Available online at www.sciencedirect.

com
ScienceDirect
ScienceDirect
Procedia Computer Science 00 (2024) 000–000
Available online at www.sciencedirect.com www.elsevier.com/locate/procedia
Procedia Computer Science 00 (2024) 000–000
www.elsevier.com/locate/procedia
ScienceDirect
Procedia Computer Science 251 (2024) 287–294

The 15th International Conference on Emerging Ubiquitous Systems and Pervasive Networks
(EUSPN 2024)
The 15th International Conference
October on Emerging
28-30, Ubiquitous
2024, Leuven, Systems and Pervasive Networks
Belgium
(EUSPN 2024)
October 28-30, 2024, Leuven, Belgium
Applying AI and Machine Learning to Enhance Automated
Applying AI and Machine
Cybersecurity Learning
and Network to Enhance
Threat Automated
Identification
Cybersecurity and Network Threat Identification
Fadi Muheidata,*, Moayyad Abu Mallouhb, Omar Al-Salehb, Omar Al-Khasawnehb and
b
Fadi Muheidata,*, Moayyad Abu Mallouh Lo’ai A.b,Tawalbeh
Omar Al-Salehb, Omar Al-Khasawnehb and
California State University- San Bernardino,bCA 92407, USA
Lo’ai A. Tawalbeh
a

Computer Engineering Department, Jordan University of Science and Technology, Irbid, 22110, Jordan
c
a
California State University- San Bernardino, CA 92407, USA
c
Computer Engineering Department, Jordan University of Science and Technology, Irbid, 22110, Jordan

Abstract

Abstract
Artificial intelligence (AI) is now used in many sectors but its transformative impact on cybersecurity is unmatched. Cybersecurity
is seen to rely heavily on artificial intelligence (AI), which has brought about automation of responses, detection of network threats
Artificial intelligence
and security (AI) is now
consciousness. Thisused
paperin many sectors
examines but itsmodern
various transformative impact
techniques on cybersecurity
involving is unmatched.
deep learning, machineCybersecurity
learning and
is seen to analysis
behavior rely heavily on artificial
among intelligence
others that are used in(AI), which
dealing hasthe
with brought aboutnumber
increasing automation of responses,
and complexity ofdetection of network
cyber threats. threats
The research
and security consciousness. This paper examines various modern techniques involving deep learning,
also looks at how automated cybersecurity response and decision-making capacities have been transformed through AI. It also machine learning and
behavior analysis
investigates among others
into security that aremodeling
intelligence used in dealing with of
as a means theoffering
increasing number insights
actionable and complexity
towardsofstrengthening
cyber threats.organizational
The research
also looks Additionally,
resilience. at how automated cybersecurity
the goal response
of this paper and decision-making
is to provide capacitiesofhave
a nuanced understanding howbeen
AI istransformed through AI. It
reshaping cybersecurity also
and to
investigates
outline futureinto securityforintelligence
pathways research and modeling as a means
development in this of offering
dynamic actionable insights towards strengthening organizational
field.
resilience. Additionally, the goal of this paper is to provide a nuanced understanding of how AI is reshaping cybersecurity and to
outline future pathways for research and development in this dynamic field.
© 2024 The Authors. Published by Elsevier B.V.
© 2024 The Authors. Published by Elsevier B.V.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
This
© is an
2024 open
The accessPublished
Authors. article under
by the CC BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0)
Peer-review
Peer-review under
under responsibility
responsibility ofof Elsevier B.V. Program
the scientific
the Conference committee ofChairs.
the Conference Program Chairs
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review
Keywords: under Intelligence
Artificial responsibility ofCybersecurity;
(AI); the Conference Program
Automated Chairs. Network Threat Detection; Machine Learning; Deep Learning;
Response;
Federated Learning; Distributed Learning; Cyber Threat Mitigation
Keywords: Artificial Intelligence (AI); Cybersecurity; Automated Response; Network Threat Detection; Machine Learning; Deep Learning;
Federated Learning; Distributed Learning; Cyber Threat Mitigation

* Corresponding author.
E-mail address: [email protected]
* Corresponding author.
E-mail address:
1877-0509 [email protected]
© 2024 The Authors. Published by Elsevier B.V.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review©under
1877-0509 2024responsibility
The Authors. ofPublished
the Conference
by Elsevier
Program
B.V. Chairs.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review under responsibility of the Conference Program Chairs.

