• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.223-230
• /
• 2013

Recently, a large number of corporations are adopting cloud solution in order to reduce IT-related costs. By the way, Digital Trace should have admissibility to be accepted as digital evidence in court, and integrity is one of the factors for admissibility. In this context, this research implemented integrity verification test to VM Data which was collected by well-known private cloud solutions such as Citrix, VMware, and MS Hyper-V. This paper suggests the effective way to verify integrity of VM data collected in private cloud computing environment based on the experiment and introduces the error that EnCase fails to mount VHD (Virtual Hard Disk) files properly.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.347-355
• /
• 2018

Ransomware uses symmetric-key algorithm such as a block cipher to encrypt users' files illegally. If we find the traces of a block cipher algorithm in a certain program in advance, the ransomware will be detected in increased rate. The inclusion of a block cipher can consider the encryption function will be enabled potentially. This paper proposes a way to determine whether a particular program contains a block cipher. We have studied the implementation characteristics of various block ciphers, as well as the AES used by ransomware. Based on those characteristics, we are able to find what kind of block ciphers have been contained in a particular program. The methods proposed in this paper will be able to detect ransomware with high probability by complementing the previous detection methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.57-67
• /
• 2013

Lately, intrusive incidents (including system hacking, viruses, worms, homepage alterations, and data leaks) have not involved the distribution of an virus or worm, but have been designed to acquire private information or trade secrets. Because an attacker uses advanced intelligence and attack techniques that conceal and alter data in a computer, the collector cannot trace the digital evidence of the attack. In an initial incident response first responser deals with the suspect or crime scene data that needs investigative leads quickly, in accordance with forensic process methodology that provides the identification of digital evidence in a systematic approach. In order to an effective initial response to first responders, this paper analyzes the collection data such as user usage profiles, chronology timeline, and internet data according to CFFPM(computer forensics field triage process model), proceeds to design, and implements a collection application to deploy the client/server architecture on the Windows based computer.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.573-583
• /
• 2015

Amcache.hve file is a registry hive file regarding Program Compatibility Assistant, which stores the executed information of applications. With Amcache.hve file, We can know execution path, first executed time as well as deleted time. Since it checks both the first install time and deleted time, Amcache.hve file can be used to draw up the overall timeline of applications when used with the Prefetch files and Iconcache.db files. Amcache.hve file is also an important artifact to record the traces of anti-forensic programs, portable programs and external storage devices. This paper illustrates the features of Amcache.hve file and methods for utilization in digital forensics such as estimation of deleted time of applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.487-498
• /
• 2023

Security incidents using vulnerabilities in cloud services occur, but it is difficult to collect and analyze traces of incidents in cloud environments with complex and diverse service models. As a result, the importance of cloud forensics research has emerged, and infringement response scenarios must be designed from the perspective of cloud service users (CSUs) and cloud service providers (CSPs) based on representative security threat cases in the public cloud service model. This simulated hacking-based proactive cloud infringement response framework can be used to respond to the cloud service critical resource attack process from the viewpoint of vulnerability detection before cyberattacks occur on the cloud, and can also be expected for data acquisition. Therefore, in this paper, we propose a framework for preventive cloud infringement based on simulated hacking by analyzing and utilizing Cloudfox, a cloud penetration test tool.

• Proceedings of the Korean Society for Quality Management Conference
• /
• 2006.11a
• /
• pp.51-56
• /
• 2006

이 연구에서는 의료서비스 품질 향상을 위하여 제안된 뇌 전위적 영상안내에 의한 개두술 방법과 옥틸 시안화 아크렬산염 (2-octylcyanoacrylate: 2-0CA)을 드레싱 재료로 사용한 조사군과, 전통적 개두술 방법과 봉합사 및 아이오다인을 사용했던 대조군과 비교를 실시하여 의료품질 향상 효과를 분석하였다. 연구방법으로는 특정 의료기관에서 26 례 조사군과, 38례 대조군을 대상으로, 임상적 특성, 감염균, 두피접착의 열개(裂開)성 및 기타 위험 인자를 조사하였다. 연구결과 새롭게 제안된 의료용 재료인 2옥틸시안화 아크릴산염은 피부조직 속으로 외부 액체가 유입되는 것을 억제하거나 제한하였으며, 외피 접착기능으로 창상보호 특히, 평균감염률과 감염빈도에 있어서 상대적으로 대조군보다 우수하였다. 한편 뇌 전위적 영상 안내에 의한 개두술 방법으로 수술시간의 단축과 수술 복잡성의 경감 및 위험성이 감소되었으며, 상처 부위 흔적이 적게 남는 등 미용적인 측면에서도 우수한 것으로 나타났다.

