专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20140244522A1 SYSTEM AND METHOD FOR COLLECTING FORENSIC DATA VIA A MOBILE DEVICE 审中-公开
标题翻译：用于通过移动设备收集威胁数据的系统和方法
公开(公告)号：US20140244522A1
公开(公告)日：2014-08-28
申请号：US14192846
申请日：2014-02-27
申请人： GUIDANCE SOFTWARE, INC.
发明人： Shawn McCreight
IPC分类号： G06Q50/26 , H04W4/00
摘要： A system and method for conducting forensic investigations by investigators on an investigations field using a mobile device. A digital search warrant is downloaded to the mobile device prior to conducting the forensic investigation. The digital search warrant defines the search parameters of the search to be conducted, including key terms, file types, and the like. The mobile device is coupled to a target device in the investigations field that is the subject of the forensic investigation. The mobile device parses the digital search warrant and automatically identifies and collects data from the target device based on the parsed digital search warrant. The automatically identifying and collecting of the data is done without modifying a state of the target device to retain forensic integrity during the investigation process.
摘要翻译：调查人员使用移动设备对调查领域进行法医调查的系统和方法。在进行法医调查之前，将数字搜索令下载到移动设备。数字搜索令定义要进行的搜索的搜索参数，包括关键术语，文件类型等。该移动设备被耦合到作为法医调查对象的调查领域中的目标设备。移动设备解析数字搜索令，并根据解析的数字搜索令自动识别和收集来自目标设备的数据。完成数据的自动识别和收集，而不会在调查过程中修改目标设备的状态以保留法医完整性。

2. 发明申请

US20130212389A1 ENTERPRISE COMPUTER INVESTIGATION SYSTEM 有权
标题翻译：企业计算机调查系统
公开(公告)号：US20130212389A1
公开(公告)日：2013-08-15
申请号：US13757481
申请日：2013-02-01
申请人： Guidance Software, Inc.
发明人： Shawn McCreight , Dominik Weber , Matthew Garrett
IPC分类号： H04L9/00
CPC分类号： G06F17/30554 , G06F17/30528 , G06F17/30867 , G06F21/60 , G06F21/606 , G06F21/64 , H04L9/00 , H04L63/0435 , H04L63/0442 , H04L63/062 , H04L63/08 , H04L63/083 , H04L63/1433
摘要： A method, apparatus and system for secure forensic investigation of a target machine by a client machine over a communications network. In one aspect the method comprises establishing secure communication with a server over a communications network, establishing secure communication with the target machine over the communications network, wherein establishing secure communication with the target machine includes establishing secure communication between the server and the target machine, installing a servelet on the target machine, transmitting a secure command to the servelet over the communications network, executing the secure command in the servelet, transmitting data, by the target machine, in response to a servelet instruction, and receiving the data from the target machine over the communication network. It is emphasized that this abstract is provided to comply with the rules requiring an abstract which will allow a searcher or other reader to quickly ascertain the subject matter of the technical disclosure. It is submitted with the understanding that it will not be used to interpret or limit the scope or the meaning of the claims.
摘要翻译：一种用于通过通信网络的客户端机器对目标机器进行安全取证调查的方法，装置和系统。在一个方面，该方法包括通过通信网络与服务器建立安全通信，通过通信网络建立与目标机器的安全通信，其中建立与目标机器的安全通信包括建立服务器与目标机器之间的安全通信，安装目标机器上的服务器，通过通信网络向服务器发送安全命令，执行服务中的安全命令，由目标机器响应于服务指令发送数据，以及从目标机器接收数据通过通信网络。要强调的是，该摘要被提供以符合要求摘要的规则，这将允许搜索者或其他读者快速确定技术公开的主题。提交它的理解是，它不会用于解释或限制权利要求的范围或含义。

