AI-Driven Defense-in-Depth: A Systematic Review of SOC Maturity Models and DDoS Mitigation

George Antoniou

AI-Driven Defense-in-Depth: A Systematic Review of SOC Maturity Models and DDoS Mitigation

George Antoniou

Cybersecurity

Research output: Contribution to journal › Conference article › peer-review

Abstract

The growing sophistication of distributed denial-of-service (DDoS) attacks poses persistent challenges to security operations centers (SOCs). This paper presents a structured, evidence-based framework for integrating artificial intelligence (AI) into layered cyber defenses. Through systematic literature review and mapping of peer-reviewed intrusion detection techniques, we examine the applicability of ensemble learning, explainable AI (XAI), and federated learning across the defense-in-depth spectrum. We also propose an AI-maturity roadmap grounded in ENISA and NIST frameworks to guide phased SOC integration. Our findings support strategic AI deployment for improved detection accuracy, reduced triage time, and enhanced operational resilience against large-scale DDoS campaigns.

Original language	American English
Pages (from-to)	10-17
Number of pages	8
Journal	CEUR Workshop Proceedings
Volume	4044
State	Published - May 23 2025
Event	6th International Conference on Recent Trends and Applications in Computer Science and Information Technology, RTA-CSIT 2025 - University of Tirana, Tirana, Albania Duration: May 22 2025 → May 24 2025 Conference number: 6th https://ceur-ws.org/Vol-4044/

Bibliographical note

Publisher Copyright:
© 2025 Copyright for this paper by its authors.

ASJC Scopus Subject Areas

General Computer Science

Keywords

DDoS
defense-in-depth
artificial intelligence
SOC maturity
XAI
cybersecurity roadmap

Disciplines

Information Security
Artificial Intelligence and Robotics
Computer Sciences
Databases and Information Systems

Organization custom fields

International conference presentation/presentation abroad
Author/co-author in international publications

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

Cite this

@article{7701523a0c65453f838abbfcaf5918ec,

title = "AI-Driven Defense-in-Depth: A Systematic Review of SOC Maturity Models and DDoS Mitigation",

abstract = "The growing sophistication of distributed denial-of-service (DDoS) attacks poses persistent challenges to security operations centers (SOCs). This paper presents a structured, evidence-based framework for integrating artificial intelligence (AI) into layered cyber defenses. Through systematic literature review and mapping of peer-reviewed intrusion detection techniques, we examine the applicability of ensemble learning, explainable AI (XAI), and federated learning across the defense-in-depth spectrum. We also propose an AI-maturity roadmap grounded in ENISA and NIST frameworks to guide phased SOC integration. Our findings support strategic AI deployment for improved detection accuracy, reduced triage time, and enhanced operational resilience against large-scale DDoS campaigns.",

keywords = "DDoS, defense-in-depth, artificial intelligence, SOC maturity, XAI, cybersecurity roadmap",

author = "George Antoniou",

note = "Publisher Copyright: {\textcopyright} 2025 Copyright for this paper by its authors.; 6th International Conference on Recent Trends and Applications in Computer Science and Information Technology, RTA-CSIT 2025, RTA-CSIT 2025 ; Conference date: 22-05-2025 Through 24-05-2025",

year = "2025",

month = may,

day = "23",

language = "American English",

volume = "4044",

pages = "10--17",

journal = "CEUR Workshop Proceedings",

issn = "1613-0073",

url = "https://ceur-ws.org/Vol-4044/",

}

TY - JOUR

T1 - AI-Driven Defense-in-Depth: A Systematic Review of SOC Maturity Models and DDoS Mitigation

AU - Antoniou, George

N1 - Conference code: 6th

PY - 2025/5/23

Y1 - 2025/5/23

N2 - The growing sophistication of distributed denial-of-service (DDoS) attacks poses persistent challenges to security operations centers (SOCs). This paper presents a structured, evidence-based framework for integrating artificial intelligence (AI) into layered cyber defenses. Through systematic literature review and mapping of peer-reviewed intrusion detection techniques, we examine the applicability of ensemble learning, explainable AI (XAI), and federated learning across the defense-in-depth spectrum. We also propose an AI-maturity roadmap grounded in ENISA and NIST frameworks to guide phased SOC integration. Our findings support strategic AI deployment for improved detection accuracy, reduced triage time, and enhanced operational resilience against large-scale DDoS campaigns.

AB - The growing sophistication of distributed denial-of-service (DDoS) attacks poses persistent challenges to security operations centers (SOCs). This paper presents a structured, evidence-based framework for integrating artificial intelligence (AI) into layered cyber defenses. Through systematic literature review and mapping of peer-reviewed intrusion detection techniques, we examine the applicability of ensemble learning, explainable AI (XAI), and federated learning across the defense-in-depth spectrum. We also propose an AI-maturity roadmap grounded in ENISA and NIST frameworks to guide phased SOC integration. Our findings support strategic AI deployment for improved detection accuracy, reduced triage time, and enhanced operational resilience against large-scale DDoS campaigns.

KW - DDoS

KW - defense-in-depth

KW - artificial intelligence

KW - SOC maturity

KW - XAI

KW - cybersecurity roadmap

UR - https://www.scopus.com/pages/publications/105018458572

UR - https://www.scopus.com/pages/publications/105018458572#tab=citedBy

M3 - Conference article

SN - 1613-0073

VL - 4044

SP - 10

EP - 17

JO - CEUR Workshop Proceedings

JF - CEUR Workshop Proceedings

T2 - 6th International Conference on Recent Trends and Applications in Computer Science and Information Technology, RTA-CSIT 2025

Y2 - 22 May 2025 through 24 May 2025

ER -

AI-Driven Defense-in-Depth: A Systematic Review of SOC Maturity Models and DDoS Mitigation

Abstract

Bibliographical note

ASJC Scopus Subject Areas

Keywords

Disciplines

Organization custom fields

UN SDGs

Access to Document

Other files and links

6th International Conference on Recent Trends and Applications in Computer Science and Information Technology, RTA-CSIT 2025 (Event)

Cite this

AI-Driven Defense-in-Depth: A Systematic Review of SOC Maturity Models and DDoS Mitigation

Abstract

Bibliographical note

ASJC Scopus Subject Areas

Keywords

Disciplines

Organization custom fields

UN SDGs

Access to Document

Other files and links

Activities

6th International Conference on Recent Trends and Applications in Computer Science and Information Technology, RTA-CSIT 2025 (Event)

Cite this