Remotely Analyzing Computer Forensic Evidence patent (# 7,496,959) issued to ATCorp

March 12, 2009, Eden Prairie, MN. Patent # 7,496,959 has been issued to Architecture Technology Corporation (ATCorp) for its innovative “transient utilities” technology, allowing remote acquisition and analysis of computer forensics evidence. The transient utility mechanism is the basis of ATCorp’s OnLine Digital Forensic Suite™ (OnLineDFS) software product. Principal inventors include digital forensics experts Drs. Frank Adelstein, Matt Stillerman, and Rob Joyce.

The patented invention relates to computer forensics and, more particularly, to techniques for remotely acquiring and analyzing computer forensic evidence residing on a target computer.

One common method for obtaining computer evidence is on-site inspections or seizure of the computer. Sometimes, a critical system cannot be taken down or rebooted, which severely limits a traditional investigation. Moreover, collecting evidence from a computer over time without being detected by a perpetrator of the crime, is difficult with many of these invasive techniques. OnLineDFS allows remote, non-disruptive analysis of running systems so that investigators can more easily conduct their investigations while system services continue to run and without the target’s operator being alerted to the investigation.

OnLineDFS performs forensic-quality investigations of live computers in networked environments. The OnLineDFS architecture does not use pre-installed agents on target systems. Thus, OnLineDFS is very simple and inexpensive to deploy, maintain and use, offering the best price/value in the industry.

OnLineDFS is designed for IT security professionals, service providers, and law enforcement professionals who need to conduct investigations of live computers for:

• incident response;
• compliance monitoring;
• e-discovery;
• criminal investigations.

OnLineDFS is a feature-rich tool which enables an investigator to capture and analyze volatile data (including the memory, running processes, open ports, process/port associations, and much more), as well as the full array of persistent data required for a forensic analysis. Because OnLineDFS was designed for conducting investigations over a network, it enables the investigation of target systems which are geographically remote as well as close-at-hand.

For more specific information on OnLineDFS, including training, see Cyber Security Technologies, Inc.

Architecture Technology Corporation (ATCorp) is an established advanced technology company which provides software intensive solutions for complex problems to various commercial and government organizations. For additional information about ATCorp and its products and services, see www.atcorp.com.