Jun 1, 2022 · Our work proposes to construct the knowledge graph based on kernel audit records, which fully considers the global correlation among entities observed in audit ...
Yang et al. [6] proposed a flexible approach to track network threats through kernel audit record analysis using knowledge graphs. This method organizes audit ...
This work proposes to construct the knowledge graph based on kernel audit records, which fully considers the global correlation among entities observed in ...
Abstract: Hunting the advanced threats hidden in the enterprise networks has always been a complex and difficult task. Due to the variety of attacking means ...
Finally, we implement a LAN-wide hunting system which is convenient and flexible for security analysts. Evaluations based on the adversarial engagement designed ...
People also ask
What are the methods of threat hunting?
Which threat hunting technique is best suitable when handling datasets?
What are the two common types of threat hunting drills?
What is the threat hunting methodology of Sqrrl?
A flexible approach for cyber threat hunting based on kernel audit records. Authors (first, second and last of 5). Fengyu Yang; Yanni Han; Zhen Xu. Content type ...
Yang et al. [6] discussed how to use a knowledge graph constructed based on kernel audit logs to improve the efficiency of network threat hunting. It simplifies ...
This paper explores the crucial role of threat hunting, a systematic, analyst-driven process aimed at uncovering hidden threats lurking within an organization' ...
Jan 1, 2022 · In this paper, we propose LogKernel, a threat hunting method based on graph kernel clustering which can effectively separate attack behaviour from benign ...
A flexible approach for cyber threat hunting based on kernel audit records ... POIROT: Aligning Attack Behavior with Kernel Audit Records for Cyber Threat Hunting.