Szczegóły publikacji
Opis bibliograficzny
Dynamic risk thresholds for SIEM alerting based on machine learning / Artur Kapera, Marcin NIEMIEC // IEEE Access [Dokument elektroniczny]. — Czasopismo elektroniczne ; ISSN 2169-3536 . — 2025 — vol. 13, s. 121034-121047. — Wymagania systemowe: Adobe Reader. — Bibliogr. s. 121046-121047, Abstr. — Publikacja dostępna online od: 2025-07-11. — A. Kapera - dod. afiliacja: Apius Technologies, Kraków, Poland
Autorzy (2)
Słowa kluczowe
Dane bibliometryczne
| ID BaDAP | 161483 |
|---|---|
| Data dodania do BaDAP | 2025-08-01 |
| Tekst źródłowy | URL |
| DOI | 10.1109/ACCESS.2025.3588441 |
| Rok publikacji | 2025 |
| Typ publikacji | artykuł w czasopiśmie |
| Otwarty dostęp |  |
| Creative Commons | |
| Czasopismo/seria | IEEE Access |
Abstract
Almost every organization with an internet presence is nowadays exposed to increasing amounts of attempted cyber attacks year over year. Such an increase calls for a development of more effective ways of detecting such attempts at compromise. In the article, a theoretical concept of a Dynamic Risk-Based Alerting model for SIEM based on machine learning has been presented. An implementation of such a model in a production environment has also been showcased, with both qualitative and quantitative data indicators gathered from the environment. Conducting research on the effects of dynamic risk thresholds on incident detection quality, particularly regarding the count of false positives and the efficiency of threat detection, was a crucial part of this study and showed a 26% reduction in false positive/repeated alert volume. Based on the gathered data and survey responses, it can be concluded that the proposed framework has value and could be implemented as a novel alternative or supplementary method to typical, static risk-based alerting.
