DooKey
[H]F Junkie
- Joined
- Apr 25, 2001
- Messages
- 13,554
Cybersecurity researchers at the Georgia Institute of Technology are working to automate the process that investigators use to pinpoint how intruders enter a network, what data they took, and which computer were compromised. It's known as Refinable Attack INvestigation (RAIN) and it will provide detailed report of the intrusion. RAIN is just the product that the cybersecurity world is looking for because it will significantly speed up investigations of intrusions and allow counter-measures to be fielded faster once the details of the intrusion are identified.
In addition to its selectivity in recording events, RAIN creates a multi-level review capability that is coarse at first, then more detailed when specific events of interest are identified. Timing of the activities -- the inputs, environment and resulting actions -- are also synchronized to help investigators understand a complex sequence of activities.
In addition to its selectivity in recording events, RAIN creates a multi-level review capability that is coarse at first, then more detailed when specific events of interest are identified. Timing of the activities -- the inputs, environment and resulting actions -- are also synchronized to help investigators understand a complex sequence of activities.