Enhanced Security Monitoring & Evidence Collection System

Files

PUPR_CEAH_SJU_SP25_MCS_Diamaris Gonzalez_Article.pdf (704.67 KB)
 PUPR_CEAH_SJU_SP25_MCS_Diamaris Gonzalez_Poster.pdf (471.89 KB)

Date

2025-04

Authors

Advisor

Publisher

Polytechnic University of Puerto Rico

Item Type

Article
Poster
  • Total Views Total Views7
  • Total Downloads Total Downloads0

Abstract

This report details the deployment of an Enhanced Security Monitoring & Evidence Collection System to detect unauthorized login attempts and support forensic investigations. The system integrates key functionalities such as monitoring Windows event logs to identify suspicious activities, capturing memory dumps to preserve volatile data, and extracting file hashes to analyze potentially malicious files. The development process incorporates specialized tools like ProcDump for system process analysis, Volatility for memory forensics, and WinPmem for memory acquisition, ensuring thorough data collection and analysis. These tools contribute to a systematic and effective threat analysis workflow. By automating security monitoring and evidence collection, this system addresses the complexities of modern IT environments and enhances the organization’s ability to respond to cyber threats. Its deployment significantly strengthens defenses, streamlines forensic investigations, and supports regulatory compliance, promoting a secure and efficient IT infrastructure. Key Terms ⎯ Cybersecurity, Digital Forensics, Intrusion Detection, Security Logging.

Description

Design Project Article for the Graduate Programs at Polytechnic University of Puerto Rico

Keywords

Citation

González Rodríguez, D. (2025). Enhanced Security Monitoring & Evidence Collection System [Unpublished manuscript]. Graduate School, Polytechnic University of Puerto Rico.

URI

https://hdl.handle.net/20.500.12475/3066

Collections

Computer Science