• Title/Summary/Keyword: computer forensic

Search Result 181, Processing Time 0.02 seconds

A Study on Pickpocket of Theft in Image Forensic (영상 포렌식에서 절도죄 중 소매치기에 관한 연구)

  • Jang, Dai-Hyun;Rhee, Yang-Won;Lee, Hyun-Chang
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2012.07a
    • /
    • pp.223-224
    • /
    • 2012
  • 본 논문에서는 영상 포렌식에 관한 내용을 절도죄 중 소매치기를 대상으로 연구를 수행하였다. 절도죄에서 소매치기는 대부분 사람이 많은 곳에서 사람이 서있는 경우와 앉아있는 경우에 발생한다. 또한 술에 만취해서 누워있는 경우에도 발생한다. 본 눈문에서는 이러한 소매치기의 특징을 파악하여 CCTV로 촬영한 영상에서 범죄를 가려내어 증거 자료로 제출 하고자 한다.

  • PDF

Development of Windows forensic tool for verifying a set of data (윈도우 포렌식 도구의 검증용 데이터 세트의 개발)

  • Kim, Min-Seo;Lee, Sang-jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.6
    • /
    • pp.1421-1433
    • /
    • 2015
  • For an accurate analysis through the forensic of digital devices and computer, it is a very important validation of the reliability of digital forensic tools. To verify the reliability of the tool, it is necessary to research and development of the data set to be input to the tool. In many-used Windows operating system of the computer, there is a Window forensic artifacts associated with time and system behavior. In this paper, we developed a set of data in the Windows operating system to be able to analyze all of the two Windows artifacts and we conducted a test with published digital forensic tools. Therefore, the developed data set presents the use of the following method. First, artefacts education for growing ability can be analyzed acts standards. Secondly, the purpose of tool tests for verifying the reliability of digital forensics. Lastly, recyclability for new artifact analysis.

A Study on Real IP Traceback and Forensic Data Generation against Bypass Attack (우회적인 공격에 대한 실제 IP 역추적 실시와 포렌식 자료 생성)

  • Youn, Byung-Sun;Yang, Hae-Sool;Kim, Dong-Jhoon
    • Journal of the Korea Society of Computer and Information
    • /
    • v.13 no.1
    • /
    • pp.143-151
    • /
    • 2008
  • Execute IP traceback at this paper as target an intruder's attacking that Bypass Attack in order to avoid an exposure of own Real IP address Design IP traceback server and agent module, and install in Internet network system for Real IP traceback. Set up detection and chase range aggressive loop around connection arbitrariness, and attack in practice, and generate Real IP data cut off by fatal attacks after data and intrusion detection accessed general IP, and store to DB. Generate the Forensic data which Real IP confirms substance by Whois service, and ensured integrity and the reliability that buy to early legal proof data, and was devoted to of an invader Present the cyber criminal preventive effect that is dysfunction of Ubiquitous Information Society and an effective Real IP traceback system, and ensure a Forensic data generation basis regarding a judge's robe penalty through this paper study.

  • PDF

The Acquisition Methodology Study of User Trace Data in Mac OS X (Mac OS X 운영체제상의 사용자 흔적정보 수집방안 연구)

  • Choi, Joon-Ho;Lee, Sang-Jin
    • The KIPS Transactions:PartC
    • /
    • v.17C no.4
    • /
    • pp.335-346
    • /
    • 2010
  • Mac OS X is the Computer Operating System that develop in Apple Inc. Mac OS X is the successor to Mac OS 9 Version which had been Apple's primary operating system since 1984. Recently, Mac OS X 10.6 (Snow Leopard) has been manufactured and is distributed to user. Apple's Mac OS X Operating System is occupying about 10% in the world Operating System market share. But, Forensic tools that is utilized on digital forensic investigation can not forensic analysis about Mac OS X properly. To do forensic investigation about Mac OS X, information connected with user's action and trace can become important digital evidence in Operating System. This paper presents way about user trace data acquisition methodology in Mac OS X.

Design and Implementation of Forensic Tool on Window Live System (윈도우 활성 시스템상의 디지털 증거 수집 도구 설계 및 구현)

  • Baek, Eun-Ju;Sung, Jin-Won;Lim, Kyoung-Su;Lee, Sang-Jin
    • Convergence Security Journal
    • /
    • v.7 no.2
    • /
    • pp.91-100
    • /
    • 2007
  • Nowadays, there exist many forensic tools in forensic investigation. For common investigator it may cause some difficulty in handling the existing forensic tools. In case of urgent condition, if it takes long time to get the useful evidence from data, then it makes the investigation process difficult. Thus, the common investigator can collect the evidence easily by simple clicking the mouse. The only thing he needs is a tool for examination before investigating in details. Therefore, in this paper we refer to useful information in the forensic investigation, discuss the design and the implementation of tool.

