diff --git a/CHANGELOG.md b/CHANGELOG.md
index 617bbb6f5..cd858bb18 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,4 @@
-# UTMStack 10.8.4 Release Notes
+# UTMStack 10.8.5 Release Notes
 
-- Enhanced security and compliance by upgrading several internal components—most notably the update server—to exclusively support TLS 1.3.
\ No newline at end of file
+- Expanded the exclusion dictionary for malicious IP connection logs to reduce false positives.
+- Automatically close alerts with SOC-AI when the feature is enabled.
\ No newline at end of file
diff --git a/correlation/ti/ti.go b/correlation/ti/ti.go
index 876dd25a9..55f6a76b6 100644
--- a/correlation/ti/ti.go
+++ b/correlation/ti/ti.go
@@ -1,14 +1,15 @@
 package ti
 
 import (
-	"github.com/tidwall/gjson"
-	"github.com/utmstack/UTMStack/correlation/correlation"
-	"github.com/utmstack/UTMStack/correlation/utils"
 	"net"
 	"runtime"
 	"strings"
 	"sync"
 	"time"
+
+	"github.com/tidwall/gjson"
+	"github.com/utmstack/UTMStack/correlation/correlation"
+	"github.com/utmstack/UTMStack/correlation/utils"
 )
 
 type Cache map[string]bool
@@ -35,6 +36,8 @@ func blocked(log string) bool {
 		"drop",
 		"reject",
 		"deny",
+		"timeout",
+		"closed",
 	}
 
 	for _, e := range exclusionList {
diff --git a/version.yml b/version.yml
index 71d121f8c..e1809b58b 100644
--- a/version.yml
+++ b/version.yml
@@ -1 +1 @@
-version: 10.8.4
\ No newline at end of file
+version: 10.8.5
\ No newline at end of file