can filter candidates of similar programs among the group of programs based on the montage. In this paper, we suggest software montages based on two characteristics: API calls and strings. To evaluate the proposed montages, we performed experiments to filter candidates of some similar programs to instant messenger programs. From the experiments, we confirmed that the proposed montages can be used as a forensic tool that filters a group of similar programs even when their functions are not known in advance.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.215-218
• /
• 2010

Smart Phone with domestic demand increasing rapidly, the utilization of multimedia services have become diverse. Accordingly, Smart Phone users to hack their Jail Breaking and Rooting and illegal use of the multimedia content is copyrighted. Also relevant to mobile communication terminal as a high crime, create, and the digital evidence increases the utilization of the mobile forensic evidence is required to study. In this paper, Smart Phone Copyright Violation and Forensic Apply Method research. Smart Phone Status and related violations of copyright infringement, broadcasting, film, music, e-book, etc. for each survey item, and how to apply for forensics were studied. This study investigated the development and forensic science will be able to contribute to the development.

• Information Systems Review
• /
• v.19 no.2
• /
• pp.185-209
• /
• 2017

In modern society, crime records have been digitized. Digital information is difficult to distinguish from original information, but the former is easy to modulate. This situation explains the increasing importance of digital forensics. However, digital forensic has several inefficiencies because of the rapid development of technology, unclear jurisdiction, and tool errors. This study surveyed digital forensic specialists and derived the priority of domestic digital forensic issues by redefining 17 issues in digital forensics from Brungs-Jamieson study in Australia. The present study was divided into four groups, namely, police, government and public corporations, private companies, and legal groups. The study could compare and analyze comparative analysis of existing studies in Australia and the US. This study can also examine differences in the results of each group in Korea. Thus, the key issues in Korea were derived as "Requirements to 'Fire Up' Original." The differences of the three groups in terms of legal issues were then identified. This finding enables us to understand differences in priorities and importance between groups and countries.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.455-458
• /
• 2011

일명 일심회 사건으로 디지털 포렌식이 과학수사에서 활용되는 가운데 판결한 최근 사례로서 1심 판결과 2심 판결에서 디지털 증거의 채택여부를 달리하였다. 학계와 법조계의 의견이 분분한 가운데 일심회 판결문의 1심 판결에 대한 중요성은 수차례에 걸쳐 연구되고 논의되었으나 2심 판결에서 이를 번복하므로 디지털 증거의 인정여부를 위한 문제점과 해결, 절차에 대한 연구가 다시 시작할 시점에 이르렀다. 본 연구에서는 디지털 증거가 법적증거로 인정될 수 있는가에 대한 논의를 시작으로, 일심회 사건의 1심과 2심의 판결을 중심으로 디지털 포렌식 증거의 분석을 통해서 문제점과 해결방안을 제시한다. 본 연구결과 디지털 포렌식의 수사현장에서 필요한 조건을 검토하고, 이를 이행함으로써 과학수사의 일환으로 디지털 증거가 법정에서 채택할 수 있도록 한다.