1877-0509 © 2024 The Authors. Published by Elsevier B.V.

This is an open access article under the CC BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0)
Peer-review under responsibility of the scientific committee of the Conference Program Chairs
10.1016/j.procs.2024.11.112
288
2 Fadi name
Author Muheidat et al. /Computer
/ Procedia Procedia Computer
Science 00Science 251 (2024) 287–294
(2018) 000–000

1. Introduction

Fig. 1 AI in Cybersecurity, adapted from [42]

The Internet has taken over our lives in the 21st century, providing a foundation for essential services such as
infrastructure management, communication systems, and trade among others. The more we depend on interconnected
devices though, the more vulnerable we become to hackers looking to exploit any weakness they can find. It is
estimated that these attacks cost up to billions every year [1] [2]. In the face of this ever-changing landscape where
traditional measures fail; cyber security is starting to use AI technology as an advantage against them. The sheer
volume and complexity of modern cyberattacks often exceed the capabilities of conventional protection systems. This
has prompted a growing interest in leveraging the power of artificial intelligence (AI) to enhance cybersecurity efforts
[3].
The capability of artificial intelligence (AI) systems to process huge amounts of information and learn from it has
the potential to change completely our methods of protecting ourselves against cyber threats. For instance, AI can be
used to give real-time analysis of network traffic, detect suspicious activities as well as predict attacks thereby helping
us take a more proactive approach towards cybersecurity [4], [5]. At the same time, it is difficult to keep up with ever-
changing cybersecurity environment. However, AI can be used against cybercriminals who are now incorporating AI
techniques in their attack strategies [6], [7]. It has become necessary to comprehend the positive and negative ways of
applying AI in cybersecurity. Figure 1 below shows AI techniques in autonomous threat haunting.
This paper aims at exploring the complex interaction between AI and cybersecurity. We will explore weaknesses
that are inherent in security systems based on AI as well as how we can bring out issues of cybercrime using artificial
intelligence. By evaluating the current state of AI in cybersecurity and identifying key research directions, we hope to
contribute to the development of more robust and effective defense measures against the growing threat of cybercrime.

2. Cyber-Attacks and Detection

Cybercriminals employ a wide range of attack techniques to compromise the confidentiality, integrity, and
availability of digital systems and data. These attacks can be broadly categorized into the following main types, check,
figure 2 shows expanded cyber-attack taxonomy,:

• Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks: when a system or network is
subjected to DoS and DDoS attacks, they are made inaccessible to its legitimate users as these attacks aim at
overwhelming it with malicious traffic. Botnets, which refer to compromised devices under the attacker’s
domain, are often used for this purpose [8], [9].
 Fadi Muheidat et al. / Procedia Computer Science 251 (2024) 287–294 289
Author name / Procedia Computer Science 00 (2018) 000–000 3

• Man-in-the-Middle (MITM) Attacks: these attacks enable fraudsters to intercept and meddle with
communications between two parties so that attackers can listen in on conversations or mimic the acting
entities involved [10], [11].
• Malware Infections: viruses, worms, Trojans and ransomware form part of malware that infiltrates systems
causing a wide range of destruction including data theft, system breakdowns and financial blackmailing [12],
[13].
• SQL Injection and Cross-Site Scripting (XSS) Attacks: these hack web applications by exploiting their
vulnerabilities with an intention of accessing some unauthorized information or executing malicious scripts on
both server or client site is a way through which an attacker may use them[14], [15].

To detect and mitigate these types of cyber threats, researchers and security professionals have explored the
application of various AI techniques, including:
• Machine Learning for Anomaly Detection: The development of supervised and unsupervised machine learning
algorithms to detect strange patterns in system logs, user behavior and network traffic is a hot topic since they
can assist in identifying cyber-attacks [16], [17].
• Deep Learning for Malware Classification: Convolutional neural networks (CNNs) and recurrent neural
networks (RNNs) have been found to be very effective when it comes to classifying malware by differentiating
their structural as well as behavioral traits [18], [19].
• Reinforcement Learning for Adaptive Defense: Reinforcement learning models are able to build adaptive
security systems that learn from past experience, continually optimize their defense strategies, and respond to
new attack techniques [20], [21].
• Generative Adversarial Networks (GANs) for Cyber Threat Simulation: GANs can generate synthetic yet
realistic threat data that can be employed in training AI-based security systems and assessing their performance
under controlled conditions [22], [23].

