Security Information and Event Management Systems (SIEM)

SIEM systems assist businesses in detecting and responding to security threats.

However, recent research by Rafael Uetz, Marco Herzog, Louis Hackländer, Simon Schwarz, and Martin Henze shows that adversaries can circumvent 43% of established SIEM rules. They suggest a novel approach based on machine learning.

Find the full paper at https://www.usenix.org/system/files/sec23winter-prepub-112-uetz.pdf.

Find their implementation at https://github.com/fkie-cad/amides.

---