Çѱ¹ÀÎÅͳÝÁ¤º¸ÇÐȸ ³í¹®Áö
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
½º¸¶Æ® Ȩ ÇìÀÌ È¨ AirÀÇ Å¬¶ó¿ìµå ¾ÆƼÆÑÆ® ¿ø°Ý ¼öÁý ¹æ¾È ¿¬±¸ |
| ¿µ¹®Á¦¸ñ(English Title) |
A Study on the remote acuisition of HejHome Air Cloud artifacts |
| ÀúÀÚ(Author) |
±èÁÖÀº
¼½ÂÈñ
Â÷Çؼº
񊨦
ÀÌâÈÆ
Ju-eun Kim
Seung-hee
Seo Hae-seong
Cha Yeok Kim
Chang-hoon Lee
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 23 NO. 05 PP. 0069 ~ 0078 (2022. 10) |
Çѱ۳»¿ë
(Korean Abstract) |
IoT(Internet of Things) µð¹ÙÀ̽ºÀÇ »ç¿ëÀÌ È®´ëµÊ¿¡ µû¶ó °æÂûûÀÇ µðÁöÅÐ Æ÷·»½Ä Àû¿ë ¹üÀ§°¡ ½º¸¶Æ® Ȩ ¿µ¿ªÀ¸·Î È®´ëµÇ¾ú´Ù. ÀÌ¿¡ µû¶ó ½º¸¶Æ® Ȩ Ç÷§Æû µ¥ÀÌÅ͸¦ ¼öÁýÇϱâ À§ÇØ ÁøÇàµÈ ±âÁ¸ ¿¬±¸µéÀº ´ëºÎºÐ ¸ð¹ÙÀÏ ±â±âÀÇ ·ÎÄà µ¥ÀÌÅÍ ºÐ¼®°ú ³×Æ®¿öÅ© °üÁ¡ÀÇ ºÐ¼® µîÀÇ ¿¬±¸°¡ ÁÖ·Î ¼öÇàµÇ¾ú´Ù. ÇÏÁö¸¸ Áõ°Å ºÐ¼®À» À§ÇØ À¯ÀǹÌÇÑ µ¥ÀÌÅÍ´Â ½º¸¶Æ® Ȩ Ç÷§ÆûÀÇ Å¬¶ó¿ìµå ½ºÅ丮Áö¿¡ ÁÖ·Î ÀúÀåµÇ¾î ÀÖ´Ù. µû¶ó¼ º» ³í¹®¿¡¼´Â »ç¿ëÀÚ°¡ ÇìÀÌ È¨ ¾Û ±â¹ÝÀÇ ¡°ÇìÀÌ È¨ ½ºÄù¾î¡± ¼ºñ½º¸¦ ÀÌ¿ëÇÒ ¶§ PC¿¡ ±â·ÏµÇ´Â Microsoft Edge, Google Chrome, Mozilia Firefox, Opera¿Í °°Àº À¥ ºê¶ó¿ìÀúµéÀÇ ÄíÅ° µ¥ÀÌÅͺ£À̽º¸¦ ÅëÇØ »ç¿ëÀÚ °èÁ¤ÀÇ accessTokenÀ» ȹµæÇÏ¿© ÇìÀÌ È¨ Air ȯ°æ¿¡¼ Ŭ¶ó¿ìµå¿¡ ÀúÀåµÈ µ¥ÀÌÅÍÀÇ ¼öÁý ¹æ¾ÈÀ» ¿¬±¸Çß´Ù. µ¥ÀÌÅÍ´Â ÇìÀÌ È¨ÀÇ ¸ðȸ»ç°¡ Á¦°øÇÏ´Â OpenAPI¸¦ È°¿ëÇØ Å¬¶ó¿ìµå·Î Á÷Á¢ Á¢±ÙÇÏ¿© ¼öÁýÇÏ¿´´Ù. º» ³í¹®¿¡¼´Â ½º¸¶Æ® ¿Â¡¤½Àµµ ¼¾¼, ½º¸¶Æ® µµ¾î ¼¾¼, ½º¸¶Æ® ¸ð¼Ç ¼¾¼·Î ȯ°æÀ» ±¸¼ºÇÏ¿© ½ÇÇ踦 ¼öÇàÇß°í ³¯Â¥ ¹× Àå¼Òº° ¿Â¡¤½Àµµ µ¥ÀÌÅÍ, »ç¿ëÇÑ µð¹ÙÀ̽º ¸®½ºÆ®, ¹æ ³» ¸ð¼Ç °¨Áö ±â·Ï µîÀÇ ¾ÆƼÆÑÆ®¸¦ ¼öÁýÇÒ ¼ö ÀÖ´Â °ÍÀ» È®ÀÎÇÏ¿´´Ù. ÀÌ¿Í °°Àº ¾ÆƼÆÑÆ® ºÐ¼® °á°ú¸¦ ÅëÇØ ¾Ë ¼ö ÀÖ´Â »ç°Ç ´ç½ÃÀÇ ¿Â¡¤½Àµµ µîÀÇ Á¤º¸´Â Æ÷·»½Ä ¼ö»ç °úÁ¤¿¡¼ ´Ü¼·Î È°¿ëµÉ ¼ö ÀÖ´Ù. ¶ÇÇÑ º» ³í¹®¿¡¼ Á¦¾ÈÇÑ OpenAPI¸¦ È°¿ëÇÑ Å¬¶ó¿ìµå µ¥ÀÌÅÍ ¼öÁý ¹æ¾ÈÀº µ¥ÀÌÅÍ ¼öÁý °úÁ¤¿¡¼ ¹ß»ýÇÒ ¼ö ÀÖ´Â º¯Á¶ °¡´É¼ºÀ» ¹èÁ¦ÇÏ°í, API¸¦ ÀÌ¿ëÇØ °á°ú¸¦ È£ÃâÇϱ⠶§¹®¿¡ µðÁöÅÐ Æ÷·»½ÄÀÇ ¿øÄ¢ÀÎ ¹«°á¼ºÀÇ ¿øÄ¢°ú ÀçÇö¼ºÀÇ ¿øÄ¢À» µû¸¥´Ù. |
