Detailed Information
Cited 0 time in 
Cited 0 time in 
Cited 0 time in
Metadata Downloads
File fingerprinting of the ZIP format for identifying and tracking provenance
Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Um, Minji | - |
| dc.contributor.author | Han, Jaehyeok | - |
| dc.contributor.author | Lee, Sangjin | - |
| dc.date.accessioned | 2022-02-13T05:40:56Z | - |
| dc.date.available | 2022-02-13T05:40:56Z | - |
| dc.date.created | 2022-02-09 | - |
| dc.date.issued | 2021-12 | - |
| dc.identifier.issn | 2666-2817 | - |
| dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/135588 | - |
| dc.description.abstract | While the overall structure of ZIP files is defined, their detailed structure differs depending on the operating system and application creating the file. These characteristics are also affected by the environment in which the file was first created or later modified. Conversely, analyzing the structure of ZIP files allows the determination of the environment it was created in, and this can be the basis for determining where the file was created through analyzing and comparing the user's PC. In addition, the creation, modification, and access time values of decompressed files are set differently according to the application used for decompression and the structure of the ZIP file. ZIP files reflect not only the environment in which they are created but also the one in which they were decompressed. Thus, the ZIP files' detailed structures and characteristics should be analyzed forensically. In this paper, it is suggested that the environment of file creation and modification can be inferred by analyzing the detailed structure of a single file by file fingerprints, and the characteristics of decompression can be compared with the applications installed on the system. (c) 2021 Elsevier Ltd. All rights reserved. | - |
| dc.language | English | - |
| dc.language.iso | en | - |
| dc.publisher | ELSEVIER SCI LTD | - |
| dc.title | File fingerprinting of the ZIP format for identifying and tracking provenance | - |
| dc.type | Article | - |
| dc.contributor.affiliatedAuthor | Lee, Sangjin | - |
| dc.identifier.doi | 10.1016/j.fsidi.2021.301271 | - |
| dc.identifier.scopusid | 2-s2.0-85122644733 | - |
| dc.identifier.wosid | 000709481500002 | - |
| dc.identifier.bibliographicCitation | FORENSIC SCIENCE INTERNATIONAL-DIGITAL INVESTIGATION, v.39 | - |
| dc.relation.isPartOf | FORENSIC SCIENCE INTERNATIONAL-DIGITAL INVESTIGATION | - |
| dc.citation.title | FORENSIC SCIENCE INTERNATIONAL-DIGITAL INVESTIGATION | - |
| dc.citation.volume | 39 | - |
| dc.type.rims | ART | - |
| dc.type.docType | Article | - |
| dc.description.journalClass | 1 | - |
| dc.description.journalRegisteredClass | scie | - |
| dc.description.journalRegisteredClass | scopus | - |
| dc.relation.journalResearchArea | Computer Science | - |
| dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
| dc.relation.journalWebOfScienceCategory | Computer Science, Interdisciplinary Applications | - |
| dc.subject.keywordAuthor | Compression and decompression | - |
| dc.subject.keywordAuthor | File fingerprints | - |
| dc.subject.keywordAuthor | User behavior | - |
| dc.subject.keywordAuthor | ZIP file forensics | - |
| dc.subject.keywordAuthor | characteristics | - |
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.