• Title/Summary/Keyword: Master File Table

Search Result 7, Processing Time 0.018 seconds

MFT-based Forensic Evidence File Search Method Using Direct Access to Physical Sector of Hard Disk Drive (하드디스크의 물리적 섹터 접근 방법을 이용한 MFT기반 증거 파일 탐색 기법)

  • Kim, Yo-Sik;Choi, Myeong-Ryeol;Chang, Tae-Joo;Ryou, Jae-Cheol
    • Convergence Security Journal
    • /
    • v.8 no.4
    • /
    • pp.65-71
    • /
    • 2008
  • According to the capacity of hard disk drive is increasing day by day, the amount of data that forensic investigators should analyze is also increasing. This trend need tremendous time and effort in determining which files are important as evidence on computers. Using the file system APIs provided by Windows system is the easy way to identify those files. This method, however, requires a large amount of time as the number of files increase and changes the access time of files. Moreover, some files cannot be accessed due to the use of operating system. To resolve these problems, forensic analysis should be conducted by using the Master File Table (MFT). In this paper, We implement the file access program which interprets the MFT information in NTFS file system. We also extensibly compare the program with the previous method. Experimental results show that the presented program reduces the file access time then others. As a result, The file access method using MFT information is forensically sound and also alleviates the investigation time.

  • PDF

Alternate Data Stream Detection Method Using MFT Analysis Module on NTFS (MFT 분석기술을 이용한 Alternate Data Stream 탐지 기법)

  • Kim, Yo-Sik;Ryou, Jae-Cheol;Park, Sang-Seo
    • Convergence Security Journal
    • /
    • v.7 no.3
    • /
    • pp.95-100
    • /
    • 2007
  • Alternate Data Streams (ADS) in NTFS originally has developed to provide compatibility with Macintosh Hierarchical File System. However, it is being used by the malware writers in order to support hiding malwares or data for the purpose of anti-forensics. Therefore identifying if hidden ADSs exist and extracting them became one of the most important component in computer forensics. This paper proposes a method to detect ADSs using MFT information. Experiment reveals that proposed method is better in performance and detection rate then others. This method supports not only identification of ADSs which are being used by the operating systems but also investigation of both live systems and evidence images. Therefore it is appropriate for using forensic purpose.

  • PDF

Water loss Control in DMA Monitoring System Used Wireless Technology

  • Malithong, P.;Gulphanich, S.;Suesut, T.
    • 제어로봇시스템학회:학술대회논문집
    • /
    • 2005.06a
    • /
    • pp.773-777
    • /
    • 2005
  • This article is about using information technology to apply with water loss inspection system in District Metering Area (DMA). Inspector can check Flow rate and Minimum Night Flow; NMF via Smart Phone or PDA include sending SMS Alert in case the Pressure, Flow rate and NMF is over the range of controlling. This will be used as equipment to implement water loss in international proactive and can keep on water loss reduction more efficiency. The system consists of Data Logger which collects data of Flow rate from DMA Master Meter. PC is Wap Server which dial via modem in order to get data through FTP Protocal that will convert text file to Microsoft Access Database. Wappage will use xhtml language to show database on Wapbrowser and can show the result on Smart Phone or PDA by graph and table for system analysis.

  • PDF

Development of a Dedicated CAM System for Human Bust Machining (흉상환조가공 전용 CAM 시스템 개발)

  • 정회민;박준철
    • Proceedings of the Korean Society of Precision Engineering Conference
    • /
    • 2001.04a
    • /
    • pp.7-10
    • /
    • 2001
  • We have developed a prototype dedicated CAM system for machining a human bust that is not a relief. The input is STL file format, and the output is NC-codes for machining on a 3-axis general purpose CNC milling machine with an index table attached. Main modules are STL import, STL transformation, modeling jig/fixture, master model generation, and calculation of machining area. System architecture is proposed and main modules are briefly described. We adopted the angle between tool-axis and the surface normal vector to calculate machining area, and tested at several degrees.

