Enhancement of Media Splicing Detection: A General Framework

Digital media (i.e., image, audio) has played an influential role in today information system. The increasing of popularity in digital media has brought forth many technological advancements. The advancements, however, also gives birth to a number of forgeries and attacks against this type of information. With the availability of easy-to-use media manipulating tools available online, the authenticity of today digital media cannot be guaranteed. In this paper, a new general framework for enhancing today media splicing detection has been proposed. By combining results from two traditional approaches, the enhanced detection results show improvement in term of clarity in which anomalies are more explicitly shown, providing easier and faster way for a forensic practitioner to investigate and verify the authenticity of the target digital media. Regarding the experiment, the developed framework was tested against a number of realistic tampered (spliced) media. Moreover, the enhanced detection results are compared with traditional approaches to ensure the efficiency of our proposed method in the realistic situation

Development of A Distributed Print‐Out Monitoring System for Efficient Forensic Investigation

If information leakage occurs, an investigator is instructed to specify what documents were leaked and who leaked them. In the present work, a distributed print-out monitoring system—which consists of a virtual printer driver and print-out policy/log management servers—was developed. For easily matching the discovered (i.e., leaked) paper document with the print-out log, the virtual printer driver acquires full-text of printed-out documents by DDI hooking technique to check the content, transforms a spool file to a picture file and creates both a thumbnail and text log for forensic investigation afterwards. The log size is as only about 0.04 times bigger than that for printed-out electronic documents, so the storage size needed for the thumbnail and text log is also small. Keywords: Information leakage, Print-out, Digital forensics, Log, Virtual printer drive

HiGate (High Grade Anti-Tamper Equipment) Prototype and Application to e-Discovery

These days, most data is digitized and processed in various ways by computers. In the past, computer owners were free to process data as desired and to observe the inputted data as well as the interim results. However, the unrestricted processing of data and accessing of interim results even by computer users is associated with an increasing number of adverse events. These adverse events often occur when sensitive data such as personal or confidential business information must be handled by two or more parties, such as in the case of e-Discovery, used in legal proceedings, or epidemiologic studies. To solve this problem, providers encrypt data, and the owner of the computer performs decoding in the memory for encrypted data. The computer owner can be limited to performing only certain processing of data and to observing only the final results. As an implementation that uses existing technology to realize this solution, the processing of data contained in a smart card was considered, but such an implementation would not be practical due to issues related to computer capacity and processing speed. Accordingly, the authors present the concept of PC-based High Grade AntiTamper Equipment (HiGATE), which allows data to be handled without revealing the data content to administrators or users. To verify this concept, an eDiscovery application on a prototype was executed and the results are reported here

HiGate (High Grade Anti‐Tamper Equipment) Prototype and Application to e‐Discovery

These days, most data is digitized and processed in various ways by computers. In the past, computer owners were free to process data as desired and to observe the inputted data as well as the interim results. However, the unrestricted processing of data and accessing of interim results even by computer users is associated with an increasing number of adverse events. These adverse events often occur when sensitive data such as personal or confidential business information must be handled by two or more parties, such as in the case of e-Discovery, used in legal proceedings, or epidemiologic studies. To solve this problem, providers encrypt data, and the owner of the computer performs decoding in the memory for encrypted data. The computer owner can be limited to performing only certain processing of data and to observing only the final results. As an implementation that uses existing technology to realize this solution, the processing of data contained in a smart card was considered, but such an implementation would not be practical due to issues related to computer capacity and processing speed. Accordingly, the authors present the concept of PC-based High Grade Anti-Tamper Equipment (HiGATE), which allows data to be handled without revealing the data content to administrators or users. To verify this concept, an e-Discovery application on a prototype was executed and the results are reported here. Keyword: Anti-Tamper, e-Discovery, Bitlocker, APIHoo

IMPLEMENTING BOOT CONTROL FOR WINDOWS VISTA

Abstract A digital forensic logging system must prevent the booting of unauthorized programs and the modification of evidence. Our previous research developed Dig-Force2, a boot control system for Windows XP platforms that employs API hooking and a trusted platform module. However, Dig-Force2 cannot be used for Windows Vista systems because the hooked API cannot monitor booting programs in user accounts. This paper describes an enhanced version of Dig-Force2, which uses a TPM and a white list to provide boot control functionality for Windows Vista systems. In addition, the paper presents the results of security and performance evaluations of the boot control system

ブロック構造型言語のためのベクトル化・並列化技術

本文データは平成22年度国立国会図書館の学位論文(博士)のデジタル化実施により作成された画像ファイルを基にpdf変換したものである京都大学0048新制・課程博士博士(工学)甲第6404号工博第1501号新制||工||1024(附属図書館)UT51-96-F283京都大学大学院工学研究科情報工学専攻(主査)教授 津田 孝夫, 教授 富田 眞治, 教授 矢島 脩三学位規則第4条第1項該当Doctor of EngineeringKyoto UniversityDFA

コンテンツ保護機能を備えたインターネット生放送システムの実現可能性の研究

コンピュータセキュリティシンポジウム 2012 (Computer Security Symposium 2012, CSS 2012) : 2012年10月30日(火)～11月1日(木) : くにびきメッセ (島根県立産業交流会館)With the popularity of live broadcasting websites such as USTREAM, the maturity of live broadcasting technology, and the improvement of network condition, more and more multimedia service providers are using Internet to do the pay-per-view live broadcasting business instead of traditional TV platform. It becomes an issue which is how to provide an integrated protection scheme to the multimedia contents in the pay-per-view business. For our research, we aim to develop an Internet live broadcasting system with contents protection to solve this issue. We use Home Page cryptosystem to encrypt the contents and use JFD (Joint Fingerprinting and Decryption) method to embed the fingerprint. And it proved feasible according to the evaluation to the system.USTREAMのようなインターネット生放送のWebサイトの人気や配信技術の向上や高速インターネット環境の成熟により, テレビ放送に取って代わるコンテンツ課金型のインターネット生放送の需要が高まってきている. コンテンツ課金型のインターネット生放送を展開する場合は課金したユーザのみがインターネット生放送を視聴できるような仕組みが必要となる. そこで我々は課金したユーザのみがその映像を視聴できるようにするために, 映像に対してJFD(Joint Fingerprinting and Decyption)と呼ばれる手法を用いた暗号化と電子指紋の埋込みを同時に行う仕組みを持ったインターネット生放送を開発した. そして, 開発したインターネット生放送の実現可能性を評価した

Migrating to Zero Trust Architecture: Reviews and Challenges

Zero trust (ZT) is a new concept involving the provisioning of enterprise/organization resources to the subjects without relying on any implicit trust. Unlike the perimeter-based architecture in which any subject behind the wall (i.e., inside the predefined perimeter) is considered trusted, zero trust architecture (ZTA) processes any request and provides a resource to the subject without relying on implicit trust. In this paper, based on NIST Special Publication SP800-207, the concept of ZT and ZTA is introduced. Also, challenges, steps, and things to consider when migrating from the legacy architecture to ZTA are presented and discussed