Skip navigation

Threat hunting in enterprise networks

Threat hunting is a proactive security line exercised to uncover stealthy attacks, malicious activities, and suspicious entities that could circumvent standard detection mechanisms.

In response to the evolving threat landscape, organizations need to adopt new proactive defense approaches. 

Threat hunting is an iterative approach to generate and revise threat hypotheses endeavoring to provide early attack detection in a proactive way. The proactiveness consists of testing and validating the initial hypothesis using various manual and automated tools/techniques with the objective of confirming/refuting the existence of an attack. 

Full abstract in IEEEXplore DOI: 10.1109/TETC.2023.3251031

Authors

Boubakr Nour, Ericsson Research

Makan Pourzandi, Ericsson Research

Mourad Debbabi, Gina Cody School of Engineering and Computer Science, Concordia University, Montreal

 

Published in: IEEE Communications Surveys & Tutorials, Volume: 25, Issue 4,
pp. 2299-2324, Fourthquarter 2023.

©2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse.