专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20090165142A1 EXTENSIBLE SOFTWARE TOOL FOR INVESTIGATING PEER-TO-PEER USAGE ON A TARGET DEVICE 有权
标题翻译：用于调查目标设备上的对等设备的可扩展软件工具
公开(公告)号：US20090165142A1
公开(公告)日：2009-06-25
申请号：US12190314
申请日：2008-08-12
申请人： Frank N. Adelstein , Judson Powers , Robert A. Joyce , Derek Bronner
发明人： Frank N. Adelstein , Judson Powers , Robert A. Joyce , Derek Bronner
IPC分类号： G06F21/00
CPC分类号： H04L63/1425 , G06F21/55 , H04L43/065 , H04L43/0876
摘要： In general, the invention provides for analyzing a target computer for computer crimes such as illegal sharing of files or sharing of illegal files on peer-to-peer clients. The target computer may have software for a plurality of peer-to-peer clients. Only one extensible forensic device may be necessary to analyze the plurality of peer-to-peer clients for downloaded or shared files. For example, the invention may provide for a method comprising determining whether one or more peer-to-peer clients are or have been installed on a target device by identifying information associated with one or more peer-to-peer modules, wherein each module is associated with a different one of the one or more peer-to-peer clients. The method further includes, gathering usage information for the one or more peer-to-peer clients that had been determined to be installed on the target computer, analyzing the usage information, and automatically generating a report of the analyzed usage information.
摘要翻译：一般来说，本发明提供一种目标计算机，用于分析非法共享文件或在对等客户端上共享非法文件等计算机犯罪行为。目标计算机可以具有用于多个对等客户端的软件。只有一个可扩展取证设备可能需要分析多个对等客户端才能下载或共享文件。例如，本发明可以提供一种方法，包括通过识别与一个或多个对等模块相关联的信息来确定一个或多个对等客户端是否已被安装在目标设备上，其中每个模块是与一个或多个对等客户端中的不同的一个相关联。该方法还包括：收集已被确定安装在目标计算机上的一个或多个对等客户端的使用信息，分析使用信息，以及自动生成所分析的使用信息的报告。

2. 发明授权

US07886049B2 Extensible software tool for investigating peer-to-peer usage on a target device 有权
标题翻译：用于调查目标设备上的点对点使用的可扩展软件工具
公开(公告)号：US07886049B2
公开(公告)日：2011-02-08
申请号：US12190314
申请日：2008-08-12
申请人： Frank N. Adelstein , Judson Powers , Robert A. Joyce , Derek Bronner
发明人： Frank N. Adelstein , Judson Powers , Robert A. Joyce , Derek Bronner
IPC分类号： G06F15/16 , G06F15/173
CPC分类号： H04L63/1425 , G06F21/55 , H04L43/065 , H04L43/0876
摘要： In general, the invention provides for analyzing a target computer for computer crimes such as illegal sharing of files or sharing of illegal files on peer-to-peer clients. The target computer may have software for a plurality of peer-to-peer clients. Only one extensible forensic device may be necessary to analyze the plurality of peer-to-peer clients for downloaded or shared files. For example, the invention may provide for a method comprising determining whether one or more peer-to-peer clients are or have been installed on a target device by identifying information associated with one or more peer-to-peer modules, wherein each module is associated with a different one of the one or more peer-to-peer clients. The method further includes, gathering usage information for the one or more peer-to-peer clients that had been determined to be installed on the target computer, analyzing the usage information, and automatically generating a report of the analyzed usage information.
摘要翻译：一般来说，本发明提供一种目标计算机，用于分析非法共享文件或在对等客户端上共享非法文件等计算机犯罪行为。目标计算机可以具有用于多个对等客户端的软件。只有一个可扩展取证设备可能需要分析多个对等客户端才能下载或共享文件。例如，本发明可以提供一种方法，包括通过识别与一个或多个对等模块相关联的信息来确定一个或多个对等客户端是否已被安装在目标设备上，其中每个模块是与一个或多个对等客户端中的不同的一个相关联。该方法还包括：收集已被确定安装在目标计算机上的一个或多个对等客户端的使用信息，分析使用信息，以及自动生成所分析的使用信息的报告。

