• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.9
• /
• pp.2055-2062
• /
• 2013

Digital evidence which is the new form of evidence to crime makes little difference in value and function with existing evidences. As time goes on, digital evidence will be the important part of the collection and the admissibility of evidence. Usually a digital forensic investigator has to spend a lot of time in order to find clues related to the investigation among the huge amount of data extracted from one or more potential containers of evidence such as computer systems, storage media and devices. Therefore, these evidences need to be ranked and prioritized based on the importance of potential relevant evidence to decrease the investigate time. In this paper we propose a methodology which prioritizes order in which evidences are to be examined in order to help in selecting the right evidence for investigation. The proposed scheme is based on Fuzzy Multi-Criteria Decision Making, in which uncertain parameters such as evidence investigation duration, value of evidence and relation between evidence, and relation between the case and time are used in the decision process using the aggregation function in fuzzy set theory.

• Journal of the Society of Disaster Information
• /
• v.13 no.2
• /
• pp.267-275
• /
• 2017

This research is about the development of e-forensic tool that extract & analyze different forms of digital evidence that individuals come across in a disaster scene. The tool utilizes digital forensic techniques which makes the tool efficient in any disaster analysis situation. In order for the forensic evidence to be selected as legal evidence, the evidence needs to be proven that it is in its original state with no forgery involved. This is where the e-forensic tool comes in, as its ability to collect digital evidence during investigation has proven; that the tool can keep the evidence in its original state and increase the integrity by generating hash TAG and adding the forensic evidence to a password encoded file.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.5
• /
• pp.683-688
• /
• 2011

Korea-EU FTA, which came to an agreement in April of 2007, was resolved at the National Assembly in May of 2011, thereby having been concluded the ratification. As for the procedure of opening a market in legal service according to settlement and ratification of Korea-EU FTA, Step 1 is allowed the establishment of representative office(law firm with foreign-law consultation) at home by EU member countries' law firms. Step 2 is made available for law firm with foreign-law consultation to jointly handle and distribute profits as for a case that is mixed the domestic law firm and the domestic & foreign laws. Step 3 is allowed EU member countries' law firm to establish a joint venture with domestic law firm. This study researches into a change and influence upon legal service and forensic investigation according to Korea-EU FTA ratification. Also, it researches into position and prospect that digital forensic evidence, which possesses the majority of legal evidences, takes up in the middle of court-oriented trials. The prediction of influence in digital evidence as professional proof upon judgment will led to being capable of coping with the opening of legal service market and of wisely preparing for the advance to domestic market by law firm of Anglo-American Law.

• Journal of Korea Multimedia Society
• /
• v.19 no.1
• /
• pp.30-40
• /
• 2016

Recently, the competition among global IT companies for the market occupancy of the IoT(Internet of Things) is fierce. Internet of Things are all the things and people around the world connected to the Internet, and it is becoming more and more intelligent. In addition, for the purpose of providing users with a customized services to variety of context-awareness, IoT platform and related research have been active area. In this paper, we analyze third party instant messengers of Windows 8 Style UI and propose a digital forensic methodology. And, we are well aware of the Android-based map and navigation applications. What we want to show is GPS information analysis by using the R. In addition, we propose a structured data analysis applying the hierarchical clustering model using GPS data in the digital forensics modules. The proposed model is expected to help support the IOT services and efficient criminal investigation process.

• Convergence Security Journal
• /
• v.7 no.2
• /
• pp.91-100
• /
• 2007

Nowadays, there exist many forensic tools in forensic investigation. For common investigator it may cause some difficulty in handling the existing forensic tools. In case of urgent condition, if it takes long time to get the useful evidence from data, then it makes the investigation process difficult. Thus, the common investigator can collect the evidence easily by simple clicking the mouse. The only thing he needs is a tool for examination before investigating in details. Therefore, in this paper we refer to useful information in the forensic investigation, discuss the design and the implementation of tool.