3. 发明授权

US09672243B2 Scalable deduplication system and method 有权
公开(公告)号：US09672243B2
公开(公告)日：2017-06-06
申请号：US14930615
申请日：2015-11-02
申请人： GUIDANCE SOFTWARE, INC.
发明人： Shawn McCreight , Frank Lin , Prateek Arora , Kunjan Zaveri , Jason Fredrickson
IPC分类号： G06F17/30
CPC分类号： G06F17/30371 , G06F17/30067 , G06F17/30097 , G06F17/30156 , G06F17/30507 , G06F17/30595
摘要： A system and method for data deduplication includes a first computer device that determines duplicacy of a data item. If the data item is not a duplicate, the first computer device transmits a request to add an entry for the data item in a deduplication table of a deduplication database. The database adds the entry for the data item while enforcing uniqueness of data across one or more data fields of the deduplication table, where, in enforcing the uniqueness, the database denies an attempt by the second device to add an entry in the deduplication table for the same data item.

4. 发明授权

US09442975B2 Systems and methods for processing data stored in data storage devices 有权
标题翻译：用于处理存储在数据存储设备中的数据的系统和方法
公开(公告)号：US09442975B2
公开(公告)日：2016-09-13
申请号：US13802419
申请日：2013-03-13
申请人： Guidance Software, Inc.
发明人： Dominik Weber , Matthew Garrett , Claudiu Teodorescu , Rajesh Sharma
IPC分类号： G06F17/30 , G06F21/55
CPC分类号： G06F17/30424 , G06F17/30616 , G06F21/552
摘要： A system and method for processing data stored in data storage devices is described. A computing processor acquires blocks of data from a target machine and computes an entropy value associated with each block of the acquired data. The computing processor checks the entropy values of each block to determine whether or not the particular block is deemed to contain useful data, before that block is analyzed.
摘要翻译：描述用于处理存储在数据存储装置中的数据的系统和方法。计算处理器从目标机器获取数据块并且计算与获取的数据的每个块相关联的熵值。在分析该块之前，计算处理器检查每个块的熵值以确定特定块是否被认为包含有用数据。

5. 发明申请

US20140143680A1 SEGMENTED GRAPHICAL REVIEW SYSTEM AND METHOD 审中-公开
标题翻译：分辨率图形评估系统和方法
公开(公告)号：US20140143680A1
公开(公告)日：2014-05-22
申请号：US14024369
申请日：2013-09-11
申请人： Guidance Software, Inc.
发明人： Roger Angarita , Shawn McCreight
IPC分类号： H04L29/06
CPC分类号： G06F16/1748 , G06F16/137 , G06F16/345
摘要： A method for processing a plurality of electronic items includes: for each item of the electronic items, each item being associated with an item identifier, segmenting, on a processing device, each item into a plurality of segments, for each segment of the plurality of segments: hashing the segment to produce a segment hash value; updating a first table with the segment and the segment hash value; and adding an entry to a second table, the entry including the item identifier and the segment hash value; and outputting, from the processing device, the first table and the second table.
摘要翻译：一种用于处理多个电子物品的方法包括：对于电子物品的每个物品，每个物品与物品识别符相关联，在处理装置上将每个物品分割成多个片段，对于多个段：散列段以产生段哈希值; 用段和段哈希值更新第一个表; 以及向第二表添加条目，所述条目包括所述条目标识符和所述段哈希值; 并从处理装置输出第一表和第二表。

