{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,3]],"date-time":"2026-06-03T03:01:15Z","timestamp":1780455675202,"version":"3.54.1"},"reference-count":140,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2025]]},"DOI":"10.1109\/access.2025.3532951","type":"journal-article","created":{"date-parts":[[2025,1,23]],"date-time":"2025-01-23T13:46:21Z","timestamp":1737639981000},"page":"19162-19197","source":"Crossref","is-referenced-by-count":47,"title":["Empowering Security Operation Center With Artificial Intelligence and Machine Learning\u2014A Systematic Literature Review"],"prefix":"10.1109","volume":"13","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1774-786X","authenticated-orcid":false,"given":"Mohamad","family":"Khayat","sequence":"first","affiliation":[{"name":"College of Information Technology, United Arab Emirates University, Al Ain, United Arab Emirates"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3995-7198","authenticated-orcid":false,"given":"Ezedin","family":"Barka","sequence":"additional","affiliation":[{"name":"College of Information Technology, United Arab Emirates University, Al Ain, United Arab Emirates"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7001-3710","authenticated-orcid":false,"given":"Mohamed","family":"Adel Serhani","sequence":"additional","affiliation":[{"name":"College of Computing and Informatics, University of Sharjah, Sharjah, United Arab Emirates"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2887-5410","authenticated-orcid":false,"given":"Farag","family":"Sallabi","sequence":"additional","affiliation":[{"name":"College of Information Technology, United Arab Emirates University, Al Ain, United Arab Emirates"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1397-0420","authenticated-orcid":false,"given":"Khaled","family":"Shuaib","sequence":"additional","affiliation":[{"name":"College of Information Technology, United Arab Emirates University, Al Ain, United Arab Emirates"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6394-3482","authenticated-orcid":false,"given":"Heba M.","family":"Khater","sequence":"additional","affiliation":[{"name":"College of Information Technology, United Arab Emirates University, Al Ain, United Arab Emirates"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/TransAI54797.2022.00033"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/BigData47090.2019.9006073"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103328"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/3512768"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.32604\/iasc.2021.016240"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/ICoICT58202.2023.10262562"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2023.103735"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2020.102715"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/INCOFT55651.2022.10094537"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2022.103150"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/FABS52071.2021.9702617"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.22247\/ijcna\/2023\/223316"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103583"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/3427787"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/TVCG.2018.2865029"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.103069"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/3230833.3233280"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/MECO58584.2023.10155021"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2023.103761"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2022.3216617"},{"key":"ref21","first-page":"2008","article-title":"Grasp on next-generation security operation center (NGSOC): Comparative study","volume":"12","author":"Dun","year":"2021","journal-title":"Int. J. Nonlinear Anal. Appl."},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2966760"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2022.08.117"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.7326\/0003-4819-151-4-200908180-00135"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.103909"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/AsiaJCIS.2018.00010"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1007\/s10586-017-1317-2"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103533"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1016\/j.segan.2022.100821"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2024.01.032"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103368"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.103854"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/3461462"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.3390\/fi15010009"},{"key":"ref35","volume-title":"A Qualitative Study on Security Operations Centers in Saudi Arabia: Challenges and Research Directions","author":"Alharbi","year":"2021"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2023.103687"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.3390\/info11110537"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1145\/3430753"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102535"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2021.08.239"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1016\/j.procir.2021.11.326"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2019.10251"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2023.103784"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.5220\/0012306100003660"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1109\/SmartGridComm57358.2023.10333922"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1016\/j.promfg.2019.06.197"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2886465"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1109\/COGSIMA.2019.8724159"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1109\/TCE.2023.3277856"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3616581"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2021.103210"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1016\/j.chaos.2021.111143"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1109\/AIIoT61789.2024.10578957"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-018-0407-3"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.104008"},{"issue":"4","key":"ref56","first-page":"36","article-title":"Two can play that game","volume":"11","author":"Mitchell","year":"2017","journal-title":"ACM Trans. Intell. Syst. Technol."