Machine Learning Based User Transaction Alert Using Decentralized Approach-SOS

Abstract

To guarantee cyber security of an endeavor, regularly SIEM (Security Information and Event Management) framework is in put to normalize security occasions from diverse preventive advances and hail cautions. Examiners in the security operation center (SOC) explore the cautions to choose if it is really pernicious or not. In any case, for the most part the number of alarms is overpowering with lion's share of them being untrue positive and surpassing the SOC’s capacity to handle all cautions. Since of this, potential malevolent assaults and compromised has may be missed. Machine learning is a practical approach to diminish the wrong positive rate and move forward the efficiency of SOC examiners. In this paper, we create a client- centric machine learning system for the cyber security operation center in genuine undertaking environment. We examine the normal information sources in SOC, their work stream, and how to use and prepare these information sets to construct an successful machine learning framework. The paper is focused on towards two bunches of perusers. The to begin with bunch is information researchers or machine learning analysts who do not have cyber security space information but need to construct machine learning frameworks for security operations center. The moment bunch of groups of onlookers are those cyber security professionals who have profound information and mastery in cyber security, but do not have machine learning encounters and wish to construct one by themselves. All through the paper, we utilize the framework we built in the Symantec SOC generation environment as a case to illustrate the total steps from information collection, name creation, include building, machine learning calculation choice, show execution assessments, to hazard score generation.