Téléchargement | - Voir la version finale : Cyber threat hunting: a cognitive endpoint behavior analytic system (PDF, 835 Kio)
|
---|
DOI | Trouver le DOI : https://doi.org/10.4018/IJCINI.20211001.oa9 |
---|
Auteur | Rechercher : Khan, Muhammad Salman; Rechercher : Richard, Rene1Identifiant ORCID : https://orcid.org/0000-0002-1342-6225; Rechercher : Molyneaux, Heather1; Rechercher : Cote-Martel, Danick; Rechercher : Kamalanathan Elango, Henry Jackson1; Rechercher : Livingstone, Steve; Rechercher : Gaudet, Manon1Identifiant ORCID : https://orcid.org/0000-0002-2119-9149; Rechercher : Trask, Dave |
---|
Affiliation | - Conseil national de recherches du Canada. Technologies numériques
|
---|
Format | Texte, Article |
---|
Sujet | cognitive analysis; cognitive command and control; cognitive machine learning; cyber security operation center; cyber threats; endpoint behavior; prediction; SARIMA; streaming; time series; training |
---|
Résumé | Security and Information Event Management (SIEM) systems require significant manual input; SIEM tools with machine learning minimizes this effort but are reactive and only effective if known attack patterns are captured by the configured rules and queries. Cyber threat hunting, a proactive method of detecting cyber threats without necessarily knowing the rules or pre-defined knowledge of threats, still requires significant manual effort and is largely missing the required machine intelligence to deploy autonomous analysis. This paper proposes a novel and interactive cognitive and predictive threat-hunting prototype tool to minimize manual configuration tasks by using machine intelligence and autonomous analytical capabilities. This tool adds proactive threat-hunting capabilities by extracting unique network communication behaviors from multiple endpoints autonomously while also providing an interactive UI with minimal configuration requirements and various cognitive visualization techniques to help cyber experts quickly spot events of cyber significance from high-dimensional data. |
---|
Date de publication | 2021-10 |
---|
Maison d’édition | IGI Global |
---|
Licence | |
---|
Dans | |
---|
Langue | anglais |
---|
Publications évaluées par des pairs | Oui |
---|
Exporter la notice | Exporter en format RIS |
---|
Signaler une correction | Signaler une correction (s'ouvre dans un nouvel onglet) |
---|
Identificateur de l’enregistrement | caad1d5e-950c-42bf-a0f6-90f302579b8c |
---|
Enregistrement créé | 2023-06-09 |
---|
Enregistrement modifié | 2023-06-09 |
---|