• Journal of the Korea Society of Computer and Information
• /
• v.12 no.6
• /
• pp.177-185
• /
• 2007

Lately, it is a trend that diffusion of Mobile Information Appliance that do various function by development of IT technology. There is function that do more convenient and efficient exchange information and business using mobile phone that is Mobile Information Appliance, but disfunction that is utilized by pointed end engineering data leakage, individual's privacy infringement, threat, etc. relationship means to use mobile phone is appeared and problems were appeared much. However, legal research of statute unpreparedness and so on need research and effort to prove delete, copy, integrity of digital evidence that transfer secures special quality of easy digital evidence to objective evidence in investigation vantage point is lacking about crime who use this portable phone. It is known that this Digital Forensic field is Mobile Forensic. In this paper. We are verify about acquisition way of digital evidence that can happen in this treatise through mobile phone that is Mobile Forensic's representative standing and present way to prove integrity of digital evidence using Hash Function.

• KSCI Review
• /
• v.15 no.1
• /
• pp.37-46
• /
• 2007

Lately, is trend that diffusion of Mobile information appliance that do various function by development of IT technology is increasing much. There is function that do more convenient and efficient life and business using portable phone that is Daepyo?? of Mobile information appliance, but dysfunction that is utilized by Beopjoe of pointed end engineering data leakage, individual's privacy infringement, threat and threat etc. relationship means to use Mobile Phone is appeared and problems were appeared much. However, legal research of statute unpreparedness and so on need research and effort to prove delete, copy, integrity of digital evidence that transfer secures special quality of easy digital evidence to objective evidence in investigation vantage Point is lacking about crime who use this portable phone. It is known that this digital Forensic field is Mobile Forensic. Is purposeful to verify actually about acquisition way of digital evidence that can happen in this treatise through portable phone that is Mobile Forensic's representative standing and present way to prove integrity of digital evidence using Hash Function.

• Journal of Advanced Navigation Technology
• /
• v.17 no.1
• /
• pp.63-68
• /
• 2013

Recently, companies seek a way to overcome their financial crisis by reducing costs in the field of IT. In such a circumstance, cloud computing is rapidly emerging as an optimal solution to the crisis. Even in a digital forensic investigation, whether users of an investigated system have used a cloud service is a very important factor in selecting additional investigated subjects. When a user has used cloud services, such as Daum Cloud and Google Docs, it is possible to connect to the could service from a remote place by acquiring the user's log-in information. In such a case, evidence data should be collected from the remote place for an efficient digital forensic investigation, and it is needed to conduct research on the collection and analysis of data from various kinds of cloud services. Thus, this study suggested a digital forensic framework considering cloud environments by investigating collection and analysis techniques for each cloud service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.151-166
• /
• 2009

To prove the integrity of digital evidence on the investigation procedure, the data which is using the MD 5(Message Digest 5) hash-function algorithm has to be discarded, if the integrity was damaged on the investigation. Even though a proof restoration of the deleted area is essential for securing the proof regarding a main phase of a case, it was difficult to secure the decisive evidence because of the damaged evidence data due to the difference between the overall hash value and the first value. From this viewpoint, this paper proposes the novel model for the mobile forensic procedure, named as "E-Finder(Evidence Finder)", to ,solve the existing problem. The E-Finder has 5 main phases and 15 procedures. We compared E-Finder with NIST(National Institute of Standards and Technology) and Tata Elxsi Security Group. This paper thus achieved the development and standardization of the investigation methodology for the mobile forensics.

• Analytical Science and Technology
• /
• v.12 no.3
• /
• pp.260-264
• /
• 1999

A simple and rapid procedure, called FoLT-PCR(Formamide Low Temperature-Polymerase Chain Reaction) was applied to amplifying DNA directly from various forensic biological evidences including human blood, saliva, hair root, or semen without any DNA preparative steps. We added washing step with non-ionic detergent, 1% Triton X-100, and used Taq DNA polymerase instead of Tth DNA polymerase to amplify 3 STR loci and gender allele simultaneouly. Optimal concentration of formamide and annealing temperature were determined empirically to 8%(v/v), and $48^{\circ}C$ respectively. We also compared this method with standard PCR.

