{"id":"https://openalex.org/W4401074662","doi":"https://doi.org/10.3390/s24154901","title":"Revolutionizing SIEM Security: An Innovative Correlation Engine Design for Multi-Layered Attack Detection","display_name":"Revolutionizing SIEM Security: An Innovative Correlation Engine Design for Multi-Layered Attack Detection","publication_year":2024,"publication_date":"2024-07-28","ids":{"openalex":"https://openalex.org/W4401074662","doi":"https://doi.org/10.3390/s24154901","pmid":"https://pubmed.ncbi.nlm.nih.gov/39123948"},"language":"en","primary_location":{"id":"doi:10.3390/s24154901","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s24154901","pdf_url":"https://www.mdpi.com/1424-8220/24/15/4901/pdf?version=1723175645","source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj","pubmed"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/1424-8220/24/15/4901/pdf?version=1723175645","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5082246939","display_name":"Muhammad Sheeraz","orcid":null},"institutions":[{"id":"https://openalex.org/I134276161","display_name":"Pakistan Institute of Engineering and Applied Sciences","ror":"https://ror.org/04d4mbk19","country_code":"PK","type":"education","lineage":["https://openalex.org/I134276161"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Muhammad Sheeraz","raw_affiliation_strings":["Department of Computer and Information Sciences, Pakistan Institute of Engineering and Applied Sciences, Islamabad 45650, Pakistan"],"affiliations":[{"raw_affiliation_string":"Department of Computer and Information Sciences, Pakistan Institute of Engineering and Applied Sciences, Islamabad 45650, Pakistan","institution_ids":["https://openalex.org/I134276161"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021414760","display_name":"Muhammad Hanif Durad","orcid":"https://orcid.org/0000-0002-8026-1045"},"institutions":[{"id":"https://openalex.org/I134276161","display_name":"Pakistan Institute of Engineering and Applied Sciences","ror":"https://ror.org/04d4mbk19","country_code":"PK","type":"education","lineage":["https://openalex.org/I134276161"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Muhammad Hanif Durad","raw_affiliation_strings":["Department of Computer and Information Sciences, Pakistan Institute of Engineering and Applied Sciences, Islamabad 45650, Pakistan"],"affiliations":[{"raw_affiliation_string":"Department of Computer and Information Sciences, Pakistan Institute of Engineering and Applied Sciences, Islamabad 45650, Pakistan","institution_ids":["https://openalex.org/I134276161"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062427927","display_name":"Muhammad Arsalan Paracha","orcid":"https://orcid.org/0000-0002-5834-5293"},"institutions":[{"id":"https://openalex.org/I134276161","display_name":"Pakistan Institute of Engineering and Applied Sciences","ror":"https://ror.org/04d4mbk19","country_code":"PK","type":"education","lineage":["https://openalex.org/I134276161"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Muhammad Arsalan Paracha","raw_affiliation_strings":["Department of Computer and Information Sciences, Pakistan Institute of Engineering and Applied Sciences, Islamabad 45650, Pakistan"],"affiliations":[{"raw_affiliation_string":"Department of Computer and Information Sciences, Pakistan Institute of Engineering and Applied Sciences, Islamabad 45650, Pakistan","institution_ids":["https://openalex.org/I134276161"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037090300","display_name":"Syed Muhammad Mohsin","orcid":null},"institutions":[{"id":"https://openalex.org/I16076960","display_name":"COMSATS University Islamabad","ror":"https://ror.org/00nqqvk19","country_code":"PK","type":"education","lineage":["https://openalex.org/I16076960"]},{"id":"https://openalex.org/I79571142","display_name":"Virtual University of Pakistan","ror":"https://ror.org/00ya1zd25","country_code":"PK","type":"education","lineage":["https://openalex.org/I79571142"]}],"countries":["PK"],"is_corresponding":true,"raw_author_name":"Syed Muhammad Mohsin","raw_affiliation_strings":["College of Intellectual Novitiates (COIN), Virtual University of Pakistan, Lahore 55150, Pakistan","Department of Computer Science, COMSATS University Islamabad, Islamabad 45550, Pakistan"],"affiliations":[{"raw_affiliation_string":"College of Intellectual Novitiates (COIN), Virtual University of Pakistan, Lahore 55150, Pakistan","institution_ids":["https://openalex.org/I79571142"]},{"raw_affiliation_string":"Department of Computer Science, COMSATS University Islamabad, Islamabad 45550, Pakistan","institution_ids":["https://openalex.org/I16076960"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021722832","display_name":"Sadia Nishat Kazmi","orcid":null},"institutions":[{"id":"https://openalex.org/I119004910","display_name":"Silesian University of Technology","ror":"https://ror.org/02dyjk442","country_code":"PL","type":"education","lineage":["https://openalex.org/I119004910"]}],"countries":["PL"],"is_corresponding":false,"raw_author_name":"Sadia