Article Per Year (5 Year)
p-Index From 2020 - 2025
0.23
P-Index
This Author published in this journals
All Journal Madani: Multidisciplinary Scientific Journal
Krisnawan R., Marselinus
Unknown Affiliation
Religion Agriculture, Biological Sciences & Forestry Arts Humanities Chemical Engineering, Chemistry & Bioengineering Civil Engineering, Building, Construction & Architecture Computer Science & IT Education Industrial & Manufacturing Engineering Languange, Linguistic, Communication & Media Law, Crime, Criminology & Criminal Justice Medicine & Pharmacology Physics Public Health Social Sciences Other

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
Optimalisasi Intelijen Ancaman Siber di Security Operation Centers dengan Pemanfaatan Large Language Models (LLM) dan SIEM Ramadhani, Rizki; Christie, Angella; Dewani, Alma Amira; Krisnawan R., Marselinus; Ardhana, Rafif Dhimaz
Madani: Jurnal Ilmiah Multidisiplin Vol 3, No 5 (2025): Volume 3, Nomor 5, June 2025
Publisher : Penerbit Yayasan Daarul Huda Kruengmane

Show Abstract | Download Original | Original Source | Check in Google Scholar

Abstract

In the era of increasing digital transformation, cyber threats have become a major concern for higher education institutions such as Institut Teknologi Sepuluh Nopember (ITS). Security Operations Center (SOC) plays a crucial role in detecting and responding to security incidents, often supported by Security Information and Event Management (SIEM) systems like Wazuh. However, traditional SIEM systems generate high volumes of alerts, many of which are false positives, causing alert fatigue and slowing incident response. This study explores the integration of Large Language Models (LLM), such as GPT-4 and LLaMA 3, to enhance SOC performance through intelligent triage automation. Using a qualitative descriptive approach based on literature review, this research proposes a conceptual system framework that combines SIEM with LLM as an analytical agent. The designed system features components for alert processing, natural language explanation, automated reporting, and a feedback loop for continuous improvement. The proposed framework is expected to reduce the workload of SOC analysts, improve alert classification accuracy, and accelerate threat response in academic environments.
Co-Authors Ardhana, Rafif Dhimaz Christie, Angella Dewani, Alma Amira Rizki Ramadhani