Cyber threat hunting through event correlation and memory forensic
The cyber threat landscapes nowadays are dynamically evolving over time, the cyber security practitioner in corporations need to adapt with more sophisticated way with the latest cyber threat attacks are launched. Cyber Threat Intelligence is one of the tools that can be utilized as a cyber threat detection. Generally, CTI operates by integrating its directory with events collected from Security Information and Event Management (SIEM) to correlates all of the appliances logs within corporation and providing summarized and meaningful information that can be reviewed to identify legitimate malicious cyber threat activity. However, relying only CTI subscription that only contains blacklist domain and ip addresses integrated with SIEM will only provide passive detection for known cyber threats. The needs for proactive cyber threat detection is required to compete with the modern threat landscape. This research work will try to explore the possibility of detecting unknown or undetected cyber threats using network event correlation and memory forensic to validate its existence. Throughout this research time span, we
Availability
| M00563 | (Rack Thesis) | Available |
Detail Information
- Series Title
-
-
- Call Number
-
563
- Publisher
- : Swiss German University., 2019
- Collation
-
-
- Language
-
English
- ISBN/ISSN
-
-
- Classification
-
-
- Content Type
-
-
- Media Type
-
-
- Carrier Type
-
-
- Edition
-
-
- Subject(s)
- Specific Detail Info
-
-
- Statement of Responsibility
-
-
Other version/related
No other version available
File Attachment
Comments
You must be logged in to post a comment
Computer Science, Information & General Works 
Philosophy & Psychology 
Religion 
Social Sciences 
Language 
Pure Science 
Applied Sciences 
Art & Recreation 
Literature 
History & Geography