AI-powered solutions are a reliable answer to multiple cyber threats. However, they do have their own constraints
and problems:
• Adversarial Attacks: Cyber criminals can take advantage of AI models’ weaknesses by designing adversarial
inputs that can bypass detection or even lead the models to wrong predictions [24], [25]
• Data Scarcity and Imbalance: Most cybersecurity datasets are usually small, imbalanced and monotonous
leading to difficulties in training and generalization of AI models [26], [27].

Fig. 2 The cyber-attack taxonomy, adapted from [43]

290 Fadi Muheidat et al. / Procedia Computer Science 251 (2024) 287–294
4 Author name / Procedia Computer Science 00 (2018) 000–000

• Interpretability and Explainability: For security applications, it is important to understand how AI models,
especially deep learning, work seeing as it is a complex model type with intricate decision-making processes
involved [28], [29].
• Adaptability to Evolving Threats: Computationally expensive and technically challenging may be required for
AI-based security systems because they need to be capable of adapting rapidly and studying novel threats as
cybercriminals change tactics continually [30], [31].

3. Deep Learning Solutions for Cyber Attack Defense

Deep learning has emerged as a powerful tool in the fight against cyber-attacks, offering sophisticated solutions to
detect, prevent, and mitigate various threats. The current section focuses on using deep neural network architectures
for cybersecurity and underlines their weaknesses and strengths associated with countering changing cyber threats.
Some of the Deep Neural Network Architectures for Threat Detection
• Deep Belief Networks (DBNs): a special kind of deep neural network that have several layers of latent
variables and are typically used for unsupervised feature learning and classification. DBNs can be utilized in
cybersecurity for the purpose of anomaly detection, where it is trained to learn the usual patterns of network
traffic or system behavior. Cyber threats and attacks can be effectively detected by DBNs which identify
variances from this learned state [32].
• Recurrent Neural Networks (RNNs): RNNs are particularly good at processing sequential data such as time-
series network traffic or system logs and thus they make ideal candidates for discovering temporal patterns as
well as finding anomalies that may indicate cyber attacks. RNNs, especially alternatives such as long short-
term memory (LSTMs) and gated recurrent units (GRUs), can understand intricate dependencies in network
activity alongside system events so that they can detect cyber threats[33].
• Convolutional Neural Networks (CNNs): CNNs offer the advantage of drawing spatial features out of data
which could be applied to network traffic patterns, system images among other cybersecurity-related data
having inherent spatial relationships in them. For example, CNNs being able to identify malware signatures
through system memory dumps or identifying anomalies within network traffic flow[34],[35].

Deep learning is good as well as bad when it comes to the cybersecurity. On one hand, this technique is great in
terms of feature extraction and representation learning, which helps models to identify important features
automatically from raw data. This helps them to have a better detection accuracy and fewer false positives compared
with other traditional machine learning approaches because it can handle more complex, high-dimensional and
unstructured data types found in cyber security like network traffic and malware samples. Deep learning models also
understand subtle irregular patterns that signify cyber threats. Nevertheless, deep learning has several negative aspects
as well. Security demands large-labeled datasets which are hard to come by in this field. Moreover, the computational
requirements of the process are beyond realistic expectations for real-time deployment in resource-limited
environments. Lastly, the intricacy of deep-learning models makes their decision-making processes difficult to
comprehend as they are much more complicated than traditional neural networks used in cybersecurity systems
thereby undermining trust and adoption besides being prone to adversarial attacks that can fool them into making
wrong decisions.

There are multiple challenges associated with implementing deep learning in cybersecurity. First, the fast pace of
change in cyber threats makes it difficult to gather high-quality, comprehensive and current training datasets. This
makes it almost impossible to re-use datasets as soon as they become out-of-date and this compels continuous
upgrading of models. Furthermore, deep learning models require powerful hardware like GPUs due to their high
computational demands thereby limiting their deployment within constrained environments such as edge devices or
distributed network segments. These models are also complicated making them difficult to interpret including their
decision-making processes which may cast doubts on trust and reliability among cybersecurity practitioners who need
openness and responsibility from them. In addition, deep learning models are not robust to adversarial examples that
a malicious agent may create for a model leading towards robustness and resilience being crucial when deploying
 Fadi Muheidat et al. / Procedia Computer Science 251 (2024) 287–294 291
Author name / Procedia Computer Science 00 (2018) 000–000 5

them in practice. Finally, ongoing learning and improvement is challenging because deep learning models should
continuously adapt and update themselves given the evolving nature of cyber threats necessitating development of
efficient mechanisms for these purposes.

