Automated Forensic Document Fingerprinting
Section: For Industry
Category(ies): Computer Science
Reference #: SHTH223002
OTC Contact: David Humphrey (Directory Information | Send a Message)
Description
A novel, proactive approach for computer forensic investigations has been developed. For every file or database entry that is created, deleted, modified, or copied, a small amount of information about the file or database entry called a signature is created and securely stored. The fingerprints of the present invention are digital digests of the content of the target file. The fingerprints are small, take up little storage space, and are easy to compute. The fingerprints can identify a file or database entry by its content and can accommodate small format modifications. When provided with a document of interest, a query signature can be created. Stored signatures are then retrieved from storage and compared to the query signature. The comparison can be performed on signatures, the fingerprints within the signatures, or on both. The invention allows for user misuse detection by allowing detection of modification, copies, movement, or deletions of the specified files since the system captures the user operation. The invention also allows for detection of unauthorized network communication of sensitive information.
Applications
- Detection of unauthorized network communication of sensitive information.
- Detection of document or file misuse including copying, deletion, and modification
- Evidence discovery based on an individual user
- Program can also detect when a document is atypical for a certain user
- Invention can also be used for intrusion response since the signatures of files associated with the attack can be recovered. The recovered signatures can be used to examine across systems for similar intrusion and provide early detection to prevent intrusion from similar attack.
Advantages
Stage of Development
Stage of Development: Software is undergoing beta testing.
Inventors: Dr. Thomas Shields, Dr. Ophir Frieder, and Dr. Marcus Maloof
Relevant Publications
No references or resources available.
Patent Status
U.S. and Foreign Rights Protected.
