EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Reinforcement Learning for Continuous Cyber Threat Detection Rule Improvement

Nabeela Temitayo Adebola (), Williams Ezebuilo Eze (), Kamoru Emmanuel Umoru (), Kamoru Emmanuel Umoru (), Jamiu Akande () and Nuhu Ezra ()

International Journal of Innovative Science and Research Technology (IJISRT), 2026, vol. 11, issue 03, 486-495

Abstract: Security Information and Event Management systems are still at the core of threat monitoring in enterprises, but their rule-based detection methodology is mostly static in nature and always in need of manual tuning. As the nature of cyber-attacks becomes increasingly sophisticated, the complexity of the operating environment also increases, leading to a degradation in the accuracy of the rule-based methodology, with false positives and false negatives rising significantly. Recent studies show that adaptive learning methodologies can improve the accuracy of anomaly-based detection systems in a dynamic operating environment. Reinforcement learning is a methodology in which a learning agent learns through its interactions with its operating environment and improves its decision-making capabilities through a series of iterations. This research proposes a reinforcement learning-based framework for the continuous improvement of cyber threat detection rules in Security Information and Event Management systems. A reinforcement learning agent learns from the outcomes of the alerts generated in the system, the feedback from the Security Operations Center, and the threat intelligence available in the system to improve the thresholds and correlation values in real time for the rule-based methodology. This research uses benchmark intrusion datasets to evaluate the proposed methodology and compares its performance with static rulebased systems to show the improvement in accuracy and a reduction in false positives generated in the system.

Keywords: Reinforcement Learning; SIEM; Continuous Monitoring; False Positives; SOC Automation; Adaptive Cyber Defense. (search for similar items in EconPapers)
Date: 2026
References: Add references at CitEc
Citations:

Downloads: (external link)
https://www.ijisrt.com/reinforcement-learning-for- ... ion-rule-improvement (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:cvr:ijisrt:2026:03:ijisrt26mar324

DOI: 10.38124/ijisrt/26mar324

Access Statistics for this article

More articles in International Journal of Innovative Science and Research Technology (IJISRT) from IJISRT Publication
Bibliographic data for series maintained by Rahul Goyel ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2026-05-23
Handle: RePEc:cvr:ijisrt:2026:03:ijisrt26mar324