4. Machine Learning Algorithms for Cybersecurity

Enhancing cybersecurity relies heavily on machine learning algorithms which automate threat detection and
response. The purpose of this section is to look at the different types of machine learning techniques used for cyber
security purposes, how they work, and their ability to manage online threats.
• Support Vector Machines (SVMs): are a well-known supervised learning approach used for classification and
regression tasks. Regarding cybersecurity, SVMs may be employed to recognize malware; determine
intrusions in networks; and classify various forms of cyber risks. The SVM tries to find the optimal hyperplane
that can separate different classes of data with the maximum margin leading to effective classifications of
complex high-dimensional data [37].
• Random Forests: is an ensemble learning method that combines multiple decision trees with the aim of
improving the accuracy and robustness of classification or regression models. Random Forests have
applications in detecting network anomalies, classifying malicious software and intrusion detection in cyber
security. The process involves training several decision trees on random subsets of the features as well as
instances before combining their predictions towards final decisions [38].

• Naive Bayes: A simple but powerful probabilistic classifier that can be used for various purposes in cyber
security like spam detection, phishing emails and virus classification is what we call the naive bayes. It simply
assumes independence of features and calculates probabilities based on incoming data for each class, hence
making it a good method when there is little knowledge to train on [39].
• k-Nearest Neighbors (k-NN): The k-nearest neighbors algorithm (k-NN) is one of these non-parametric
instance-based learning techniques and can be utilized for both classification as well as anomaly detection in
the domain of cyber security. The algorithm works by looking up labels or distances from a given point to k
points nearest to it. In web sphere, k-NN is used in network intrusion detection systems or malware recognition
tools [40].
• Artificial Neural Networks (ANNs): For a wide range of cybersecurity tasks, including malware detection,
network traffic analysis, and user behavior analysis, ANNs are machine learning models that are inspired by
the human brain. The interconnected nodes (neurons) and weighted connections in ANNs enable them to learn
complex non-linear relationships in data [41].

Implementing and optimizing machine learning algorithms for cybersecurity involves several practical
considerations. Feature engineering is effective when the right features have been chosen, transformed or created from
raw data such as network traffic patterns and system logs so as to enhance the performance of a model. In addition,
data set curation must take into account class imbalance with over-sampling, under-sampling or class weighting to
ensure that models are capable of being effective despite benign activities dominating cyber threats. Hyperparameters
tuning and model selection using methods like cross-validation or grid search help in optimizing algorithm
performance. Moreover, interpretability and explainability play an important role in building trust and facilitating
decision-making by means of feature importance analysis along with model-agnostic methods. Lastly, deployment of
models within real-world cybersecurity environments that keep them continually learning as well as adapting to new
types of threats creates challenges that can be addressed through strategies like online learning transfer learning and
active learning

5. Discussion and Future Directions

The potential of AI in cybersecurity for considerable advancements is bright. AI based systems are poised to
augment the artifice of threat detection using machine learning and deep learning algorithms which will enable real
292 Fadi Muheidat et al. / Procedia Computer Science 251 (2024) 287–294
6 Author name / Procedia Computer Science 00 (2018) 000–000

time analysis of massive datasets. This forward-looking approach will help organizations better recognize and mitigate
highly complex cyber-attacks. Artificial intelligence (AI) will play a role in decision making for faster response to
incidents, thus reducing the response time and limiting the extent of damage as a result of cyber attacks targeted at
organizations. Behavioral analytics based on AI would be used to monitor user and entity behavior proactively with
the aim of finding security breaches before they occur while Adversarial AI defense will be instrumental in dealing
with emerging threats. It is also noteworthy that artificial intelligence will improve privacy and compliance efforts
thereby assisting enterprises to identify risks, control them, as well as comply with statutory requirements. AI-driven
threat intelligence platforms are going to change how we approach this issue by speeding up threat intel gathering and
simplifying security operations.

