Big Data-Driven Security Information And Event Management (SIEM) Enhanced By AI
Main Article Content
Abstract
This study explores the integration of big data technologies and artificial intelligence (AI) techniques to enhance Security Information and Event Management (SIEM) systems. Traditional SIEM solutions face significant challenges in processing the volume, velocity, and variety of modern security data. We propose a novel framework that leverages distributed computing, machine learning algorithms, and real-time analytics to overcome these limitations. Our architecture employs a three-layer approach: data ingestion and preprocessing, advanced analytics, and intelligent response. Experimental evaluation using real-world datasets demonstrates that our AI-enhanced SIEM system achieves 94.2% detection accuracy with a 73% reduction in false positives compared to conventional SIEM implementations. The system successfully processed over 1.2 million events per second while maintaining low latency. This research contributes to the evolving cybersecurity landscape by establishing a scalable, adaptive SIEM framework capable of addressing sophisticated threats in complex enterprise environments.