Research Article
BibTex RIS Cite

Year 2025, Volume: 8 Issue: 3, 536 - 552, 30.09.2025

Şahin Kara , Fatih İlkbahar , Muhammed Zekeriya Gündüz

https://doi.org/10.35377/saucis.8.94717.1711704

Abstract

References

  • N. G. Camacho, “The Role of AI in Cybersecurity: Addressing Threats in the Digital Age,” J. Artif. Intell. Gen. Sci. (JAIGS), vol. 3, no. 1, pp. 143–154, 2024.
  • N. Mohamed, "Artificial intelligence and machine learning in cybersecurity: a deep dive into state-of-the-art techniques and future paradigms," Knowledge and Information Systems, 2025. [Online]. Available: https://doi.org/10.1007/s10115-025-02429-y.
  • K. M. Roba Abbas, J. Pitt, K. M. Vogel, and M. Zafeirakopoulos, “Artificial Intelligence (AI) in Cybersecurity: a socio-technical research roadmap,” 2022. [Online]. Available: https://www.turing.ac.uk/sites/default/files/2023-11/ai_in_cybersecurity.pdf
  • N. Mohamed, “Current trends in AI and ML for cybersecurity: A state-of-the-art survey,” Cogent Eng., vol. 10, no. 2, 2023.
  • M. I. Alghamdi, “Survey on Applications of Deep Learning and Machine Learning Techniques for Cyber Security,” Int. J. Interact. Mob. Technol., vol. 14, no. 16, 2020.
  • S. Ali, S. U. Rehman, A. Imran, G. Adeem, Z. Iqbal, and K.-I. Kim, “Comparative Evaluation of AI-Based Techniques for Zero-Day Attacks Detection,” Electronics, vol. 11, no. 23, p. 3934, 2022.
  • S. Zeadally, E. Adi, Z. Baig, and I. A. Khan, “Harnessing Artificial Intelligence Capabilities to Improve Cybersecurity,” IEEE Access, vol. 8, pp. 23817–23837, 2020.
  • M. Tayyab, M. Marjani, N. Z. Jhanjhi, I. A. T. Hashem, R. S. A. Usmani, and F. Qamar, “A comprehensive review on deep learning algorithms: Security and privacy issues,” Comput. Secur., vol. 131, p. 103297, 2023.
  • S. Al-Mansoori and M. B. Salem, “The Role of Artificial Intelligence and Machine Learning in Shaping the Future of Cybersecurity: Trends, Applications, and Ethical Considerations,” Int. J. Soc. Analytics, vol. 8, no. 9, pp. 1–16, 2023.
  • M. S. Akhtar and T. Feng, “An overview of the applications of Artificial Intelligence in Cybersecurity,” EAI Endorsed Trans. Creat. Technol., vol. 8, no. 29, p. e4, 2021.
  • A. D. Sontan and S. V. Samuel, “The intersection of Artificial Intelligence and cybersecurity: Challenges and opportunities,” World J. Adv. Res. Rev., vol. 21, no. 2, pp. 1720–1736, 2024.
  • M. M. Yamin, M. Ullah, H. Ullah, and B. Katt, “Weaponized AI for cyber attacks,” J. Inf. Secur. Appl., vol. 57, p. 102722, 2021.
  • G. Apruzzese, L. Ferretti, M. Marchetti, M. Colajanni, and A. Guido, “On the effectiveness of machine and deep learning for cyber security,” in 10th Int. Conf. Cyber Conflict (CyCon), IEEE, pp. 371–390, 2018.
  • R. Kaur, D. Gabrijelčić, and T. Klobučar, “Artificial intelligence for cybersecurity: Literature review and future research directions,” Inf. Fusion, vol. 97, p. 101804, 2023.
  • J. Doshi and B. Trivedi, “Comparison of vulnerability assessment and penetration testing,” Int. J. Appl. Inf. Syst., vol. 8, no. 6, pp. 51–54, 2015.
  • Ö. Aslan, S. S. Aktuğ, M. Ozkan-Okay, A. A. Yilmaz, and E. Akin, “A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions,” Electronics, vol. 12, no. 6, p. 1333, 2023.
  • S. Kuipers and M. Schonheit, “Data breaches and effective crisis communication: a comparative analysis of corporate reputational crises,” Corp. Reputation Rev., vol. 25, no. 3, pp. 176–197, 2022.
  • U. Bansal, “A review on ransomware attack,” in 2nd Int. Conf. Secure Cyber Comput. Commun. (ICSCCC), IEEE, pp. 221–226, 2021.
  • OWASP, “Top 10 Web Application Security Risks,” OWASP, 2017. [Online]. Available: https://owasp.org/www-project-top-ten/2017/.
  • OWASP, “Top 10 Web Application Security Risks,” OWASP, 2024. [Online]. Available: https://owasp.org/Top10/.
  • OWASP, “API Security Top 10 – 2023 Edition,” OWASP, 2024. [Online]. Available: https://owasp.org/API-Security/editions/2023/en/0x11-t10/.