Nishat Kazmi","raw_affiliation_strings":["Faculty of Automatic Control, Electronics and Computer Science, Silesian University of Technology, 44-100 Gliwice, Poland"],"affiliations":[{"raw_affiliation_string":"Faculty of Automatic Control, Electronics and Computer Science, Silesian University of Technology, 44-100 Gliwice, Poland","institution_ids":["https://openalex.org/I119004910"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5080175512","display_name":"Carsten Maple","orcid":"https://orcid.org/0000-0002-4715-212X"},"institutions":[{"id":"https://openalex.org/I39555362","display_name":"University of Warwick","ror":"https://ror.org/01a77tt86","country_code":"GB","type":"education","lineage":["https://openalex.org/I39555362"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Carsten Maple","raw_affiliation_strings":["Cyber Security Centre, University of Warwick, Coventry CV4 7AL, UK"],"affiliations":[{"raw_affiliation_string":"Cyber Security Centre, University of Warwick, Coventry CV4 7AL, UK","institution_ids":["https://openalex.org/I39555362"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5037090300","https://openalex.org/A5080175512"],"corresponding_institution_ids":["https://openalex.org/I16076960","https://openalex.org/I39555362","https://openalex.org/I79571142"],"apc_list":{"value":2400,"currency":"CHF","value_usd":2598},"apc_paid":{"value":2400,"currency":"CHF","value_usd":2598},"fwci":3.4899,"has_fulltext":true,"cited_by_count":10,"citation_normalized_percentile":{"value":0.93183399,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"24","issue":"15","first_page":"4901","last_page":"4901"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7183058261871338},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7041539549827576},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6520233154296875},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.4963381886482239},{"id":"https://openalex.org/keywords/matching","display_name":"Matching (statistics)","score":0.41075122356414795},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3360503315925598},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.331905722618103}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7183058261871338},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7041539549827576},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6520233154296875},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.4963381886482239},{"id":"https://openalex.org/C165064840","wikidata":"https://www.wikidata.org/wiki/Q1321061","display_name":"Matching (statistics)","level":2,"score":0.41075122356414795},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3360503315925598},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.331905722618103},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.3390/s24154901","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s24154901","pdf_url":"https://www.mdpi.com/1424-8220/24/15/4901/pdf?version=1723175645","source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},{"id":"pmid:39123948","is_oa":false,"landing_page_url":"https://pubmed.ncbi.nlm.nih.gov/39123948","pdf_url":null,"source":{"id":"https://openalex.org/S4306525036","display_name":"PubMed","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors (Basel, Switzerland)","raw_type":null},{"id":"pmh:oai:pubmedcentral.nih.gov:11314677","is_oa":true,"landing_page_url":"https://www.ncbi.nlm.nih.gov/pmc/articles/11314677","pdf_url":"https://pmc.ncbi.nlm.nih.gov/articles/PMC11314677/pdf/sensors-24-04901.pdf","source":{"id":"https://openalex.org/S2764455111","display_name":"PubMed Central","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Sensors (Basel)","raw_type":"Text"},{"id":"pmh:oai:doaj.org/article:ae7f9a6f9a19411ebba48d59c1fbed27","is_oa":true,"landing_page_url":"https://doaj.org/article/ae7f9a6f9a19411ebba48d59c1fbed27","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Sensors, Vol 24, Iss 15, p 4901 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/s24154901","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s24154901","pdf_url":"https://www.mdpi.com/1424-8220/24/15/4901/pdf?version=1723175645","source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9","score":0.4300000071525574}],"awards":[{"id":"https://openalex.org/G7282611729","display_name":null,"funder_award_id":"EP/R007195/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320316679","display_name":"Pakistan Institute of Engineering and Applied Sciences","ror":"https://ror.org/04d4mbk19"},{"id":"https://openalex.org/F4320320279","display_name":"University of