IMPROVEMENTS IN OR RELATING TO DIGITAL FORENSICS
First Claim
Patent Images
1. A digital forensic analysis method comprising the steps of:
- collecting system call data from a digital computing system (DCS);
converting the system call data to a sequence format;
selecting from a system call sequence database a test sequence of system calls; and
performing a sequence matching step to detect matches between the test sequence of system calls and the system call data collected from the DCS.
6 Assignments
0 Petitions
Accused Products
Abstract
New digital forensic techniques and systems are disclosed. System call information is collected from a device under test (DUT) and converted to a sequence format. Thereafter, sequence alignment methods and tools can be used to investigate and identify patterns of behaviour that are suspicious.
-
Citations
32 Claims
-
1. A digital forensic analysis method comprising the steps of:
-
collecting system call data from a digital computing system (DCS); converting the system call data to a sequence format; selecting from a system call sequence database a test sequence of system calls; and performing a sequence matching step to detect matches between the test sequence of system calls and the system call data collected from the DCS. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 31, 32)
-
-
18. A digital forensic system comprising:
-
data collection means for collecting system call data from a digital computing system (DCS); data formatting means arranged to convert the collected system call data to a sequence format; and sequence matching means arranged to detect a match between said collected system call data and a test sequence of system calls. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A system call sequence database comprising as entries system call sequences generated from running test scenarios on a DCS.
Specification