Research Article
LogKernel: A Threat Hunting Approach Based on Behaviour Provenance Graph and Graph Kernel Clustering
Table 6
Logkernel performance overhead.
| | Datasets | Attack cases | Size on disk (GB) | BPGs construction time | Graphs size | Search time (s) | | Nodes (K) | Edges (K) | Size (MB) |
| | DAPRA CADETS | cadets_1 | 11.1 | 25 min 28 s | 133.1 | 295.6 | 57.6 | 134.24 | | cadets_2 | 17.7 | 40 min 53 s | 171.1 | 408.3 | 78.5 | | cadets_3 | 6.77 | 19 min 47 s | 94.9 | 171.9 | 35.2 |
| | Malicious dataset | | 10.3 | 22 min 19 s | 106.2 | 183.6 | 42.9 | 94.62 |
|
|
