• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.75-84
• /
• 2015

In an "NTFS Index Record Data Hiding" method messages are hidden by using file names. Windows NTFS file naming convention has some forbidden ASCII characters for a file name. When inputting Hangul with the Roman alphabet, if the forbidden characters for the file name and binary data are used, the codes are convert to a designated unicode point to avoid a file creation error due to unsuitable characters. In this paper, the problem of a file creation error due to non-admittable characters for the file name is fixed, which is used in the index record data hiding method. Using Hangul with Roman alphabet the characters cause a file creation error are converted to an arbitrary unicode point except Hangul and Roman alphabet area. When it comes to binary data, all 256 codes are converted to designated unicode area except an extended unicode(surrogate pairs) and ASCII code area. The results of the two cases, i.e. the Hangul with Roman alphabet case and the binary case, show the applicability of the proposed method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.573-583
• /
• 2015

Amcache.hve file is a registry hive file regarding Program Compatibility Assistant, which stores the executed information of applications. With Amcache.hve file, We can know execution path, first executed time as well as deleted time. Since it checks both the first install time and deleted time, Amcache.hve file can be used to draw up the overall timeline of applications when used with the Prefetch files and Iconcache.db files. Amcache.hve file is also an important artifact to record the traces of anti-forensic programs, portable programs and external storage devices. This paper illustrates the features of Amcache.hve file and methods for utilization in digital forensics such as estimation of deleted time of applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.369-378
• /
• 2020

Due to the widespread use of mobile devices, smartphone penetration and usage rate continue to increase and there is also an increasing amount of data that need to be stored and managed in applications. Therefore, recent applications use mobile databases to store and manage user data. Realm database, developed in 2014, is attracting more attention from developers because of advantages of continuous updating, high speed, low memory usage, simplicity and readability of the code. It also supports an encryption to provide confidentiality and integrity of personal information stored in the database. However, since the encryption can be used as an anti-forensic technique, it is necessary to analyze the encryption and decryption processes provided by Realm Database. In this paper, we analyze the structure of Realm Database and its encryption and decryption process in detail, and analyze an application that supports an encryption to propose the use cases of the Realm Database.

• Journal of Biomedical Engineering Research
• /
• v.39 no.6
• /
• pp.250-255
• /
• 2018

Accurate blood typing is the crucial factor for safe and successful blood transfusion and plays a very important role in organ transplantation and genetic information of forensic medicine. Microfluidic devices have been developed to overcome the limitations of the conventional blood typing methods. In this study, we demonstrate a Lamb wave-based device for simple blood typing in a sample droplet and we propose new indices for quantitative and accurate blood typing. Using Lamb wave-induced acoustic streaming in the droplet, the blood sample and the reagent can be mixed rapidly and red blood cells start to form clumps, which is agglutination. Based on the recorded image and video, the intensity of transmitted light through the sample droplet is evaluated to determine the blood type. Effect of the concentration of suspended red blood cells was evaluated and we found that 10% concentration of suspended red blood cells was suitable to observe the difference between aggregated and non-aggregated samples. Finally, sample with blood type A could be determined using anti-A reagent in our Lamb wave-based device. Our device enables simple and accurate blood typing, which can be applied to resource-limited environments.

• Journal of Soil and Groundwater Environment
• /
• v.27 no.4
• /
• pp.37-48
• /
• 2022

Accurate analysis of petroleum hydrocarbons in soil is an important prerequisite for proper source tracking of contamination. Identification of petroleum compounds is commonly carried out by peak pattern matching in gas chromatography. However, this method has several technical limitations, especially when the soils underwent biological, physical and chemical transformation. For instance, it is very difficult to distinguish jet fuel (JP-8) from kerosene because JP-8 is derivatized from secondary reaction between chemical agents (e.g. anti-oxidants, antifreezer and so on) and kerosene. In this study, an alternative method to separately analyze JP-8 and kerosene in the petroleum hydrocarbon contaminated soil was proposed. Qualitative analyses were performed for representative phenolic antioxidants [2,6-di-tert-butyl phenol (2,6-DTBP), 2,4-di-tert- butylphenol(2,4-DTBP), 2,6-di-tert-butyl-4-methyl phenol (2,6-DTBMP)] using a two dimensional gas chromatograph mass spectrometer (2D GC×GC-TOF-MS). This qualitative analysis of antioxidants in soil would be a useful complementary tool for the peak pattern matching method to identify JP-8 contamination in soil.

• Journal of English Language & Literature
• /
• v.56 no.3
• /
• pp.461-485
• /
• 2010

The present paper focuses on a specific aspect of H. G. Wells' The Island of Doctor Moreau (1896), namely the issue of homosexuality, particularly as it concerns Prendick, the novel's primary narrator, and Montgomery, Moreau's assistant on the island, both of whom are implicitly associated with homosexual identity-and suggested to represent various forms of repression or acceptance-their personalities, or psyche, explored in relation to other characters on Moreau's island, particularly the Beast Folk, as well as Doctor Moreau and his treatment of the creatures as an allegory of Victorian anti-sodomy legislation and its most celebrated victim, Oscar Wilde, who had been convicted for male sodomy in 1895, only months prior to the original publication of The Island of Doctor Moreau. In addition, this paper examines an extensive series of allusions to Oscar Wilde and to late-Victorian homosexual scandals, including that author's own conviction, allusions to others involved in the affair-some of which involve situational/plot analogies, while others involve echoes or semantic associations between the names of characters in Moreau and historical figures-as well as allusions and parallels involving the most recognizably biographical of Wilde's works, The Picture of Dorian Gray (1890). The deliberate, complex web of allusions and ironic implications of homosexuality, presented in this essay, thus, expands considerably upon existing scholarly work on a range of matters concerning homosexual identity and conduct within the context of social conventions and legislation in the late-Victorian period, as well as more broadly, in scientific and humanistic terms. In this respect, one key aspect of this essay is the exploration of the novel's setting of Noble's Island, which, among other things, includes topographical allusions to nineteenth-century scientific theories of anatomical anomalies in pederasts-namely those of the eminent French forensic medical scientist, Ambroise Tardieu (1818-1879), whose underlying framework of physiological adaptation, moreover, intersected with the scientific interests of Wells and of his protagonist. Beyond this, it is shown that, in Moreau, there is as a web of allusions to homosexual practice and those same anomalies, involving the character of Montgomery and his name.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.193-206
• /
• 2024

