• Convergence Security Journal
• /
• v.22 no.5
• /
• pp.21-35
• /
• 2022

The use of digital information according to the development of information and communication technology and the 4th industrial revolution is continuously increasing and diversifying, and in proportion to this, crimes using digital information are also increasing. However, there are few cases of establishing an environment for processing and analysis of digital evidence in Korea. The budget allocated for each organization is different and the digital forensics laboratory built without solving the chronic problem of securing space has a problem in that there is no standard that can be referenced from the initial configuration stage. Based on this awareness of the problem, this thesis conducted an exploratory study focusing on tools and equipment necessary for building a digital forensics laboratory. As a research method, focus group interviews were conducted with 15 experts with extensive practical experience in the digital forensic laboratory or digital forensics field and experts' opinions were collected on the following 9 areas: network configuration, analyst computer, personal tools·equipment, imaging devices, dedicated software, open source software, common tools/equipment, accessories, and other considerations. As a result, a list of tools and equipment for digital forensic laboratories was derived.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.1
• /
• pp.98-115
• /
• 2012

New trend called ubiquitous leads the recent business by standardization and integration. It should be the main issue how to guarantee the integration and accountability on each business, especially in mission critical system which is mainly supported by M2M (Machine to Machine) control mechanism. This study is from the analysis of digital forensics case study that is from the M2M Sensing Control Mechanism problem of the "Imjin River" case in 2009, where a group of family is swept away to death by water due to M2M control error. The ubiquitous surroundings bring the changes in the field of criminal investigation to real time controls such as M2M systems. The needs of digital forensics on M2M control are increasing on every crime scene but we suffer from the lack of control metrics to get this done efficiently. The court asks for more accurately analyzed results accounting high quality product development design. Investigators in the crime scene need real-time analysis against the crime caused by poor quality of mission critical systems. It seems to be every need of Real-Time-Enterprise, so called ubiquitous society on the case. We try to find the efficiency and productivity in discovering non-functional design defects in M2M convergence products focusing on three metrics in study model with quick implementation. Digital forensics system in present status depends on know-how of each investigator and is hard to expect professional analysis on every field. This study set up a hypothesis "Co-working of professional investigators on each field will qualify Performance and Integrity" especially in mission critical system such as M2M and suggests "Online co-work analysis model" to efficiently detect and prevent mission critical errors in advance. At the conclusion, this study proved the statistical research that was surveyed by digital forensics specialists around M2M crime scene cases with quick implementation of dash board.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.8
• /
• pp.3488-3500
• /
• 2020

At the present time, the economy continues to flourish, and private cars have become the means of choice for most people. Therefore, the license plate recognition technology has become an indispensable part of intelligent transportation, with research and application value. In recent years, the convolution neural network for image classification is an application of deep learning on image processing. This paper proposes a strategy to improve the YOLO model by studying the deep learning convolutional neural network (CNN) and related target detection methods, and combines the OpenCV and TensorFlow frameworks to achieve efficient recognition of license plate characters. The experimental results show that target detection method based on YOLO is beneficial to shorten the training process and achieve a good level of accuracy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.9
• /
• pp.3751-3770
• /
• 2015

Many sorts of image processing software facilitate image editing and also generate a great number of doctored images. Forensic technology emerges to detect the unintentional or malicious image operations. Most of forensic methods focus on the detection of single operations. However, a series of operations may be used to sequentially manipulate an image, which makes the operation detection problem complex. Forensic investigators always want to know as much exhaustive information about a suspicious image's entire processing history as possible. The detection of the operation chain, consisting of a series of operations, is a significant and challenging problem in the research field of forensics. In this paper, based on the histogram distribution uniformity of a manipulated image, we propose an operation chain detection scheme to identify histogram equalization (HE) followed by the dither-like operation (DLO). Two histogram features and a local spatial feature are utilized to further determine which DLO may have been applied. Both theoretical analysis and experimental results verify the effectiveness of our proposed scheme for both global and local scenarios.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.6
• /
• pp.1674-1688
• /
• 2023

The remarkable advancement of quantum steganography offers enhanced security for quantum communications. However, there is a significant concern regarding the potential misuse of this technology. Moreover, the current research on identifying malicious quantum steganography is insufficient. To address this gap in steganalysis research, this paper proposes a specialized quantum steganalysis algorithm. This algorithm utilizes quantum machine learning techniques to detect steganography in general quantum secure communication schemes that are based on pure states. The algorithm presented in this paper consists of two main steps: data preprocessing and automatic discrimination. The data preprocessing step involves extracting and amplifying abnormal signals, followed by the automatic detection of suspicious quantum carriers through training on steganographic and non-steganographic data. The numerical results demonstrate that a larger disparity between the probability distributions of steganographic and non-steganographic data leads to a higher steganographic detection indicator, making the presence of steganography easier to detect. By selecting an appropriate threshold value, the steganography detection rate can exceed 90%.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.49 no.4
• /
• pp.31-41
• /
• 2012

