SYSTEM AND METHOD FOR COLLECTING FORENSIC DATA VIA A MOBILE DEVICE

US 20140244522A1
Filed: 02/27/2014
Published: 08/28/2014
Est. Priority Date: 02/28/2013
Status: Active Grant

First Claim

Patent Images

1. A method for conducting forensic investigations by investigators on an investigations field, the method comprising:

receiving, by a processor, a digital search warrant including one or more search parameters for conducting a forensic investigation;

notifying a mobile device, by the processor, of the digital search warrant;

receiving, by the processor, a user command to download the digital search warrant in response to the notifying; and

downloading, by the processor, the digital search warrant to the mobile device in response to the received user command, wherein the digital search warrant is configured to be electronically parsed by the mobile device for automatically identifying and collecting data from a target device in the investigations field during a forensic investigation, wherein the automatically identifying and collecting of the data from the target device is done without modifying a state of the target device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for conducting forensic investigations by investigators on an investigations field using a mobile device. A digital search warrant is downloaded to the mobile device prior to conducting the forensic investigation. The digital search warrant defines the search parameters of the search to be conducted, including key terms, file types, and the like. The mobile device is coupled to a target device in the investigations field that is the subject of the forensic investigation. The mobile device parses the digital search warrant and automatically identifies and collects data from the target device based on the parsed digital search warrant. The automatically identifying and collecting of the data is done without modifying a state of the target device to retain forensic integrity during the investigation process.

12 Citations

View as Search Results

23 Claims

1. A method for conducting forensic investigations by investigators on an investigations field, the method comprising:
- receiving, by a processor, a digital search warrant including one or more search parameters for conducting a forensic investigation;
  
  notifying a mobile device, by the processor, of the digital search warrant;
  
  receiving, by the processor, a user command to download the digital search warrant in response to the notifying; and
  
  downloading, by the processor, the digital search warrant to the mobile device in response to the received user command, wherein the digital search warrant is configured to be electronically parsed by the mobile device for automatically identifying and collecting data from a target device in the investigations field during a forensic investigation, wherein the automatically identifying and collecting of the data from the target device is done without modifying a state of the target device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the one or more search parameters include one or more search terms.
  - 3. The method of claim 1, wherein the one or more search parameters include one or more file types.
  - 4. The method of claim 1, wherein the mobile device is a cellular phone.
  - 5. The method of claim 1, wherein the collected data is stored in a memory of the mobile device.
  - 6. The method of claim 1, wherein the digital search warrant is downloaded to the mobile device from a website.
  - 7. The method of claim 1, wherein the mobile device is configured to be coupled to the target device over a universal serial bus port, wherein the data from the target device is collected over the universal serial bus port.

8. A method for conducting forensic investigations by investigators on an investigations field, the method comprising:
- downloading a digital search warrant to a mobile device, the digital search warrant including one or more search parameters;
  
  coupling the mobile device to a target device in the investigations field;
  
  parsing the digital search warrant by the mobile device; and
  
  automatically identifying and collecting by the mobile device data from the target device based on the parsed digital search warrant during a forensic investigation, wherein the automatically identifying and collecting of the data is done without modifying a state of the target device.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The method of claim 8, wherein the one or more search parameters include one or more search terms.
  - 10. The method of claim 8, wherein the one or more search parameters include one or more file types.
  - 11. The method of claim 8, wherein the mobile device is a cellular phone.
  - 12. The method of claim 8, wherein the collected data is stored in a memory of the mobile device.
  - 13. The method of claim 8, wherein the mobile device is coupled to the target device over a universal serial bus port, wherein the data from the target device is collected over the universal serial bus port.
  - 14. The method of claim 8, wherein the mobile device stores an operating system, wherein the operating system is configured to be invoked by the target device during a reboot of the target device.
  - 15. The method of claim 14, wherein the mobile device stores instructions for conducting the forensic investigation of the target device, wherein the operating system automatically invokes the instructions for conducting the forensic investigation.

16. The method of claim 16, wherein the instructions for conducting the forensic investigation includes instructions for parsing the digital search warrant, and identifying and collecting the data from the target device.

17. The method of claim 17, wherein the instructions for conducting the forensic investigation includes instructions for blocking write commands directed to the target device.

18. A server for conducting forensic investigations by investigators on an investigations field, the server comprising:
- a processor; and
  
  a memory, wherein the memory stores instructions that, when executed by the processor, cause the processor to;
  
  receive a digital search warrant including one or more search parameters for conducting a forensic investigation;
  
  notify a mobile device of the digital search warrant;
  
  receive a user command to download the digital search warrant in response to the notifying; and
  
  download the digital search warrant to the mobile device in response to the received user command, wherein the digital search warrant is configured to be electronically parsed by the mobile device for automatically identifying and collecting data from a target device in the investigations field during a forensic investigation, wherein the automatically identifying and collecting of the data from the target device is done without modifying a state of the target device.
- View Dependent Claims (19, 20, 21, 22, 23)
- - 19. The server of claim 18, wherein the one or more search parameters include one or more search terms.
  - 20. The server of claim 18, wherein the one or more search parameters include one or more file types.
  - 21. The server of claim 18, wherein the mobile device is a cellular phone.
  - 22. The server of claim 18, wherein the mobile device is configured to store the collected data in a memory of the mobile device.
  - 23. The server of claim 18, wherein the digital search warrant is downloaded to the mobile device from a website.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Open Text Holdings, Inc. (Open Text Corporation)
Original Assignee
Guidance Software Incorporated (Open Text Corporation)
Inventors
McCreight, Shawn

Granted Patent

US 10,740,858 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/311
CPC Class Codes

G06Q 10/06   Resources, workflows, human...

G06Q 50/26   Government or public servic...

H04W 4/00   Services specially adapted ...

H04W 4/38   for collecting sensor infor...

SYSTEM AND METHOD FOR COLLECTING FORENSIC DATA VIA A MOBILE DEVICE

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

23 Claims

Specification

Use Cases

Quick Links

Others

SYSTEM AND METHOD FOR COLLECTING FORENSIC DATA VIA A MOBILE DEVICE

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

23 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others