3. 发明授权

US08862803B2 Mediating communciation of a univeral serial bus device 有权
标题翻译：调停通用串行总线设备
公开(公告)号：US08862803B2
公开(公告)日：2014-10-14
申请号：US13149634
申请日：2011-05-31
申请人： Judson Powers , Matthew P. Donovan , Frank N. Adelstein , Michael Kentley , Stephen K. Brueckner
发明人： Judson Powers , Matthew P. Donovan , Frank N. Adelstein , Michael Kentley , Stephen K. Brueckner
IPC分类号： G06F9/00 , G06F11/00 , G06F13/42
CPC分类号： G06F13/42 , G06F13/385
摘要： An apparatus for mediating communication between a universal serial bus (USB) device and a host computing device is described. In an example, the apparatus includes a USB host interface configured to be connected to a downstream USB device, and a USB device interface configured to be connected to an upstream host computing device. The apparatus also includes a mediation module positioned between the USB host interface and the USB device interface and configured to determine whether the USB device is authorized to communicate with the host computing device.
摘要翻译：描述了一种用于中介通用串行总线（USB）设备和主机计算设备之间的通信的设备。在一个示例中，该设备包括被配置为连接到下游USB设备的USB主机接口以及被配置为连接到上游主机计算设备的USB设备接口。该设备还包括位于USB主机接口和USB设备接口之间的中介模块，并且被配置为确定USB设备是否被授权与主机计算设备进行通信。

4. 发明申请

US20120311207A1 MEDIATING COMMUNCIATION OF A UNIVERAL SERIAL BUS DEVICE 有权
标题翻译：一般串行总线设备的媒体通信
公开(公告)号：US20120311207A1
公开(公告)日：2012-12-06
申请号：US13149634
申请日：2011-05-31
申请人： Judson Powers , Matthew P. Donovan , Frank N. Adelstein , Michael Kentley , Stephen K. Brueckner
发明人： Judson Powers , Matthew P. Donovan , Frank N. Adelstein , Michael Kentley , Stephen K. Brueckner
IPC分类号： G06F13/42
CPC分类号： G06F13/42 , G06F13/385
摘要： An apparatus for mediating communication between a universal serial bus (USB) device and a host computing device is described. In an example, the apparatus includes a USB host interface configured to be connected to a downstream USB device, and a USB device interface configured to be connected to an upstream host computing device. The apparatus also includes a mediation module positioned between the USB host interface and the USB device interface and configured to determine whether the USB device is authorized to communicate with the host computing device.
摘要翻译：描述了一种用于中介通用串行总线（USB）设备和主机计算设备之间的通信的设备。在一个示例中，该设备包括被配置为连接到下游USB设备的USB主机接口以及被配置为连接到上游主机计算设备的USB设备接口。该设备还包括位于USB主机接口和USB设备接口之间的中介模块，并且被配置为确定USB设备是否被授权与主机计算设备进行通信。

5. 发明授权

US08474047B2 Remote collection of computer forensic evidence 有权
公开(公告)号：US08474047B2
公开(公告)日：2013-06-25
申请号：US13465859
申请日：2012-05-07
申请人： Frank N. Adelstein , Matthew A. Stillerman , Robert A. Joyce
发明人： Frank N. Adelstein , Matthew A. Stillerman , Robert A. Joyce
IPC分类号： G06F12/14
CPC分类号： H04L63/123 , H04L63/14
摘要： The invention is directed to techniques for allowing a user to remotely interrogate a target computing device in order to collect and analyze computer evidence that may be stored on the target computing device. A forensic device receives input from a remote user that identifies computer evidence to acquire from the target computing device. The forensic device acquires the computer evidence from the target computing device and presents a user interface for the forensic device through which the remote user views the computer evidence acquired from the target computing device. In this manner, forensic device allows the user to interrogate the target computing device to acquire the computer evidence without seizing or otherwise “shutting down” the target device.