Warwick","ror":"https://ror.org/01a77tt86"},{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4401074662.pdf"},"referenced_works_count":53,"referenced_works":["https://openalex.org/W1528697349","https://openalex.org/W2028484373","https://openalex.org/W2029014126","https://openalex.org/W2037334255","https://openalex.org/W2121850239","https://openalex.org/W2521426528","https://openalex.org/W2813318576","https://openalex.org/W2890071159","https://openalex.org/W2891354794","https://openalex.org/W2895680608","https://openalex.org/W2899199336","https://openalex.org/W2913601780","https://openalex.org/W2917366689","https://openalex.org/W2972913341","https://openalex.org/W2997638503","https://openalex.org/W2999489978","https://openalex.org/W3013210424","https://openalex.org/W3033891251","https://openalex.org/W3082226847","https://openalex.org/W3115191271","https://openalex.org/W3120874394","https://openalex.org/W3133843004","https://openalex.org/W3153738065","https://openalex.org/W3157317299","https://openalex.org/W3170894298","https://openalex.org/W3179245071","https://openalex.org/W3199714564","https://openalex.org/W3202533095","https://openalex.org/W4200569302","https://openalex.org/W4206591717","https://openalex.org/W4210419127","https://openalex.org/W4214744072","https://openalex.org/W4220893462","https://openalex.org/W4242767706","https://openalex.org/W4283662573","https://openalex.org/W4307937957","https://openalex.org/W4313315611","https://openalex.org/W4313315978","https://openalex.org/W4313644131","https://openalex.org/W4315782929","https://openalex.org/W4367462740","https://openalex.org/W4375824994","https://openalex.org/W4379034034","https://openalex.org/W4384069704","https://openalex.org/W4385352498","https://openalex.org/W4387393678","https://openalex.org/W4388819599","https://openalex.org/W4389839489","https://openalex.org/W4396214339","https://openalex.org/W6755552495","https://openalex.org/W6778324102","https://openalex.org/W6806911057","https://openalex.org/W6908498059"],"related_works":["https://openalex.org/W2364419519","https://openalex.org/W2360767377","https://openalex.org/W2017948608","https://openalex.org/W2360951146","https://openalex.org/W2061466315","https://openalex.org/W2376886931","https://openalex.org/W1992118813","https://openalex.org/W2010561419","https://openalex.org/W2374845301","https://openalex.org/W2351448539"],"abstract_inverted_index":{"Advances":[0],"in":[1,194,222,230],"connectivity,":[2],"communication,":[3],"computation,":[4],"and":[5,15,65,76,92,183,202,225],"algorithms":[6],"are":[7,31,42,197],"driving":[8],"a":[9,85,100,108,140,152],"revolution":[10],"that":[11,144,214],"will":[12],"bring":[13],"economic":[14],"social":[16],"benefits":[17],"through":[18],"smart":[19],"technologies":[20],"of":[21,103,107,127,170,176],"the":[22,27,66,104,123,128,136,146,168,171,195,200],"Industry":[23],"4.0":[24],"era.":[25],"At":[26],"same":[28],"time,":[29],"attackers":[30],"targeting":[32],"this":[33,132],"expanded":[34],"cyberspace":[35],"to":[36,83,166],"exploit":[37],"it.":[38],"Therefore,":[39],"many":[40],"cyberattacks":[41],"reported":[43],"each":[44],"year":[45],"at":[46],"an":[47],"increasing":[48],"rate.":[49],"Traditional":[50],"security":[51,74,88,105],"devices":[52,193],"such":[53,94],"as":[54],"firewalls,":[55],"intrusion":[56,60],"detection":[57],"systems":[58,62],"(IDSs),":[59],"prevention":[61],"(IPSs),":[63],"anti-viruses,":[64],"like,":[67],"often":[68],"cannot":[69],"detect":[70,236],"sophisticated":[71],"cyberattacks.":[72,95],"The":[73,119,211],"information":[75],"event":[77,204],"management":[78],"(SIEM)":[79],"system":[80,98],"has":[81],"proven":[82],"be":[84],"very":[86],"effective":[87],"tool":[89],"for":[90,161,207],"detecting":[91],"mitigating":[93],"A":[96],"SIEM":[97,129,172],"provides":[99],"holistic":[101],"view":[102],"status":[106],"corporate":[109],"network":[110,117],"by":[111],"analyzing":[112],"log":[113,163,188],"data":[114,164,189],"from":[115,187,191],"various":[116,192],"devices.":[118],"correlation":[120,142,209],"engine":[121,143],"is":[122,216],"most":[124],"important":[125],"module":[126],"system.":[130,173],"In":[131],"study,":[133],"we":[134],"propose":[135],"optimized":[137],"correlator":[138,205],"(OC),":[139],"novel":[141,153],"replaces":[145],"traditional":[147],"regex":[148,156],"matching":[149,157],"sub-module":[150],"with":[151],"high-performance":[154],"multiple":[155],"library":[158],"called":[159],"\"Hyperscan\"":[160],"parallel":[162],"scanning":[165],"improve":[167],"performance":[169],"Log":[174],"files":[175],"102":[177],"MB,":[178,180,182,185],"256":[179],"512":[181],"1024":[184],"generated":[186],"received":[190],"network,":[196],"input":[198],"into":[199],"OC":[201,215,234],"simple":[203],"(SEC)":[206],"applying":[208],"rules.":[210],"results":[212],"indicate":[213],"21":[217],"times":[218,227],"faster":[219],"than":[220],"SEC":[221],"real-time":[223],"response":[224],"2.5":[226],"more":[228],"efficient":[229],"execution":[231],"time.":[232],"Furthermore,":[233],"can":[235],"multi-layered":[237],"attacks":[238],"successfully.":[239]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":9}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}