A Threat Prioritization Method Using User Behavior Data for Cyber Threat Hunting

Sang-soo Kim; Shinwoo Shim; Sun-Young Im; Sung-mo Koo

A Threat Prioritization Method Using User Behavior Data for Cyber Threat Hunting

Vol. 46, No. 11, pp. 1853-1861, Nov. 2021

10.7840/kics.2021.46.11.1853

PDF Full-Text

Abstract

Cyber threat hunting is an active cyber defence activity which is the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions. It is very important to decide which threat to respond first when multiple threats are detected among various behavioral information collected for hunting. This paper proposes a new technique for calculating the priority of threats using user behavior information in a cyber threat hunting environment. The proposed algorithm used node weight, edge weight, and rule risk, and the possibility of practical application to the simulated attack scenario of the test network was presented through a case study.

Statistics

Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.

Cite this article

[IEEE Style]

S. Kim, S. Shim, S. Im, S. Koo, "A Threat Prioritization Method Using User Behavior Data for Cyber Threat Hunting," The Journal of Korean Institute of Communications and Information Sciences, vol. 46, no. 11, pp. 1853-1861, 2021. DOI: 10.7840/kics.2021.46.11.1853.

[ACM Style]

Sang-soo Kim, Shinwoo Shim, Sun-Young Im, and Sung-mo Koo. 2021. A Threat Prioritization Method Using User Behavior Data for Cyber Threat Hunting. The Journal of Korean Institute of Communications and Information Sciences, 46, 11, (2021), 1853-1861. DOI: 10.7840/kics.2021.46.11.1853.

[KICS Style]

Sang-soo Kim, Shinwoo Shim, Sun-Young Im, Sung-mo Koo, "A Threat Prioritization Method Using User Behavior Data for Cyber Threat Hunting," The Journal of Korean Institute of Communications and Information Sciences, vol. 46, no. 11, pp. 1853-1861, 11. 2021. (https://doi.org/10.7840/kics.2021.46.11.1853)

A Threat Prioritization Method Using User Behavior Data for Cyber Threat Hunting

Submenu

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

Recent Publications
(LAST 3 YEARS)

A Threat Prioritization Method Using User Behavior Data for Cyber Threat Hunting

Submenu

Search (IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS(TOP 10 KEYWORDS)

Recent Publications(LAST 3 YEARS)

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)