},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1109\/ICSTCC59206.2023.10308432"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.3390\/electronics12234755"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSecurity49315.2020.9138872"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1109\/BigData55660.2022.10020248"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-26834-3_11"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102789"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1109\/TELFOR52709.2021.9653361"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2019.2931557"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1109\/AMCAI59331.2023.10431525"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1145\/3460620.3460747"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1109\/WETICE.2019.00036"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1145\/3359789.3359791"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2020.07.015"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101817"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.23919\/MIPRO55190.2022.9803428"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.3390\/jcp2020020"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1109\/nca53618.2021.9685977"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1145\/3407023.3407039"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1109\/ICSCC59169.2023.10334992"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1109\/ICAC49085.2019.9103388"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1109\/IEMCON.2018.8614779"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2019.09.005"},{"key":"ref79","first-page":"108","article-title":"Development of a virtualized security operations center","volume":"37","author":"Dimitoglou","year":"2021","journal-title":"Consortium for Computing Sciences in Colleges"},{"issue":"2","key":"ref80","first-page":"1","article-title":"CoCoa: An ontology for cybersecurity operations center analysis process","volume":"1","author":"Onwubiko","year":"2018","journal-title":"IEEE Xplore"},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.4018\/IJCINI.20211001.oa9"},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.1109\/ICoCICs58778.2023.10277438"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.1109\/BigData52589.2021.9671956"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1016\/j.chbr.2021.100143"},{"issue":"1","key":"ref85","first-page":"153","article-title":"Collaborative visualization embedded cost-efficient, virtualized cyber security operations center","volume":"2","author":"Mihindu","year":"2020","journal-title":"IEEE Xplore"},{"key":"ref86","volume-title":"Application of artificial intelligence and machine learning in security operations center","author":"Islam","year":"2023"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.1109\/ICRAIE59459.2023.10468438"},{"key":"ref88","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-63940-6_40"},{"key":"ref89","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.09.001"},{"key":"ref90","doi-asserted-by":"publisher","DOI":"10.1109\/DSAA60987.2023.10302480"},{"key":"ref91","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-90019-9_2"},{"key":"ref92","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103631"},{"key":"ref93","doi-asserted-by":"publisher","DOI":"10.3390\/bdcc3010006"},{"key":"ref94","doi-asserted-by":"publisher","DOI":"10.22323\/1.351.0010"},{"key":"ref95","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.102122"},{"key":"ref96","doi-asserted-by":"publisher","DOI":"10.1016\/j.eij.2022.11.001"},{"key":"ref97","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.103990"},{"key":"ref98","doi-asserted-by":"publisher","DOI":"10.1145\/3465481.3470477"},{"key":"ref99","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102396"},{"key":"ref100","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-59621-7_2"},{"key":"ref101","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-41579-2_9"},{"key":"ref102","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102482"},{"key":"ref103","doi-asserted-by":"publisher","DOI":"10.1109\/NextComp55567.2022.9932254"},{"key":"ref104","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102576"},{"key":"ref105","doi-asserted-by":"publisher","DOI":"10.14569\/IJACSA.2024.0150389"},{"key":"ref106","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2022.103373"},{"key":"ref107","doi-asserted-by":"publisher","DOI":"10.1109\/CSNet50428.2020.9265466"},{"key":"ref108","first-page":"10","article-title":"Dynamic security management drove by situations: An exploratory analysis of logs for the identification of security situations","volume-title":"Proc. 3rd Cyber Secur. Netw. Conf.","author":"Benzekri"},{"key":"ref109","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2022.3175719"},{"key":"ref110","doi-asserted-by":"publisher","DOI":"10.1109\/TEM.2020.2976113"},{"key":"ref111","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2024.103786"},{"key":"ref112","doi-asserted-by":"publisher","DOI":"10.1109\/TCE.2023.3320282"},{"key":"ref113","doi-asserted-by":"publisher","DOI":"10.23919\/CYCON.2018.8405028"},{"key":"ref114","doi-asserted-by":"publisher","DOI":"10.1109\/ISSC49989.2020.9180198"},{"key":"ref115","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2024.103736"},{"key":"ref116","doi-asserted-by":"publisher","DOI":"10.1109\/TSC.2023.3336666"},{"key":"ref117","doi-asserted-by":"publisher","DOI":"10.1109\/ICSES60034.2023.10465533"},{"key":"ref118","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-58923-3_11"},{"key":"ref119","doi-asserted-by":"publisher","DOI":"10.1109\/SANER56733.2023.00057"},{"key":"ref120","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSecPODS.2019.8885237"},{"key":"ref121","doi-asserted-by":"publisher","DOI":"10.1109\/iconic.2018.8601251"},{"key":"ref122","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102959"},{"key":"ref123","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2022.106856"},{"key":"ref124","doi-asserted-by":"publisher","DOI":"10.1109\/saci.2018.8440963"},{"key":"ref125","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.01.011"},{"key":"ref126","doi-asserted-by":"publisher","DOI":"10.1145\/3670009"},{"key":"ref127","doi-asserted-by":"publisher","DOI":"10.1145\/2914795"},{"key":"ref128","first-page":"10","article-title":"SAIBERSOC: A methodology and tool for experimenting with security operation centers","volume":"3","author":"Rosso","year":"2021","journal-title":"Digit. Threats Res. Pract."},{"key":"ref129","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102844"},{"key":"ref130","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijinfomgt.2021.102334"},{"key":"ref131","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102466"},{"key":"ref132","first-page":"1","article-title":"A model for cyber threat intelligence for organizations","volume-title":"Proc. Int. Conf. Artif. Intell., Big Data, Comput. Data Commun. Syst.","author":"Khan"},{"key":"ref133","doi-asserted-by":"publisher","DOI":"10.1109\/ICDMW51313.2020.00070"},{"key":"ref134","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103529"},{"key":"ref135","first-page":"1","article-title":"The AI shield and red AI framework: Machine learning solutions for cyber threat Intelligence(CTI)","volume-title":"Proc. Int. Conf. Intell. Syst. Cybersecurity (ISCS)","author":"Kumar"},{"key":"ref136","doi-asserted-by":"publisher","DOI":"10.1145\/3341161.3343519"},{"key":"ref137","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-64171-8_17"},{"key":"ref138","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2022.103370"},{"key":"ref139","doi-asserted-by":"publisher","DOI":"10.1109\/ICDT61202.2024.10489766"},{"key":"ref140","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2024.3474039"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/6287639\/10820123\/10850912.pdf?arnumber=10850912","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,12]],"date-time":"2025-12-12T18:36:55Z","timestamp":1765564615000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10850912\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"references-count":140,"URL":"https:\/\/doi.org\/10.1109\/access.2025.3532951","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]}}}