Patent · US Active

Cloud forensics and incident response platform

US11113388B2 · kind B2 · utility

1Cited by

1References

21Claims

0Family size

Assignee

National Technology & Engineering Solutions of Sandia, LLC · US

Inventors

Vincent Urias · Albuquerque, US
Caleb Loverro · Albuquerque, US
William M. S. Stout · Albuquerque, US

Key dates

Filing date	Jul 31, 2018
Grant date	Sep 7, 2021
Priority date	—
Expiry date	Jan 27, 2040

Classification

Technology area (CPC G)Physics
CPC primaryG06F2009/45595
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A system, method, and device for cloud forensics and incident response is provided. In an embodiment, a computer-implemented method for performing cloud forensics and incident response includes intercepting, by a cloud incident response module (CIRM), communication between a virtual machine (VM) and a hypervisor. The method also includes extracting, by the CIRM, data from the communication between the VM and the hypervisor according to a forensic policy. Intercepting and extracting the data are transparent to the VM and to the hypervisor. Intercepting and extracting the data are independent of the VM and the hypervisor.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.