摘要 |
A "data breach" or loss of sensitive data can cause an organization to lose revenues or suffer other damages. Analyzing data to locate a breach and to identify its source is difficult because the data can come from many sources in an unstructured format and, typically, there is a large amount of data to analyze. A forensic analysis system, according to one embodiment, collects unstructured data from disparate sources, like the Internet, and peer-to-per filesharing and social media networks, and generates structured representations of the data, called virtual profiles. The system forms relationships among the virtual profiles. The system uses the virtual profiles and relationships to reduce the amount of information to be analyzed while including additional information that is related for analysis. By analyzing a smaller amount of related information, a cyber forensic analyst is better able to identify a data breach or other suspicious or illegal activity. |