Computer forensic tool

US 8,793,795 B1
Filed: 01/06/2006
Issued: 07/29/2014
Est. Priority Date: 01/28/2005
Status: Active Grant

First Claim

Patent Images

1. A hardware accelerator for use with an analysis unit to analyze data on an external suspect device comprising a suspect computer or computer device, the hardware accelerator comprising:

a first interface for connecting to the external suspect device, the first interface being configured to transfer the data at a first data transfer rate, the first data transfer rate being limited by the first interface and the external suspect device;

a second interface for connecting to the analysis unit, the second interface being a high-speed interface comprising SATA, USB, 1394, or Ethernet and configured to transfer the data at a second data transfer rate, the second data transfer rate being limited by the second interface, the analysis unit, and the first data transfer rate; and

a processing unit comprising;

memory for storing instructions, firmware, or parameters received from the analysis unit via the second interface; and

a microprocessor and/or field programmable gate array (FPGA) for analyzing the data according to the instructions, firmware, or parameters,wherein the microprocessor and/or FPGA is configured to;

read the data from the external suspect device via the first interface at the first data transfer rate;

concurrently;

perform computer forensic analysis on the data, comprising searching, compressing, decompressing, or hashing the data, in accordance with the instructions, firmware, or parameters; and

transmit the data to the analysis unit via the second interface at the second data transfer rate; and

transmit results of the computer forensic analysis to the analysis unit,wherein the first data transfer rate and the second data transfer rate are not limited by the processing unit, andwherein the microprocessor and/or FPGA is further configured to analyze the data concurrently and without slowing the first data transfer rate or the second data transfer rate while the data passes through the hardware accelerator.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer forensic accelerator engine designed to speed up the forensic analysis process is disclosed. It is a device for use with an analysis device to analyze data on a suspect computer device, and includes a first interface for connecting to the suspect computer device, a second interface for connecting to the analysis device, and a processing unit programmed to read data from the suspect device via the first interface, perform analysis on the data, transmit the data to the analysis device via the second interface, and transmit results of the analysis to the analysis device via the second interface. A drive write protect module may be integrated in the computer forensic accelerator engine. The computer forensic accelerator engine allows data read from the suspect drive to be analyzed while acquiring the data. Also disclosed is a computer forensic analysis system and method using the computer forensic accelerator engine.

Citations

40 Claims

1. A hardware accelerator for use with an analysis unit to analyze data on an external suspect device comprising a suspect computer or computer device, the hardware accelerator comprising:
- a first interface for connecting to the external suspect device, the first interface being configured to transfer the data at a first data transfer rate, the first data transfer rate being limited by the first interface and the external suspect device;
  
  a second interface for connecting to the analysis unit, the second interface being a high-speed interface comprising SATA, USB, 1394, or Ethernet and configured to transfer the data at a second data transfer rate, the second data transfer rate being limited by the second interface, the analysis unit, and the first data transfer rate; and
  
  a processing unit comprising;
  
  memory for storing instructions, firmware, or parameters received from the analysis unit via the second interface; and
  
  a microprocessor and/or field programmable gate array (FPGA) for analyzing the data according to the instructions, firmware, or parameters,wherein the microprocessor and/or FPGA is configured to;
  
  read the data from the external suspect device via the first interface at the first data transfer rate;
  
  concurrently;
  
  perform computer forensic analysis on the data, comprising searching, compressing, decompressing, or hashing the data, in accordance with the instructions, firmware, or parameters; and
  
  transmit the data to the analysis unit via the second interface at the second data transfer rate; and
  
  transmit results of the computer forensic analysis to the analysis unit,wherein the first data transfer rate and the second data transfer rate are not limited by the processing unit, andwherein the microprocessor and/or FPGA is further configured to analyze the data concurrently and without slowing the first data transfer rate or the second data transfer rate while the data passes through the hardware accelerator.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 25)
- - 2. The hardware accelerator of claim 1, wherein the second interface has one port to be used for sending instructions, getting results, and transferring data between the hardware accelerator and the analysis unit.
  - 3. The hardware accelerator of claim 1, wherein the second interface hasa first port to be used for sending instructions and getting results, anda second port for transferring data between the hardware accelerator and the analysis unit.
  - 4. The hardware accelerator of claim 1, wherein the processing unit includes the FPGA for performing the described processing unit functions.
  - 5. The hardware accelerator of claim 1, wherein the processing unit includes the microprocessor for performing the described processing unit functions.
  - 6. The hardware accelerator of claim 1, wherein the microprocessor and/or FPGA is further configured toreceive the instructions or parameters from the analysis unit via the second interface, andperform the computer forensic analysis based on the instructions or parameters.
  - 7. The hardware accelerator of claim 1, further comprising a drive write protect module for preventing accidental write to the suspect device.
  - 8. The hardware accelerator of claim 1, wherein the analysis unit includes a data storage device for storing the data from the suspect device transmitted by the hardware accelerator.
  - 9. The hardware accelerator of claim 1 wherein the hardware accelerator is a computer forensic hardware accelerator.
  - 25. The hardware accelerator of claim 1, wherein the microprocessor and/or FPGA comprises dedicated hardware and firmware programmed and optimized for specific search along with data hashing, compression/decompression, and analysis algorithms optimized for computer forensic investigation.

