• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.417-429
• /
• 2013

A lot of OS(Operating Systems) such as Linux and Android selected Ext4 as the official file system. Therefore, a recovery of deleted file from Ext4 is becoming a pending issue. In this paper, we suggest how to recover the deleted file by analyzing the entire structure of Ext4 file system, the study of metadata area, the distinct feature when file is assigned and deleted. Particularly, we focus on studying the features of file which is assigned in Ext4 file system in Android OS and also suggest the method to recover the deleted file that is fragmented from the un-allocated area.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.6
• /
• pp.1423-1428
• /
• 2010

This paper designs file security function on Windows O.S. Whenever you use Windows O.S, you need to protect some file data. This paper designs these security protection functions. This paper proposes two security functions on Windows O.S. One is file security. the other is directory access protection. To check the proposed functions well, I experiment the above functions on the Windows O.S. By this experiment, I confirmed that the proposed function worked well.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.3-10
• /
• 2007

In this paper, we proposed the methodology for security testing using block-based file fault injection. When fault is inserted into software, we consider the format of file in order to efficiently reduce the error that is caused by mismatch of format of file. The Vulnerability the methodology focuses on is related to memory processing, such as buffer overflow, null pointer reference and so on. We implemented the automatic tool to apply the methodology to image file format and named the tool ImageDigger. We executed fault-injection focused on WMF and EMF file format using ImageDigger, and found 10 DOS(Denial of Service) in Windows Platform. This methodology can apply to block-based file format such as MS Office file.

• The Journal of Korean Association of Computer Education
• /
• v.14 no.6
• /
• pp.75-81
• /
• 2011

Cookie is simple text file, which contains records of web service which provided to user. some of data included in Cookie has user's private information. When attacker has Cookie which included user's private information, will causing financial losses. In this paper we designed security section which can improve vulnerable Cookie's security level. Through research and vulnerability analysis of Cookie file, we find out how to implement security area to offer efficient security area and design security area for cookie file. Also we checked security level to performance evaluation. Through this security level, we can keep user's private information secure using Cookie's improve security level which stored in user's personal computer.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.3
• /
• pp.612-618
• /
• 2013

The file security function, which this paper suggests, restricts the access of an unauthorized users by using password algorithm and saving file. Saved files that are encrypted are read by decrypting them with decryption algorithm. These features are user interface to design the program for user friendly. The security function implements both file encryption and decryption programs and tests whether the experiment works or not. In addition, when a decryption is progressed and the settings of between decryption and encryption are different each other, the security function also checks the possibility of decryption. We can enhance the security on important files stored in Windows servers or personal computers by developing this program.

• The Journal of Society for e-Business Studies
• /
• v.7 no.1
• /
• pp.167-186
• /
• 2002

The encryption of a file on a PC before saving can maintain security of the file. However, if the key for the encrypted file is lost or damaged, the encrypted file can not be decrypted, resulting in serious economical loss to the user or the user group. In order to minimize the economical loss a secure and reliable key recovery technology is required. Presented in this paper is the development and evaluation of PKRS (PC based Key Recovery System) which supports encryption and decryption of file and recovery of the encrypted file in emergency. The encapsulating method, which attaches key recovery information to encrypted file, is applied to the PKRS. In addition, the PKRS is developed and evaluated according to the requirements of Requirements for Key Recovery Products proposed by NIST and requirements of Common Criteria 2.0 to prove the safety and reliability of the information security system. This system is applicable to a PC and can be further extended to internet or intranet environment information system where in encryption and recovery of file is possible.

• Journal of Information Processing Systems
• /
• v.17 no.4
• /
• pp.834-850
• /
• 2021

IT security companies have been releasing file system filter driver security solutions based on the whitelist, which are being used by several enterprises in the relevant industries. However, in February 2019, a whitelist vulnerability was discovered in Microsoft Edge browser, which allows malicious code to be executed unknown to users. If a hacker had inserted a program that executed malicious code into the whitelist, it would have resulted in considerable damage. File system filter driver security solutions based on the whitelist are discretionary access control (DAC) models. Hence, the whitelist is vulnerable because it only considers the target subject to be accessed, without taking into account the access rights of the file target object. In this study, we propose an industrial device security system for Windows to address this vulnerability, which improves the security of the security policy by determining not only the access rights of the subject but also those of the object through the application of the mandatory access control (MAC) policy in the Windows industrial operating system. The access control method does not base the security policy on the whitelist; instead, by investigating the setting of the security policy not only for the subject but also the object, we propose a method that provides improved stability, compared to the conventional whitelist method.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.445-446
• /
• 2021

Union file system is a technology that can be used as a single file system by integrating various files and directories. It has the advantage of maintaining the source file/directory used for integration, so it is used in many applications like container platform. When using the union file system, the user accesses the write-able layer, to which the security technology provided by the operating system can be applied. However, there is a disadvantage in that it is difficult to apply a separate security technology to the source file and directory used to create the union file system. In this study, we intend to propose an access control mechanism to deny security threats to source file/directory that may occur when using the union file system. In order to verify the effectiveness of the access control mechanism, it was confirmed that the access control mechanism proposed in this study can protect the source file/directory while maintaining the advantages of the union file system.

• Convergence Security Journal
• /
• v.7 no.4
• /
• pp.15-21
• /
• 2007

As the amount of flash memory being used in embedded device is increased and embedded devices become more important in many computing environments, embedded file system security becomes more important issue. Moreover embedded devices can be easily stolen or lost because of it's high portability. If the lost embedded device has very important information, there's no means to protect it except data encryption. For improving embedded devices' security this paper propose design and implementation of flash cryptographic file system. For this purpose YAFFS is used. By the modified YAFFS cryptographic file system, the security of embedded devices can be improved.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.3
• /
• pp.79-91
• /
• 2010

In digital forensics, the creation time, last modified time, and last accessed time of a file or folder are important factors that can indicate events that have affected a computer system. The form of the time information varies with the file system, depending on the user's actions such as copy, transfer, or network transport of files. Specific changes of the time information may be of considerable help in analyzing the user's actions in the computer system. This paper analyzes changes in the time information of files and folders for different operations of the NTFS and attempts to reconstruct the user's actions.