Digital forensics and incident response system, has processor for detecting indicators of compromise, identifying suspicious activities from analyzed evidence data, and correlating artifacts to uncover patterns of malicious behavior
	KUMAR A; RAJ G; ASTYA R; NAND P; SHARMA A K; CHOUDHARY V; SAPNA; GAUTAM T; SHARMA A; ALAM M A; MAIRAJUDDEEN
	2025-03-26
专利权人	UNIV SHARDA (UYSH-Non-standard)
申请日期	2025-03-26
专利号	IN202511028808-A
成果简介	NOVELTY - The system (102) has a processor (104) to receive evidence data from computing devices (130) by establishing secure communication channels to collect data, and perform cryptographic hashing to verify data integrity upon receipt, and dynamically allocating system resources for optimal data processing. The processor automates import, scanning, and analysis of the received evidence data by utilizing pre-configured workflows to parse file systems, extract metadata, and correlate system logs, registry entries, and network activity for threats. The processor detects indicators of compromise (IOCs), identifies suspicious activities from the analyzed evidence data, and correlates artifacts to uncover patterns of malicious behavior. USE - Digital forensics and incident response system. ADVANTAGE - The system provides enhanced efficiency in digital forensic investigations by automating complex data collection and analysis tasks, thus reducing time required to process vast amounts of digital evidence and accelerating incident response process. The system provides improved accuracy in threat detection by leveraging advanced techniques to correlate evidence sources, thus enabling investigators to identify hidden patterns and complex attack behaviors that can be overlooked in manual analysis. The system provides accessibility for users with varying levels of technical expertise by offering an intuitive interface and automated workflows, thus lowering a barrier for entry and empowering non-expert users to conduct effective investigations. The system provides comprehensive reporting capabilities by generating detailed, easy-to-understand reports that include threat timelines, system component impact, and actionable mitigation recommendations, thus allowing organizations to make informed security decisions. DETAILED DESCRIPTION - An INDEPENDENT CLAIM is also included for a digital forensics and incident response method. DESCRIPTION OF DRAWING(S) - The drawing shows a schematic block diagram of a digital forensics and incident response system 102Digital forensics and incident response system 104Processor 106Memory 130Computing devices 132Communication unit
IPC 分类号	G06F-016/48 ; G06F-021/54 ; G06N-020/00 ; H04L-009/32 ; H04L-009/40
国家	印度
专业领域	信息技术
语种	英语
成果类型	专利
文献类型	科技成果
条目标识符	http://119.78.100.226:8889/handle/3KE4DYBR/13503
专题	中国科学院新疆生态与地理研究所
作者单位	UNIV SHARDA (UYSH-Non-standard)
推荐引用方式 GB/T 7714	KUMAR A,RAJ G,ASTYA R,et al. Digital forensics and incident response system, has processor for detecting indicators of compromise, identifying suspicious activities from analyzed evidence data, and correlating artifacts to uncover patterns of malicious behavior. IN202511028808-A[P]. 2025.

条目包含的文件
条目无相关文件。

除非特别说明，本系统中所有内容都受版权保护，并保留所有权利。