• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1373-1383
• /
• 2017

Deduplication is a function to effectively manage data and improve the efficiency of storage space. When the deduplication is applied to the system, it makes it possible to efficiently use the storage space by dividing the stored file into chunks and storing only unique chunk. However, the commercial digital forensic tool do not support the file system analysis, and the original file extracted by the tool can not be executed or opened. Therefore, in this paper, we analyze the process of generating chunks of data for a Windows Server 2012 system that can apply deduplication, and the structure of the resulting file(Chunk Storage). We also analyzed the case where chunks that are not covered in the previous study are compressed. Based on these results, we propose the method to collect deduplicated data and reconstruct the original file for digital forensic investigation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.143-154
• /
• 2008

Information hiding is a very important technology recently. Having this technology can be a competitive power for secure communication. In this paper, it will be showed that hiding data in MS Office 2007 file is possible. Considering Microsoft (MS) Office 2007 file format is based on Open XML format, the feature of Open XML format makes it possible to hide data in MS Office 2007 file. In Open XML format, unknown XML files and their relationships can be defined by user. These parts and relationships are used to hide data in MS Office 2007 file. Considering unknown parts and unknown relationships are not in normal MS Office 2007 file, the hidden data can be detected by confirming of unknown parts and unknown relationships.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.53-60
• /
• 2021

Many standard methods are used for secret text files and secrete short messages cryptography, these methods are efficient when the text to be encrypted is small, and the efficiency will rapidly decrease when increasing the text size, also these methods sometimes have a low level of security, this level will depend on the PK length and sometimes it may be hacked. In this paper, a new method will be introduced to improve the data protection level by using a changeable secrete speech file to generate PK. Highly Secure Data Encryption (HSDE) method will be implemented and tested for data quality levels to ensure that the HSDE destroys the data in the encryption phase, and recover the original data in the decryption phase. Some standard methods of data cryptography will be implemented; comparisons will be done to justify the enhancements provided by the proposed method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.65-76
• /
• 2007

The P2P file sharing system sends the results to users by searching the files in the shared folders. In the process of it, the problem is that the transferred information includes the pathname and file information and it can be revealed who searches which files. In related to this problem, anonymous file sharing P2P protocol has been an active research area where a number of works have been produced. However, the previous studies still have a few of weakness. Therefore, We propose two anonymous P2P file sharing protocols based on the decentralized and unstructured Random Walk. The first scheme uses the dynamic onion routing where the requester can receive the wanted file without knowing other peers' IDs. The second scheme uses the IP multicast method which lowers the computational overhead. Both of them are more suited for the dynamic P2P system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.3-16
• /
• 2006

Encipherment in existing OS(Operating Systems) has typically used the techniques which encrypt and decrypt entirely a secret file at the application level with keys chosen by user In this mechanism it causes much overhead on the performance. However when a security-classified user-process writes a secret file, our proposed mechanism encrypts and stores automatically and efficiently the file by providing transparency to the user at the kernel level of Linux. Also when the user modifies the encrypted secret file, this mechanism decrypts partially the file and encrypts partially the file for restoring. When user reads only the part of the encrypted file, this mechanism decrypts automatically and partially the file. Therefore our proposed mechanism provides user much faster enciphering speed than that of the existing techniques at the application level.

• Convergence Security Journal
• /
• v.1 no.1
• /
• pp.9-20
• /
• 2001

In the 3rd Wave of information revolution, technical research & development for more rapid and safe information exchange take a sudden turn currently According to a step up in importance and efficiency value of information, it's necessary to research technical development in various field altogether. Especially information security is the very core of essential technology. However most System attacks are based on the weakness of OS, it is difficult to achieve the security goal in the only application level. For the solution of this problem, so many technology researches to serve secure, trust information security in OS itself are activated. Consequently we introduce the tendency of current secure OS development projects of security kernel all over world in this report and inquire into security mechanism of the File Griffin which prevents file system forgery, modification perfectly by performing digital signature certificate on kernel level.

• Proceedings of the Korean Society of Precision Engineering Conference
• /
• 2006.05a
• /
• pp.417-418
• /
• 2006

CATIA V5 is one of the most preferred softwares in product design for domestic and industrial use. But with the development of the IT industry, design data by CATIA V5 can easily be hacked and stolen especially via the internet and through assistance storage medium. The design data could be protected through executive, physical and technical security system. The best way to maintain confidentiality of data from unauthorized access is to have a cryptosystem of the technical security. In this paper, a cryptosystem for the protection of design data was being proposed. The memory contains the file information made by the New and Open function of CATIA V5. No error can be expected even if the file changed before of after the application of Save and Open function, A cryptosystem was constructed in CATIA V5 by inserting crypto algorithm before and after the I/O process. The encryption/decryption algorithm of each function was based on the complex cipher, which applied permutation cipher and transpose cipher. The file security system was programmed in CAA V5 and Visual C++.

• Journal of the Korean Society for Precision Engineering
• /
• v.24 no.5
• /
• pp.77-81
• /
• 2007

CATIA V5 is one of the most preferred softwares in product design for domestic and industrial use. But with the development of the IT industry, design data by CATIA V5 can easily be hacked and stolen especially via the internet and through assistance storage medium. The design data could be protected through executive, physical and technical security system. the best way to maintain confidentiality of data from unauthorized access is to have a cryptosystem of the technical security. In this paper, a cryptosystem for the protection of design data was being proposed. The memory contains the file information made by the New and Open function of CATIA V5. No error can be expected even if the file changed before of after the application of Save and Open function. A cryptosystem was constructed in CATIA V5 by inserting crypto algorithm before and after the I/O process. The encryption/decryption algorithm of each function was based on the complex cipher, which applied permutation cipher and transpose cipher. The file security system was programmed in CAA V5 and Visual C++.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.125-132
• /
• 2010

Web browser is essential application for using internet. If suspect use a web browser for crime, evidence related crime is stored in log file. Therefore, we obtain the useful information related crime as investigating web browser log file. In this paper, we look at the related work and tools for web browser log file. And we introduce analysis methodology of web browser log file focus on the digital forensics. In addition, we apply to our tool at real case.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.319-323
• /
• 2023

In intra-process isolation, file descriptors work as another attack vector from the memory corruption attacks. The attacker can read or write by corrupting file descriptors so they can escape the isolation. In this paper, we propose new lightweight capability-based access control system on file descriptor using ARM's hardware extension, PA(Pointer Authentication). Our system was implemented on Linux kernel module, only shows 5% overhead to control the access on the file descriptor.