• Journal of the Korea Society of Computer and Information
• /
• v.14 no.5
• /
• pp.149-156
• /
• 2009

Korean WiBro becomes international standard to IEEE 802.16e, and We are carrying out a WiBro network business from capital regions. We executed eavesdropping about voices and messenger program and the VoIP which frequently happened in WiBro networks at these papers. We have a lot in common with the Wireshark which is a packet collection and an analyzer, and We execute eavesdropping, and We reproduce eavesdropping data with bases to a SIP, H.263, TCP, UDP protocol through packets. In time of a copy of a packet negative the VoIP which verify time with bases, and was eavesdropped on integrity packet and a X-Lite call record, be matched that a packet is counterfeit forgery did not work, and We demonstrate, and verify integrity. The data which integrity was verified put in a seaming envelope, and we prepare so as it is to a liver of investigator, and execute, and to be able to do use to proof data after seaming in courts in order to utilize as criminal investigation data.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.45-55
• /
• 2023

With the widespread use of digital devices, anonymous communication technologies such as the dark web and deep web are becoming increasingly popular for criminal activity. Because these technologies leave little local data on the device, they are difficult to track using conventional crime investigation techniques. The United States and the United Kingdom have enacted laws and developed systems to address this issue, but South Korea has not yet taken any significant steps. This paper proposes a new blockchain-based crime investigation method that uses physical memory data analysis to track the behavior of anonymous network users. The proposed method minimizes infringement of basic rights by only collecting physical memory data from the device of the suspected user and storing the tracking information on a blockchain, which is tamper-proof and transparent. The paper evaluates the effectiveness of the proposed method using a simulation environment and finds that it can track the behavior of dark website users with a residual rate of 77.2%.

• Information Systems Review
• /
• v.21 no.3
• /
• pp.49-61
• /
• 2019

As the number of security incidents and damages increase steadily, interest in the security of society is growing, and the amount of academic interest and research is steadily increasing. However, despite these concerns and the quantitative increase in research, the terms 'security' and 'safety' have been mixed and studies have been conducted without the conceptual definition of various security terms being clearly defined. As a result, various forms of security concepts based on ICT environments have been misused. Therefore, we tried to derive the consensus of experts among the various security terms which are mixed in this study, and to summarize the concepts based on the analysis of domestic and foreign documents based on the concept of the terms. Through this research, we intend to contribute to the establishment of the academic identity of security by preventing related mistakes caused by the mixed use of terminology.

• Analytical Science and Technology
• /
• v.24 no.1
• /
• pp.51-59
• /
• 2011

Genetic Identification has become an important forensic investigation method which discerns identity through analysis of physical samples discovered in various crime scenes. Recently more samples are being requested to undergo A-STR analysis of low copy number (LCN) DNA, which is known as touch evidence-type sample and left on various objects such as a pen briefly used by the criminal, the gear of the car used for driving, the handle, and various buttons inside a car. This research attempted to extract the LCN DNA of the touch evidencetype left on crushed fingerprints on firearms, etc. and examine the genotyping success rate. Four types of firearms (M16, K1A, COLT 45 Pistol, M29 Revolver) were fired individually and physical samples were gathered from four parts of each firearm. Subsequently, in order to extract the LCN DNA, Microkit and $Prepfiler^{TM}$ were used to compare and analyze the quantity of DNA extracted and the genotyping success rate. Analysis results showed that the quantity of DNA extracted by $Prepfiler^{TM}$ was on average 1.7 times higher than that of Microkit, and in genotype analysis success rate $Prepfiler^{TM}$ also demonstrated 24.9% on average in contrast to 0% for Microkit. In regards to the grip part of the K1A, $Prepfiler^{TM}$'s success rate was as high as 50.6%.

• Analytical Science and Technology
• /
• v.21 no.4
• /
• pp.338-343
• /
• 2008

Extraction of DNA from skeletal material is of great importance in the identification of human remains, but is particularly difficult because the high amount of microbial DNA was often co-extracted with human bone DNA. We found that a phenol/chloroform extraction, followed by ultrafiltration, and cleanup by via the $QIAquick^{(R)}$ PCR purification kit yields higher amounts of human genomic DNA compared with extraction by the column affinity $method^{(R)}$ alone. Ultrafiltration extraction of human DNA from ten exhumed bone samples yielded $0.041-1.120ng/{\mu}L$ DNA (mean = $0.498ng/{\mu}L$ DNA), and purification using the column affinity resulted in $0.016-0.064ng/{\mu}L$ DNA (mean = $0.034ng/{\mu}L$ DNA). Although the STR genotyping by the column affinity method was partially successful, all DNA samples by the ultrafiltration method produced full profiles from the multiplex PCR. The efficiency of STR genotyping was in accordance with the amounts of the human DNA extracted.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.27 no.4
• /
• pp.507-515
• /
• 2024

Microbial forensics is a scientific discipline for analyzing evidence related to biological crimes by identifying the origin of microorganisms. Multiple locus variable number tandem repeat analysis(MLVA) is one of the microbiological analysis methods used to specify subtypes within a species based on the number of tandem repeat in the genome, and advances in next generation sequencing(NGS) technology have enabled in silico anlysis of full-length whole genome sequences. In this paper, we analyzed unknown samples provided by Robert Koch Institute(RKI) through The United Nations Secretary-General's Mechanism(UNSGM)'s external quality assessment exercise(EQAE) project, which we officially participated in 2023. We confirmed that the 3 unknown samples were B. anthracis through nucleic acid isolation and genetic sequence analysis studies. MLVA results on 32 loci of B. anthracis were analysed by using genome sequences obtained from NGS(NextSeq and MinION) and Sanger sequencing. The MLVA typing using short-reads based NGS platform(NextSeq) showed a high probability of causing assembly error when a size of the tandem repeats was grater than 200 bp, while long-reads based NGS platform(MinION) showed higher accuracy than NextSeq, although insertion and deletion was observed. We also showed hybrid assembly can correct most indel error caused by MinION. Based on the MLVA results, genetic identification was performed compared to the 2,975 published MLVA databases of B. anthracis, and MLVA results of 10 strains were identical with 3 unkonwn samples. As a result of whole genome alignment of the 10 strains and 3 unknown samples, all samples were identified as B. anthracis strain A4564 which is associated with injectional anthrax isolates in heroin users.