10. A system adapted to analyze data on an external suspect computer device, the system comprising:
- a processing device adapted to analyze data obtained from the external suspect computer device; and
  
  a hardware accelerator connected to the processing device, the hardware accelerator comprising;
  
  a second interface for connecting to the processing device, the second interface being a high-speed interface comprising SATA, USB, 1394, or Ethernet and configured to transfer the data at a second data transfer rate, the second data transfer rate being limited by the second interface and the processing device;
  
  a first interface for connecting to the external suspect computer device, the first interface being configured to transfer the data at a first data transfer rate, the first data transfer rate being limited by the first interface and the external suspect computer device; and
  
  a processing unit comprising;
  
  memory for storing instructions, firmware, or parameters received from the processing device via the second interface; and
  
  a microprocessor and/or field programmable gate array (FPGA) for analyzing the data according to the instructions, firmware, or parameters,wherein the microprocessor and/or FPGA is adapted to;
  
  read the data from the external suspect device via the first interface at the first data transfer rate;
  
  concurrently;
  
  perform computer forensic analysis on the data, comprising searching, compressing, decompressing, or hashing the data, in accordance with the instructions, firmware, or parameters; and
  
  transmit the data to the processing device via the second interface at the second data transfer rate, the second data transfer rate being further limited by the first data transfer rate; and
  
  transmit results of the computer forensic analysis to the processing device,wherein the first data transfer rate and the second data transfer rate are not limited by the processing unit, andwherein the microprocessor and/or FPGA is further adapted to analyze the data concurrently and without slowing the first data transfer rate or the second data transfer rate while the data passes through the hardware accelerator.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The system of claim 10, wherein the processing unit includes the field programmable gate array for performing the described processing unit functions.
  - 12. The system of claim 10, wherein the processing unit includes the microprocessor for performing the described processing unit functions.
  - 13. The system of claim 10, wherein the microprocessor and/or FPGA is further adapted toreceive the instructions from the processing device, andperform the computer forensic analysis based on the instructions.
  - 14. The system of claim 10, wherein the hardware accelerator further includes a drive write protect module for preventing accidental write to the suspect device.
  - 15. The system of claim 10, wherein the processing device and the hardware accelerator are integrated in a single housing.
  - 16. The system of claim 10, wherein the processing device includes a data storage device for storing the data from the suspect computer device transmitted by the hardware accelerator.

17. A method for forensically analyzing data on a suspect computer device, comprising:
- connecting a hardware accelerator to a processing device via a second interface and to the suspect computer device via a first interface, the hardware accelerator being external to the suspect computer device and including a processing unit comprising memory and a microprocessor and/or field programmable gate array (FPGA), the memory being configured to store instructions, firmware, or parameters received from the processing device via the second interface, the microprocessor and/or FPGA being configured to analyze the data according to the instructions, firmware, or parameters, the first interface being configured to transfer the data at a first data transfer rate, the first data transfer rate being limited by the first interface and the suspect computer device, the second interface being a high-speed interface comprising SATA, USB, 1394, or Ethernet and configured to transfer the data at a second data transfer rate, the second data transfer rate being limited by the second interface, the processing device, and the first data transfer rate;
  
  reading the data from the suspect computer device into the hardware accelerator via the first interface at the first data transfer rate;
  
  concurrently;
  
  forensically analyzing the data by the hardware accelerator, comprising searching, compressing, decompressing, or hashing the data, in accordance with the instructions, firmware, or parameters; and
  
  transmitting the data from the hardware accelerator to the processing device via the second interface at the second data transfer rate; and
  
  transmitting results of the forensic analysis from the hardware accelerator to the processing device,wherein the first data transfer rate and the second data transfer rate are not limited by the processing unit, andwherein the forensically analyzing the data takes place concurrently and without slowing the first data transfer rate or the second data transfer rate while the data passes through the hardware accelerator.
- View Dependent Claims (18, 19)
- - 18. The method of claim 17, further comprising transmitting the instructions from the processing device to the hardware accelerator, wherein the forensically analyzing the data by the hardware accelerator comprises forensically analyzing the data based on the instructions.
  - 19. The method of claim 17, further comprising storing the data from the suspect computer device in the processing device or in a data storage device connected to the processing device.

