IJAECS

International Journal of Advances in Electronics and Computer Science ( IJAECS )
A highly rated peer reviewed monthly International Journal

Editor-in-Chief	:	Dr. P. Suresh
Contact Person	:	Technical Editor
Contact Mail	:	[email protected]
Current Issue	:	Volume-11,Issue-2 ( Feb, 2024 )	View More
Journal Impact Factor	:	2.68	View More

Journal Info

Publisher:IRAJ

ISSN (p): 2394-2835

Issues /Year :12

About DOIONLINE

Download

Download Product Flyer

Download Copyright Form

Download SamplePaper

Recommend to Library

Stay up-to-date

Click here to sign up

Follow us

Paper Detail

Paper Title
Cyber Threat Hunting With Bag of Terms

Abstract
The goal of this paper is to address these two challenges by leveraging recent advancements in machine learning and, specifically, natural language processing. We propose a new framework called continuous bag of terms and time (CBoTT) to enable cybersecurity analysts to process large volumes of logs containing text-based process audits and determine if there are any processes that pose security risks. Our framework is an extension of the popular continuous-bagof- words approach and enables us to identify the processes that should be investigated with respect to not just what they do, but also when they are executed. The results of our analyses for three different injection schemes show that the CBoTT framework can identify anomalies at an average percentile range of 1.82 to 6.46. This is an improvement compared to the benchmark models, which can detect anomalies at an average percentile range of 3.25 to 80.92. Overall, the CBoTT framework demonstrates superior performance compared to the benchmark models. Keywords - Threat Hunting, Log Analysis, Anomaly Detection

Author - Varol Kayhan, Shivendu Shivendu, Manish Agrawal