International Journal of Science, Engineering and TechnologyAuthors: Tharushi Jayasuriya
Abstract: Security Information and Event Management (SIEM) systems play a critical role in modern cybersecurity, enabling organizations to aggregate, monitor, and analyze security events across diverse IT infrastructures. However, traditional SIEM solutions often face limitations in handling high volumes of heterogeneous security data, leading to delayed threat detection, false positives, and inefficient incident response. The integration of Artificial Intelligence (AI) into SIEM platforms represents a transformative advancement, allowing for automated, intelligent threat correlation in real time. AI techniques, including machine learning, deep learning, natural language processing, and reinforcement learning, enhance the ability of SIEM systems to identify complex attack patterns, correlate multi-source events, and prioritize alerts based on risk and context. This review examines the impact of AI-enhanced SIEM systems on real-time threat correlation, highlighting improvements in detection accuracy, response speed, and predictive analytics. It also discusses challenges related to data quality, computational requirements, adversarial attacks, and integration with existing systems. Finally, the article explores future directions, including hybrid SIEM approaches, federated learning, and autonomous security operations. By leveraging AI, organizations can transform SIEM platforms from reactive monitoring tools into proactive, intelligent cybersecurity frameworks capable of addressing increasingly sophisticated and dynamic threats.