Future directions and emerging trends in cybersecurity are focusing on several innovative approaches. By merging
machine learning with rule-based systems, expert knowledge, game-theoretic models and other techniques, hybrid
approaches are expected to provide more comprehensive and effective cybersecurity solutions by leveraging the
advantages of different methods. Machine learning technologies like federated and distributed learning have made it
possible to develop machine learning models that can be trained jointly across multiple organizations or devices while
preserving data privacy and increasing scalability. Automated feature engineering and end-to-end pipeline
optimization are working on the problem of manual feature selection as well as model tuning, making this process
highly efficient while reducing dependence on domain expertise. In addition, reinforcement learning and active
learning will enable continuous adaptation and self-improvement of models in response to evolving cyber threats
leading to stronger cybersecurity systems that can withstand potential attacks. Lastly, combining machine learning
with frontier technologies such as blockchain, quantum computing, edge computing etc., could improve security,
scalability and resilience of cybersecurity solutions.

6. Conclusion

In this work, we have explored the various machine learning and deep learning approaches that have been applied
to address the pressing challenges in the field of cybersecurity. The analysis and discussion have highlighted the
significant potential of these techniques in enhancing threat detection, attack mitigation, and the overall resilience of
cybersecurity systems. Furthermore, through this is an exploration of deep learning architectures such as Deep Belief
Networks (DBNs), Recurrent Neural Networks (RNNs), and Convolutional Neural Networks (CNNs), it has been
demonstrated their ability to effectively capture complex relationships among cybersecurity data from diverse sources.
These state-of-the-art classifiers exhibit remarkable performance on problems such as anomaly detection, malware
identification, network intrusion recognition compared to traditional machine learning methods.

Nevertheless, there are a number of challenges concerning the real-world application and deployment of these deep
learning solutions in operational cybersecurity environment. There are some key factors that should be considered
when implementing large-scale labeled datasets are required for training neural networks: computational resource
limitations; interpretability by humans; possibility to adjust models to deal with new threats. Similarly, classical
machine learning algorithms such as Random Forests (RFs), Naive Bayes (NB) and Support Vector Machines (SVM)
are still relevant for various cybersecurity use-cases which were discussed. Combining them with feature engineering
techniques like hyperparameter tuning or continuous learning can result in robust solutions complementary to those
provided by deep-learning architectures.

However, future trends suggest that integrating machine learning with emerging technologies including federated
learning, reinforcement learning, quantum computing can lead to more scalable cybersecurity systems that offer
improved adaptability and greater safety. Moreover strengthening they must also tackle problems associated with
adversarial attacks; concept drift; interpretability so data-driven security solutions become widely trusted and adopted.
By combining strengths both from machine leaning as well as deep leaning community while adapting constantly
towards the current evolving threatscapes; significant progress may be made by research groups and technologists in
enhancing the overall security posture of an organization against more sophisticated and persistent cyber threats.
 Fadi Muheidat et al. / Procedia Computer Science 251 (2024) 287–294 293
Author name / Procedia Computer Science 00 (2018) 000–000 7

