Abstract
The study of computer incidents is an important area of activity in the field of information security. The paper considers a method for describing the properties of objects of computer equipment to ensure post-incident audit. The investigation of incidents is considered by analyzing the properties of objects of volatile memory, non-volatile memory, and network traffic. These properties are presented as a set of attributes and are analyzed by applying graph theory. To solve the final problem of determining and formalizing a computer incident, various algorithms on graphs and sets of properties can be used. The paper presents a computational experiment of post-incident audit of computer equipment by the example of determining a computer incident. The presented method minimizes the amount of information processed by using only attributes for analysis.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