6. 发明申请

US20160267152A1 SYSTEM AND METHOD FOR CONDUCTING SEARCHES AT TARGET DEVICES 审中-公开
标题翻译：用于在目标设备上进行搜索的系统和方法
公开(公告)号：US20160267152A1
公开(公告)日：2016-09-15
申请号：US15162086
申请日：2016-05-23
申请人： GUIDANCE SOFTWARE, INC.
发明人： Shawn McCreight , Dominik Weber , Matthew Garrett
IPC分类号： G06F17/30 , G06F21/60
CPC分类号： G06F16/248 , G06F16/24575 , G06F16/9535 , G06F21/60 , G06F21/606 , G06F21/64 , H04L9/00 , H04L63/0435 , H04L63/0442 , H04L63/062 , H04L63/08 , H04L63/083 , H04L63/1433
摘要： A method, apparatus and system for secure forensic investigation of a target machine by a client machine over a communications network. In one aspect the method comprises establishing secure communication with a server over a communications network, establishing secure communication with the target machine over the communications network, wherein establishing secure communication with the target machine includes establishing secure communication between the server and the target machine, installing a servelet on the target machine, transmitting a secure command to the servelet over the communications network, executing the secure command in the servelet, transmitting data, by the target machine, in response to a servelet instruction, and receiving the data from the target machine over the communication network.
摘要翻译：一种用于通过通信网络的客户端机器对目标机器进行安全取证调查的方法，装置和系统。在一个方面，该方法包括通过通信网络与服务器建立安全通信，通过通信网络建立与目标机器的安全通信，其中建立与目标机器的安全通信包括建立服务器与目标机器之间的安全通信，安装目标机器上的服务器，通过通信网络向服务器发送安全命令，执行服务中的安全命令，由目标机器响应于服务指令发送数据，以及从目标机器接收数据通过通信网络。

7. 发明申请

US20140281331A1 SYSTEMS AND METHODS FOR PROCESSING DATA STORED IN DATA STORAGE DEVICES 有权
标题翻译：用于处理存储在数据存储设备中的数据的系统和方法
公开(公告)号：US20140281331A1
公开(公告)日：2014-09-18
申请号：US13802419
申请日：2013-03-13
申请人： GUIDANCE SOFTWARE, INC.
发明人： Dominik Weber , Matthew Garrett , Claudiu Teodorescu , Rajesh Sharma
IPC分类号： G06F12/00
CPC分类号： G06F17/30424 , G06F17/30616 , G06F21/552
摘要： A system and method for processing data stored in data storage devices is described. A computing processor acquires blocks of data from a target machine and computes an entropy value associated with each block of the acquired data. The computing processor checks the entropy values of each block to determine whether or not the particular block is deemed to contain useful data, before that block is analyzed.
摘要翻译：描述用于处理存储在数据存储装置中的数据的系统和方法。计算处理器从目标机器获取数据块并且计算与获取的数据的每个块相关联的熵值。在分析该块之前，计算处理器检查每个块的熵值以确定特定块是否被认为包含有用数据。

8. 发明申请

US20160342680A1 SYSTEM AND METHOD FOR GENERATING, MAINTAINING, AND QUERYING A DATABASE FOR COMPUTER INVESTIGATIONS 审中-公开
标题翻译：用于产生，维护和查询计算机调查数据库的系统和方法
公开(公告)号：US20160342680A1
公开(公告)日：2016-11-24
申请号：US15162591
申请日：2016-05-23
申请人： Guidance Software Inc.
发明人： Shawn McCreight , Roger Angarita , Chris Petrus
IPC分类号： G06F17/30
摘要： A computer investigation system and method organizes information in a hive. Information in a target device is parsed by a processor, and facts and links are extracted from the data. The processor identifies the fact type for each identified fact, and further generates a fact ID for the fact. The information for the fact is stored in the hive in a fact table associated with the fact type. The processor also identifies the link type for each identified link, and further generates a link ID for the link. The information for the link ID is stored in the hive in a link table associated with the identified link type. A query language that is adapted to work with the hive allows querying of data stored in the hive.
摘要翻译：计算机调查系统和方法在蜂巢中组织信息。目标设备中的信息由处理器解析，并从数据中提取事实和链接。处理器识别每个识别的事实的事实类型，并进一步生成事实的事实ID。事实的信息存储在与事实类型相关联的事实表中的配置单元中。处理器还识别每个已标识链路的链路类型，并进一步生成链路的链路ID。链接ID的信息被存储在与识别的链接类型相关联的链接表中的蜂巢中。适用于蜂巢的查询语言允许查询存储在蜂巢中的数据。