20. A method for forensically analyzing data on a suspect computer device, comprising:
- connecting a computer forensic hardware accelerator to an analysis device via a second interface, the computer forensic hardware accelerator including a processing unit comprising memory and a microprocessor and/or field programmable gate array (FPGA), the memory being configured to store instructions, firmware, or parameters received from the analysis device via the second interface, the microprocessor and/or FPGA being configured to analyze the data according to the instructions, firmware, or parameters, the second interface being a high-speed interface comprising SATA, USB, 1394, or Ethernet and configured to transfer the data at a second data transfer rate, the second data transfer rate being limited by the second interface and the analysis device;
  
  connecting the computer forensic hardware accelerator to the suspect computer device via a first interface, the computer forensic hardware accelerator being external to the suspect computer device, the first interface being configured to transfer the data at a first data transfer rate, the first data transfer rate being limited by the first interface and the suspect computer device;
  
  programming search, compression, decompression, or hash parameters or instructions into the computer forensic hardware accelerator or sending the search, compression, decompression, or hash parameters or instructions to the computer forensic hardware accelerator via the second interface;
  
  reading the data from the suspect computer device into the computer forensic hardware accelerator via the first interface at the first data transfer rate;
  
  concurrently;
  
  forensically analyzing the data by the computer forensic hardware accelerator, comprising searching, compressing, decompressing, or hashing the data using the search, compression, decompression, or hash parameters or instructions; and
  
  transmitting the data from the computer forensic hardware accelerator to the analysis device via the second interface at the second data transfer rate, the second data transfer rate being further limited by the first data transfer rate; and
  
  transmitting the results of the forensic analysis from the computer forensic hardware accelerator to the analysis device,wherein the first data transfer rate and the second data transfer rate are not limited by the processing unit, andwherein the forensically analyzing the data takes place concurrently and without slowing the first data transfer rate or the second data transfer rate while the data passes through the hardware accelerator.
- View Dependent Claims (21, 22)
- - 21. The method of claim 20, further comprising transmitting the instructions from the analysis device to the computer forensic hardware accelerator, wherein the forensically analyzing the data by the computer forensic hardware accelerator comprises forensically analyzing the data based on the instructions.
  - 22. The method of claim 20, further comprising storing the data from the suspect computer device in the analysis device or in a data storage device connected to the analysis device.

23. A method for analyzing data on a multiplicity of suspect computer devices using a respective multiplicity of hardware accelerators, comprising:
- connecting each hardware accelerator of the multiplicity of hardware accelerators to a respective suspect computer device of the multiplicity of suspect computer devices via a respective first interface, each hardware accelerator being external to the respective suspect computer device, each first interface being configured to transfer the data at a respective first data transfer rate, each first data transfer rate being limited by the respective first interface and the respective suspect computer device;
  
  connecting the multiplicity of hardware accelerators together with a high speed data transfer mechanism comprising SATA, USB, 1394, or Ethernet via a respective multiplicity of second interfaces, each hardware accelerator including a processing unit comprising memory and a microprocessor and/or field programmable gate array (FPGA), the memory being configured to store instructions, firmware, or parameters received from an analysis device via a respective second interface of the multiplicity of second interfaces, the microprocessor and/or FPGA being configured to store the data according to the instructions, firmware, or parameters, each second interface of the multiplicity of second interfaces being configured to transfer the data at a respective second data transfer rate, each second data transfer rate being limited by the respective second interface, the high speed data transfer mechanism, the analysis device, and the respective first data transfer rate; and
  
  connecting the analysis device to the high speed data transfer mechanism,wherein each hardware accelerator is configured to;
  
  read the data from the respective suspect computer device via the respective first interface at the respective first data transfer rate;
  
  concurrently;
  
  perform computer forensic analysis on the data, comprising searching, compressing, decompressing, or hashing the data, in accordance with the instructions, firmware, or parameters; and
  
  transmit the data to the analysis device via the respective second interface at the respective second data transfer rate; and
  
  transmit results of the respective computer forensic analysis to the analysis device,wherein the respective first data transfer rate and the respective second data transfer rate are not limited by the processing unit, andwherein each hardware accelerator is further configured to analyze the data concurrently and without slowing the respective first data transfer rate or the respective second data transfer rate while reading the data from the respective suspect computer device.

24. A method for analyzing data on a multiplicity of suspect computer devices using a respective multiplicity of hardware accelerators, comprising:
- connecting each hardware accelerator of the multiplicity of hardware accelerators to a respective suspect computer device of the multiplicity of suspect computer devices via a respective first interface, each hardware accelerator being external to the respective suspect computer device, each first interface being configured to transfer the data at a respective first data transfer rate, each first data transfer rate being limited by the respective first interface and the respective suspect computer device;
  
  connecting the multiplicity of hardware accelerators together with a high speed data transfer mechanism comprising SATA, USB, 1394, or Ethernet via a respective multiplicity of second interfaces, each hardware accelerator including a processing unit comprising memory and a microprocessor and/or field programmable gate array (FPGA), the memory being configured to store instructions, firmware, or parameters received from one of a multiplicity of analysis devices via a respective second interface of the multiplicity of second interfaces, the microprocessor and/or FPGA being configured to analyze the data according to the instructions, firmware, or parameters, each second interface of the multiplicity of second interfaces being configured to transfer the data at a respective second data transfer rate, each second data transfer rate being limited by the respective second interface, the high speed data transfer mechanism, the one of the multiplicity of analysis devices, and the respective first data transfer rate; and
  
  connecting the multiplicity of analysis devices to the high speed data transfer mechanism,wherein each hardware accelerator is configured to;
  
  read the data from the respective suspect computer device via the respective first interface at the respective first data transfer rate;
  
  concurrently;
  
  perform computer forensic analysis on the data, comprising searching, compressing, decompressing, or hashing the data, in accordance with the instructions, firmware, or parameters; and
  
  transmit the data to the one of the multiplicity of analysis devices via the respective second interface at the respective second data transfer rate; and
  
  transmit results of the respective computer forensic analysis to the one of the multiplicity of analysis devices,wherein the respective first data transfer rate and the respective second data transfer rate are not limited by the processing unit, andwherein each hardware accelerator is further configured to analyze the data concurrently and without slowing the respective first data transfer rate or the respective second data transfer rate while reading the data from the respective suspect computer device.

26. A hardware accelerator for use with an analysis unit to analyze suspect data from the analysis unit, comprising:
- a high-speed interface for connecting to the analysis unit, the high-speed interface comprising SATA, USB, 1394, or Ethernet and configured to transfer the suspect data at a data transfer rate, the data transfer rate being limited by the high-speed interface and the analysis unit; and
  
  a processing unit comprising;
  
  memory for storing instructions, firmware, or parameters received from the analysis unit via the high-speed interface; and
  
  a microprocessor and/or field programmable gate array (FPGA) for analyzing the suspect data according to the instructions, firmware, or parameters,wherein the microprocessor and/or FPGA is configured to;
  
  concurrently;
  
  read the suspect data from the analysis unit via the high-speed interface at the data transfer rate; and
  
  perform computer forensic analysis on the suspect data, comprising searching, compressing, decompressing, or hashing the suspect data, in accordance with the instructions, firmware, or parameters; and
  
  transmit results of the computer forensic analysis to the analysis unit via the high-speed interface at the data transfer rate,wherein the data transfer rate is not limited by the processing unit, andwherein the microprocessor and/or FPGA is further configured to analyze the suspect data concurrently and without slowing the data transfer rate while reading the suspect data from and transmitting the results of the computer forensic analysis to the analysis unit.