In tandem with the advancements in the digital era, the significance of digital data has escalated, necessitating an increased focus on digital forensics investigations. However, the process of collecting and analyzing digital evidence faces significant challenges, such as the unidentifiability of damaged files due to issues like media corruption and anti-forensic techniques. Moreover, the technological limitations of existing tools hinder the recovery of damaged files, posing difficulties in the evidence collection process. This paper aims to propose solutions for the recovery of corrupted MS Office files commonly used in digital data creation. To achieve this, we analyze the structure of MS Office files in the OOXML format and present a novel approach to overcome the limitations of current recovery tools. Through these efforts, we aim to contribute to enhancing the quality of evidence collection in the field of digital forensics by efficiently recovering and identifying damaged data.

• Parasites, Hosts and Diseases
• /
• v.51 no.6
• /
• pp.711-717
• /
• 2013

Opisthorchis viverrini (O. viverrini) is a well-known causative agent of cholangiocarcinoma (CCA) in humans. CCA is very resistant to chemotherapy and is frequently fatal. To understand the pathogenesis of CCA in humans, a rodent model was developed. However, the development of CCA in rodents is time-consuming and the xenograft-transplantation model of human CCA in immunodeficient mice is costly. Therefore, the establishment of an in vivo screening model for O. viverrini-associated CCA treatment was of interest. We developed a hamster CCA cell line, Ham-1, derived from the CCA tissue of O. viverrini-infected and N-nitrosodimethylamine-treated Syrian golden hamsters. Ham-1 has been maintained in Dulbecco's Modified Essential Medium supplemented with 10% fetal bovine serum for more than 30 subcultures. These cells are mostly diploid (2n=44) with some being polyploid. Tumorigenic properties of Ham-1 were demonstrated by allograft transplantation in hamsters. The transplanted tissues were highly proliferative and exhibited a glandular-like structure retaining a bile duct marker, cytokeratin 19. The usefulness of this for in vivo model was demonstrated by berberine treatment, a traditional medicine that is active against various cancers. Growth inhibitory effects of berberine, mainly by an induction of G1 cell cycle arrest, were observed in vitro and in vivo. In summary, we developed the allo-transplantable hamster CCA cell line, which can be used for chemotherapeutic drug testing in vitro and in vivo.

• Journal of Internet of Things and Convergence
• /
• v.9 no.6
• /
• pp.23-28
• /
• 2023

Windows operating system generates various logs with timestamps. Timestamp tampering is an act of anti-forensics in which a suspect manipulates the timestamps of data related to a crime to conceal traces, making it difficult for analysts to reconstruct the situation of the incident. This can delay investigations or lead to the failure of obtaining crucial digital evidence. Therefore, various techniques have been developed to detect timestamp tampering. However, there is a limitation in detection if a suspect is aware of timestamp patterns and manipulates timestamps skillfully or alters system artifacts used in timestamp tampering detection. In this paper, a method is designed to detect changes in timestamps, even if a suspect alters the timestamp of a file on a storage device, it is challenging to do so with precision beyond millisecond order. In the proposed detection method, the first step involves verifying the timestamp of a file suspected of tampering to determine its write time. Subsequently, the confirmed time is compared with the file size recorded within that time, taking into consideration the performance of the storage device. Finally, the total capacity of files written at a specific time is calculated, and this is compared with the maximum input and output performance of the storage device to detect any potential file tampering.

• Analytical Science and Technology
• /
• v.32 no.2
• /
• pp.35-47
• /
• 2019

In this study, high-performance liquid chromatography-tandem mass spectrometry (HPLC-MS/MS) was employed to detect 26 antidiabetic compounds in adulterated dietary supplements using a simple, selective method. The work presented herein may help prevent incidents related to food adulteration and restrict the illegal food market. The best separation was obtained on a Shiseido Capcell Pak(R) C18 MG-II ($2.0mm{\times}100mm$, $3{\mu}m$), which improved the peak shape and MS detection sensitivity of the target compounds. A gradient elution system composed of 0.1 % (v/v) formic acid in distilled water and methanol at a flow rate of 0.3 mL/min for 18 min was utilized. A triple quadrupole mass spectrometer with an electrospray ionization source operated in the positive or negative mode was employed as the detector. The developed method was validated as follows: specificity was confirmed in the multiple reaction monitoring mode using the precursor and product ion pairs. For solid samples, LOD ranged from 0.16 to 20.00 ng/mL and LOQ ranged from 0.50 to 60.00 ng/mL, and for liquid samples, LOD ranged from 0.16 to 20.00 ng/mL and LOQ ranged from 0.50 to 60.00 ng/mL. Satisfactory linearity was obtained from calibration curves, with $R^2$ > 0.99. Both intra and inter-day precision were less than 13.19 %. Accuracies ranged from 80.69 to 118.81 % (intra/inter-day), with a stability of less than 14.88 %. Mean recovery was found to be 80.6-119.0 % and less than 13.4 % RSD. Using the validated method, glibenclamide and pioglitazone were simultaneously determined in one capsule at concentrations of 1.52 and 0.53 mg (per capsule), respectively.