{"schema_version":"1.0","canonical_url":"https://patentable.app/patents/US-11483325","patent":{"patent_number":"US-11483325","title":"Differencing engine for digital forensics","assignee":null,"inventors":[],"filing_date":"2019-07-17T00:00:00.000Z","publication_date":"2022-10-25T00:00:00.000Z","cpc_codes":["G06F","H04L","G06F","G06N","G06N","H04L","H04L"],"num_claims":19,"abstract":"In various embodiments, a forensic scoping application analyzes host instances in order to detect anomalies. The forensic scoping application acquires a snapshot for each host instance included in an instance group. Each snapshot represents a current operational state of the associated host instance. Subsequently, the forensic scoping application performs clustering operation(s) based on the snapshots to generate a set of clusters. The forensic scoping application determines that a first cluster in the set of clusters is associated with fewer host instances than at least a second cluster in the set of clusters. Based on the first cluster, the forensic scoping application determines that a first host instance included in the instance group is operating in an anomalous fashion. Advantageously, efficiently determining host instances that are operating in an anomalous fashion during a security attack can reduce the amount of damage caused by the security attack."},"analysis":{"summary":null,"layman_explanation":null,"technical_analysis":null,"business_analysis":null,"faqs":null,"topics":[],"tech_cluster":null},"seo":{"title":"Differencing engine for digital forensics","description":"In various embodiments, a forensic scoping application analyzes host instances in order to detect anomalies. The forensic scoping application acquires a snapshot for each host instance included in an ","keywords":[]},"attribution":{"source":"Patentable","source_url":"https://patentable.app","canonical_url":"https://patentable.app/patents/US-11483325","license":"CC-BY-4.0-like","license_terms":"AI-generated analysis on this page (summary, layman_explanation, technical_analysis, business_analysis, faqs) may be reused with attribution and a visible link back to the canonical URL above. Patent abstracts, claims, and bibliographic data are USPTO public domain.","required_link":"https://patentable.app/patents/US-11483325","citation_suggestion":"Patentable. \"Differencing engine for digital forensics\" (US-11483325). https://patentable.app/patents/US-11483325","copyright_holder":"Nomic Interactive Technology LLC"},"links":{"html":"https://patentable.app/patents/US-11483325","json":"https://patentable.app/api/llm-context/US-11483325","site":"https://patentable.app","llms_txt":"https://patentable.app/llms.txt"},"generated_at":"2026-05-31T12:25:05.691Z"}