References

[1] Cybersecurity Ventures, "2022 Cybercrime Statistics & Facts," [Online]. Available: https://cybersecurityventures.com/cybercrime-
damages-6-trillion-by-2021/
[2] J. Andress and S. Winterfeld, Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners, 2nd ed. Syngress, 2014.
[3] P. Mishra, V. Varadharajan, U. Tupakula, and E. S. Pilli, "A Detailed Investigation and Analysis of Using Machine Learning for
Cybersecurity," IEEE Communications Surveys & Tutorials, vol. 21, no. 1, pp. 686-727, 2019.
[4] K. Gai, M. Qiu, and X. Sun, "A survey on FinTech," Journal of Network and Computer Applications, vol. 103, pp. 262-273, 2018.
[5] Itodo, Cornelius, Said Varlioglu, and Nelly Elsayed. "Digital forensics and incident response (DFIR) challenges in IoT
platforms." 2021 4th International Conference on Information and Computer Technologies (ICICT). IEEE, 2021.
[6] Akhtar, N., & Mian, A. (2018). Threat of adversarial attacks on deep learning in computer vision: A survey. IEEE Access, 6, 14410-
14430.
[7] Blowers, Misty, and Jon Williams. "Artificial intelligence presents new challenges in cybersecurity." Disruptive Technologies in
Information Sciences IV. Vol. 11419. SPIE, 2020.
[8] J. Mirkovic and P. Reiher, "A Taxonomy of DDoS Attack and DDoS Defense Mechanisms," ACM SIGCOMM Computer
Communication Review, vol. 34, no. 2, pp. 39-53, 2004.
[9] S. T. Zargar, J. Joshi, and D. Tipper, "A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding
Attacks," IEEE Communications Surveys & Tutorials, vol. 15, no. 4, pp. 2046-2069, 2013.
[10] M. Conti, N. Dragoni and V. Lesyk, "A Survey of Man In The Middle Attacks," in IEEE Communications Surveys & Tutorials, vol.
18, no. 3, pp. 2027-2051, thirdquarter 2016, doi: 10.1109/COMST.2016.2548426.
[11] Ahsan M, Nygard KE, Gomes R, Chowdhury MM, Rifat N, Connolly JF. Cybersecurity Threats and Their Mitigation Approaches
Using Machine Learning—A Review. Journal of Cybersecurity and Privacy. 2022; 2(3):527-555.
https://doi.org/10.3390/jcp2030027
[12] A. Kharraz, W. Robertson, D. Balzarotti, L. Bilge, and E. Kirda, "Cutting the Gordian Knot: A Look Under the Hood of Ransomware
Attacks," in International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, 2015, pp. 3-24.
[13] M. Conti, A. Gangwal, and S. Ruj, "On the Economic Significance of Ransomware Campaigns: A Bitcoin Transactions
Perspective," Computers & Security, vol. 79, pp. 162-189, 2018.
[14] W. G. Halfond, J. Viegas, and A. Orso, "A Classification of SQL-Injection Attacks and Countermeasures," in Proceedings of the
IEEE International Symposium on Secure Software Engineering, vol. 1, 2006, pp. 13-15.
[15] M. Johns, "Code Injection Vulnerabilities in Web Applications: Consequences and Prevention," International Journal of Computer
Science and Security, vol. 3, no. 3, pp. 252-264, 2009.
[16] P. García-Teodoro, J. Díaz-Verdejo, G. Machío-Fernández, and E. Vázquez, "Anomaly-based network intrusion detection:
Techniques, systems and challenges," computers & security, vol. 28, no. 1-2, pp. 18-28, 2009.
[17] Vikram, Aditya & ., Mohana. (2020). Anomaly detection in Network Traffic Using Unsupervised Machine learning Approach. 476-
479. 10.1109/ICCES48766.2020.9137987.
[18] G. Apruzzese, M. Colajanni, L. Ferretti, A. Guido, and M. Marchetti, "On the effectiveness of machine learning in the context of
threats identification for network security," IEEE Access, vol. 7, pp. 156903-156916, 2019.
[19] J. K. Samuel, M. T. Jacob, M. Roy, S. P M and A. R. Joy, "Intelligent Malware Detection System Based on Behavior Analysis in
Cloud Computing Environment," 2023 International Conference on Circuit Power and Computing Technologies (ICCPCT), Kollam,
India, 2023, pp. 109-113, doi: 10.1109/ICCPCT58313.2023.10245065.
[20] M. Pendleton, R. Garcia-Lebron, J. Cho, and S. Xu, "A survey on systems security metrics," ACM Computing Surveys (CSUR),
vol. 49, no. 4, pp. 1-35, 2016.
[21] Wang W, Sun D, Jiang F, Chen X, Zhu C. Research and Challenges of Reinforcement Learning in Cyber Defense Decision-
Making for Intranet Security. Algorithms. 2022; 15(4):134. https://doi.org/10.3390/a15040134
[22] Marek Pawlicki, Rafał Kozik, Michał Choraś, A survey on neural networks for (cyber-) security and (cyber-) security of neural
networks, Neurocomputing, Volume 500, 2022,Pages 1075-1087, ISSN 0925-2312,https://doi.org/10.1016/j.neucom.2022.06.002.
[23] M. Rigaki and S. Garcia, "Bringing a GAN to a Knife-Fight: Adapting Malware Delivery Generative Adversarial Networks to
Adversarial Settings," in 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 2018, pp. 87-94.
[24] N. Papernot, P. McDaniel, A. Swami, and R. Harang, "Crafting adversarial input sequences for recurrent neural networks," in
2016 IEEE Military Communications Conference, 2016, pp. 49-54.
[25] Y. Ding et al., "Interpreting Universal Adversarial Example Attacks on Image Classification Models," in IEEE Transactions on
Dependable and Secure Computing, vol. 20, no. 4, pp. 3392-3407, 1 July-Aug. 2023, doi: 10.1109/TDSC.2022.3202544.
[26] P. Mishra, E. Pilli, V. Varadharajan, and U. Tupakula, "Intrusion detection techniques in cloud environment: A survey," Journal of
Network and Computer Applications, vol. 77, pp. 18-47, 2017.
[27] B. Biggio and F. Roli, "Wild patterns: Ten years after the rise of adversarial machine learning," Pattern Recognition, vol. 84, pp.
317-331, 2018.
294 Fadi Muheidat et al. / Procedia Computer Science 251 (2024) 287–294
8 Author name / Procedia Computer Science 00 (2018) 000–000

