In cybersecurity, indicators of compromise (IOC) are evidence that a system or network has been compromised. Data related to the attack, such as the malware type, IP addresses involved, anomalous network traffic, file hashes, registry keys, and unauthorized access attempts, may be included in this data.File-based indicators are linked to a particular file, like a hash or file name; network-based indicators are linked to a network, like an IP address or domain name; and behavioral indicators are linked to a system’s or network’s behavior, like anomalous network traffic or activity.Artifact-Based Indicators connected to an attacker’s artifacts, like a configuration file or registry key,
