Security Operation Centers are one of the first lines of defense for the computer system of an organization. Nowadays, it has become a huge problem how to handle the enlarged number of alerts that have overgrown in recent years. What is more, they have advanced in numbers, complexity, and sophistication, so they would be harder to detect by traditional security systems. On top of this, there is a considerable need for human experts to keep up with the increased workload. Researchers are trying to improve the traditional systems by combining them with Machine Learning methods. This has tremendous potential as it could significantly decrease the cases which need human intervention as the algorithms trained by the enormous amount of past data could automate most of the decision processes. This semester, within the scholarship research directive, we proposed a model that helps group malicious or benign cases for a particular ParIpa partner client’s alert. During the work, we have encountered many challenges that we overcome.
Pejo Balazs
2021-07-15
Támogató: T-Systems