• Proceedings of the Korean Society of Computer Information Conference
• /
• 2011.06a
• /
• pp.191-195
• /
• 2011

Smart Phone의 OS로 많이 사용하는 Android/Windows Mobile Smart Phone의 사용이 급격히 증가하고 있다. 무료 WiFi Zone과 인터넷 사용에 대한 취약점이 존재한다. Mobile Forensic의 증거 자료를 추출하는 방법은 SYN, JTAG, Revolving 방법이 있지만, 기존 휴대폰과 달리 Smart Phone은 OS와 구조, 사용방식과 기술의 차이로 인한 Mobile Forensic 연구 방법도 달라야 한다. 본 논문에서는 Smart Phone에서는 많이 사용되는 Windows Mobile/Android Smart Phone의 OS와 구조 차이를 분석한 데이터 백업과 스펙 분석 및 증거자료 분석을 한다. 또한 무료 WiFi Zone을 통한 인터넷 사용시에 취약점을 분석한다. 그리고 Android/Windows Mobile Smart Phone의 Forensic 자료를 생성하여 증거를 추출하고, Mobile Forensic 보고서를 생성한다. 본 연구를 통하여 Mobile Forensic의 기술 발전에 초석을 제공할 것이다.

• Biomedical Science Letters
• /
• v.28 no.3
• /
• pp.157-169
• /
• 2022

DNA typing is the typical technology in the forensic science and plays a significant role in the personal identification of victims and suspects. Short tandem repeat (STR) is the short tandemly repeated DNA sequence consisting of 2~7 bp DNA units in specific loci. It is disseminated across the human genome and represents polymorphism among individuals. Because polymorphism is a key feature of the application of DNA typing STR analysis, STR analysis becomes the standard technology in forensics. Therefore, the DNA database (DNA-DB) was first introduced with 4 essential STR markers for the application of forensic science; however, the number of STR markers was expanded from 4 to 13 and 13 to 20 later to counteract the continuously increased DNA profile and other needed situations. After applying expanded STR markers to the South Korean DNA-DB system, it positively affected to low copy number analysis that had a high possibility of partial DNA profiles, and especially contributed to the theft cases due to the high portion of touch DNA evidence in the theft case. Furthermore, STR marker expansion not only contributed to the resolution of cold cases but also increased kinship index indicating the potential for improved kinship test accuracy using extended STR markers. Collectively, the expansion of the STR locus was considered to be necessary to keep pace with the continuously increasing DNA profile, and to improve the data integrity of the DNA-DB.

• The Journal of Society for e-Business Studies
• /
• v.14 no.3
• /
• pp.169-181
• /
• 2009

As the situations that important evidences or clues are found in digital information devices increase, digital forensic technology is widely applied. In this paper, forensic based audit system is implemented by associating forensic analysis system with agent system which monitors and collects data for analysis in storage devices over distributed network nodes. Forensic audit system implemented in this paper can prevent, audit and trace the computer related crimes in IT infrastructure by real time monitoring and evidence seizure.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.2
• /
• pp.626-643
• /
• 2023

As mobile forensics has emerged as an essential technique, the demand for technology development, education and training is increasing, wherein images are used. Academic societies in South Korea and national institutions in the US and the UK are leading the Mobile Forensic Image development. However, compared with disks, images developed in a mobile environment are few cases and have less active research, causing a waste of time, money, and manpower. Mobile Forensic Images are also difficult to trust owing to insufficient verification processes. Additionally, in South Korea, there are legal issues involving the Telecommunications Business Act and the Act on the Protection and Use of Location Information. Therefore, in this study, we requested a review of a standard model for the development of Mobile Forensic Image from experts and designed an 11-step development model. The steps of the model are as follows: a. setting of design directions, b. scenario design, c. selection of analysis techniques, d. review of legal issues, e. creation of virtual information, f. configuring system settings, g. performing imaging as per scenarios, h. Developing a checklist, i. internal verification, j. external verification, and k. confirmation of validity. Finally, we identified the differences between the mobile and disk environments and discussed the institutional efforts of South Korea. This study will also provide a guideline for the development of professional quality verification and proficiency tests as well as technology and talent-nurturing tools. We propose a method that can be used as a guide to secure pan-national trust in forensic examiners and tools. We expect this study to strengthen the mobile forensics capabilities of forensic examiners and researchers. This research will be used for the verification and evaluation of individuals and institutions, contributing to national security, eventually.