¿µ¹®³»¿ë
(English Abstract) |
As the use of Internet of Things (IoT) devices has expanded, digital forensics coverage of the National Police Agency has expanded to smart home areas. Accordingly, most of the existing studies conducted to acquire smart home platform data were mainly conducted to analyze local data of mobile devices and analyze network perspectives. However, meaningful data for evidence analysis is mainly stored on cloud storage on smart home platforms. Therefore, in this paper, we study how to acquire stored in the cloud in a Hey Home Air environment by extracting accessToken of user accounts through a cookie database of browsers such as Microsoft Edge, Google Chrome, Mozilia Firefox, and Opera, which are recorded on a PC when users use the Hey Home app-based "Hey Home Square" service. In this paper, the it was configured with smart temperature and humidity sensors, smart door sensors, and smart motion sensors, and artifacts such as temperature and humidity data by date and place, device list used, and motion detection records were collected. Information such as temperature and humidity at the time of the incident can be seen from the results of the artifact analysis and can be used in the forensic investigation process. In addition, the cloud data acquisition method using OpenAPI proposed in this paper excludes the possibility of modulation during the data collection process and uses the API method, so it follows the principle of integrity and reproducibility, which are the principles of digital forensics. |
| Å°¿öµå(Keyword) |
½º¸¶Æ® Ȩ
µðÁöÅÐ Æ÷·»½Ä
ÀÎÁõ ÅäÅ« ȹµæ
Open API
Ŭ¶ó¿ìµå Æ÷·»½Ä
Smart home
Digital forensics
AccessToken
Open API
Cloud forensics
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
