WO2007075813A3 - Enterprise-wide data identification, sharing and management, and searching forensic data - Google Patents

Enterprise-wide data identification, sharing and management, and searching forensic data Download PDF

Info

Publication number
WO2007075813A3
WO2007075813A3 PCT/US2006/048651 US2006048651W WO2007075813A3 WO 2007075813 A3 WO2007075813 A3 WO 2007075813A3 US 2006048651 W US2006048651 W US 2006048651W WO 2007075813 A3 WO2007075813 A3 WO 2007075813A3
Authority
WO
WIPO (PCT)
Prior art keywords
data
suspect
extracted
enterprise
sharing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/US2006/048651
Other languages
French (fr)
Other versions
WO2007075813A2 (en
Inventor
Raphael Bousquet
J J Wallia
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Advanced Digital Forensic Solutions Inc
Original Assignee
Advanced Digital Forensic Solutions Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/318,340 external-priority patent/US7941386B2/en
Priority claimed from US11/318,084 external-priority patent/US7603344B2/en
Application filed by Advanced Digital Forensic Solutions Inc filed Critical Advanced Digital Forensic Solutions Inc
Publication of WO2007075813A2 publication Critical patent/WO2007075813A2/en
Anticipated expiration legal-status Critical
Publication of WO2007075813A3 publication Critical patent/WO2007075813A3/en
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/242Query formulation
    • G06F16/2433Query languages
    • G06F16/2448Query languages for particular applications; for extensibility, e.g. user defined types
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/903Querying
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/907Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/907Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually
    • G06F16/908Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually using metadata automatically derived from the content

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computational Linguistics (AREA)
  • Library & Information Science (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

A system and method of automatically identifying relevant or suspect data during a digital forensic investigation. Input raw data are extracted from various digital data sources. The system determines to which one or more identification modules the unknown raw data should be delivered to for processing. This determination is based on the type of data in the extracted raw data coming into the application. Suspect or relevant data that are identified includes that data that are identical to or similar to the extracted unknown raw data. If there are suspect data, the system transmits a message or alert to interested parties or stores the findings/report on a storage device. In this manner, the suspect data are identified automatically, without intervention by a human being.
PCT/US2006/048651 2005-12-23 2006-12-21 Enterprise-wide data identification, sharing and management, and searching forensic data Ceased WO2007075813A2 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US11/318,340 US7941386B2 (en) 2005-10-19 2005-12-23 Forensic systems and methods using search packs that can be edited for enterprise-wide data identification, data sharing, and management
US11/318,340 2005-12-23
US11/318,084 US7603344B2 (en) 2005-10-19 2005-12-23 Methods for searching forensic data
US11/318,084 2005-12-23

Publications (2)

Publication Number Publication Date
WO2007075813A2 WO2007075813A2 (en) 2007-07-05
WO2007075813A3 true WO2007075813A3 (en) 2009-01-15

Family

ID=38218576

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2006/048651 Ceased WO2007075813A2 (en) 2005-12-23 2006-12-21 Enterprise-wide data identification, sharing and management, and searching forensic data

Country Status (1)

Country Link
WO (1) WO2007075813A2 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8280905B2 (en) 2007-12-21 2012-10-02 Georgetown University Automated forensic document signatures
US8312023B2 (en) 2007-12-21 2012-11-13 Georgetown University Automated forensic document signatures
GB2470198A (en) * 2009-05-13 2010-11-17 Evidence Talks Ltd Digital forensics using a control pod with a clean evidence store
FR2954547B1 (en) 2009-12-21 2012-10-12 Alcatel Lucent METHOD FOR DETECTING A MISUSE OF COMPUTER RESOURCES
US9071924B2 (en) 2011-06-20 2015-06-30 Aces & Eights Corporation Systems and methods for digital forensic triage

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6538623B1 (en) * 1999-05-13 2003-03-25 Pirooz Parnian Multi-media data collection tool kit having an electronic multi-media “case” file and method of use
US20030084279A1 (en) * 2001-10-29 2003-05-01 Pitney Bowes Inc. Monitoring system for a corporate network
US20050022014A1 (en) * 2001-11-21 2005-01-27 Shipman Robert A Computer security system
US6973449B2 (en) * 2003-05-27 2005-12-06 National Association For Child Abduction Prevention System, method of portable USB key interfaced to computer system for facilitating the recovery and/or identification of a missing person having person's unique identification, biological information

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6538623B1 (en) * 1999-05-13 2003-03-25 Pirooz Parnian Multi-media data collection tool kit having an electronic multi-media “case” file and method of use
US20030084279A1 (en) * 2001-10-29 2003-05-01 Pitney Bowes Inc. Monitoring system for a corporate network
US20050022014A1 (en) * 2001-11-21 2005-01-27 Shipman Robert A Computer security system
US6973449B2 (en) * 2003-05-27 2005-12-06 National Association For Child Abduction Prevention System, method of portable USB key interfaced to computer system for facilitating the recovery and/or identification of a missing person having person's unique identification, biological information

Also Published As

Publication number Publication date
WO2007075813A2 (en) 2007-07-05

Similar Documents

Publication Publication Date Title
ES2507642T3 (en) Media supervision, management and information system
WO2007124416A3 (en) Backwards researching activity indicative of pestware
WO2007124417A3 (en) Backwards researching time stamped events to find an origin of pestware
MY151377A (en) Location and time based filtering of broadcast information
WO2006121572A3 (en) System and method for scanning obfuscated files for pestware
TW200625140A (en) RFID server internals design
MXPA05009279A (en) Rfid enabled information systems utiling a business application.
MXPA05014162A (en) Signature-based program identification apparatus and methods for use with digital broadcast systems.
WO2007092547A3 (en) System and method for review in studies including toxicity and risk assessment studies
WO2008013553A3 (en) Global disease surveillance platform, and corresponding system and method
MX2009005756A (en) Rank graph.
MX2010000481A (en) Systems and methods for integrating educational software systems.
WO2008036195A3 (en) Managing the insertion of overlay content into a video signal
WO2007146994A3 (en) Content enhancement based on contextual data within a feed
WO2004050835A8 (en) Predicting animal performance
WO2005101186A3 (en) System, method and computer program product for extracting metadata faster than real-time
DE602006007019D1 (en) RENEWABLE TRANSPORT TRACKING
GB2465959B (en) Method and arrangement relating to a media structure
WO2006124654A3 (en) Simple automated polling system for determining attitudes, beliefs and opinions of persons
GB2447574A (en) Systems and methods of conducting clinical research
WO2007075813A3 (en) Enterprise-wide data identification, sharing and management, and searching forensic data
WO2006122106A3 (en) Processing information from selected sources via a single website
WO2018106437A3 (en) Street watch
GB2430058A (en) A system and method for retrieving information and a system and method for storing information
ATE366011T1 (en) METHOD FOR MONITORING COMPUTER SYSTEMS

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC, EPO FORM 1205A SENT ON 10/11/08

122 Ep: pct application non-entry in european phase

Ref document number: 06847849

Country of ref document: EP

Kind code of ref document: A2