  • P. Radanliev and O. Santos, “Adversarial Attacks Can Deceive AI Systems, Leading to Misclassification or Incorrect Decisions,” Preprints, 2023.
  • U. Ahmed, M. Nazir, A. Sarwar et al., “Signature-based intrusion detection using machine learning and deep learning approaches empowered with fuzzy clustering,” Sci. Rep., vol. 15, p. 1726, 2025.
  • V. Kanimozhi and D. T. P. Jacob, “Calibration of various optimized machine learning classifiers in network intrusion detection system on the realistic cyber dataset CseCic-Ids2018 using cloud computing,” Int. J. Eng. Appl. Sci. Technol., vol. 4, pp. 209–213, 2019.
  • A. Verma and V. Ranga, “On evaluation of network intrusion detection systems: statistical analysis of CIDDS-001 dataset using machine learning techniques,” Pertanika J. Sci. Technol., vol. 26, pp. 1307–1332, 2018.
  • W. Yassin, N. I. Udzir, and Z. Muda, “Anomaly-based intrusion detection through Kmeans clustering and Naive Bayes classification,” in Proc. 4th Int. Conf. Comput. Informatics (ICOCI), 2013.
  • I. F. Kilincer, F. Ertam, and A. Sengur, “Machine learning methods for cyber security intrusion detection: Datasets and comparative study,” Comput. Netw., vol. 188, p. 107840, 2021.
  • K. Kurniabudi, D. Stiawan, D. Darmawijoyo, M. Y. B. Idris, B. Kerim, and R. Budiarto, “Important features of CICIDS-2017 dataset for anomaly detection in high dimension and imbalanced class dataset,” Indones. J. Electr. Eng. Inform., vol. 9, no. 2, pp. 498–511, 2021.
  • M. L. Ali, K. Thakur, S. Schmeelk, J. Debello, and D. Dragos, “Deep learning vs. machine learning for intrusion detection in computer networks: A comparative study,” Appl. Sci., vol. 15, no. 4, p. 1903, 2025.
  • R. A. Disha and S. Waheed, “Performance analysis of machine learning models for intrusion detection system using Gini Impurity-based Weighted Random Forest (GIWRF) feature selection technique,” Cybersecurity, vol. 5, no. 1, p. 1, 2022.
  • O. Edosa, P. E. Orukpe, and U. Iruansi, “Design and implementation of a deep neural network approach for intrusion detection systems,” e-Prime – Adv. Electr. Eng., Electron. Energy, vol. 7, p. 100434, 2024.
  • F. Idhammad, M. Bakkali, and M. Elghazi, “Deep learning for cybersecurity intrusion detection: Approaches, datasets, and comparative study,” Comput. Secur., vol. 123, p. 102968, 2023.
  • S. Mishra, “Exploring the impact of AI-based cyber security financial sector management,” *Applied Sciences*, vol. 13, no. 10, p. 5875, 2023. doi:10.3390/app13105875
  • A. Z. Alomari and M. H. Alshammari, “Cybersecurity applications of machine learning: State of the art and challenges,” Cybersecurity, vol. 3, no. 1, p. 1, 2020.
  • S. P. Singh and N. Afzal, “THE MESA SECURITY MODEL 2.0: A DYNAMIC FRAMEWORK FOR MITIGATING STEALTH DATA EXFILTRATION,” *Int. J. Network Security & Its Applications*, vol. 16, no. 3, May 2024, doi:10.5121/ijnsa.2024.16302
  • H. Yin, D. He, S. Qian, J. Liu, and K. Wang, “A survey on cybersecurity intrusion detection based on deep learning,” J. Cyber Secur. Technol., vol. 5, no. 4, pp. 231–255, 2021.
  • K. Tallam, “CyberSentinel: An Emergent Threat Detection System for AI Security,” *arXiv*, Feb. 20, 2025. Available: https://arxiv.org/abs/2502.14966
  • T. M. Nguyen, D. T. Nguyen, and S. Y. Shin, “A comprehensive review of machine learning for cybersecurity,” IEEE Access, vol. 9, pp. 88968–89004, 2021.
  • ISACA, “Adaptive Access Control: Navigating Cybersecurity in the Era of AI and Zero Trust,” *ISACA Now Blog*, Apr. 2025. [Online]. Available: https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2025/adaptive-access-control-navigating-cybersecurity-in-the-era-of-ai-and-zero-trust
  • M. Seo, W. Choi, M. You, and S. Shin, “AutoPatch: Multi‑Agent Framework for Patching Real‑World CVE Vulnerabilities,” *arXiv*, May 2025. Available: https://arxiv.org/abs/2505.04195