• KSCI Review
• /
• v.15 no.1
• /
• pp.37-46
• /
• 2007

Lately, is trend that diffusion of Mobile information appliance that do various function by development of IT technology is increasing much. There is function that do more convenient and efficient life and business using portable phone that is Daepyo?? of Mobile information appliance, but dysfunction that is utilized by Beopjoe of pointed end engineering data leakage, individual's privacy infringement, threat and threat etc. relationship means to use Mobile Phone is appeared and problems were appeared much. However, legal research of statute unpreparedness and so on need research and effort to prove delete, copy, integrity of digital evidence that transfer secures special quality of easy digital evidence to objective evidence in investigation vantage Point is lacking about crime who use this portable phone. It is known that this digital Forensic field is Mobile Forensic. Is purposeful to verify actually about acquisition way of digital evidence that can happen in this treatise through portable phone that is Mobile Forensic's representative standing and present way to prove integrity of digital evidence using Hash Function.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.9
• /
• pp.2692-2716
• /
• 2024

Over the past decade, law enforcement organizations have been dealing with the development of cybercrime. To address this growing problem, law enforcement organizations apply various digital forensic (DF) tools and techniques to investigate crimes involving digital devices. This ensures that evidence is admissible in legal proceedings. Consequently, DF analysts may need to invest more in proprietary DF hardware and software to maintain the viability of the DF lab, which will burden budget-constrained organizations. As an alternative, the open source DF tool is considered a cost-saving option. However, the admissibility of digital evidence obtained from these tools has yet to be tested in courts, especially in Malaysia. Therefore, this study aimed to explore the admissibility of digital evidence obtained through open source DF tools. By reviewing the existing literature, the factors that affect the admissibility of the evidence produced by these tools in courts were identified. Further, based on the findings, a conceptual framework was developed to ensure the admissibility of the evidence so that it will be accepted in the court of law. This conceptual framework was formed to outline the factors affecting the admissibility of digital evidence from open source DF tools, which include; 1) The Availability and Capability of open source DF tools, 2) the Reliability and Integrity of the digital evidence obtained from open source DF tools, 3) the Transparency of the open source DF tools, and 4) the Lack of Reference and Standard of open source DF tools. This study provides valuable insights into the digital forensic field, and the conceptual framework can be used to integrate open source DF tools into digital forensic investigations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.583-592
• /
• 2020

With the popularization of smartphones, Social Networking Service (SNS) has become the means of communication for modern people. Due to the nature of the means of communication, SNS generates a variety of archive and preservation evidence. Therefore, it is a major analysis target in terms of digital forensic investigation. An application that provides SNS stores data in a central server or database in a smartphone inside for user convenience. Some applications provide encryption for privacy, which can be anti-forensic in terms of digital forensic investigation. Therefore, the study of the encryption method should be continuously preceded. In this paper, we analyzed two applications that provide SQLite-based database encryption through SQLCipher module. Each database was decrypted and key data was identified.

• Journal of Platform Technology
• /
• v.11 no.1
• /
• pp.11-22
• /
• 2023

Various video conferencing and collaboration applications have emerged due to the global epidemic of new viral infections. In addition to real-time video conferencing, video conferencing applications provide features such as chat and file sharing on various platforms. Because various personal information is stored through functions such as chatting, file and screen sharing, these video conferencing applications are the major target of analysis from a digital forensic investigation. In the case of applications that provide cross-platform, the form of stored data is different depending on the platform. Therefore, to utilize data of video conferencing application for forensic investigation, preliminary research on artifacts stored by platform is required. In this paper, we used the video conferencing applications GoToWebinar and GoToMeeting and analyzed the artifacts generated. As a result, we list the main data from a digital forensic investigation. We identify data stored for each platform provided by GoToWebinar and GoToMeeting and organize artifacts that can estimate user behavior. Also, we classify the data that can be acquired according to the role and environment within the video conference.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.5
• /
• pp.117-126
• /
• 2016

Recently, increasing utilization of Big Data or Social Network Service involves the increases in demand for NoSQL Database that overcomes the limitations of existing relational database. A forensic examination of Relational Database has steadily researched in terms of Digital Forensics. In contrast, the forensic examination of NoSQL Database is rarely studied. In this paper, We introduce Redis (which is) based on Key-Value Store NoSQL Database, and research the collection and analysis of forensic artifacts then propose recovery method of deleted data. Also we developed a recovery tool, it will be verified our recovery algorithm.