An Efficient Approach of Threat Hunting Using Memory Forensics

Javeed, Danish; Khan, Muhammad Taimoor; Ahmad, Ijaz; Iqbal, Tahir; Badamasi, Umar Mohammed; Ndubuisi, Cosmas Obiora; Aliyu, Umar

doi:10.47277/ijcncs/8(5)1

Cited by 18 publications

(12 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Because of the limitation of knowledge retrievals, the researchers focus on "nonblack-box classifiers, including random forest and decision trees approach. e literature of [104,[129][130][131][132] examined the decision forest and decision tree, and they reported that decision forest classifiers were more effective than implementing a decision tree for its overfitting issues. An algorithm extracts the rules from 86% 88% 90% 90% 91% 91% 92% 92% 93% 94% 95% training data using a decision tree that generates either a limited or a single set of logic rules (for example, whenever C2 entropy value is less than 101.01, class value � seizure) and stops growing the tree by adding more records to the training dataset once the rule is accepted by the algorithm [127].…”

Section: Nonblack-box Classifiers In Seizure Detectionmentioning

confidence: 99%

EEG-Based Epileptic Seizure Detection via Machine/Deep Learning Approaches: A Systematic Review

Ahmad

Wang

Zhu

et al. 2022

Computational Intelligence and Neuroscience

Self Cite

View full text Add to dashboard Cite

Epileptic seizure is one of the most chronic neurological diseases that instantaneously disrupts the lifestyle of affected individuals. Toward developing novel and efficient technology for epileptic seizure management, recent diagnostic approaches have focused on developing machine/deep learning model (ML/DL)-based electroencephalogram (EEG) methods. Importantly, EEG’s noninvasiveness and ability to offer repeated patterns of epileptic-related electrophysiological information have motivated the development of varied ML/DL algorithms for epileptic seizure diagnosis in the recent years. However, EEG’s low amplitude and nonstationary characteristics make it difficult for existing ML/DL models to achieve a consistent and satisfactory diagnosis outcome, especially in clinical settings, where environmental factors could hardly be avoided. Though several recent works have explored the use of EEG-based ML/DL methods and statistical feature for seizure diagnosis, it is unclear what the advantages and limitations of these works are, which might preclude the advancement of research and development in the field of epileptic seizure diagnosis and appropriate criteria for selecting ML/DL models and statistical feature extraction methods for EEG-based epileptic seizure diagnosis. Therefore, this paper attempts to bridge this research gap by conducting an extensive systematic review on the recent developments of EEG-based ML/DL technologies for epileptic seizure diagnosis. In the review, current development in seizure diagnosis, various statistical feature extraction methods, ML/DL models, their performances, limitations, and core challenges as applied in EEG-based epileptic seizure diagnosis were meticulously reviewed and compared. In addition, proper criteria for selecting appropriate and efficient feature extraction techniques and ML/DL models for epileptic seizure diagnosis were also discussed. Findings from this study will aid researchers in deciding the most efficient ML/DL models with optimal feature extraction methods to improve the performance of EEG-based epileptic seizure detection.

show abstract

Section: Nonblack-box Classifiers In Seizure Detectionmentioning

confidence: 99%

EEG-Based Epileptic Seizure Detection via Machine/Deep Learning Approaches: A Systematic Review

Ahmad

Wang

Zhu

et al. 2022

Computational Intelligence and Neuroscience

Self Cite

View full text Add to dashboard Cite

show abstract

“…Logs in the memory are an important place to investigate for attacks. Automated security tools formulate logs to organize the patterns used to make new tools [179]. The authors of [179] explained that some design tools are limited in the ways they collect the logs.…”

Section: Memorymentioning

confidence: 99%

“…Automated security tools formulate logs to organize the patterns used to make new tools [179]. The authors of [179] explained that some design tools are limited in the ways they collect the logs. To create valuable logs researchers have proposed generating malicious code alerts and binding memory forensic processes for active threat hunting [179].…”

Section: Memorymentioning

confidence: 99%

“…The authors of [179] explained that some design tools are limited in the ways they collect the logs. To create valuable logs researchers have proposed generating malicious code alerts and binding memory forensic processes for active threat hunting [179]. The article [179] concludes that these methods will assist in the generation of log memories and only have the malicious entries produce RAM alerts.…”

Section: Memorymentioning

confidence: 99%

See 1 more Smart Citation

Turning the Hunted into the Hunter via Threat Hunting: Life Cycle, Ecosystem, Challenges and the Great Promise of AI

Hillier¹,

Karroubi²

2022

Preprint

View full text Add to dashboard Cite

The threat hunting lifecycle is a complex atmosphere that requires special attention from professionals to maintain security. This paper is a collection of recent work that gives a holistic view of the threat hunting ecosystem, identifies challenges, and discusses the future with the integration of artificial intelligence (AI). We specifically establish a life cycle and ecosystem for privacy-threat hunting in addition to identifying the related challenges. We also discovered how critical the use of AI is in threat hunting. This work paves the way for future work in this area as it provides the foundational knowledge to make meaningful advancements for threat hunting.

show abstract

“…[6]. These ARP spoofing can be sectioned into two rudimentary types namely deceitful the host and deceitful the gateway of the interior network [7]. When a user desires to interconnect with another user belonging to the similar network with unidentified MAC address, it results in a broadcast where ARP request in the network.…”

Section: Arp Cache Of 'D' Arp Cache Of 'M'mentioning

confidence: 99%

Man in the Middle Attacks: Analysis, Motivation and Prevention

Javeed

MohammedBadamasi

Ndubuisi³

et al. 2020

Int. j. comput. netw. commun. secur.

Self Cite

View full text Add to dashboard Cite

Computer systems and applications are improving day by day and with the advancement in such area it give birth to new cyber-attacks. Man in the Middle attacks (MITM) are one of those attacks. An attack where an outsider or third party enters in between two online users, where both of the users are unaware of it. The malware in such scenario mainly monitors and have the ability to change the information which is classified onsly to these two users. Mainly it is knows as a protocol to an unauthorized user within the system who can access as well as change the information of the system without leaving any trace to the existing users. This issue is critical. This paper aims to the understanding of the MITM and to understand its different categories. Finally this paper aims to present some of mechanism for the prevention of such attacks and to identify some of the future research directions in such area

show abstract

An Efficient Approach of Threat Hunting Using Memory Forensics

Cited by 18 publications

References 17 publications

EEG-Based Epileptic Seizure Detection via Machine/Deep Learning Approaches: A Systematic Review

EEG-Based Epileptic Seizure Detection via Machine/Deep Learning Approaches: A Systematic Review

Turning the Hunted into the Hunter via Threat Hunting: Life Cycle, Ecosystem, Challenges and the Great Promise of AI

Man in the Middle Attacks: Analysis, Motivation and Prevention

Contact Info

Product

Resources

About