9. 发明申请

US20160055200A1 SCALABLE DEDUPLICATION SYSTEM AND METHOD 有权
标题翻译：可分级系统和方法
公开(公告)号：US20160055200A1
公开(公告)日：2016-02-25
申请号：US14930615
申请日：2015-11-02
申请人： GUIDANCE SOFTWARE, INC.
发明人： Shawn McCreight , Frank Lin , Prateek Arora , Kunjan Zaveri , Jason Fredrickson
IPC分类号： G06F17/30
CPC分类号： G06F17/30371 , G06F17/30067 , G06F17/30097 , G06F17/30156 , G06F17/30507 , G06F17/30595
摘要： A system and method for data deduplication includes a first computer device that determines duplicacy of a data item. If the data item is not a duplicate, the first computer device transmits a request to add an entry for the data item in a deduplication table of a deduplication database. The database adds the entry for the data item while enforcing uniqueness of data across one or more data fields of the deduplication table, where, in enforcing the uniqueness, the database denies an attempt by the second device to add an entry in the deduplication table for the same data item.
摘要翻译：用于重复数据删除的系统和方法包括确定数据项的重复性的第一计算机设备。如果数据项不是重复的，则第一计算机设备在重复数据删除数据库的重复数据删除表中发送用于为数据项添加条目的请求。数据库添加数据项的条目，同时在重复数据删除表的一个或多个数据字段上实现数据的唯一性，其中，在强制执行唯一性时，数据库拒绝第二个设备尝试在重复数据删除表中添加一个条目，相同的数据项。

10. 发明授权

US08838969B2 Enterprise computer investigation system 有权
标题翻译：企业电脑调查系统
公开(公告)号：US08838969B2
公开(公告)日：2014-09-16
申请号：US13757481
申请日：2013-02-01
申请人： Guidance Software, Inc.
发明人： Shawn McCreight , Dominik Weber , Matthew Garrett
IPC分类号： H04L9/00 , H04L29/06 , G06F21/60 , G06F21/64
CPC分类号： G06F17/30554 , G06F17/30528 , G06F17/30867 , G06F21/60 , G06F21/606 , G06F21/64 , H04L9/00 , H04L63/0435 , H04L63/0442 , H04L63/062 , H04L63/08 , H04L63/083 , H04L63/1433
摘要： A method, apparatus and system for secure forensic investigation of a target machine by a client machine over a communications network. In one aspect the method comprises establishing secure communication with a server over a communications network, establishing secure communication with the target machine over the communications network, wherein establishing secure communication with the target machine includes establishing secure communication between the server and the target machine, installing a servelet on the target machine, transmitting a secure command to the servelet over the communications network, executing the secure command in the servelet, transmitting data, by the target machine, in response to a servelet instruction, and receiving the data from the target machine over the communication network. It is emphasized that this abstract is provided to comply with the rules requiring an abstract which will allow a searcher or other reader to quickly ascertain the subject matter of the technical disclosure. It is submitted with the understanding that it will not be used to interpret or limit the scope or the meaning of the claims.
摘要翻译：一种用于通过通信网络的客户端机器对目标机器进行安全取证调查的方法，装置和系统。在一个方面，该方法包括通过通信网络与服务器建立安全通信，通过通信网络建立与目标机器的安全通信，其中建立与目标机器的安全通信包括建立服务器与目标机器之间的安全通信，安装目标机器上的服务器，通过通信网络向服务器发送安全命令，执行服务中的安全命令，由目标机器响应于服务指令发送数据，以及从目标机器接收数据通过通信网络。要强调的是，该摘要被提供以符合要求摘要的规则，这将允许搜索者或其他读者快速确定技术公开的主题。提交它的理解是，它不会用于解释或限制权利要求的范围或含义。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式