WO2007075813A3 - Enterprise-wide data identification, sharing and management, and searching forensic data - Google Patents
Enterprise-wide data identification, sharing and management, and searching forensic data Download PDFInfo
- Publication number
- WO2007075813A3 WO2007075813A3 PCT/US2006/048651 US2006048651W WO2007075813A3 WO 2007075813 A3 WO2007075813 A3 WO 2007075813A3 US 2006048651 W US2006048651 W US 2006048651W WO 2007075813 A3 WO2007075813 A3 WO 2007075813A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- suspect
- extracted
- enterprise
- sharing
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/242—Query formulation
- G06F16/2433—Query languages
- G06F16/2448—Query languages for particular applications; for extensibility, e.g. user defined types
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/903—Querying
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/907—Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/907—Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually
- G06F16/908—Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually using metadata automatically derived from the content
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Library & Information Science (AREA)
- Computational Linguistics (AREA)
- Mathematical Physics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
A system and method of automatically identifying relevant or suspect data during a digital forensic investigation. Input raw data are extracted from various digital data sources. The system determines to which one or more identification modules the unknown raw data should be delivered to for processing. This determination is based on the type of data in the extracted raw data coming into the application. Suspect or relevant data that are identified includes that data that are identical to or similar to the extracted unknown raw data. If there are suspect data, the system transmits a message or alert to interested parties or stores the findings/report on a storage device. In this manner, the suspect data are identified automatically, without intervention by a human being.
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/318,084 US7603344B2 (en) | 2005-10-19 | 2005-12-23 | Methods for searching forensic data |
US11/318,084 | 2005-12-23 | ||
US11/318,340 | 2005-12-23 | ||
US11/318,340 US7941386B2 (en) | 2005-10-19 | 2005-12-23 | Forensic systems and methods using search packs that can be edited for enterprise-wide data identification, data sharing, and management |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2007075813A2 WO2007075813A2 (en) | 2007-07-05 |
WO2007075813A3 true WO2007075813A3 (en) | 2009-01-15 |
Family
ID=38218576
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2006/048651 WO2007075813A2 (en) | 2005-12-23 | 2006-12-21 | Enterprise-wide data identification, sharing and management, and searching forensic data |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2007075813A2 (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8280905B2 (en) | 2007-12-21 | 2012-10-02 | Georgetown University | Automated forensic document signatures |
US8312023B2 (en) | 2007-12-21 | 2012-11-13 | Georgetown University | Automated forensic document signatures |
GB2470198A (en) * | 2009-05-13 | 2010-11-17 | Evidence Talks Ltd | Digital forensics using a control pod with a clean evidence store |
FR2954547B1 (en) * | 2009-12-21 | 2012-10-12 | Alcatel Lucent | METHOD FOR DETECTING A MISUSE OF COMPUTER RESOURCES |
WO2012177681A2 (en) | 2011-06-20 | 2012-12-27 | Aces & Eights Corporation | Systems and methods for digital forensic triage |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6538623B1 (en) * | 1999-05-13 | 2003-03-25 | Pirooz Parnian | Multi-media data collection tool kit having an electronic multi-media “case” file and method of use |
US20030084279A1 (en) * | 2001-10-29 | 2003-05-01 | Pitney Bowes Inc. | Monitoring system for a corporate network |
US20050022014A1 (en) * | 2001-11-21 | 2005-01-27 | Shipman Robert A | Computer security system |
US6973449B2 (en) * | 2003-05-27 | 2005-12-06 | National Association For Child Abduction Prevention | System, method of portable USB key interfaced to computer system for facilitating the recovery and/or identification of a missing person having person's unique identification, biological information |
-
2006
- 2006-12-21 WO PCT/US2006/048651 patent/WO2007075813A2/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6538623B1 (en) * | 1999-05-13 | 2003-03-25 | Pirooz Parnian | Multi-media data collection tool kit having an electronic multi-media “case” file and method of use |
US20030084279A1 (en) * | 2001-10-29 | 2003-05-01 | Pitney Bowes Inc. | Monitoring system for a corporate network |
US20050022014A1 (en) * | 2001-11-21 | 2005-01-27 | Shipman Robert A | Computer security system |
US6973449B2 (en) * | 2003-05-27 | 2005-12-06 | National Association For Child Abduction Prevention | System, method of portable USB key interfaced to computer system for facilitating the recovery and/or identification of a missing person having person's unique identification, biological information |
Also Published As
Publication number | Publication date |
---|---|
WO2007075813A2 (en) | 2007-07-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2007124416A3 (en) | Backwards researching activity indicative of pestware | |
WO2007124417A3 (en) | Backwards researching time stamped events to find an origin of pestware | |
WO2006121572A3 (en) | System and method for scanning obfuscated files for pestware | |
MX2010003670A (en) | Location and time based filtering of broadcast information. | |
TW200625140A (en) | RFID server internals design | |
WO2005101186A3 (en) | System, method and computer program product for extracting metadata faster than real-time | |
WO2008115670A3 (en) | System and method for identifying content | |
MXPA05009279A (en) | Rfid enabled information systems utiling a business application. | |
MXPA05014162A (en) | Signature-based program identification apparatus and methods for use with digital broadcast systems. | |
GB0517303D0 (en) | System and method for processing secure transmissions | |
WO2008157810A3 (en) | System and method for compending blogs | |
WO2009088716A3 (en) | Method and system for managing digital photos | |
HK1149842A1 (en) | Device and method for calculating a fingerprint of an audio signal, device and method for synchronizing and device and method for characterizing a test audio signal | |
WO2007146994A3 (en) | Content enhancement based on contextual data within a feed | |
WO2008036195A3 (en) | Managing the insertion of overlay content into a video signal | |
WO2006122106A3 (en) | Processing information from selected sources via a single website | |
WO2007075813A3 (en) | Enterprise-wide data identification, sharing and management, and searching forensic data | |
WO2006065594A3 (en) | Method and system for monitoring a workflow for an object | |
WO2006124654A3 (en) | Simple automated polling system for determining attitudes, beliefs and opinions of persons | |
WO2004050835A8 (en) | Predicting animal performance | |
GB2430058A (en) | A system and method for retrieving information and a system and method for storing information | |
GB2465959B (en) | Method and arrangement relating to a media structure | |
TW200943846A (en) | Methods and systems for processing common gain values and a computer program product | |
EP2184885A3 (en) | System and method for providing digital content | |
EP1791071A3 (en) | Implementing digital rights management systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
NENP | Non-entry into the national phase |
Ref country code: DE |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC, EPO FORM 1205A SENT ON 10/11/08 |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 06847849 Country of ref document: EP Kind code of ref document: A2 |