AI-Powered Vulnerability Detection and Adaptive Defense Strategies in Cybersecurity

Year 2025, Volume: 8 Issue: 3, 536 - 552, 30.09.2025

Şahin Kara , Fatih İlkbahar , Muhammed Zekeriya Gündüz

https://doi.org/10.35377/saucis.8.94717.1711704

Abstract

Cybersecurity threats are becoming increasingly complex and sophisticated. These challenges highlight the growing need for organizations and individuals to safeguard their digital assets. In this context, artificial intelligence (AI) technologies offer substantial capabilities to detect and mitigate cybersecurity vulnerabilities. AI enables effective protection by performing deep analyses on large datasets to identify abnormal activities and predict potential threats. By transforming traditional security paradigms, AI contributes to faster and more adaptive responses against cyberattacks. Furthermore, AI’s ability to classify threats and respond in real time gives security professionals a strategic edge. In the following sections, the role of AI in identifying and addressing cybersecurity vulnerabilities will be examined in detail, supported by current real-world applications. Finally, the paper will explore the future of AI in cybersecurity and potential directions for further enhancement.

Keywords

Cyber Security Cyber-attack Experiments Artificial Intelligence in Cybersecurity Machine learning Random Forest.

Ethical Statement

This study does not involve any personal data. All analyses were conducted using the publicly available CICIDS2017 dataset. Therefore, ethical approval is not required. The dataset used was anonymized and made freely available for research purposes by the Communications Security Establishment (CSE) and the Canadian Institute for Cybersecurity (CIC) in Canada.

Thanks

We would like to thank the Canadian Institute for Cybersecurity (CIC) and the Communications Security Establishment (CSE) for providing the publicly available dataset used in this study. We also express our gratitude to all researchers who contributed academically and to the communities developing open-source tools that made this work possible.