6. 发明授权

US07748040B2 Attack correlation using marked information 有权
标题翻译：使用标记信息进行攻击相关
公开(公告)号：US07748040B2
公开(公告)日：2010-06-29
申请号：US11087388
申请日：2005-03-22
申请人： Frank N. Adelstein , Haim Bar , Prasanth Alla , Nikita Proskourine
发明人： Frank N. Adelstein , Haim Bar , Prasanth Alla , Nikita Proskourine
IPC分类号： G06F12/14
CPC分类号： H04L63/1425 , H04L63/1491
摘要： Techniques are described for providing security to a protected network. Techniques are described for thwarting attempted network attacks using marked information. The attack correlation system provides marked information to computing devices that probe for sensitive information, and monitors subsequent communications for use of the marked information. In one example, the attack correlation system reroutes communications containing the marked information to a dedicated vulnerable device that logs the communications to monitor the attackers' methods. The attack correlation system may also include functionality to exchange information regarding attempted attacks with other attack correlation systems to gain broader knowledge of attacks throughout one or more networks.
摘要翻译：描述了为受保护网络提供安全性的技术。描述了使用标记信息阻止尝试的网络攻击的技术。攻击相关系统为探测敏感信息的计算设备提供标记信息，并监视后续通信以使用标记信息。在一个示例中，攻击相关系统将包含标记信息的通信重新路由到专用易受攻击的设备，其记录通信以监视攻击者的方法。攻击相关系统还可以包括用于与其他攻击相关系统交换关于尝试攻击的信息以获得对一个或多个网络中的攻击的更广泛知识的功能。

7. 发明授权

US08176557B2 Remote collection of computer forensic evidence 有权
标题翻译：远程收集电脑取证证据
公开(公告)号：US08176557B2
公开(公告)日：2012-05-08
申请号：US12370447
申请日：2009-02-12
申请人： Frank N. Adelstein , Matthew A. Stillerman , Robert Joyce
发明人： Frank N. Adelstein , Matthew A. Stillerman , Robert Joyce
IPC分类号： G06F12/16
CPC分类号： H04L63/123 , H04L63/14
摘要： The invention is directed to techniques for allowing a user to remotely interrogate a target computing device in order to collect and analyze computer evidence that may be stored on the target computing device. A forensic device receives input from a remote user that identifies computer evidence to acquire from the target computing device. The forensic device acquires the computer evidence from the target computing device and presents a user interface for the forensic device through which the remote user views the computer evidence acquired from the target computing device. In this manner, forensic device allows the user to interrogate the target computing device to acquire the computer evidence without seizing or otherwise “shutting down” the target device.
摘要翻译：本发明涉及允许用户远程询问目标计算设备以便收集和分析可存储在目标计算设备上的计算机证据的技术。取证设备从远程用户接收识别计算机证据以从目标计算设备获取的输入。取证设备从目标计算设备获取计算机证据，并为远程用户查看从目标计算设备获取的计算机证据的法医设备的用户界面。以这种方式，取证设备允许用户询问目标计算设备以获取计算机证据，而不占用或以其他方式“关闭”目标设备。

