Knowing the unknown: The hunting loop

There are several ways to improve an organization’s cybersecurity protection against intruders. One of the is proactively hunt for threats, i.e., threat hunting. Threat Hunting empowers organizations detect presence intruders in their environment. It identifies and searches tactics, techniques, procedures (TTP) attackers find them To know what look collected data environment, it required understand attacker's TTPs. An TTPs information usually comes from signatures, indicators, behavior observed intelligence sources. Traditionally, hunting involves analysis logs Indicator Compromise (IOCs) through different tools. However, network security infrastructure devices generate large volumes can be challenging analyze thus leaving gaps detection process. Similarly, very difficult identify IOCs sometimes makes which one major drawbacks traditional processes frameworks. address this issue, intelligent automated using machine learning process, that will plug those before attacker exploit them. This paper aims propose a learning-based threat-hunting model able fill process effectively unknown adversaries by training algorithms via extensive datasets normal system target The comprised five main stages. These Hypotheses Development, Equip, Hunt, Respond Feedback bit ahead models frameworks employing algorithms.