27. A hardware accelerator for use with a multiplicity of analysis units to analyze suspect data from the multiplicity of analysis units, the hardware accelerator comprising:
- an interface for connecting to a high speed data transfer mechanism comprising SATA, USB, 1394, or Ethernet, the multiplicity of analysis units being connected to the high speed data transfer mechanism, the interface being configured to transfer the suspect data at a data transfer rate, the data transfer rate being limited by the interface and one or more of the multiplicity of analysis units; and
  
  a processing unit comprising;
  
  memory for storing instructions, firmware, or parameters received from the one or more of the multiplicity of analysis units via the interface; and
  
  a microprocessor and/or field programmable gate array (FPGA) for analyzing the suspect data according to the instructions, firmware, or parameters,wherein the microprocessor and/or FPGA is configured to;
  
  concurrently;
  
  read the suspect data from the one or more of the multiplicity of analysis units via the interface at the data transfer rate; and
  
  perform computer forensic analysis on the suspect data, comprising searching, compressing, decompressing, or hashing the suspect data, in accordance with the instructions, firmware, or parameters; and
  
  transmit results of the computer forensic analysis to the one or more of the multiplicity of analysis units via the interface at the data transfer rate,wherein the data transfer rate is not limited by the processing unit, andwherein the microprocessor and/or FPGA is further configured to analyze the suspect data concurrently and without slowing the data transfer rate while reading the suspect data from and transmitting the results of the computer forensic analysis to the one or more of the multiplicity of analysis units.

28. A multiplicity of hardware accelerators for use with an analysis unit to analyze suspect data from the analysis unit, each hardware accelerator of the multiplicity of hardware accelerators comprising:
- an interface for connecting to a high speed data transfer mechanism comprising SATA, USB, 1394, or Ethernet, the analysis unit being connected to the high speed data transfer mechanism, the interface being configured to transfer the suspect data at a respective data transfer rate, the respective data transfer rate being limited by the interface and the analysis unit; and
  
  a processing unit comprising;
  
  memory for storing instructions, firmware, or parameters received from the analysis unit via the interface; and
  
  a microprocessor and/or field programmable gate array (FPGA) for analyzing the suspect data according to the instructions, firmware, or parameters,wherein the microprocessor and/or FPGA is configured to;
  
  concurrently;
  
  read the suspect data from the analysis unit via the interface at the respective data transfer rate; and
  
  perform computer forensic analysis on the suspect data, comprising searching, compressing, decompressing, or hashing the suspect data, in accordance with the instructions, firmware, or parameters; and
  
  transmit results of the computer forensic analysis to the analysis unit via the interface at the respective data transfer rate,wherein the respective data transfer rate is not limited by the processing unit, andwherein the microprocessor and/or FPGA is further configured to analyze the suspect data concurrently and without slowing the respective data transfer rate while reading the suspect data from and transmitting the results of the computer forensic analysis to the analysis unit.

29. A hardware accelerator for use with an analysis unit to analyze data on an external computer or computer device, the hardware accelerator comprising:
- a first interface for connecting to the external computer or computer device, the first interface being configured to transfer the data at a first data transfer rate, the first data transfer rate being limited by the first interface and the external computer or computer device;
  
  a second interface for connecting to the analysis unit, the second interface being a high-speed interface comprising SATA, USB, 1394, or Ethernet and configured to transfer the data at a second data transfer rate, the second data transfer rate being limited by the second interface, the analysis unit, and the first data transfer rate; and
  
  a processing unit comprising;
  
  memory for storing instructions, firmware, or parameters received from the analysis unit via the second interface; and
  
  a microprocessor and/or field programmable gate array (FPGA) for pre-processing and analyzing the data according to the instructions, firmware, or parameters,wherein the microprocessor and/or FPGA is configured to;
  
  read the data from the external computer or computer device via the first interface at the first data transfer rate;
  
  pre-process the data, comprising one of searching, compressing, decompressing, or hashing the data, in accordance with the instructions, firmware, or parameters;
  
  concurrently;
  
  perform analysis on the data in addition to pre-processing the data, comprising another one of searching, compressing, decompressing, or hashing the data, in accordance with the instructions, firmware, or parameters; and
  
  transmit the data to the analysis unit via the second interface at the second data transfer rate; and
  
  transmit results of the analysis to the analysis unit,wherein the first data transfer rate and the second data transfer rate are not limited by the processing unit, andwherein the microprocessor and/or FPGA is further configured to analyze the data concurrently and without slowing the first data transfer rate or the second data transfer rate while the data passes through the hardware accelerator.
- View Dependent Claims (30, 31, 32)
- - 30. The hardware accelerator of claim 29, wherein the pre-processing the data comprises compressing or decompressing the data.
  - 31. The hardware accelerator of claim 29, wherein the pre-processing the data comprises hashing the data.
  - 32. The hardware accelerator of claim 29, wherein the pre-processing the data comprises searching the data.

