메뉴 건너뛰기

ENG

추천
검색
질문

논문 기본 정보

자료유형
학술저널
저자정보
(Dongyang University)
저널정보
한국컴퓨터정보학회 한국컴퓨터정보학회논문지 한국컴퓨터정보학회 논문지 제24권 제9호(통권 제186호)
발행연도
수록면
51 - 58 (8page)

이용수

표지
📌
연구주제
📖
연구배경
🔬
연구방법
이 논문의 연구방법이 궁금하신가요?
🏆
연구결과
이 논문의 연구결과가 궁금하신가요?
AI에게 요청하기
추천
검색
질문

초록· 키워드

Temporal analysis is very useful and important for digital forensics for reconstructing the timeline of digital events. Forgery of a file"s timestamp can lead to inconsistencies in the overall temporal relationship, making it difficult to analyze the timeline in reconstructing actions or events and the results of the analysis might not be reliable. The purpose of the timestamp change is to hide the data in a steganographic way, and the other purpose is for anti-forensics. In both cases, the time stamp change tools are requested to use. In this paper, we propose a classification method based on the behavior of the timestamp change tools. The timestamp change tools are categorized three types according to patterns of the changed timestamps after using the tools. By analyzing the changed timestamps, it can be decided what kind of tool is used. And we show that the three types of the patterns are closely related to API functions which are used to develop the tools.
#$STANADARD_INFORMATION Attribute #$FILE_NAME Attribute #Timestamp Change Tool #NTFS Filesystem
상세정보 수정요청해당 페이지 내 제목·저자·목차·페이지
정보가 잘못된 경우 알려주세요!

목차

  1. Abstract
  2. I. Introduction
  3. II. NTFS Timestamps
  4. III. Timestamp Change Tools Classification
  5. IV. Experiments
  6. V. Conclusion
  7. REFERENCES

참고문헌

참고문헌 신청

최근 본 자료

전체보기
260429_DBpiaAI
260319_딥리서치
260319_AI리더
260304_새학기에이전트
260429 전공별 추천 이벤트
260304_아그논문롤
260127_아그논문
260127_AI뷰어