[28] Iqbal H. Sarker, Helge Janicke, Ahmad Mohsin, Asif Gill, Leandros Maglaras, Explainable AI for cybersecurity automation,
intelligence and trustworthiness in digital twin: Methods, taxonomy, challenges and prospects,ICT Express, 2024
[29] Z. C. Lipton, "The Mythos of Model Interpretability," Queue, vol. 16, no. 3, pp. 31-57, 2018.
[30] M. Brundage et al., "The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation," arXiv prepr int
arXiv:1802.07228, 2018.
[31] Aditya Kuppa and Nhien-An Le-Khac. 2021. Adversarial XAI Methods in Cybersecurity. Trans. Info. For. Sec. 16 (2021), 4924–
4938. https://doi.org/10.1109/TIFS.2021.3117075
[32] Y. LeCun, Y. Bengio, and G. Hinton, "Deep learning," Nature, vol. 521, no. 7553, pp. 436-444, 2015.
[33] M. A. Al-Garadi, A. Mohamed, A. K. Al-Ali, X. Du, I. Ali, and M. Guizani, "A Survey of Machine and Deep Learning Methods for
Internet of Things (IoT) Security," IEEE Communications Surveys & Tutorials, vol. 22, no. 3, pp. 1646-1685, 2020.
[34] N. Shone, T. N. Ngoc, V. D. Phai, and Q. Shi, "A Deep Learning Approach to Network Intrusion Detection," IEEE Transactions
on Emerging Topics in Computational Intelligence, vol. 2, no. 1, pp. 41-50, 2018.
[35] G. Apruzzese, M. Colajanni, L. Ferretti, A. Guido, and M. Marchetti, "On the effectiveness of machine and deep learning for cyber
security," 2018 10th International Conference on Cyber Conflict (CyCon), pp. 371-390, 2018.
[36] D. Kwon, H. Kim, J. Kim, S. C. Suh, I. Kim, and K. J. Kim, "A survey of deep learning-based network anomaly detection," Cluster
Computing, vol. 22, pp. 949-961, 2019
[37] Sharma, A., & Panigrahi, P. K. (2013). A review of financial accounting fraud detection based on data mining
techniques. International Journal of Computer Applications, 39(1), 37-47.
[38] Breiman, L. (2001). Random forests. Machine learning, 45(1), 5-32.
[39] Sahami, M., Dumais, S., Heckerman, D., & Horvitz, E. (1998). A Bayesian approach to filtering junk e-mail. Learning for Text
Categorization: Papers from the 1998 Workshop, 62-65.
[40] Chandola, V., Banerjee, A., & Kumar, V. (2009). Anomaly detection: A survey. ACM computing surveys (CSUR), 41(3), 1-58.
[41] Deng, L., & Yu, D. (2014). Deep learning: methods and applications. Foundations and trends in signal processing, 7(3-4), 197-
387.
[42] Sindiramutty. Autonomous Threat Hunting: A Future Paradigm for AI-Driven Threat Intelligence,https://arxiv.org/abs/2401.00286
[43] Abdulkareem Al-Enezi K, Alshaikhli I, Alkandari A, et al. A survey of intrusion detection system using case study Kuwait
Governments entities. In: proceedings of the 2014 3rd international conference on advanced computer science applications and
technologies (ACSAT ’14). IEEE Computer Society, USA, Amman, Jordan, 29–30 December 2014, pp.37–43.