A Threat Prioritization Method Using User Behavior Data for Cyber Threat Hunting 


Vol. 46,  No. 11, pp. 1853-1861, Nov.  2021
10.7840/kics.2021.46.11.1853


PDF
  Abstract

Cyber threat hunting is an active cyber defence activity which is the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions. It is very important to decide which threat to respond first when multiple threats are detected among various behavioral information collected for hunting. This paper proposes a new technique for calculating the priority of threats using user behavior information in a cyber threat hunting environment. The proposed algorithm used node weight, edge weight, and rule risk, and the possibility of practical application to the simulated attack scenario of the test network was presented through a case study.

  Statistics
Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


  Cite this article

[IEEE Style]

S. Kim, S. Shim, S. Im, S. Koo, "A Threat Prioritization Method Using User Behavior Data for Cyber Threat Hunting," The Journal of Korean Institute of Communications and Information Sciences, vol. 46, no. 11, pp. 1853-1861, 2021. DOI: 10.7840/kics.2021.46.11.1853.

[ACM Style]

Sang-soo Kim, Shinwoo Shim, Sun-Young Im, and Sung-mo Koo. 2021. A Threat Prioritization Method Using User Behavior Data for Cyber Threat Hunting. The Journal of Korean Institute of Communications and Information Sciences, 46, 11, (2021), 1853-1861. DOI: 10.7840/kics.2021.46.11.1853.

[KICS Style]

Sang-soo Kim, Shinwoo Shim, Sun-Young Im, Sung-mo Koo, "A Threat Prioritization Method Using User Behavior Data for Cyber Threat Hunting," The Journal of Korean Institute of Communications and Information Sciences, vol. 46, no. 11, pp. 1853-1861, 11. 2021. (https://doi.org/10.7840/kics.2021.46.11.1853)

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)






pISSN : 1226 - 4717
eISSN : 2287 - 3880