Systems and methods for enterprise-wide data identification data sharing and management
First Claim
1. A method of automatically identifying relevant data during a digital forensic investigation, the method comprising:
- extracting raw data from one or more digital data sources, thereby producing extracted unknown raw data;
determining which ones of a plurality of one or more identification modules, the unknown raw data should be delivered to for processing wherein the determination is based on categories of data comprising the extracted unknown raw data;
within the determined ones of the identification modules, any relevant data in the extracted unknown raw data, wherein relevant data are one of data identical to and similar to the extracted unknown raw data; and
transmitting a signal if there is any suspect data, whereby relevant data are identified are automatically, without intervention by a human being.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of automatically identifying relevant or suspect data during a digital forensic investigation is described. Software accepts as input raw data which are extracted from various digital data sources. The software or digital forensic and data identification application determines to which one or more identification modules the unknown raw data should be delivered to for processing. This determination is based on the type of data in the extracted raw data coming into the application. Suspect or relevant data that are identified includes that data that are identical to or similar to the extracted unknown raw data. If there are suspect data, the application transmits a message or alert to interested parties or stores the findings/report on an a storage device. In this manner, the suspect data are identified automatically, without intervention by a human being. The identification modules are invoked in a search markup language interpreter and the one or more identification modules are expressed in a search markup language specifically for digital forensics and receives parameters from the search language for processing.
-
Citations
3 Claims
-
1. A method of automatically identifying relevant data during a digital forensic investigation, the method comprising:
-
extracting raw data from one or more digital data sources, thereby producing extracted unknown raw data;
determining which ones of a plurality of one or more identification modules, the unknown raw data should be delivered to for processing wherein the determination is based on categories of data comprising the extracted unknown raw data;
within the determined ones of the identification modules, any relevant data in the extracted unknown raw data, wherein relevant data are one of data identical to and similar to the extracted unknown raw data; and
transmitting a signal if there is any suspect data, whereby relevant data are identified are automatically, without intervention by a human being. - View Dependent Claims (2, 3)
-
Specification