References

  • N. G. Camacho, “The Role of AI in Cybersecurity: Addressing Threats in the Digital Age,” J. Artif. Intell. Gen. Sci. (JAIGS), vol. 3, no. 1, pp. 143–154, 2024.
  • N. Mohamed, "Artificial intelligence and machine learning in cybersecurity: a deep dive into state-of-the-art techniques and future paradigms," Knowledge and Information Systems, 2025. [Online]. Available: https://doi.org/10.1007/s10115-025-02429-y.
  • K. M. Roba Abbas, J. Pitt, K. M. Vogel, and M. Zafeirakopoulos, “Artificial Intelligence (AI) in Cybersecurity: a socio-technical research roadmap,” 2022. [Online]. Available: https://www.turing.ac.uk/sites/default/files/2023-11/ai_in_cybersecurity.pdf
  • N. Mohamed, “Current trends in AI and ML for cybersecurity: A state-of-the-art survey,” Cogent Eng., vol. 10, no. 2, 2023.
  • M. I. Alghamdi, “Survey on Applications of Deep Learning and Machine Learning Techniques for Cyber Security,” Int. J. Interact. Mob. Technol., vol. 14, no. 16, 2020.
  • S. Ali, S. U. Rehman, A. Imran, G. Adeem, Z. Iqbal, and K.-I. Kim, “Comparative Evaluation of AI-Based Techniques for Zero-Day Attacks Detection,” Electronics, vol. 11, no. 23, p. 3934, 2022.
  • S. Zeadally, E. Adi, Z. Baig, and I. A. Khan, “Harnessing Artificial Intelligence Capabilities to Improve Cybersecurity,” IEEE Access, vol. 8, pp. 23817–23837, 2020.
  • M. Tayyab, M. Marjani, N. Z. Jhanjhi, I. A. T. Hashem, R. S. A. Usmani, and F. Qamar, “A comprehensive review on deep learning algorithms: Security and privacy issues,” Comput. Secur., vol. 131, p. 103297, 2023.
  • S. Al-Mansoori and M. B. Salem, “The Role of Artificial Intelligence and Machine Learning in Shaping the Future of Cybersecurity: Trends, Applications, and Ethical Considerations,” Int. J. Soc. Analytics, vol. 8, no. 9, pp. 1–16, 2023.
  • M. S. Akhtar and T. Feng, “An overview of the applications of Artificial Intelligence in Cybersecurity,” EAI Endorsed Trans. Creat. Technol., vol. 8, no. 29, p. e4, 2021.
  • A. D. Sontan and S. V. Samuel, “The intersection of Artificial Intelligence and cybersecurity: Challenges and opportunities,” World J. Adv. Res. Rev., vol. 21, no. 2, pp. 1720–1736, 2024.
  • M. M. Yamin, M. Ullah, H. Ullah, and B. Katt, “Weaponized AI for cyber attacks,” J. Inf. Secur. Appl., vol. 57, p. 102722, 2021.
  • G. Apruzzese, L. Ferretti, M. Marchetti, M. Colajanni, and A. Guido, “On the effectiveness of machine and deep learning for cyber security,” in 10th Int. Conf. Cyber Conflict (CyCon), IEEE, pp. 371–390, 2018.
  • R. Kaur, D. Gabrijelčić, and T. Klobučar, “Artificial intelligence for cybersecurity: Literature review and future research directions,” Inf. Fusion, vol. 97, p. 101804, 2023.
  • J. Doshi and B. Trivedi, “Comparison of vulnerability assessment and penetration testing,” Int. J. Appl. Inf. Syst., vol. 8, no. 6, pp. 51–54, 2015.
  • Ö. Aslan, S. S. Aktuğ, M. Ozkan-Okay, A. A. Yilmaz, and E. Akin, “A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions,” Electronics, vol. 12, no. 6, p. 1333, 2023.
  • S. Kuipers and M. Schonheit, “Data breaches and effective crisis communication: a comparative analysis of corporate reputational crises,” Corp. Reputation Rev., vol. 25, no. 3, pp. 176–197, 2022.
  • U. Bansal, “A review on ransomware attack,” in 2nd Int. Conf. Secure Cyber Comput. Commun. (ICSCCC), IEEE, pp. 221–226, 2021.
  • OWASP, “Top 10 Web Application Security Risks,” OWASP, 2017. [Online]. Available: https://owasp.org/www-project-top-ten/2017/.
  • OWASP, “Top 10 Web Application Security Risks,” OWASP, 2024. [Online]. Available: https://owasp.org/Top10/.
  • OWASP, “API Security Top 10 – 2023 Edition,” OWASP, 2024. [Online]. Available: https://owasp.org/API-Security/editions/2023/en/0x11-t10/.
  • P. Radanliev and O. Santos, “Adversarial Attacks Can Deceive AI Systems, Leading to Misclassification or Incorrect Decisions,” Preprints, 2023.
