A context-aware, AI-driven load balancing framework for incident escalation in SOCs

Basit Öğe Kaydı
dc.authorid0000-0003-2865-6370
dc.contributor.authorAbuaziz, Ahmeden_US
dc.contributor.authorÇeliktaş, Barışen_US
dc.date.accessioned2025-09-23T10:28:24Z
dc.date.available2025-09-23T10:28:24Z
dc.date.issued2025-08-12
dc.departmentIşık Üniversitesi, Lisansüstü Eğitim Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programıen_US
dc.departmentIşık University, School of Graduate Studies, Master’s Program in Computer Engineeringen_US
dc.departmentIşık Üniversitesi, Mühendislik ve Doğa Bilimleri Fakültesi, Bilgisayar Mühendisliği Bölümüen_US
dc.departmentIşık University, Faculty of Engineering and Natural Sciences, Department of Computer Engineeringen_US
dc.description.abstractSOCs face growing challenges in incident management due to increasing alert volumes and the complexity of cyberattacks. Traditional rule-based escalation models often fail to account for the workload of the analyst, the severity of the incident, and the organizational context. This paper proposes a context-aware, AI-driven load balancing framework for intelligent analyst assignment and incident escalation. Our framework leverages large language models (LLMs) with retrievalaugmented generation (RAG) to evaluate incident relevance and historical assignments. A reinforcement learning (RL)-based scheduler continuously optimizes incident-to-analyst assignments based on operational outcomes, enabling the system to adapt to evolving threat landscapes and organizational structures. Planned simulations in realistic SOC environments will compare the model with traditional rule-based models using metrics such as Mean Time to Resolution (MTTR), workload distribution, and escalation accuracy. This work highlights the potential of AIdriven approaches to improve SOC performance and enhance incident response effectiveness.en_US
dc.description.versionPublisher's Versionen_US
dc.identifier.citationAbuaziz, A. & Çeliktaş, B. (2025). A context-aware, AI-driven load balancing framework for incident escalation in SOCs. papr presented at the ISAS 2025 - 9th International Symposium on Innovative Approaches in Smart Technologies, Proceedings, 1-10. doi:https://doi.org/10.1109/ISAS66241.2025.11101733en_US
dc.identifier.doi10.1109/ISAS66241.2025.11101733
dc.identifier.endpage10
dc.identifier.isbn9798331514822
dc.identifier.isbn9798331514839
dc.identifier.scopus2-s2.0-105014912764
dc.identifier.scopusqualityN/A
dc.identifier.startpage1
dc.identifier.urihttps://hdl.handle.net/11729/6719
dc.identifier.urihttps://doi.org/10.1109/ISAS66241.2025.11101733
dc.indekslendigikaynakScopusen_US
dc.institutionauthorAbuaziz, Ahmeden_US
dc.institutionauthorÇeliktaş, Barışen_US
dc.institutionauthorid0000-0003-2865-6370
dc.language.isoenen_US
dc.peerreviewedYesen_US
dc.publicationstatusPublisheden_US
dc.publisherInstitute of Electrical and Electronics Engineers Inc.en_US
dc.relation.ispartofISAS 2025 - 9th International Symposium on Innovative Approaches in Smart Technologies, Proceedingsen_US
dc.relation.publicationcategoryKonferans Öğesi - Uluslararası - Öğrencien_US
dc.relation.publicationcategoryKonferans Öğesi - Uluslararası - Kurum Öğretim Elemanıen_US
dc.rightsinfo:eu-repo/semantics/closedAccessen_US
dc.subjectAI-driven incident escalationen_US
dc.subjectContext-aware assignmenten_US
dc.subjectEscalationen_US
dc.subjectLoad balancingen_US
dc.subjectSecurity operation centeren_US
dc.subjectArtificial intelligenceen_US
dc.subjectComputational methodsen_US
dc.subjectProgrammable logic controllersen_US
dc.subjectSystem-on-chipen_US
dc.subjectContext-awareen_US
dc.subjectCyber-attacksen_US
dc.subjectIncident escalationsen_US
dc.subjectIncident managementen_US
dc.subjectRule baseden_US
dc.subjectResource allocationen_US
dc.titleA context-aware, AI-driven load balancing framework for incident escalation in SOCsen_US
dc.typeConference Objecten_US
dspace.entity.typePublicationen_US

Dosyalar

Orijinal paket
Listeleniyor 1 - 1 / 1
Küçük Resim Yok
İsim:
A_context_aware_AI_driven_load_balancing_framework_for_incident_escalation_in_SOCs.pdf
Boyut:
1.16 MB
Biçim:
Adobe Portable Document Format
İndir
Lisans paketi
Listeleniyor 1 - 1 / 1
Küçük Resim Yok
İsim:
license.txt
Boyut:
1.17 KB
Biçim:
Item-specific license agreed upon to submission
Açıklama:
İndir

Koleksiyon

Bildiri Koleksiyonu | Bilgisayar Mühendisliği Bölümü
Lisansüstü Eğitim Enstitüsü Diğer Yayınlar Koleksiyonu
Scopus İndeksli Yayınlar Koleksiyonu
Öğrenci Yayınları Bildiri Koleksiyonu