File fingerprinting of the ZIP format for identifying and tracking provenance
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Um, Minji | - |
dc.contributor.author | Han, Jaehyeok | - |
dc.contributor.author | Lee, Sangjin | - |
dc.date.accessioned | 2022-02-13T05:40:56Z | - |
dc.date.available | 2022-02-13T05:40:56Z | - |
dc.date.created | 2022-02-09 | - |
dc.date.issued | 2021-12 | - |
dc.identifier.issn | 2666-2817 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/135588 | - |
dc.description.abstract | While the overall structure of ZIP files is defined, their detailed structure differs depending on the operating system and application creating the file. These characteristics are also affected by the environment in which the file was first created or later modified. Conversely, analyzing the structure of ZIP files allows the determination of the environment it was created in, and this can be the basis for determining where the file was created through analyzing and comparing the user's PC. In addition, the creation, modification, and access time values of decompressed files are set differently according to the application used for decompression and the structure of the ZIP file. ZIP files reflect not only the environment in which they are created but also the one in which they were decompressed. Thus, the ZIP files' detailed structures and characteristics should be analyzed forensically. In this paper, it is suggested that the environment of file creation and modification can be inferred by analyzing the detailed structure of a single file by file fingerprints, and the characteristics of decompression can be compared with the applications installed on the system. (c) 2021 Elsevier Ltd. All rights reserved. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | ELSEVIER SCI LTD | - |
dc.title | File fingerprinting of the ZIP format for identifying and tracking provenance | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Lee, Sangjin | - |
dc.identifier.doi | 10.1016/j.fsidi.2021.301271 | - |
dc.identifier.scopusid | 2-s2.0-85122644733 | - |
dc.identifier.wosid | 000709481500002 | - |
dc.identifier.bibliographicCitation | FORENSIC SCIENCE INTERNATIONAL-DIGITAL INVESTIGATION, v.39 | - |
dc.relation.isPartOf | FORENSIC SCIENCE INTERNATIONAL-DIGITAL INVESTIGATION | - |
dc.citation.title | FORENSIC SCIENCE INTERNATIONAL-DIGITAL INVESTIGATION | - |
dc.citation.volume | 39 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Interdisciplinary Applications | - |
dc.subject.keywordAuthor | Compression and decompression | - |
dc.subject.keywordAuthor | File fingerprints | - |
dc.subject.keywordAuthor | User behavior | - |
dc.subject.keywordAuthor | ZIP file forensics | - |
dc.subject.keywordAuthor | characteristics | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.