The law enforcement agencies in the worldwide are confiscating or retaining computer systems involved in a crime/civil case, if there are any, at the preliminary investigation stage, even though the case does not involve a cyber-crime. They are collecting digital evidences from the suspects's systems and using them in the essential investigation procedure. It requires much time, though, to collect, duplicate and analyze disk images in general crime cases, especially in cases in which rapid response must be taken such as kidnapping and murder cases. The enterprise forensics, moreover, it is impossible to acquire and duplicate hard disk drives in mass storage server, database server and cloud environments. Therefore, it is efficient and effective to selectively collect only traces of the behavior of the user activities on operating systems or particular files in focus of triage investigation. On the other hand, if we acquire essential digital evidences from target computer, it is not forensically sound to collect just files. We need to use standard digital evidence container from various sources to prove integrity and probative of evidence. In this article, we describe a new digital evidence container, we called Xebeg, which is easily able to preserve collected digital evidences selectively for using general technology such as XML and PKZIP compression technology, which is satisfied with generality, integrity, unification, scalability and security.

• Review of KIISC
• /
• v.26 no.5
• /
• pp.54-61
• /
• 2016

정보 통신 기술이 빠르게 발전하고 디지털 기기가 보급됨에 따라 다양한 유형의 사건을 해결하는데 있어서 디지털 증거가 핵심적인 요소로 활용되고 있다. 이에 잠재적인 디지털 증거를 수집, 추출, 복구, 분석하기 위한 디지털 포렌식(Digital Forensics) 기술의 연구 개발이 전 세계적으로 매우 활발하게 진행되어 왔다. 활발한 연구 개발의 결과, 보다 효율적인 디지털 포렌식 활동을 지원하기 위해서 여러 도구(S/W, H/W)들이 공개되고 있으며 현재 다양한 목적으로 널리 활용되고 있다. 이와 같이 디지털 포렌식 도구의 활용이 일반화되었고 특히 동일(또는 유사한) 기능을 제공하는 여러 도구가 존재함에 따라서 각각의 도구가 제공하는 기능의 범위와 구현의 정확성 등에 대한 검증의 필요성이 제기되었다. 이러한 요구에 맞춰 1999년 미국 국립표준기술연구소(NIST)에서 디지털 포렌식 도구 검증 체계를 구축하였고, 현재까지도 활발하게 진행되고 있다. 본 논문에서는 NIST에서 수행 중인 CFTT와 CFReDS 프로젝트를 소개하고, 진행 현황과 향후의 발전 방향을 설명한다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.3
• /
• pp.79-89
• /
• 2010

Cellular and Smart phone through the business and real life is associated with an increasing number of information processing, Breaches associated with mobile terminal Tile has occurred and cause Crime and damage. In this paper, Cellular and Smart phone for mobile forensics SYN scheme and JTAG scheme to target Cellular and Smart phone for the extraction of forensic data will be studied. SYN, JTAG approach to forensic analysis indicate with the process, Every Smart phone's OS specific performance and data extraction were compared. In the laboratory, Cell and smart phone with the SYN scheme and JTAG scheme to extract forensic data Improvement compared to the extraction is presented.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.2
• /
• pp.671-686
• /
• 2020

Due to the long training time and high training cost of traditional surgical training methods, the emerging virtual surgical training method has gradually replaced it as the mainstream. However, the virtual surgical system suffers from poor authenticity and high computational cost problems. For overcoming the deficiency of these problems, we propose an optimized model for the local compression deformation of soft tissue. This model uses a simulated annealing algorithm to optimize the parameters of the soft tissue model to improve the authenticity of the simulation. Meanwhile, although the soft tissue deformation is divided into local deformation region and non-deformation region, our proposed model only needs to calculate and update the deformation region, which can improve the simulation real-time performance. Besides, we define a compensation strategy for the "superelastic" effect which often occurs with the mass-spring model. To verify the validity of the model, we carry out a compression simulation experiment of abdomen and human foot and compare it with other models. The experimental results indicate the proposed model is realistic and effective in soft tissue compression simulation, and it outperforms other models in accuracy and real-time performance.

• Parasites, Hosts and Diseases
• /
• v.61 no.4
• /
• pp.471-475
• /
• 2023

Archaeoentomological investigations were conducted on soil contents from a grave belonging to the Joseon Dynasty as part of the Urban Environment Maintenance Project (UEMP) in Cheongjin 12-16 dong (districts), Jongno-gu, Seoul, Korea, from December 01, 2008 to February 19, 2011. A total of 28 insect puparia with hard shells of the common green bottle fly Lucilia sericata were identified in the soil. Evidence suggested that the corpse was placed outside for some days instead of being buried immediately after death. This is the first report of fly puparia in soil samples from a tomb of the Joseon Dynasty during 16-17 AD in Korea. Our findings may help determine the timeframe of burial and offer archaeological insights into the funerary customs of the period.