The proliferation of various connected platforms, including Internet things, industrial control systems (ICSs), cars, and in-vehicle networks, has resulted in the simultaneous use multiple protocols devices. Chaotic situations caused by usage different types devices, such as heterogeneous implemented differently vendors renders adoption a flexible security solution difficult, recent deep learning-based intrusion detection system (IDS) studies. These studies optimized learning model for their...

Various Internet of Things (IoT) devices, such as AI speakers, are being released with different functions to improve user convenience and better life. An speaker ecosystem is a cloud-based IoT system built around an devices. In the near future, citizens in whole countries worldwide will be helped real life when AI-equipped devices deployed their homes. Typically, because speakers always operating, they can used provide vital evidence for digital forensics; however, privacy issues may arise....

AI Speakers are typical cloud-based internet of things (IoT) devices that store a variety information regarding users on the cloud. Although analyzing encrypted traffic between these and cloud, as well artifacts stored there, is an important research topic from perspective IoT forensics, studies directly cloud remain insufficient. In this study, we propose forensic model can collect analyze Speaker based certificate injection. The proposed consists porting image Android device, using QEMU...

Vehicle systems have been one of the fastest-growing fields in recent years. Vehicles are extremely helpful for understanding driver behaviors and received significant attention from a forensic perspective. Extensive research was previously conducted on on-board vehicle systems, such as an event data recorders, located electronic control unit or manufacturer-based infotainment systems. However, unlike previous vehicles that used only most today equipped with Android Auto Apple CarPlay. These...

A smart grid is nationwide industrial control system that combine IT and traditional electric system. The main hindrance to security. To solve this problem we propose a novel approach for vulnerability analysis of protocols using fuzzing test. test widely used analysis, however, these studies do not consider the cross-protocol are suitable network. Therefore, case generation method Before creating cases, classify protocol fields into three categories by its characteristics. Based on...

In industrial control systems (ICS), programmable logic controllers (PLCs) directly and monitor physical processes in real-time such as nuclear plants, power grid stations. Adversaries typically transfer malicious to PLCs over the network sabotage a process. These attacks are well-understood containing machine instructions packets likely be detected by intrusion detection (IDS). On other hand, return-oriented programming (ROP) reuses blocks (or gadgets) of existing code computer memory...

The Android platform accounts for 85% of the global smartphone operating-system market share, and recently, it has also been installed on Internet-of-Things (IoT) devices such as wearable vehicles. These Android-based store various personal information user IDs, addresses, payment device usage data when providing convenient functions to users. Insufficient security management deletion stored in can lead cyber threats leakage identity theft. Therefore, research protection is very important....

Several cases of Industrial Internet Things (IIoT) attacks with zero-day vulnerabilities have been reported. To prevent these attacks, it is necessary to apply an abnormal behavior detection method; however, there are three main problems that make hard. First, various industrial communication protocols. Instead IT environments, many unstandardized protocols, which usually defined by vendors, used. Second, legacy devices commonly used, not only EOS (End-of-service), but also EoL...

A cyber-physical infrastructure system (CPIS) is a that controls and manages critical such as smart manufacturing, water treatment facilities, power generation, distribution facilities. Although these CPISs focus on the security of air-gapped network environments, strict isolation from outside difficult to achieve, leading various attacks. also comprise devices proprietary communication protocols are used exclusively for each domain site. Therefore, experts have adopt customized strategy...

Recently, the number of Internet Things (IoT) devices, such as artificial intelligence (AI) speakers and smartwatches, using a Linux-based file system has increased. Moreover, these devices are connected to generate vast amounts data. To efficiently manage generated data improve processing speed, function is improved by updating version or new systems, an Extended File System (XFS), B-tree (Btrfs), Flash-Friendly (F2FS). However, in process existing system, metadata structure may be changed...

Modern forensic-based investigations to analyze and extract data from digital devices are rapidly increasing due the evolution of criminals with IT technologies devices. A variety for usually volatile key evidence files easily removed by criminal. Currently a large scale system like cloud big solution prevalent in our life. Thus we need study about file UNIX aspect forensics. Among forensic technologies, one important issues is recover deleted system. In this paper, structure UFS, suggest...

Digital Forensics, not only for the computers of suspect, needs to collect various digital evidences especially in many different kinds mobile devices and operating systems. Moreover, case acquiring evidences, recovering a deleted file is more meaningful that it can find concealed evidence by suspect. In this paper, phase recovery Tizen system suggested certified with experiment.

Programmable logic controllers (PLCs) in industrial control systems (ICS) run a program to monitor and critical infrastructures real-time, such as nuclear plants power grids. Attackers target PLC remotely sabotage or disrupt physical processes. Network intrusion detection (IDS) are increasingly used detect malicious logic. This paper demonstrates that standard IDS features protocol message header payload not resilient for detecting (control logic) binary programs, entropy, n-gram,...

모바일 포렌식은 스마트폰의 대중화와 다양한 기기의 증가로 인해 그 중요성 및 필요성이 급격히 증가하고 있다. 하지만 방안 절차는 아직 포렌식의 특성에 충분히 맞게 적용되고 있지 않다. 이에 따라 본 논문에서는 현재 포렌식이 직면한 문제점을 파악하기 위해 법 제도 기술적 관점에서의 분석을 수행하였으며 이를 통해 기기에 대해서는 디지털 포렌식 수사과정에서 큰 이슈가 되고 있는 선별압수에 있어서 제약사항이 있음을 확인하였다. 또한 포렌식에서 증거 수집 방안에 대한 분석 실사용 도구의 무결성 연구를 진행함으로써 기술의 적합성 검증 추후 발생될 문제점에 대해 분석하였으며 결과적으로 수집된 데이터가 증거능력을 확보할 수 방안을 전반적인 고려사항을 제시하였다. Because of the evolution mobile devices such as smartphone, necessity forensics is increasing. In spite this necessity, does not...

Programmable logic controllers (PLCs) have design features to enable operations, such as real-time control of physical processes. These weaknesses, making PLCs vulnerable attacks (network/firmware based). We study these and suggest security requirements for designing a PLC.