• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.95-110
• /
• 2018

With the widespread use of smartphones, various personal information of users is being recorded on a smartphone in real time. For the purpose of preventing the loss of important personal information of users, manufacturer provides a smartphone backup applications. Recently, not only backup programs for PC but also backup mobile apps for smart phones have been provided. From the point of view acquiring forensic data, it is important not to compromise the acquisition possibilities and the integrity of the original data. Especially, in the case of Android smartphones, various studies are being carried out to acquire the data without damaging the integrity of the original data. However, there are limitations to apply the existing research methods. In this paper, we describe the process of acquiring data using the backup mobile app provided by the manufacturer without compromising the integrity of the latest smartphone.

• International journal of advanced smart convergence
• /
• v.10 no.4
• /
• pp.30-37
• /
• 2021

Touch sensor interface has become the most useful input device in a smartphone. Unlike keypad/keyboard interfaces used in electronic dictionaries and feature phones, smartphone's touch interfaces allow for the recognition of various gestures that represent distinct features of each application's input. In this paper, we analyze application-specific input patterns that appear in smartphone's touch interfaces. Specifically, we capture touch input patterns from various Android applications, and analyze them. Based on this analysis, we observe a certain unique characteristics of application's touch input patterns. This can be utilized in various useful areas like user authentications, prevention of executing application by illegal users, or digital forensic based on logged touch patterns.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.273-276
• /
• 2014

In 2014, the leakage of personal information from 3 credit card companies resulted in divulging approximately 10,000 customers' personal information. Although the credit card companies concluded that there was no secondary loss due to the leakage of personal information, secondary financial losses resulting from the leakage of personal information currently occur. In particular, hackers who employ smishing masquerade acquaintances by using the divulged personal information to ask payment for Ms. Kim's Sochi Olympics legal processing or exposed traffic violations. The hackers cause secondary financial losses through smartphones. This study aims to conduct a forensic analysis of smishing incidents in smartphones through the leakage of personal information, and to make a forensic analysis of financial losses due to the smishing incidents.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.207-210
• /
• 2014

Damage is increasing by (Smishing) hacking attack Smishing you use a smart phone after entering 2013. Takeover of personal information and direct financial damage in collaboration with graphics sewing machine hacking attack has occurred. Monetary damage that leads to Internet payment service (ISP) and secure payment system in conjunction with graphics sewing machine hacking attack on a smartphone has occurred. In this paper, I will study analysis in the laboratory examples of actual infringement vinegar sewing machine hacking attack. It is a major power security measures to prevent damage to the secure payment system that a case analysis and practical principle technical nest sewing machine hacking attack, using Smishing. In this paper, I will be to research to be able to through a smart phone, to the online payment safer and more convenient.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.7
• /
• pp.173-180
• /
• 2016

Since smartphones possess a variety of user information, we can derive useful data related to the case from app data analysis in the digital forensic perspective. However, it requires an appropriate forensic measure as smartphone has the property of high mobility and high possibility of data loss, forgery, and modulation. Especially the forged/modulated time-stamp impairs the credibility of digital proof and results in the perplexity during the timeline analysis. This paper provides traces of usage which could investigate whether the time-stamp has been forged/modulated or not within the range of iOS based devices.

• Journal of Advanced Navigation Technology
• /
• v.17 no.3
• /
• pp.325-331
• /
• 2013

Social network services(SNS) has been used as a means of communication for user or express themselves user. Therefore, SNS has a variety of information. This information is useful to help the investigation can be used as evidence. In this paper, A study of mobile digital forensic procedure for crime investigation in social network service. Analysis of database file taken from the smartphone at social network service application for mobile digital forensic procedure. Therefore, we propose a procedure for the efficient investigation of social network service mobile digital forensic.

• Journal of Korea Society of Industrial Information Systems
• /
• v.17 no.1
• /
• pp.39-46
• /
• 2012

In this paper, for the cloud system by explaining how the forensic aspects of the investigation. Smartphone Growth Entering a variety of applications were developed which cloud systems of personal information and information assets sharing applications as during incidents on the case evidence collection, an important factor, whereas such systematic investigative methods, born in the course of my investigation of the can be confusing. This paper on the forensic aspects of the cloud system by proposing a crime scene investigation procedures, investigative support, and aiding in the systematic collection of data to support evidence.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.1
• /
• pp.31-42
• /
• 2017

Thumbnail, the small sized graphic file such as JPEG or GIF, serves to help the users to be recognized as a rapidly helps to make it easier recognize while browsing the large sized graphic file. Gallery application, which is installed in a later version of the 4.4.x(Kitkat) Android smartphone records the generated time of graphic file in thumbnail metadata. Thumbnail can be used to draw up the timeline of user action about user's action such as creation, modification, deletion with original graphic file analysis. Also, take advantage of the features thumbnails are stored sequentially in a single thumbcache file, even if the thumbcache is deleted, we can restore the thumbnails. This paper illustrates the feature of thumbnail created by Android OS basic gallery app and methods for utilization in digital forensics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.827-839
• /
• 2012

A cell phone is very close to the user and therefore should be considered in digital forensic investigation. Recently, the proportion of smartphone owners is increasing dramatically. Unlike the feature phone, users can utilize various mobile application in smartphone because it has high-performance operating system (e.g., Android, iOS). As acquisition and analysis of user data in smartphone are more important in digital forensic purposes, smartphone forensics has been studied actively. There are two way to do smartphone forensics. The first way is to extract user's data using the backup and debugging function of smartphones. The second way is to get root permission, and acquire the image of flash memory. And then, it is possible to reconstruct the filesystem, such as YAFFS, EXT, RFS, HFS+ and analyze it. However, this methods are not suitable to recovery and analyze deleted data from smartphones. This paper introduces analysis techniques for fragmented flash memory pages in smartphones. Especially, this paper demonstrates analysis techniques on the image that reconstruction of filesystem is impossible because the spare area of flash memory pages does not exist and the pages in unallocated area of filesystem.

• Electronics and Telecommunications Trends
• /
• v.28 no.3
• /
• pp.1-8
• /
• 2013

최근 들어 스마트폰의 사용이 급격하게 증가하고 있으며, 또한 스마트폰에는 통화기록과 문자 메시지뿐만 아니라 이메일, 아이디, 패스워드, GPS(Global Positioning System) 데이터, 신용카드 등 수많은 개인정보가 저장된다. 이에 따라 디지털 포렌식 수사에서도 스마트폰 포렌식의 비중이 크게 증가하고 있다. 현재 전 세계적으로 많은 종류의 스마트폰 운영체제가 상용화되고 있으나 안드로이드 OS와 iOS가 86%를 차지하고 있으며, 국내에서는 99% 이상을 차지하고 있다. 본고에서는 스마트폰 포렌식의 절차를 비롯해서 안드로이드 OS 및 iOS 디바이스로부터 데이터를 수집 및 분석하는 방법에 대해서 살펴본다.