Research Article
LogKernel: A Threat Hunting Approach Based on Behaviour Provenance Graph and Graph Kernel Clustering
Table 1
Entity types and relationships.
| Start node | End node | Relationships |
| Process | File | Read; write; execute | IP | Connect | Process | Create |
| IP | User | Logon |
| User | Process | Execute |
|
|