  • U. Ahmed, M. Nazir, A. Sarwar et al., “Signature-based intrusion detection using machine learning and deep learning approaches empowered with fuzzy clustering,” Sci. Rep., vol. 15, p. 1726, 2025.
  • V. Kanimozhi and D. T. P. Jacob, “Calibration of various optimized machine learning classifiers in network intrusion detection system on the realistic cyber dataset CseCic-Ids2018 using cloud computing,” Int. J. Eng. Appl. Sci. Technol., vol. 4, pp. 209–213, 2019.
  • A. Verma and V. Ranga, “On evaluation of network intrusion detection systems: statistical analysis of CIDDS-001 dataset using machine learning techniques,” Pertanika J. Sci. Technol., vol. 26, pp. 1307–1332, 2018.
  • W. Yassin, N. I. Udzir, and Z. Muda, “Anomaly-based intrusion detection through Kmeans clustering and Naive Bayes classification,” in Proc. 4th Int. Conf. Comput. Informatics (ICOCI), 2013.
  • I. F. Kilincer, F. Ertam, and A. Sengur, “Machine learning methods for cyber security intrusion detection: Datasets and comparative study,” Comput. Netw., vol. 188, p. 107840, 2021.
  • K. Kurniabudi, D. Stiawan, D. Darmawijoyo, M. Y. B. Idris, B. Kerim, and R. Budiarto, “Important features of CICIDS-2017 dataset for anomaly detection in high dimension and imbalanced class dataset,” Indones. J. Electr. Eng. Inform., vol. 9, no. 2, pp. 498–511, 2021.
  • M. L. Ali, K. Thakur, S. Schmeelk, J. Debello, and D. Dragos, “Deep learning vs. machine learning for intrusion detection in computer networks: A comparative study,” Appl. Sci., vol. 15, no. 4, p. 1903, 2025.
  • R. A. Disha and S. Waheed, “Performance analysis of machine learning models for intrusion detection system using Gini Impurity-based Weighted Random Forest (GIWRF) feature selection technique,” Cybersecurity, vol. 5, no. 1, p. 1, 2022.
  • O. Edosa, P. E. Orukpe, and U. Iruansi, “Design and implementation of a deep neural network approach for intrusion detection systems,” e-Prime – Adv. Electr. Eng., Electron. Energy, vol. 7, p. 100434, 2024.
  • F. Idhammad, M. Bakkali, and M. Elghazi, “Deep learning for cybersecurity intrusion detection: Approaches, datasets, and comparative study,” Comput. Secur., vol. 123, p. 102968, 2023.
  • S. Mishra, “Exploring the impact of AI-based cyber security financial sector management,” *Applied Sciences*, vol. 13, no. 10, p. 5875, 2023. doi:10.3390/app13105875
  • A. Z. Alomari and M. H. Alshammari, “Cybersecurity applications of machine learning: State of the art and challenges,” Cybersecurity, vol. 3, no. 1, p. 1, 2020.
  • S. P. Singh and N. Afzal, “THE MESA SECURITY MODEL 2.0: A DYNAMIC FRAMEWORK FOR MITIGATING STEALTH DATA EXFILTRATION,” *Int. J. Network Security & Its Applications*, vol. 16, no. 3, May 2024, doi:10.5121/ijnsa.2024.16302
  • H. Yin, D. He, S. Qian, J. Liu, and K. Wang, “A survey on cybersecurity intrusion detection based on deep learning,” J. Cyber Secur. Technol., vol. 5, no. 4, pp. 231–255, 2021.
  • K. Tallam, “CyberSentinel: An Emergent Threat Detection System for AI Security,” *arXiv*, Feb. 20, 2025. Available: https://arxiv.org/abs/2502.14966
  • T. M. Nguyen, D. T. Nguyen, and S. Y. Shin, “A comprehensive review of machine learning for cybersecurity,” IEEE Access, vol. 9, pp. 88968–89004, 2021.
  • ISACA, “Adaptive Access Control: Navigating Cybersecurity in the Era of AI and Zero Trust,” *ISACA Now Blog*, Apr. 2025. [Online]. Available: https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2025/adaptive-access-control-navigating-cybersecurity-in-the-era-of-ai-and-zero-trust
  • M. Seo, W. Choi, M. You, and S. Shin, “AutoPatch: Multi‑Agent Framework for Patching Real‑World CVE Vulnerabilities,” *arXiv*, May 2025. Available: https://arxiv.org/abs/2505.04195
There are 40 citations in total.

