Abstract
The cyber threat landscapes nowadays are dynamically evolving over time, the cyber security practitioner in corporations need to adapt with more sophisticated way with the latest cyber threat attacks are launched. Cyber Threat Intelligence is one of the tools that can be utilized as a cyber threat detection. Generally, CTI operates by integrating its directory with events collected from Security Information and Event Management (SIEM) to correlates all of the appliances logs within corporation and providing summarized and meaningful information that can be reviewed to identify legitimate malicious cyber threat activity. However, relying only CTI subscription that only contains blacklist domain and ip addresses integrated with SIEM will only provide passive detection for known cyber threats. The needs for proactive cyber threat detection is required to compete with the modern threat landscape. This research work will try to explore the possibility of detecting unknown or undetected cyber threats using network event correlation and memory forensic to validate its existence. Throughout this research time span, we’re able to discover malicious network pattern that is proven to be undetected within internal organization endpoint protection. Therefore, this research will provide baseline for threat hunting activity based on network behavioural pattern.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
