“…• Clustering of similar events to reduce the volume of processed information and classify security events to event detection (ED) (Liu et al, 2019b;Deng and Hooi, 2021), event grouping (EG) (Hostiadi et al, 2019;Sun et al, 2020), and event pattern extraction (EPE) (Dhaou et al, 2021;Zeng et al, 2021). • Intrusion detection (ID), which deals with multi-stage and targeted attacks (Joloudari et al, 2020;Sen et al, 2022), or anomaly detection (AD) (Han et al, 2020;Wang et al, 2022) to notify the security administrator about misuses and deviations from normal behavior, respectively. • Intrusion prediction (IP) (Holgado et al, 2017;Oki et al, 2018) based on incoming events, which allows early detection of intruder targets.…”