Аннотации:
As cyber threats become increasingly sophisticated, traditional Security Information
and Event Management (SIEM) systems face challenges in effectively identifying and responding to
these dangers. This research presents the development of a SIEM system integrated with machine
learning (ML) to enhance threat detection, anomaly identification, and automated incident response.
The integration of ML allows the SIEM system to go beyond conventional rule-based approaches,
enabling the detection of previously unknown threats by learning from historical data. The system
employs advanced algorithms to analyze large-scale log data and network traffic, providing real-time
insights and reducing false positives. Key features of this SIEM include anomaly detection, predictive
analytics, and adaptive thresholds, which allow it to adjust dynamically based on contextual data.
By adapting to new and evolving cyber threats, the system provides a more resilient and proactive
defense against potential attacks. The results indicate that integrating machine learning into SIEM
systems can offer organizations a more effective, scalable, and adaptive security solution, ensuring
the protection of critical infrastructure and data in a rapidly changing digital landscape.
