Systems and Methods For Wireless Network Forensics
First Claim
Patent Images
1. A method for storing data associated with monitoring a wireless network, the method comprising the steps of:
- a) receiving data from distributed monitoring devices;
b) classifying the data by type;
c) determining if a new absolute record is to be created based upon the type and upon a period since a previous absolute record was created;
d) based upon step c), storing the data in an absolute record indexed to the type and time;
e) storing the data in a differential record indexed to the type and time, wherein the differential record is derived from previous differential and absolute records of the same type and f) repeating steps a) through e)
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for wireless forensics. Systems and methods can store data received from a wireless network. The data is stored utilizing differential records, thereby enabling query and expression processing.
128 Citations
25 Claims
-
1. A method for storing data associated with monitoring a wireless network, the method comprising the steps of:
-
a) receiving data from distributed monitoring devices;
b) classifying the data by type;
c) determining if a new absolute record is to be created based upon the type and upon a period since a previous absolute record was created;
d) based upon step c), storing the data in an absolute record indexed to the type and time;
e) storing the data in a differential record indexed to the type and time, wherein the differential record is derived from previous differential and absolute records of the same type and f) repeating steps a) through e) - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for storing data associated with monitoring a wireless network in association with performing wireless network forensics, the method comprising the steps of:
-
a) receiving a type of data wherein the data comprises forensic information relating to the wireless network;
b) storing an absolute record of a type of data at a set time; and
c) storing subsequent data of the same type in a differential record, wherein the differential record is based on the previous absolute record. - View Dependent Claims (15)
-
-
16. A method of performing wireless network forensics, the method comprising the steps of:
-
a) submitting a query of wireless network forensic data based on a plurality of data types and a time interval;
b) parsing a set of differential and absolute records responsive to a query; and
c) displaying the plurality of records that satisfy the submitted query. - View Dependent Claims (17)
-
-
18. A wireless network forensics system, the system comprising:
-
a) a data store operable to store records; and
b) a network interface coupled to a network;
c) a system processor comprising one or more processing elements, wherein the system processor is in communication with the data store and the network interface and wherein the system processor is programmed or adapted to;
i. store data received from the network, wherein the data comprises forensic information relating to a wireless network;
ii. accept queries and expressions;
iii. retrieve and parse data from the data store; and
iv. display data responsive to queries and expressions. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25)
-
Specification