Patent application number | Description | Published |
20100235392 | System and Method for Entropy-Based Near-Match Analysis - A system and method for an entropy-based near-match analysis identifies target files that are almost, but not identical, to a reference file. A computing processor computes entropies of the reference and target files, and determines the likeness of the target files to the references file based on the computed entropies. The computing processor determines a near match between the target file and the reference file if the likeness of the two files is within a user-defined tolerance level. According to one embodiment of the invention, the information entropy is a weighted value that takes into account the size of the file. | 09-16-2010 |
20110047177 | ELECTRONIC DISCOVERY SYSTEM AND METHOD - A computer investigation system and method that conducts electronic discovery of desired files across a live network in a forensically sound manner. The investigation entails an examining machine electronically identifying, collecting, and preserving evidence from target machines that is responsive to a set of investigation criteria. The set of investigation criteria is associated with an investigation subject that is identified by a global unique identifier (GUID). As the investigation subject is applied to the various files, the responsive files are stamped with the GUID and preserved in a container file referred to as a logical evidence file (LEF). The GUID allows the results of an investigation to be easily and reliably traced to the particular investigation subject that was applied. | 02-24-2011 |
20110106852 | SYSTEM AND METHOD FOR CONDUCTING SEARCHES AT TARGET DEVICES - A method, apparatus and system for secure forensic investigation of a target machine by a client machine over a communications network. In one aspect the method comprises establishing secure communication with a server over a communications network, establishing secure communication with the target machine over the communications network, wherein establishing secure communication with the target machine includes establishing secure communication between the server and the target machine, installing a servelet on the target machine, transmitting a secure command to the servelet over the communications network, executing the secure command in the servelet, transmitting data, by the target machine, in response to a servelet instruction, and receiving the data from the target machine over the communication network. | 05-05-2011 |
20110138172 | ENTERPRISE COMPUTER INVESTIGATION SYSTEM - A method, apparatus and system for secure forensic investigation of a target machine by a client machine over a communications network. In one aspect the method comprises establishing secure communication with a server over a communications network, establishing secure communication with the target machine over the communications network, wherein establishing secure communication with the target machine includes establishing secure communication between the server and the target machine, installing a servelet on the target machine, transmitting a secure command to the servelet over the communications network, executing the secure command in the servelet, transmitting data, by the target machine, in response to a servelet instruction, and receiving the data from the target machine over the communication network. It is emphasized that this abstract is provided to comply with the rules requiring an abstract which will allow a searcher or other reader to quickly ascertain the subject matter of the technical disclosure. It is submitted with the understanding that it will not be used to interpret or limit the scope or the meaning of the claims. | 06-09-2011 |
20130212389 | ENTERPRISE COMPUTER INVESTIGATION SYSTEM - A method, apparatus and system for secure forensic investigation of a target machine by a client machine over a communications network. In one aspect the method comprises establishing secure communication with a server over a communications network, establishing secure communication with the target machine over the communications network, wherein establishing secure communication with the target machine includes establishing secure communication between the server and the target machine, installing a servelet on the target machine, transmitting a secure command to the servelet over the communications network, executing the secure command in the servelet, transmitting data, by the target machine, in response to a servelet instruction, and receiving the data from the target machine over the communication network. It is emphasized that this abstract is provided to comply with the rules requiring an abstract which will allow a searcher or other reader to quickly ascertain the subject matter of the technical disclosure. It is submitted with the understanding that it will not be used to interpret or limit the scope or the meaning of the claims. | 08-15-2013 |
20140143680 | SEGMENTED GRAPHICAL REVIEW SYSTEM AND METHOD - A method for processing a plurality of electronic items includes: for each item of the electronic items, each item being associated with an item identifier, segmenting, on a processing device, each item into a plurality of segments, for each segment of the plurality of segments: hashing the segment to produce a segment hash value; updating a first table with the segment and the segment hash value; and adding an entry to a second table, the entry including the item identifier and the segment hash value; and outputting, from the processing device, the first table and the second table. | 05-22-2014 |
20140244522 | SYSTEM AND METHOD FOR COLLECTING FORENSIC DATA VIA A MOBILE DEVICE - A system and method for conducting forensic investigations by investigators on an investigations field using a mobile device. A digital search warrant is downloaded to the mobile device prior to conducting the forensic investigation. The digital search warrant defines the search parameters of the search to be conducted, including key terms, file types, and the like. The mobile device is coupled to a target device in the investigations field that is the subject of the forensic investigation. The mobile device parses the digital search warrant and automatically identifies and collects data from the target device based on the parsed digital search warrant. The automatically identifying and collecting of the data is done without modifying a state of the target device to retain forensic integrity during the investigation process. | 08-28-2014 |
20160055200 | SCALABLE DEDUPLICATION SYSTEM AND METHOD - A system and method for data deduplication includes a first computer device that determines duplicacy of a data item. If the data item is not a duplicate, the first computer device transmits a request to add an entry for the data item in a deduplication table of a deduplication database. The database adds the entry for the data item while enforcing uniqueness of data across one or more data fields of the deduplication table, where, in enforcing the uniqueness, the database denies an attempt by the second device to add an entry in the deduplication table for the same data item. | 02-25-2016 |