• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.65 no.12
• /
• pp.2153-2158
• /
• 2016

Multimedia such as image, audio, and video is easy to create and distribute with the advance of IT. Since novice uses them for illegal purposes, multimedia forensics are required to protect contents and block illegal usage. This paper presents a multimedia forensic algorithm for video to identify the device used for acquiring unknown video files. First, the way to calculate a sensor pattern noise using Wiener filter (W-SPN) is presented, which comes from the imperfection of photon detectors against light. Then, the way to identify the device is explained after estimating W-SPNs from the reference device and the unknown video. For the experiment, 30 devices including DSLR, compact camera, smartphone, and camcorder are tested and analyzed quantitatively. Based on the results, the presented algorithm can achieve the 96.0% identification accuracy.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.425-426
• /
• 2017

Ransomware has caused a lot of damage by attacking disks of government agencies, financial institutions and corporations. This has been exploited for monetary damages and Taking personal information. In this paper, we describe the NTFS. Also describe Petya as the example of Ransomware. We used forensic techniques to analyze post-infection status and describes the method for MBR area recovery.

• Safety and Health at Work
• /
• v.12 no.4
• /
• pp.544-545
• /
• 2021

The article by Tae-Gu Kim et al. conducted elastic FE modeling, which was inappropriate for fracture of elastic-plastic chain material (11.3% of elongation). FE analysis results and the findings in the fracto-graphic analysis did not tally but contradicted each other. The article identified "incorrect installation"/bending forces as the root cause while FE results of the chain under bending forces showed very low stresses at fracture locations but the highest stress in the middle of shank of the chain. The article's "step-like topographies indicating the fracture due to bending moment rather than uniaxial tension" lacked scientific support. The load value carried by each chain section under bending/incorrect installation was only half of that under tension, thus the article using same load value in FE simulation comparison for bending and tension was incorrect. The real cause of the chain fracture was likely improper checking the lifted load or/and using the wrong chain with much lower safety working load.

• International Journal of Computer Science & Network Security
• /
• v.23 no.5
• /
• pp.179-192
• /
• 2023

The widespread use of Cloud Computing, Internet of Things (IoT), and social media in the Information Communication Technology (ICT) field has resulted in continuous and unavoidable cyber-attacks on users and critical infrastructures worldwide. Traditional security measures such as firewalls and encryption systems are not effective in countering these sophisticated cyber-attacks. Therefore, Intrusion Detection and Prevention Systems (IDPS) are necessary to reduce the risk to an absolute minimum. Although IDPSs can detect various types of cyber-attacks with high accuracy, their performance is limited by a high false alarm rate. This study proposes a new technique called Fuzzy Logic - Objective Risk Analysis (FLORA) that can significantly reduce false positive alarm rates and maintain a high level of security against serious cyber-attacks. The FLORA model has a high fuzzy accuracy rate of 90.11% and can predict vulnerabilities with a high level of certainty. It also has a mechanism for monitoring and recording digital forensic evidence which can be used in legal prosecution proceedings in different jurisdictions.

• Analytical Science and Technology
• /
• v.31 no.4
• /
• pp.161-170
• /
• 2018

The epidemic of disorders associated with synthetic stimulants, such as methamphetamine (MA) and amphetamine (AP), is a health, social, legal, and financial problem. Owing to the high potential of their abuse and addiction, reliable analytical methods are required to detect and identify MA, AP, and their metabolites in biological samples. Thus, a dilute-and-shoot liquid chromatography-tandem mass spectrophotometry (LC-MS/MS) was developed for simultaneous determination of MA, 4-hydroxymethamphetamine (4HMA), AP, and 4-hydroxyamphetamine (4HA) in urine. Urine sample ($100{\mu}L$) was mixed with $50{\mu}L$ of mobile phase consisting of 0.4 % formic acid and methanol and $50{\mu}L$ of working internal-standard solution. Aliquots of $8{\mu}L$ diluted urine was injected into the LC-MS/MS system. For all analytes, chromatographic separation was performed using a C18 reversed-phase column with gradient elution and a total run time of 5 min. The identification and quantification were performed by multiple reaction monitoring (MRM). Linear least-squares regression was conducted to generate a calibration curve, with $1/x^2$ as the weighting factor. The linear ranges were 2.0-200, 1.0-800, and 10-2500 ng/mL for 4HA and 4HMA, AP, and MA, respectively. The inter- and intraday precisions were within 6.6 %, whereas the inter- and intraday accuracies ranged from -14.9 to 11.3 %. The low limits of quantification were 2.0 ng/mL (4HA and 4HMA), 1.0 ng/mL (AP), and 10 ng/mL (MA). The proposed method exhibited satisfactory selectivity, dilution integrity, matrix effect, and stability, which are required for validation. Moreover, the purification efficiency of high-speed centrifugation was clearly higher than 6-15 % for QC samples (n=5), which was higher than that of the membrane-filtration method. The applicability of the proposed method was tested by forensic analysis of urine samples from drug abusers.

