Have a personal or library account? Click to login
Autonomous Agentic AI Architectures for Optimizing Security Operations Centers (SOC) KPIS: Methodology, Impact on Detection, Response, and Recovery Cover

Autonomous Agentic AI Architectures for Optimizing Security Operations Centers (SOC) KPIS: Methodology, Impact on Detection, Response, and Recovery

Land Forces Academy Review
Volume 30 (2025): Issue 3 (September 2025)
By: Miroslav Stefanov,  Kristyan Stefanov,  Laxima Niure Kandel,  Sean Crouse and  Boyan Jekov  
Open Access
|Sep 2025

References

  1. Agyepong, E., Cherdantseva, Y., Reinecke, P. & Burnap, P. (2022). A systematic method for measuring the performance of a cyber security operations centre analyst. Computers & Security, 117, 102959. Available at: https://doi.org/10.1016/j.cose.2022.102959.
    Search in Google ScholarBack to article
  2. Ali, G., Shah, S., & ElAffendi, M. (2025). Enhancing cybersecurity incident response: AI-driven optimization for strengthened advanced persistent threat detection. Results in Engineering, 21, 104078. Available at: https://doi.org/10.1016/j.rineng.2025.104078.
    Search in Google ScholarBack to article
  3. Arrieta, A.B., et al. (2020). Explainable Artificial Intelligence (XAI): Concepts, taxonomies, opportunities and challenges toward responsible AI. Information Fusion, 58, 82-115. Available at: https://doi.org/10.1016/j.inffus.2019.12.012.
    Search in Google ScholarBack to article
  4. Chen, T., & Guestrin, C. (2016). XGBoost: A scalable tree boosting system. Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 785-794. Available at: https://doi.org/10.1145/2939672.2939785.
    Search in Google ScholarBack to article
  5. CICIDS2017 Dataset. (n.d.). Canadian Institute for Cybersecurity. Retrieved from: https://www.unb.ca/cic/datasets/ids-2017.html.
    Search in Google ScholarBack to article
  6. CSE-CIC-IDS2018 Dataset. (n.d.). Canadian Institute for Cybersecurity. Retrieved from: https://www.unb.ca/cic/datasets/ids-2018.html.
    Search in Google ScholarBack to article
  7. CTU-13 Botnet Dataset. (n.d.). Retrieved from: https://github.com/imfaisalmalik/CTU13-CSV-Dataset.
    Search in Google ScholarBack to article
  8. Devlin, J., Chang, M.-W., Lee, K., & Toutanova, K. (2019). BERT: Pre-training of deep bidirectional transformers for language understanding. Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, Vol. 1, 4171-4186. Available at: https://doi.org/10.18653/v1/N19-1423.
    Search in Google ScholarBack to article
  9. Forsberg, J. & Frantti, T. (2023). Technical performance metrics of a security operations center. Computers & Security, 127, 103529. Available at: https://doi.org/10.1016/j.cose.2023.103529.
    Search in Google ScholarBack to article
  10. Ke, G., et al. (2017). LightGBM: A highly efficient gradient boosting decision tree. Advances in Neural Information Processing Systems, 30, 3146-3154. Available at: https://www.researchgate.net/publication/378480234_LightGBM_A_Highly_Efficient_Gradient_Boosting_Decision_Tree.
    Search in Google ScholarBack to article
  11. Le, T.D., Le-Dinh, T., & Uwizeyemungu, S. (2025). Cybersecurity analytics for the enterprise environment: A systematic literature review. Electronics, 14(11), 2252. Available at: https://doi.org/10.3390/electronics14112252.
    Search in Google ScholarBack to article
  12. Li, X., Shi, W., Zhang, H., Peng, C., Wu, S., & Tong, W. (2025). The Agentic-AI core: An AI-empowered, mission-oriented core network for next-generation mobile telecommunications. Engineering, 21(6), Article 100503. Available at: https://doi.org/10.1016/j.eng.2025.06.027.
    Search in Google ScholarBack to article
  13. Lopez-Martin, M., Carro, B., Sanchez-Esguevillas, A., & Lloret, J. (2017). Network traffic classifier with convolutional and recurrent neural networks for Internet of Things. IEEE Access, 5, 18042-18050. Available at: https://doi.org/10.1109/ACCESS.2017.2747560.
    Search in Google ScholarBack to article
  14. Omar, L., & Ivrissimtzis, I. (2020). Using theoretical ROC curves for analysing machine learning binary classifiers. Pattern Recognition Letters, 133, 51-58. Available at: https://doi.org/10.1016/j.patrec.2019.10.004.
    Search in Google ScholarBack to article
  15. Roumeliotis, K.I., Tselikas, N.D., & Nasiopoulos, D.K. (2025). Optimizing airline review sentiment analysis: A comparative analysis of LLaMA and BERT models through fine-tuning and few-shot learning. Computers, Materials & Continua, 82(2), 2781-2798. Available at: https://doi.org/10.32604/cmc.2025.059567.
    Search in Google ScholarBack to article
  16. Schesmu, T. (2024). AI-powered SOC: Automating incident response with machine learning and SOAR tools. Medium. Retrieved from: https://medium.com/@akramtalibi1902/ai-powered-soc-automating-incident-response-with-machine-learning-and-soar-tools-70ab343e9402.
    Search in Google ScholarBack to article
  17. Sopan, A., Berninger, M., Mulakaluri, M., & Katakam, R. (2018). Building a machine learning model for the SOC, by the input from the SOC, and analyzing it for the SOC. Proceedings of the 15th IEEE Symposium on Visualization for Cyber Security (VizSec), Article 8709231. Available at: https://doi.org/10.1109/VIZSEC.2018.8709231.
    Search in Google ScholarBack to article
  18. Sowmya, T., & Mary Anita, E.A. (2023). A comprehensive review of AI based intrusion detection system. Measurement: Sensors, 26, 100827. Available at: https://doi.org/10.1016/j.measen.2023.100827.
    Search in Google ScholarBack to article
  19. Wazuh Cloud Demo. (n.d.). Wazuh Inc. Retrieved from https://demo.wazuh.com.
    Search in Google ScholarBack to article
DOI: https://doi.org/10.2478/raft-2025-0046 | Journal eISSN: 3100-5071 | Journal ISSN: 3100-5063
Journal RSS Feed
Language: English
Page range: 479 - 493
Published on: Sep 18, 2025
Published by: Nicolae Balcescu Land Forces Academy
In partnership with: Paradigm Publishing Services
Publication frequency: 4 issues per year
Keywords:
Agentic AI,
SOC optimization,
KPI automation,
machine learning,
cybersecurity
Related subjects:
Business and economics,
Business management,
Business management, other,
Engineering,
Electrical engineering,
Fundamentals of electrical engineering,
Social sciences,
Political science,
Political science, other,
Education,
Education, other

© 2025 Miroslav Stefanov, Kristyan Stefanov, Laxima Niure Kandel, Sean Crouse, Boyan Jekov, published by Nicolae Balcescu Land Forces Academy
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License.

Previous articleVolume 30 (2025): Issue 3 (September 2025)Next article