• Applied Biological Chemistry
• /
• v.51 no.3
• /
• pp.171-176
• /
• 2008

The comparative molecular similarity indices analysis (CoMSIA) models between 3${\beta}$-Hydroxy-12-oleanen-28-oic acid (1-30) analogues as substrate molecule and their inhibitory activities ($pI_{50}$) against protein tyrosine phosphatase (PTP)-1B were derived and discussed quantitatively. Listing in order, the CoMFA>CoMSIA${\geq}$HQSAR>2D-QSAR model, these QSAR models had the better statistical values. The optimized CoMSIA F1 model at grid 3.0${\AA}$ had the best predictability and fitness ($q^2$=0.754 and $r^2$=0.976) by field fit alignment. The order of contribution ratio (%) of CoMSIA fields concerning the inhibitory activities was a H-bond acceptor (48.9%), steric field (25.8%) and hydrophobic field (25.4%), respectively. Therefore, the inhibitory activities of substrate molecules against PTP-1B were dependent upon H-bond acceptor field (A) of $R_4$-group. From the analytical results of CoMSIA contour maps, oleanolic acid derivatives will have better inhibition activities if $R_1$ group has H-bond acceptor disfavor, $R_3$group has steric disfavor and $R_4$ group has steric, hydrophobic, H-bond favor.

• Journal of Internet Computing and Services
• /
• v.23 no.2
• /
• pp.61-70
• /
• 2022

General users who use smartphone apps often use the Vault app to protect personal information such as photos and videos owned by individuals. However, there are increasing cases of criminals using the Vault app function for anti-forensic purposes to hide illegal videos. These apps are one of the apps registered on Google Play. This paper proposes a methodology for extracting feature points through XML-based keyword frequency analysis to explore Vault apps used by criminals, and text mining techniques are applied to extract feature points. In this paper, XML syntax was compared and analyzed using strings.xml files included in the app for 15 hidden Vault anti-forensics apps and non-hidden Vault apps, respectively. In hidden Vault anti-forensics apps, more hidden-related words are found at a higher frequency in the first and second rounds of terminology processing. Unlike most conventional methods of static analysis of APK files from an engineering point of view, this paper is meaningful in that it approached from a humanities and sociological point of view to find a feature of classifying anti-forensics apps. In conclusion, applying text mining techniques through XML parsing can be used as basic data for exploring hidden Vault anti-forensics apps.

• Korean Journal of Forensic Psychology
• /
• v.13 no.1
• /
• pp.75-97
• /
• 2022

Profiling is recognized as a representative application area of domestic criminal psychology, and the National Police Agency profiler is firmly established as a profession. However, compared to the social awareness, the recognition and utilization within the police is not high. In this study, we tried to identify factors affecting the intention to use profiling by identifying the perception of investigators who request and use profiling from a profiler when a violent incident occurs. To this end, the relationship between the perception of the importance of factors considered by investigators in the criminal investigation process and the attitude toward profiling on the intention to use profiling was verified through the path model. As a result of a survey of 340 police investigators, the investigator's perception of the importance of investigation elements was divided into two factors: the importance of normative investigative elements (evidence collection and legal judgment, etc.) and factual investigative elements (criminal analysis, criminal information system analysis, etc.). Among them, the importance of factual investigative elements were found to have a positive effect on the intention to use it by mediating the attitude toward profiling. On the other hand, in the case of the importance of normative investigative elements, it was found to have a negative effect on the attitude toward profiling. These results suggest that the perception that investigators have about investigation, which is their main work area, plays a role in determining whether to request profiling as well as attitude towards profiling. Based on the research results, strategies necessary to activate the use of profiling were discussed.

• Korean Journal of Forensic Psychology
• /
• v.12 no.1
• /
• pp.35-51
• /
• 2021

People's belief in free will is important in determining the causes and responsibilities of human behavior. Over the past decades, there has been debate about belief in free will in the fields of neuroscience, philosophy, ethics, and criminal law. The Free Will and Determinism Scale (FAD-Plus; Paulhus & Carey, 2011) is a test tool that measures the components related to the belief in an individual's free will. This study conducted a confirmatory factor analysis of 1,000 ordinary people of various age groups and socio-economic backgrounds based on previous studies that conducted an exploratory factor analysis (Study 1). The author has secured the reliability and validity of a number of measures. Furthermore, it was examined how the sub-item of the FAD-Plus scale, 'belief in free will,' was related to correspondence bias and locus of control (Study 2). As a result of analyzing a total of 83 subjects, high belief in free will had a positive correlation with punishment judgment for negative behavior and internal attribution, but there was no significant relationship in reward judgment for positive behavior. Based on the study results, it was proven that the FAD-Plus is valid for the general public as well, and the relationship between belief in free will, attribution bias, locus of control and behavior judgment was examined. The limitations of this study, policy implications, and research directions are discussed.