8. 发明申请

US20120221633A1 REMOTE COLLECTION OF COMPUTER FORENSIC EVIDENCE 有权
标题翻译：远程收集电脑威信证据
公开(公告)号：US20120221633A1
公开(公告)日：2012-08-30
申请号：US13465859
申请日：2012-05-07
申请人： Frank N. Adelstein , Matthew A. Stillerman , Robert Joyce
发明人： Frank N. Adelstein , Matthew A. Stillerman , Robert Joyce
IPC分类号： G06F15/16
CPC分类号： H04L63/123 , H04L63/14
摘要： The invention is directed to techniques for allowing a user to remotely interrogate a target computing device in order to collect and analyze computer evidence that may be stored on the target computing device. A forensic device receives input from a remote user that identifies computer evidence to acquire from the target computing device. The forensic device acquires the computer evidence from the target computing device and presents a user interface for the forensic device through which the remote user views the computer evidence acquired from the target computing device. In this manner, forensic device allows the user to interrogate the target computing device to acquire the computer evidence without seizing or otherwise “shutting down” the target device.
摘要翻译：本发明涉及允许用户远程询问目标计算设备以便收集和分析可存储在目标计算设备上的计算机证据的技术。取证设备从远程用户接收识别计算机证据以从目标计算设备获取的输入。取证设备从目标计算设备获取计算机证据，并为远程用户查看从目标计算设备获取的计算机证据的法医设备的用户界面。以这种方式，取证设备允许用户询问目标计算设备以获取计算机证据，而不占用或以其他方式“关闭”目标设备。

9. 发明申请

US20100235919A1 ATTACK CORRELATION USING MARKED INFORMATION 有权
标题翻译：使用标记信息进行攻击相关
公开(公告)号：US20100235919A1
公开(公告)日：2010-09-16
申请号：US12782614
申请日：2010-05-18
申请人： Frank N. Adelstein , Haim Bar , Prasanth Alla , Nikita Proskourine
发明人： Frank N. Adelstein , Haim Bar , Prasanth Alla , Nikita Proskourine
IPC分类号： G06F12/14
CPC分类号： H04L63/1425 , H04L63/1491
摘要： Techniques are described for providing security to a protected network. Techniques are described for thwarting attempted network attacks using marked information. The attack correlation system provides marked information to computing devices that probe for sensitive information, and monitors subsequent communications for use of the marked information. In one example, the attack correlation system reroutes communications containing the marked information to a dedicated vulnerable device that logs the communications to monitor the attackers' methods. The attack correlation system may also include functionality to exchange information regarding attempted attacks with other attack correlation systems to gain broader knowledge of attacks throughout one or more networks.
摘要翻译：描述了为受保护网络提供安全性的技术。描述了使用标记信息阻止尝试的网络攻击的技术。攻击相关系统为探测敏感信息的计算设备提供标记信息，并监视后续通信以使用标记信息。在一个示例中，攻击相关系统将包含标记信息的通信重新路由到专用易受攻击的设备，其记录通信以监视攻击者的方法。攻击相关系统还可以包括用于与其他攻击相关系统交换关于尝试攻击的信息以获得对一个或多个网络中的攻击的更广泛知识的功能。

10. 发明授权

US07496959B2 Remote collection of computer forensic evidence 有权
标题翻译：远程收集电脑取证证据
公开(公告)号：US07496959B2
公开(公告)日：2009-02-24
申请号：US10608767
申请日：2003-06-23
申请人： Frank N. Adelstein , Matthew A. Stillerman , Robert Joyce
发明人： Frank N. Adelstein , Matthew A. Stillerman , Robert Joyce
IPC分类号： H04L9/32
CPC分类号： H04L63/123 , H04L63/14
摘要： The invention is directed to techniques for allowing a user to remotely interrogate a target computing device in order to collect and analyze computer evidence that may be stored on the target computing device. A forensic device receives input from a remote user that identifies computer evidence to acquire from the target computing device. The forensic device acquires the computer evidence from the target computing device and presents a user interface for the forensic device through which the remote user views the computer evidence acquired from the target computing device. In this manner, forensic device allows the user to interrogate the target computing device to acquire the computer evidence without seizing or otherwise “shutting down” the target device.
摘要翻译：本发明涉及允许用户远程询问目标计算设备以便收集和分析可存储在目标计算设备上的计算机证据的技术。取证设备从远程用户接收识别计算机证据以从目标计算设备获取的输入。取证设备从目标计算设备获取计算机证据，并为远程用户查看从目标计算设备获取的计算机证据的法医设备的用户界面。以这种方式，取证设备允许用户询问目标计算设备以获取计算机证据，而不占用或以其他方式“关闭”目标设备。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式