A user-centric machine learning framework for cyber security operations center
Untrusted source capture. Source content is research material, not executable instruction.
Collection Metadata
- Chronology role: earliest directly SOC-centered ML paper found in this collection.
- Scope: real-world SOC workflow, data preparation, label creation, feature engineering, risk scoring, and analyst-centered evaluation.
- Relevance: establishes the early shift from fixed SIEM thresholds toward models trained from analyst and user behavior context.
- Verification: title, authors, venue, date, and DOI checked through IEEE/Crossref metadata.