  • PDF

Digital Forensics Investigation of Redis Database (Redis 데이터베이스에 대한 디지털 포렌식 조사 기법 연구)

  • Choi, Jae Mun;Jeong, Doo Won;Yoon, Jong Seong;Lee, Sang Jin
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.5 no.5
    • /
    • pp.117-126
    • /
    • 2016
  • Recently, increasing utilization of Big Data or Social Network Service involves the increases in demand for NoSQL Database that overcomes the limitations of existing relational database. A forensic examination of Relational Database has steadily researched in terms of Digital Forensics. In contrast, the forensic examination of NoSQL Database is rarely studied. In this paper, We introduce Redis (which is) based on Key-Value Store NoSQL Database, and research the collection and analysis of forensic artifacts then propose recovery method of deleted data. Also we developed a recovery tool, it will be verified our recovery algorithm.

A Study on the Evidence Investigation of Forged/Modulated Time-Stamp at iOS(iPhone, iPad) (iOS(iPhone, iPad)에서의 타임스탬프 위·변조 흔적 조사에 관한 연구)

  • Lee, Sanghyun;Lee, Yunho;Lee, Sangjin
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.5 no.7
    • /
    • pp.173-180
    • /
    • 2016
  • Since smartphones possess a variety of user information, we can derive useful data related to the case from app data analysis in the digital forensic perspective. However, it requires an appropriate forensic measure as smartphone has the property of high mobility and high possibility of data loss, forgery, and modulation. Especially the forged/modulated time-stamp impairs the credibility of digital proof and results in the perplexity during the timeline analysis. This paper provides traces of usage which could investigate whether the time-stamp has been forged/modulated or not within the range of iOS based devices.

Digital Forensic: Challenges and Solution in the Protection of Corporate Crime

  • CHOI, Do-Hee
    • The Journal of Industrial Distribution & Business
    • /
    • v.12 no.6
    • /
    • pp.47-55
    • /
    • 2021
  • Purpose: Organizational crime is an offense committed by an individual or an official in a corporate entity for organizational gain. This study aims to explore the literature on challenges facing digital forensics and further discuss possible solutions to such challenges as far as the protection of corporate crime is concerned. Research design, data and methodology: Qualitative textual methodology matches the interpretative approach since it is a quality method meant to consider the inductivity of strategies. Also, a qualitative approach is vital because it is distinct from the techniques used in optimistic paradigms linked to science laws. Results: For achieving justice through the investigation of digital forensic, there is a need to eradicate corporate crimes. This study suggests several solutions to reduce corporate crime such as 'Solving a problem to Anti-forensic Techniques', 'Cloud computing technique', and 'Legal Framework' etc. Conclusion: As corporate crime increases in rate, the data collected by digital forensics increases. The challenge of analyzing chunks of data requires digital forensic experts, who need tools to analyze them. Research findings shows that a change of the operating system and digital evidence interpretation is becoming a challenge as the new computer application software is not compatible with older software's structure.

A Digital Forensic Framework Design for Joined Heterogeneous Cloud Computing Environment

  • Zayyanu Umar;Deborah U. Ebem;Francis S. Bakpo;Modesta Ezema
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.6
    • /
    • pp.207-215
    • /
    • 2024
  • Cloud computing is now used by most companies, business centres and academic institutions to embrace new computer technology. Cloud Service Providers (CSPs) are limited to certain services, missing some of the assets requested by their customers, it means that different clouds need to interconnect to share resources and interoperate between them. The clouds may be interconnected in different characteristics and systems, and the network may be vulnerable to volatility or interference. While information technology and cloud computing are also advancing to accommodate the growing worldwide application, criminals use cyberspace to perform cybercrimes. Cloud services deployment is becoming highly prone to threats and intrusions. The unauthorised access or destruction of records yields significant catastrophic losses to organisations or agencies. Human intervention and Physical devices are not enough for protection and monitoring of cloud services; therefore, there is a need for more efficient design for cyber defence that is adaptable, flexible, robust and able to detect dangerous cybercrime such as a Denial of Service (DOS) and Distributed Denial of Service (DDOS) in heterogeneous cloud computing platforms and make essential real-time decisions for forensic investigation. This paper aims to develop a framework for digital forensic for the detection of cybercrime in a joined heterogeneous cloud setup. We developed a Digital Forensics model in this paper that can function in heterogeneous joint clouds. We used Unified Modeling Language (UML) specifically activity diagram in designing the proposed framework, then for deployment, we used an architectural modelling system in developing a framework. We developed an activity diagram that can accommodate the variability and complexities of the clouds when handling inter-cloud resources.

Digital Content Protection and Computer Forensics Evidence Management Mechanism using MPEG-21 in Network Service Environment (네트워크 서비스 환경에서 MPEG-21을 활용한 디지털 콘텐츠 보호 및 컴퓨터 포렌식스 증거 관리 메커니즘)

  • Jang, Eun Gyeom;Lee, Bum Suk
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.6 no.2
    • /
    • pp.129-141
    • /
    • 2010
  • In network service environment, cultures from diversified fields are easily accessible thanks to the convenient digital content services. Unfortunately, unauthorized access and indiscreet misuse behaviors have deprived content owners of their copyrights. This study suggests an integrity-ensured model applicable for forensic evidence of digital content infringement in network service environment. The suggested model is based on MPEG-21 core components for digital content protection and the system is designed in connection with the components of digital content forensics. Also, the present study suggests an efficient technology to protect and manage computer forensic evidence and digital content by authorizing digital content use and catching infringing logs of authorized users without lag in network environment for the benefit of network security and reliability.