• Analytical Science and Technology
• /
• v.28 no.6
• /
• pp.398-408
• /
• 2015

Carbon monoxide (CO) intoxication, arising from CO from an ignited charcoal briquette (ICB), is a popular means of committing suicide in Korea. Most CO intoxications are related to suicide attempts; however, the possibility of a homicide disguised as a suicide cannot be ruled out. Therefore, forensic investigation of the deceased and the crime scene is crucial to confirm that the deceased committed suicide. Detection of the components of an ICB on the objects suspected of being contacted by the deceased, such as the hands, nostrils, and doorknobs, is essential for linking the crime scene to the victim in the case of suicides by ignited ICBs. The traces from an ICB were analyzed by investigating the morphological characteristics and obtaining elemental compositions. The ICBs were completely different from blackened wood, as detected by discriminant analysis with the elements of carbon and oxygen. We analyzed one case of CO intoxication to demonstrate an excellent procedure for verifying whether a suicide occurred with an ICB. We employed SEM-EDX for the analysis of an ICB, microscope-FT/IR and pyrolysis-GC/MS for a partly burnt resin-type substance, GC/MS for diphenhydramine (a sleeping drug), and GC/TCD for the CO-Hb level. We detected traces of an ICB on the hands, nostrils, and doorknobs, which were all discriminated into an ICB group. Detection of ICB traces from the nostrils could indicate that the deceased started the fire themselves to commit suicide. The partially burnt black material was analyzed as an acrylronitrilestyrene polymer, which is normally used to make bags for carrying or wrapping and could be assumed to have been used to transport the ICB. Diphenhydramine, a sleeping drug, was detected at a level of 2.3 mg/L in the blood, which was lower than that in fatal cases (8-31 mg/L; mean 16 mg/L). A CO-Hb level of 79% was found in the blood, which means that the cause of death was CO intoxication. The steps shown here could represent an ideal method for reaching a verdict of suicide by CO intoxication produced by burning an ICB in a sealed room or a car.

• The Korean Journal of Emergency Medical Services
• /
• v.25 no.2
• /
• pp.71-97
• /
• 2021

Purpose: This study aimed to examine the development and improvement direction of university education according to job type and investigate the types of knowledge required for employment after graduation for departments of emergency medical technology in preparation for the era of the fourth industrial revolution in a converged society. Methods: From June 3 to June 10, 2019, data were collected through structured questionnaires from 90 paramedics working in firefighting, hospitals, different industries, and emergency patient transportation. Data were analyzed using the software SPSS version 18.0. Results: For employment after graduation in departments of emergency medical technology, character and sincerity education should be strengthened. To prepare for the fourth industrial revolution, educational innovations such as improving the field practice system and devising a convergence curriculum are needed. Preparation for the fourth industrial revolution should be accomplished through the development of convergence subjects such as forensic science, information and communications technology, and safety engineering. Ninety percent of the study respondents indicated their need for convergence subjects. Conclusion: The demands of future society should be responded to flexibly by holding and conducting convergence subjects. Furthermore, preparations should be made in anticipation of a shortage of 120,000 college freshmen for the 2024-2025 school year by increasing the competitiveness of departments of emergency medical technology.

• Advances in materials Research
• /
• v.5 no.1
• /
• pp.21-34
• /
• 2016

Fire is one of the most destructive powers to which a building structure can be subjected, often exposing concrete elements to elevated temperatures. The relative properties of concrete after such an exposure are of significant importance in terms of the serviceability of buildings. Unraveling the heating history of concrete and different cooling regimes is important for forensic research or to determine whether a fire-exposed concrete structure and its components are still structurally sound or not. Assessment of fire-damaged concrete structures usually starts with visual observation of colour change, cracking and spalling. Thus, it is important to know the effect of elevated temperatures on strength retention properties of concrete. This study reports the effect of elevated temperature on the mechanical properties of the concrete specimen with polypropylene fibres and cooled differently under various regimes. In the heating cycle, the specimen were subjected to elevated temperatures ranging from $200^{\circ}C$ to $800^{\circ}C$, in steps of $200^{\circ}C$ with a retention period of 1 hour. Then they were cooled to room temperature differently. The cooling regimes studied include, furnace cooling, air cooling and sudden cooling. After exposure to elevated temperatures and cooled differently, the weight loss, residual compressive and split tensile strengths retention characteristics were studied. Test results indicated that weight and both compressive and tensile strengths significantly reduce, with an increase in temperature and are strongly dependent on cooling regimes adopted.

• Journal of Navigation and Port Research
• /
• v.43 no.1
• /
• pp.33-41
• /
• 2019

In December 2012, a pile driving boat sunk off the coast of Ulsan port in Korea. The cause of capsizing of these boats was considered a complex problem. Although Korean Ship Safety Technology Authority concluded that leaders (cranes) of the vessel were designed with sufficient safety factors, National Forensic Service concluded that the capsizing was caused by the failure of leaders. This study reviewed the related laws, strength calculations, and structural analysis methods used by the Korea Ship Safety Technology Authority. In addition, numerical simulations were carried out on hydrodynamic analysis and structural analysis to analyze the cause of vessel capsizing based on the rules of the Korean Register of Shipping. The results were similar to those found by National Forensic Service. In conclusion, the study suggested that inspection especially for a pile driving boat subjected to the Korean Register of Shipping rules should be carried out to prevent the similar accident.

• Phonetics and Speech Sciences
• /
• v.14 no.3
• /
• pp.103-112
• /
• 2022

Due to the popularization of smartphones, most of the recorded speech files submitted as evidence of recent crimes are produced by smartphones, and the integrity (forgery) of the submitted speech files based on smartphones is emerging as a major issue in the investigation and trial process. Samsung smartphones with the highest domestic market share are distributed with built-in speech recording applications that can record calls and voice, and can edit recorded speech. Unlike editing through third-party speech (audio) applications, editing by their own builtin speech applications has a high similarity to the original file in metadata structures and attributes, so more precise analysis techniques need to prove integrity. In this study, we constructed a speech file metadata database for speech files (original files) recorded by 34 Samsung smartphones and edited speech files edited by their built-in speech recording applications. We analyzed by comparing the metadata structures and attributes of the original files to their edited ones. As a result, we found significant metadata differences between the original speech files and the edited ones.