System and method for providing remote forensics capability
US7899882B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 11, 2008 |
| Grant date | Mar 1, 2011 |
| Priority date | — |
| Expiry date | Nov 21, 2028 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system and method for performing a forensic analysis of a subject computer having a non-volatile memory with a second computer is provided. In one embodiment, the method includes executing on the subject computer a first code segment configured to provide communications via a non-proprietary communication protocol such as the Internet Small Computer System Interface (iSCSI) protocol; establishing a connection between the second computer and the subject computer via the non-proprietary communication protocol. The non-proprietary communication protocol includes one or more write operations for writing data to a non-volatile memory in response to one or more write commands and the first code segment is configured to not write data to the non-volatile memory of the subject computer in response to receipt of the one or more write commands. The method may include performing a first forensic analysis of the subject computer via the connection. In addition, the method may further comprise establishing a secure connection, such via the Internet, between the second computer and a remote computer, wherein performing the first forensic analysis is initiated by the remote computer. A pre-defi…
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.