33. A system adapted to analyze data on an external computer device, the system comprising:
- a processing device adapted to analyze data obtained from the external computer device;
  
  a hardware accelerator connected to the processing device, the hardware accelerator comprising;
  
  a second interface for connecting to the processing device, the second interface being a high-speed interface comprising SATA, USB, 1394, or Ethernet and configured to transfer the data at a second data transfer rate, the second data transfer rate being limited by the second interface and the processing device;
  
  a first interface for connecting to the external computer device, the first interface being configured to transfer the data at a first data transfer rate, the first data transfer rate being limited by the first interface and the external computer device; and
  
  a processing unit comprising;
  
  memory for storing instructions, firmware, or parameters received from the processing device via the second interface; and
  
  a microprocessor and/or field programmable gate array (FPGA) for pre-processing and analyzing the data according to the instructions, firmware, or parameters,wherein the microprocessor and/or FPGA is adapted to;
  
  read the data from the external computer device via the first interface at the first data transfer rate;
  
  pre-process the data, comprising one of searching, compressing, decompressing, or hashing the data, in accordance with the instructions, firmware, or parameters;
  
  concurrently;
  
  perform analysis on the data in addition to pre-processing the data, comprising another one of searching, compressing, decompressing, or hashing the data, in accordance with the instructions, firmware, or parameters; and
  
  transmit the data to the processing device via the second interface at the second data transfer rate, the second data transfer rate being further limited by the first data transfer rate; and
  
  transmit results of the analysis to the processing device,wherein the first data transfer rate and the second data transfer rate are not limited by the processing unit, andwherein the microprocessor and/or FPGA is further adapted to analyze the data concurrently and without slowing first data transfer rate or the second data transfer rate while the data passes through the hardware accelerator.
- View Dependent Claims (34, 35, 36)
- - 34. The system of claim 33, wherein the pre-processing the data comprises compressing or decompressing the data.
  - 35. The system of claim 33, wherein the pre-processing the data comprises hashing the data.
  - 36. The system of claim 33, wherein the pre-processing the data comprises searching the data.

37. A method for analyzing data on a computer device, comprising:
- connecting a hardware accelerator to a processing device via a second interface and to the computer device via a first interface, the hardware accelerator being external to the computer device and including a processing unit comprising memory and a microprocessor and/or field programmable gate array (FPGA), the memory being configured to store instructions, firmware, or parameters received from the processing device via the second interface, the microprocessor and/or FPGA being configured to pre-process and analyze the data according to the instructions, firmware, or parameters, the first interface being configured to transfer the data at a first data transfer rate, the first data transfer rate being limited by the first interface and the computer device, the second interface being a high-speed interface comprising SATA, USB, 1394, or Ethernet and configured to transfer the data at a second data transfer rate, the second data transfer rate being limited by the second interface, the processing device, and the first data transfer rate;
  
  reading the data from the computer device into the hardware accelerator via the first interface at the first data transfer rate;
  
  pre-processing the data, comprising one of searching, compressing, decompressing, or hashing the data, in accordance with the instructions, firmware, or parameters;
  
  concurrently;
  
  analyzing the data by the hardware accelerator in addition to pre-processing the data, comprising another one of searching, compressing, decompressing, or hashing the data, in accordance with the instructions, firmware, or parameters; and
  
  transmitting the data from the hardware accelerator to the processing device at the second data transfer rate; and
  
  transmitting results of the analysis from the hardware accelerator to the processing device,wherein the first data transfer rate and the second data transfer rate are not limited by the processing unit, andwherein the analyzing the data takes place concurrently and without slowing the first data transfer rate or the second data transfer rate while the data passes through the hardware accelerator.
- View Dependent Claims (38, 39, 40)
- - 38. The method of claim 37, wherein the pre-processing the data comprises compressing or decompressing the data.
  - 39. The method of claim 37, wherein the pre-processing the data comprises hashing the data.
  - 40. The method of claim 37, wherein the pre-processing the data comprises searching the data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intelligent Computer Solutions Incorporated
Original Assignee
Intelligent Computer Solutions Incorporated
Inventors
Ravid, Gonen
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
Le, David

Application Number

US11/327,205
Time in Patent Office

3,126 Days
Field of Search

726 21- 36, 713/188
US Class Current

726/24
CPC Class Codes

G06F 21/55   Detecting local intrusion o...

G06F 21/567   using dedicated hardware

G06F 21/78   to assure secure storage of...

G06F 2221/2153   Using hardware token as a s...

Computer forensic tool

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

40 Claims

Specification

Solutions

Use Cases

Quick Links

Computer forensic tool

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

40 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links