Cybersecurity Incident Response and Forensics: Comparative Analysis and Proposals for Improvement

  • Unique Paper ID: 167700
  • Volume: 11
  • Issue: 4
  • PageNo: 197-201
  • Abstract:
  • In the rapidly evolving landscape of cybersecurity, the effectiveness of incident response and forensic techniques is critical for minimizing the impact of cyberattacks. This research paper compares several widely used techniques, including Security Information and Event Management (SIEM) systems, manual log analysis, automated incident response, Deep Packet Inspection (DPI), and machine learning-based anomaly detection. The comparative analysis focuses on detection accuracy, time to detect (TTD), time to respond (TTR), false positive rate (FPR), scalability, and resource consumption. The findings reveal that while machine learning-based systems offer the highest detection accuracy and scalability, they also require substantial computational resources. The paper concludes with recommendations for hybrid systems and resource optimization to enhance overall cybersecurity defenses

Copyright & License

Copyright © 2025 Authors retain the copyright of this article. This article is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

BibTeX

@article{167700,
        author = {HARSHA RAJ KUMAR},
        title = {Cybersecurity Incident Response and Forensics: Comparative Analysis and Proposals for Improvement},
        journal = {International Journal of Innovative Research in Technology},
        year = {2024},
        volume = {11},
        number = {4},
        pages = {197-201},
        issn = {2349-6002},
        url = {https://ijirt.org/article?manuscript=167700},
        abstract = {In the rapidly evolving landscape of cybersecurity, the effectiveness of incident response and forensic techniques is critical for minimizing the impact of cyberattacks. This research paper compares several widely used techniques, including Security Information and Event Management (SIEM) systems, manual log analysis, automated incident response, Deep Packet Inspection (DPI), and machine learning-based anomaly detection. The comparative analysis focuses on detection accuracy, time to detect (TTD), time to respond (TTR), false positive rate (FPR), scalability, and resource consumption. The findings reveal that while machine learning-based systems offer the highest detection accuracy and scalability, they also require substantial computational resources. The paper concludes with recommendations for hybrid systems and resource optimization to enhance overall cybersecurity defenses},
        keywords = {},
        month = {September},
        }

Cite This Article

  • ISSN: 2349-6002
  • Volume: 11
  • Issue: 4
  • PageNo: 197-201

Cybersecurity Incident Response and Forensics: Comparative Analysis and Proposals for Improvement

Related Articles