• Analytical Science and Technology
• /
• v.11 no.3
• /
• pp.1033-1043
• /
• 1998

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.12
• /
• pp.2878-2884
• /
• 2014

The Smishing attacks are caused using smartphone since 2013. Smishing hacking attacks are increasing due to the approximately 104 million private information leakage incidents by the 3 domestic credit card companies occurred in January 2014. The Smishing attack occurred in conjunction with hacking illegal leakage of personal information and direct financial damage. In this paper, i am analyze real-world case studies in the lab and study accident on Smishing Mobile Forensic analysis. I am study of a real case Smishing hacking attacks. And studying evidence for a Mobile Forensic analysis of the technical principles of Smishing attacks. The study for the Mobile Forensic evidence proved the Smishing hacking attacks using Mobile Forensic technic and create Mobile Forensic reports. Through this paper, the research will be safe for the people living in the smartphone can be used safely and conveniently, with the development of Mobile Forensic technology, to study the extraction of Smishing accident evidences from the court.

• 한국정보통신설비학회:학술대회논문집
• /
• 2007.08a
• /
• pp.142-146
• /
• 2007

Digital Rights Management (DRM) technology has been widely used for protecting the digital contents over the recent years. But the digital contents protected by DRM are vulnerable to various video memory capture programs when DRM packaged contents are decrypted on the consumers' multimedia devices. To make up for this kind of DRM security holes the Forensic Marking (FM) technology is being deployed into the content protection area. Most leading DRM companies as well as big electronics companies like Thomson and Philips already have commercial FM solutions. Forensic Marking technology uses the digital watermarking to insert the user information such as user id, content playing time and etc. into the decrypted and decoded content at the playback time on the consumer devices. When the content containing watermarked user information (Forensic Mark) is illegally captured and distributed over the Internet, the FM detection system takes out the inserted FM from the illegal contents and informs contents service providers of the illegal hacker's information. In this paper the requirements and test conditions are discussed for the commercial Forensic Marking systems.

• Analytical Science and Technology
• /
• v.32 no.4
• /
• pp.155-162
• /
• 2019

Analysis techniques using DNA profiling are widely used in various fields including forensic science and new technologies such as the Direct PCR amplification method are being developed continuously in order to acquire the DNA profiles efficiently. However, it has a limits such as non-specific amplification according to the quality of crime scene evidence samples. Especially, split peaks caused by excessive DNA samples are one of the important factors that could cause the debate to allow researchers to interpret the DNA profile results. In this study, we confirmed the occurrence rate of split peaks in each STR (short tandem repeats) locus of the $GlobalFiler^{TM}$ kit and investigated the possibility of improving the split peaks using several PCR additives such as DMSO (dimethylsulfoxide), $MgCl_2$, Betaine and Tween-20. As a result, we could make three groups according to the occurrence rate of split peaks in Direct PCR and it was confirmed that the ratio of split peaks could be reduced by DMSO (87.4 %), $MgCl_2$ (84.5 %) and Betaine (86.1 %), respectively. These results indicate that PCR additives such as DMSO, $MgCl_2$ and Betaine can be improve the split peaks in Direct PCR and thereby facilitate subsequently a successful DNA profile results.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.287-290
• /
• 2011

The synchronization feature on the smartphone by default (default) value is set. Smartphone synchronization has been set is stored that smartphone data is automatically backed up is stored When connected to a PC with a smartphone dedicated cable. The backup data is a common technique to analyze the content to be difficult to apply forensic techniques can find out information on criminal suspects. In this paper, the backup data is synchronized to the smartphone through forensic analysis is the study of forensic evidence. In a lab environment to send personal financial information on smartphone, smartphone is assumed that the experiment is compromised. Smartphone's backup data by using the forensic tools in crime associated with personal financial information and analyze data. And, to be adopted by the court will study the evidence leveraging forensic technology. Through this paper as a basis for smartphone forensic analysis will be utilized.

• Journal of Information Technology Applications and Management
• /
• v.30 no.6
• /
• pp.113-142
• /
• 2023

As society becomes more digital, the need for digital forensics experts are gradually increasing. It is necessary to establish a training policy that reflects the special characteristics of digital forensics personnel. Although there are fragmented policies for digital forensics-related systems and human resources training in academia, it is an urgently necessary to establish a systematic and long-term policy to foster digital forensics experts. This study suggests curriculum of digital forensic based on the importance ranking among forensic subjects. The importance ranking can be decided by forensic experts. This study can be used as policy data to foster diverse talent that can effectively meet the increasing demand for digital forensics talent. The systematic curriculum proposed in this study is a practical curriculum at the undergraduate level and can be suitable for university level