NORMA eResearch @NCI Library

Threat Hunting Using a Machine Learning Approach

Shukla, Yash (2020) Threat Hunting Using a Machine Learning Approach. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration manual]
PDF (Configuration manual)
Download (2MB) | Preview


The past few years have witnessed an increase in data breaches and attacks that leverage infrastructure misconfigurations. As a result, companies have to bear huge amounts of financial loss. In some cases, business information and personally identifiable information is also compromised. These threats can be detected at an early stage using proactive defence approaches with the help of experienced security practitioners. Traditionally, this involves manual analysis of logs and pcap files. Threat hunting reveals the adversaries as soon as they initiate an attack on an infrastructure. But network devices generate a vast number of logs, thus to analyse them it becomes a tedious task. To tackle this problem, this process can be automated by incorporating machine learning algorithms. This research has been conducted by applying machine learning algorithms such as Naive Bayes, SVM,Logistic Regression along with ensemble techniques like voting classifier, which can identify threats from log files based on conditions related to attacks and business logic. The accuracy rate of the experiments conducted is higher compared to traditional approaches. It was observed that machine learning can achieve higher accuracy in a limited time frame.

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Dan English
Date Deposited: 27 Jan 2021 18:36
Last Modified: 27 Jan 2021 18:36

Actions (login required)

View Item View Item