  • PDF

An Analysis of Geography, Biography and History Class in UDC and Some Suggestions on their Applicable Principles into KDC (UDC 지리.전기.역사류의 특성과 KDC 에서의 적용 방안)

  • 이창수
    • Journal of Korean Library and Information Science Society
    • /
    • v.34 no.3
    • /
    • pp.125-145
    • /
    • 2003
  • The core version of UDC(Universal Decimal Classification) is available in an electronic form called MRF(Master Reference File) which supports the maintenance of the quality of the scheme as a working tool for the UDCC(UDC Consortium) by annual reviewing its content and initiating revisions and extensions. In this paper, we discuss outcomes of our in-depth analysis of the geography, biography and history disciplines in UDC focused on the its evolutions and characteristics, including the common auxiliaries of place, the common auxiliaries of time and the common auxiliaries of race, ethnic grouping and nationality. Based on the in-depth analysis, we suggested some ideas which can be applied into the history class of KDC(Korean Decimal Classification). In particular, its principle of combination methods in the history of individual regions, the way of its assignment of physical geography and human geography in the same division, the possibilities of the extension of the table of geographical division and the adaptation of the table of chronological division in KDC.

  • PDF

Design of Data Fusion and Data Processing Model According to Industrial Types (산업유형별 데이터융합과 데이터처리 모델의 설계)

  • Jeong, Min-Seung;Jin, Seon-A;Cho, Woo-Hyun
    • KIPS Transactions on Software and Data Engineering
    • /
    • v.6 no.2
    • /
    • pp.67-76
    • /
    • 2017
  • In industrial site in various fields it will be generated in combination with large amounts of data have a correlation. It is able to collect a variety of data in types of industry process, but they are unable to integrate each other's association between each process. For the data of the existing industry, the set values of the molding condition table are input by the operator as an arbitrary value When a problem occurs in the work process. In this paper, design the fusion and analysis processing model of data collected for each industrial type, Prediction Case(Automobile Connect), a through for corporate earnings improvement and process manufacturing industries such as master data through standard molding condition table and the production history file comparison collected during the manufacturing process and reduced failure rate with a new molding condition table digitized by arbitrary value for worker, a new pattern analysis and reinterpreted for various malfunction factors and exceptions, increased productivity, process improvement, the cost savings. It can be designed in a variety of data analysis and model validation. In addition, to secure manufacturing process of objectivity, consistency and optimization by standard set values analyzed and verified and may be optimized to support the industry type, fits optimization(standard setting) techniques through various pattern types.

A DDMPF(Distributed Data Management Protocol using FAT) Design of Self-organized Storage for Negotiation among a Client and Servers based on Clouding (클라우딩 기반에서 클라이언트와 서버간 협상을 위한 자가 조직 저장매체의 DDMPF(Distributed Data Management Protocol using FAT) 설계)

  • Lee, Byung-Kwan;Jeong, Eun-Hee;Yang, Seung-Hae
    • Journal of Korea Multimedia Society
    • /
    • v.15 no.8
    • /
    • pp.1048-1058
    • /
    • 2012
  • This paper proposes the DDMPF(Distributed Data Management Protocol using FAT) which prevents data loss and keeps the security of self-organized storages by comprising a client, a storage server, and a verification server in clouding environment. The DDMPF builds a self-organized storage server, solves data loss by decentralizing the partitioned data in it in contrast to the centralized problem and the data loss caused by the storage server problems of existing clouding storages, and improves the efficiency of distributed data management with FAT(File Allocation Table). And, the DDMPF improves the reliability of data by a verification server's verifying the data integrity of a storage server, and strengthens the security in double encryption with a client's private key and the system's master key using EC-DH algorithm. Additionally, the DDMPF limits the number of verification servers and detects the flooding attack by setting the TS(Time Stamp) for a verification request message and the replay attack by using the nonce value generated newly, whenever the verification is requested.