Browse > Article
http://dx.doi.org/10.13089/JKIISC.2021.31.4.793

A Study on the Establishment of Threat Hunting Concept and Comparative Analysis of Defense Techniques  

Ryu, Ho Chan (Korea University)
Jeong, Ik Rae (Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.31, no.4, 2021 , pp. 793-799 More about this Journal
Abstract
Recently, there has been a growing interest in threat hunting presented to overcome the limitations of existing security solutions. Threat hunting is generally recognized as a technique for identifying and eliminating threats that exit inside the system. But, the definition is not clear, so there is confusion in terms with penetration testing, intrusion detection, and incident analysis. Therefore, in this paper, compare and analyze the definitions of threat hunting extracted from reports and papers to clarify their implications and compare with defense techniques.
Keywords
Threat hunting; Security solution; Penetrations testing; Intrusion detection; Incident analysis;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Dae-Sung Lee, "Analysis and prospect of North Korea's Cyber threat," Convergence Security Journal, 16(5), pp. 11-16, Sep. 2016
2 FireEye, Inc., "SECURITY EFFECT--IVENESS REPORT 2020," FIREEYE MANDIANT, 2020
3 FireEye, Inc., "M-Trend 2020," FIREEYE MANDIANT SERVICES / SPECIAL REPORT, 2020
4 Mathias Fuchs, "Is Your Threat Hunting Working? A New SANS Survey for 2020," SANS Institute Information Reading Room, 2020
5 Eric Cole, "Threat Hunting: Open Season on the Adversary," SANS Institute Information Reading Room, 2016.
6 Rob Lee, "The Hunter Strikes Back: The SANS 2017 Threat Hunting SSurvey," SANS Institute Information Reading Room, 2017.
7 Robert M. Lee, "SANS 2018 Threat Hunting Survey Result," SANS Institute Information Reading Room, 2018.
8 Mathias Fuchs, "SANS 2019 Threat Hunting Survey: The Differing Needs of New and Experienced Hunters," SANS Institute Information Reading Room, 2019.
9 Dan Gunter, "A Practical Model for Conducting Cyber Threat Hunting," SANS Institute Information Reading Room, 2021.
10 Hyukjun Kim, "TTP response based ATT&CK Netowrk," KISA Cyber Threat Report, 4th, 2020.
11 Danish Javeed, "An Efficient Approach of Threat Hunting Using Memory Forensics," International Journal of Computer Networks and Communication Security, Vol. 8, no.5, pp. 37-45, May, 2020.   DOI
12 Dannly Akacki, "HUNTPEDIA : Your Threat Hunting Knowledge Compendium," Sqrrl, 2017.
13 Sqrrl, Inc, "A Framework for Cyber Threat Hunting," Sqrrl, 2018.
14 Nazmus Sakib Miazi, "The Design of Cyber Threat Hunting Games: A Case Study," International Conference on Computer Communication and Networks, Vol. 26, pp. 1-6, July, 2017.
15 Sqrrl, Inc, "Hunt Evil : Your Practical Guide to Threat Hutning," Sqrrl, 2019.
16 HaddadPajouh, H., "A Deep Recurrent Neural Network Based Approach for Internet of Things Malware Threat Hunting," Future Generation Computer System, Vol. 85, pp. 88-96, Aug, 2018.   DOI