• Proceedings of the KIEE Conference
• /
• 2006.07a
• /
• pp.446-449
• /
• 2006

가공 송전선로의 경과지는 대부분 낮은 산악지로서 때때로 국지적인 기상현상에 노출되어 있다. 이러한 현상으로 매년 11월부터 익년3월 사이에 국지성 톨풍에 의한 갤로핑(Galloping)현상이 발생한다. 이 현상이 우리 전력소의 154kV 금포T/L(금오 S/S-포천S/S)에서 발생하였다. 갤로핑 현상은 바람으로 인하여 전력선이 횡진과 출렁임이 발생하는 것을 말하며, 전력선이 심한 진동을 일으켜 전력선 상간 또는 전력선과 가공지선간의 혼촉으로 고장전류가 생기고, 고장전류에 의한 보호계전기 동작으로 선로가 Trip되며, 이로 인하여 전력공급이 중단된다. 또한 전력선의 기계적인 진동에 의하여 전력선의 단선으로 영구고장을 일으킬 수 있다. 본 논문에서는 경기북부지역의 산악지에 설치된 154kV 송전선로에서 산비탈면을 타고 오르는 상승 바람에 의한 갤로핑 사례를 국내 최초로 현장에서 촬영한 동영상 자료를 토대로 소개하고, 갤로핑 발생시 송전선로에 미친 영향 등 검토 결과를 알아본다. 그리고 전력선 상호간 혼촉이 발생한 지점의 아크 흔적을 설명하고, 갤로핑으로 인한 상간 혼촉방지를 목적으로 개발된 폴리머 상간 스페이서의 시공사례를 소개하며, 현재까지 상간 스페이서(interphase spacer)가 설치된 송전선로의 점검 결과를 소개하고자 한다.

• Journal of Korean Society of Archives and Records Management
• /
• v.9 no.2
• /
• pp.41-58
• /
• 2009

Historically the relation between the power and archives is inseparable. Archives are the recorded traces of political actions and an intention of power has a considerable effect on the existence of archives. In the democratic society the power serves people on the basis of the archives adopted as an evidence of political actions. Archives play an important role for the balance of power, which is a principle point of democracy. Considering the function and symbolism of archives, its proper and reasonable management is connected directly to the protection of people's rights.

• Journal of Advanced Navigation Technology
• /
• v.18 no.1
• /
• pp.44-49
• /
• 2014

In recent, watermarking technology have been paying attention to methods avoiding illegal use and reproduce of digital contents. Then, in order to protect the right of digital contents, a watermark image is inserted into original images. In different watermarking methods, several technologies using Ant Colony Algorithm have been studied. In this paper, we propose a watermarking method using a discrete optimization method in the ants colony algorithm. This proposed method resembls the process that ants follow the pheromone traps to find out food. And when a watermark image is inserted into original images, the proposed method considers the deployment of obstacles or the balance between cells in the entire digital image. Simulation results show that the proposed method is increased in robustness of watermarked image and is decreased in the perceptibility of watermarking compared to the previous methods.

• Journal of Environmental Impact Assessment
• /
• v.32 no.6
• /
• pp.450-462
• /
• 2023

This study suggested methodology of Citizen Science as a tool of ecosystem conservation and management to achieve Wetland Protected Area (WPA) Conservation Plan and examined whose applicability in 3 WPAs (Jangrok of Gwangju metropolitan city, Madongho of Goseong in South Gyeongsang Province, and Incheongang estuary of Gochang in North Jeolla Province). It consists of a) figuring out main interests and stakeholder or beneficiaries of WPA and their information demand based on conservation, utilization, and management target in the WPA Conservation Plan, b) conducting research activities to gain outcome to address stakeholder's demand, and c) returning the research outcome to citizen scientists and making diffusion to the society. Based on the suggested method and process, citizen scientists conducted ecosystem monitoring (plants including Invasive Alien Plants, terrestrial insects, traces of mammals, discovering unknown wetland). As a result, citizen scientists contributed to collecting species information of 16 plans, 43 species of terrestrial insects, 5 mammals including Lutra lutra (Endangered Species I) and Prionailurus bengalensis (Endangered Species II). The authors constructed and provided distribution map of Invasive Alien Plants, which included information of location and density which citizen scientists registered, for Environment Agencies and local governments who manage 3 WPAs to aid data-based ecosystem policy, In further studies, not only accumulating research data and outcomes acquired from citizen science to suffice the policy demands but also deliberate reviewing policy applicability and social·economic ripple effect should be processed for the suggested Citizen Science in WPA to be settled down as a tool of ecosystem conservation and management.