МЕТОД ЭКСПРЕСС-АНАЛИЗА СОБЫТИЙ, СВЯЗАННЫХ С ВОЗДЕЙСТВИЯМИ НА ФАЙЛЫ, ПРЕДНАЗНАЧЕННЫЙ ДЛЯ РАССЛЕДОВАНИЯ ИНЦИДЕНТОВ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ

Resultado de pesquisa: Article

Resumo

The article offers a method for rapid analysis of information security events based on the representation of an incident as a set of events consisting of impacts on files. The method involves using a database of identified impact templates, where initial data is the NTFS volume change log entries - SUsnJrnl. An algorithm for searching and classifying impacts on the files using templates is considered. The proposed method of rapid analysis allows you to determine the order of events within the framework of the incident under investigation, reducing the number of analyzed data arrays to one - SUsnJrnl log.
Título traduzido da contribuiçãoA METHOD FOR RAPID ANALYSIS OF EVENTS RELATED TO IMPACTS ON FILES DESIGNED TO INVESTIGATE INFORMATION SECURITY INCIDENTS
Idioma originalRussian
Páginas (de-até)3-10
Número de páginas8
RevistaВестник СибГУТИ
Número de emissão4 (52)
Estado da publicaçãoPublished - 2020

GRNTI

  • 50.00.00 AUTOMATION. COMPUTER ENGINEERING

Level of Research Output

  • VAK List

Impressão digital Mergulhe nos tópicos de investigação de “МЕТОД ЭКСПРЕСС-АНАЛИЗА СОБЫТИЙ, СВЯЗАННЫХ С ВОЗДЕЙСТВИЯМИ НА ФАЙЛЫ, ПРЕДНАЗНАЧЕННЫЙ ДЛЯ РАССЛЕДОВАНИЯ ИНЦИДЕНТОВ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ“. Em conjunto formam uma impressão digital única.

Citar isto