1 research outputs found
Threat Trekker: An Approach to Cyber Threat Hunting
Threat hunting is a proactive methodology for exploring, detecting and
mitigating cyberattacks within complex environments. As opposed to conventional
detection systems, threat hunting strategies assume adversaries have
infiltrated the system; as a result they proactively search out any unusual
patterns or activities which might indicate intrusion attempts.
Historically, this endeavour has been pursued using three investigation
methodologies: (1) Hypothesis-Driven Investigations; (2) Indicator of
Compromise (IOC); and (3) High-level machine learning analysis-based
approaches. Therefore, this paper introduces a novel machine learning paradigm
known as Threat Trekker. This proposal utilizes connectors to feed data
directly into an event streaming channel for processing by the algorithm and
provide feedback back into its host network.
Conclusions drawn from these experiments clearly establish the efficacy of
employing machine learning for classifying more subtle attacks.Comment: I am disseminating this outcome to all of you, despite the fact that
the results may appear somewhat idealistic, given that certain datasets
utilized for the training of the machine learning model comprise simulated
dat