WO2007075813A3 - Enterprise-wide data identification, sharing and management, and searching forensic data - Google Patents

Enterprise-wide data identification, sharing and management, and searching forensic data Download PDF

Info

Publication number
WO2007075813A3
WO2007075813A3 PCT/US2006/048651 US2006048651W WO2007075813A3 WO 2007075813 A3 WO2007075813 A3 WO 2007075813A3 US 2006048651 W US2006048651 W US 2006048651W WO 2007075813 A3 WO2007075813 A3 WO 2007075813A3
Authority
WO
WIPO (PCT)
Prior art keywords
data
suspect
extracted
raw data
enterprise
Prior art date
Application number
PCT/US2006/048651
Other languages
French (fr)
Other versions
WO2007075813A2 (en
Inventor
Raphael Bousquet
J J Wallia
Original Assignee
Advanced Digital Forensic Solu
Raphael Bousquet
J J Wallia
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US11/318,340 priority Critical
Priority to US11/318,084 priority patent/US7603344B2/en
Priority to US11/318,084 priority
Priority to US11/318,340 priority patent/US7941386B2/en
Application filed by Advanced Digital Forensic Solu, Raphael Bousquet, J J Wallia filed Critical Advanced Digital Forensic Solu
Publication of WO2007075813A2 publication Critical patent/WO2007075813A2/en
Publication of WO2007075813A3 publication Critical patent/WO2007075813A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/242Query formulation
    • G06F16/2433Query languages
    • G06F16/2448Query languages for particular applications; for extensibility, e.g. user defined types
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/903Querying
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/907Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually

Abstract

A system and method of automatically identifying relevant or suspect data during a digital forensic investigation. Input raw data are extracted from various digital data sources. The system determines to which one or more identification modules the unknown raw data should be delivered to for processing. This determination is based on the type of data in the extracted raw data coming into the application. Suspect or relevant data that are identified includes that data that are identical to or similar to the extracted unknown raw data. If there are suspect data, the system transmits a message or alert to interested parties or stores the findings/report on a storage device. In this manner, the suspect data are identified automatically, without intervention by a human being.
PCT/US2006/048651 2005-10-19 2006-12-21 Enterprise-wide data identification, sharing and management, and searching forensic data WO2007075813A2 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
US11/318,340 2005-12-23
US11/318,084 US7603344B2 (en) 2005-10-19 2005-12-23 Methods for searching forensic data
US11/318,084 2005-12-23
US11/318,340 US7941386B2 (en) 2005-10-19 2005-12-23 Forensic systems and methods using search packs that can be edited for enterprise-wide data identification, data sharing, and management

Publications (2)

Publication Number Publication Date
WO2007075813A2 WO2007075813A2 (en) 2007-07-05
WO2007075813A3 true WO2007075813A3 (en) 2009-01-15

Family

ID=38218576

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2006/048651 WO2007075813A2 (en) 2005-10-19 2006-12-21 Enterprise-wide data identification, sharing and management, and searching forensic data

Country Status (1)

Country Link
WO (1) WO2007075813A2 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8312023B2 (en) 2007-12-21 2012-11-13 Georgetown University Automated forensic document signatures
US8280905B2 (en) 2007-12-21 2012-10-02 Georgetown University Automated forensic document signatures
GB2470198A (en) * 2009-05-13 2010-11-17 Evidence Talks Ltd Digital forensics using a control pod with a clean evidence store
FR2954547B1 (en) * 2009-12-21 2012-10-12 Alcatel Lucent Method for detection of? A computer resource diversion
US9071924B2 (en) 2011-06-20 2015-06-30 Aces & Eights Corporation Systems and methods for digital forensic triage

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6538623B1 (en) * 1999-05-13 2003-03-25 Pirooz Parnian Multi-media data collection tool kit having an electronic multi-media “case” file and method of use
US20030084279A1 (en) * 2001-10-29 2003-05-01 Pitney Bowes Inc. Monitoring system for a corporate network
US20050022014A1 (en) * 2001-11-21 2005-01-27 Shipman Robert A Computer security system
US6973449B2 (en) * 2003-05-27 2005-12-06 National Association For Child Abduction Prevention System, method of portable USB key interfaced to computer system for facilitating the recovery and/or identification of a missing person having person's unique identification, biological information

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6538623B1 (en) * 1999-05-13 2003-03-25 Pirooz Parnian Multi-media data collection tool kit having an electronic multi-media “case” file and method of use
US20030084279A1 (en) * 2001-10-29 2003-05-01 Pitney Bowes Inc. Monitoring system for a corporate network
US20050022014A1 (en) * 2001-11-21 2005-01-27 Shipman Robert A Computer security system
US6973449B2 (en) * 2003-05-27 2005-12-06 National Association For Child Abduction Prevention System, method of portable USB key interfaced to computer system for facilitating the recovery and/or identification of a missing person having person's unique identification, biological information

Also Published As

Publication number Publication date
WO2007075813A2 (en) 2007-07-05

Similar Documents

Publication Publication Date Title
TWI249318B (en) Method of granting DRM license to support plural devices
TWI312622B (en) Method and device for file delivery in a transmission system
TWI232387B (en) System and method for facilitating information collection, storage, and distribution
TWI488065B (en) Methods of processing an electronic file, preprocessing an electronic file and testing an electronic file, and the corresponding apparatus and system thereof
TWI284811B (en) Methods and apparatus for secure data processing and transmission
EP1657662A3 (en) Efficient white listing of user-modifiable files
TW200821890A (en) Method and system for policy-based initiation of federation management
WO2007037875A3 (en) Apparatus to process an incoming message
WO2004102340A3 (en) System and method for analyzing an operation of an organization
GB2434900A (en) System and method to support single instance storage operations
TW200706029A (en) Apparatus and methods for determining voice and/or data processing performance of a wireless device
CA2640736C (en) Methods and systems for data management using multiple selection criteria
WO2008011142A3 (en) Method and apparatus for providing search capability and targeted advertising for audio, image, and video content over the internet
WO2007035912A3 (en) Document processing
WO2010141270A3 (en) Systems and methods to summarize transaction data
MX2007000066A (en) Methods and apparatus for identifying viewing information associated with a digital media device.
WO2008097810A3 (en) Indicator-based recommendation system
MXPA06014348A (en) Automated transaction accounting processing engine and approach.
NZ540419A (en) Method, system, and apparatus for discovering and connecting to data sources
WO2007115098A3 (en) Method and system for providing focused search results
MXPA05012202A (en) Apparatus and method for providing location information.
TW200704076A (en) Privacy entitlement protocols for secure data exchange, collection, monitoring and/or alerting
WO2003102764A3 (en) Behavior-based adaptation of computer systems
GB2434671A (en) Global asset risk management system and methods
GB0625289D0 (en) Method,system,and computer program product for performing prognosis and asset management services

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase in:

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC, EPO FORM 1205A SENT ON 10/11/08

122 Ep: pct application non-entry in european phase

Ref document number: 06847849

Country of ref document: EP

Kind code of ref document: A2