Research Article
LogKernel: A Threat Hunting Approach Based on Behaviour Provenance Graph and Graph Kernel Clustering
Table 1
Entity types and relationships.
| | Start node | End node | Relationships |
| | Process | File | Read; write; execute | | IP | Connect | | Process | Create |
| | IP | User | Logon |
| | User | Process | Execute |
|
|