• Analytical Science and Technology
• /
• v.30 no.6
• /
• pp.319-328
• /
• 2017

The identification of explosive residues on specimens obtained from an explosion event is a crucial factor for assessing the cause of the explosion. In order to detect the components of explosives, the explosive residues deposited on surfaces are commonly extracted using swabbing materials pre-wetted with an organic solvent. The residues are then analyzed with analytical instruments such as LC/MS and CE/MS. Most conventionally used swabbing media such as cotton swabs or cotton tip swabs seem unsuitable for extracting explosive residues from the surface of a large area of clothes because the swabbing materials tend to be damaged easily, and because only a relatively small amount of explosives is collected. To overcome these problems, we have introduced a novel wiper ($215{\times}210mm$, single layer, Yuhan-Kimberly, Republic of Korea) as a swabbing material to recover representative organic explosives, namely, TNT, RDX, tetryl, HMX, PETN, and NG, from a large area of clothes. Different sides of the wiper, which was folded in half five times, was used to swab the surface of a clothing. We compared this novel wiper with a cotton swab and a cotton tip swab in terms of the recovery efficiency for the aforementioned organic explosives by pre-wetting with methanol, acetone, and acetonitrile, respectively. We identified that this novel wiper collected a significantly higher amount of organic explosive residues than a cotton swab or a cotton tip swab when using methanol as an extracting solvent.

• Analytical Science and Technology
• /
• v.21 no.1
• /
• pp.48-52
• /
• 2008

A new forensic saliva test method using $SALIgAE^{(R)}$ was evaluated in this study. The sensitivity and specificity of $SALIgAE^{(R)}$ were examined and compared to those of other saliva test methods such as agarose gel diffusion method and $Phadebas^{(R)}$ test sheet method. $SALIgAE^{(R)}$ showed high sensitivity and specificity to human saliva in addition to quickness. Moreover modified $SALIgAE^{(R)}$ method was cheap and easy to use in crime scene and DNA laboratory. $SALIgAE^{(R)}$ was very stable at room temperature and had no effect on STR typing.

• Analytical Science and Technology
• /
• v.13 no.1
• /
• pp.108-120
• /
• 2000

To perform an effective screening for toxic materials of forensic interest detected in high profile criminal case in biological and environmental samples, we tried to construct a searchable computerized database using HPTLC(High Performance Thin Layer Chromatography) and GC/MS. Retardation factor($R_f$) values and UV spectral data of HPTLC were investigated for 160 pesticides, 34 chemicals and 39 explosives of standard grade. The data were compiled in a library. We also analyzed 112 pesticides, 31 chemicals and 17 explosives and 57 volatile organic compounds(VOCs) by GC/MS. The data for RT and characteristic mass ions were also compiled in a library.

• International Journal of Computer Science & Network Security
• /
• v.24 no.6
• /
• pp.207-215
• /
• 2024

Cloud computing is now used by most companies, business centres and academic institutions to embrace new computer technology. Cloud Service Providers (CSPs) are limited to certain services, missing some of the assets requested by their customers, it means that different clouds need to interconnect to share resources and interoperate between them. The clouds may be interconnected in different characteristics and systems, and the network may be vulnerable to volatility or interference. While information technology and cloud computing are also advancing to accommodate the growing worldwide application, criminals use cyberspace to perform cybercrimes. Cloud services deployment is becoming highly prone to threats and intrusions. The unauthorised access or destruction of records yields significant catastrophic losses to organisations or agencies. Human intervention and Physical devices are not enough for protection and monitoring of cloud services; therefore, there is a need for more efficient design for cyber defence that is adaptable, flexible, robust and able to detect dangerous cybercrime such as a Denial of Service (DOS) and Distributed Denial of Service (DDOS) in heterogeneous cloud computing platforms and make essential real-time decisions for forensic investigation. This paper aims to develop a framework for digital forensic for the detection of cybercrime in a joined heterogeneous cloud setup. We developed a Digital Forensics model in this paper that can function in heterogeneous joint clouds. We used Unified Modeling Language (UML) specifically activity diagram in designing the proposed framework, then for deployment, we used an architectural modelling system in developing a framework. We developed an activity diagram that can accommodate the variability and complexities of the clouds when handling inter-cloud resources.

• Analytical Science and Technology
• /
• v.23 no.4
• /
• pp.414-422
• /
• 2010

In forensic examinations of question document, analysis about inks components and the dating of ink entries is often of considerable importance and forensic examination of inks is principally concerned with the classification and comparison of chemically complex mixtures. The authenticity about inks analysis of a questioned document may be examined through the analysis of inks used to TLC, HPLC/MS, GC/MS, LDI/MS. We collected 56 difference types of black ballpoint pen inks manufactured from 5 country groups. We identified major 6 species volatile organic components (VOCs), ethylbenzene ($0.089-0.244\;{\mu}g$/mL), o-xylene ($0.072-0.331\;{\mu}g$/mL), m,p-xylene ($0.062-0.318\;{\mu}g$/mL), benzene ($0.003-0.173\;{\mu}g$/mL), 1,1-dichloroethylene ($0.003-0.295\;{\mu}g$/mL), toluene ($0.007-0.484\;{\mu}g$/mL) using HS-SPME GC/MS. The results of this study indicated that determined VOCs of black ballpoint pen inks could make a discriminating tool of inks analysis for forensic question document and can supply methodology for classification and identification of between ballpoints pen inks.