Details

Primary Language English
Subjects Software Testing, Verification and Validation
Journal Section Research Article
Authors

Şahin Kara 0000-0001-8736-2730

Fatih İlkbahar 0000-0002-7964-3433

Muhammed Zekeriya Gündüz 0000-0003-4278-7123

Early Pub Date September 29, 2025
Publication Date September 30, 2025
Submission Date June 2, 2025
Acceptance Date July 5, 2025
Published in Issue Year 2025 Volume: 8 Issue: 3

Cite

APA Kara, Ş., İlkbahar, F., & Gündüz, M. Z. (2025). AI-Powered Vulnerability Detection and Adaptive Defense Strategies in Cybersecurity. Sakarya University Journal of Computer and Information Sciences, 8(3), 536-552. https://doi.org/10.35377/saucis.8.94717.1711704
AMA Kara Ş, İlkbahar F, Gündüz MZ. AI-Powered Vulnerability Detection and Adaptive Defense Strategies in Cybersecurity. SAUCIS. September 2025;8(3):536-552. doi:10.35377/saucis.8.94717.1711704
Chicago Kara, Şahin, Fatih İlkbahar, and Muhammed Zekeriya Gündüz. “AI-Powered Vulnerability Detection and Adaptive Defense Strategies in Cybersecurity”. Sakarya University Journal of Computer and Information Sciences 8, no. 3 (September 2025): 536-52. https://doi.org/10.35377/saucis.8.94717.1711704.
EndNote Kara Ş, İlkbahar F, Gündüz MZ (September 1, 2025) AI-Powered Vulnerability Detection and Adaptive Defense Strategies in Cybersecurity. Sakarya University Journal of Computer and Information Sciences 8 3 536–552.
IEEE Ş. Kara, F. İlkbahar, and M. Z. Gündüz, “AI-Powered Vulnerability Detection and Adaptive Defense Strategies in Cybersecurity”, SAUCIS, vol. 8, no. 3, pp. 536–552, 2025, doi: 10.35377/saucis.8.94717.1711704.
ISNAD Kara, Şahin et al. “AI-Powered Vulnerability Detection and Adaptive Defense Strategies in Cybersecurity”. Sakarya University Journal of Computer and Information Sciences 8/3 (September2025), 536-552. https://doi.org/10.35377/saucis.8.94717.1711704.
JAMA Kara Ş, İlkbahar F, Gündüz MZ. AI-Powered Vulnerability Detection and Adaptive Defense Strategies in Cybersecurity. SAUCIS. 2025;8:536–552.
MLA Kara, Şahin et al. “AI-Powered Vulnerability Detection and Adaptive Defense Strategies in Cybersecurity”. Sakarya University Journal of Computer and Information Sciences, vol. 8, no. 3, 2025, pp. 536-52, doi:10.35377/saucis.8.94717.1711704.
Vancouver Kara Ş, İlkbahar F, Gündüz MZ. AI-Powered Vulnerability Detection and Adaptive Defense Strategies in Cybersecurity. SAUCIS. 2025;8(3):536-52.
 Download Cover Image


INDEXING & ABSTRACTING & ARCHIVING


 31045 31044   ResimLink - Resim Yükle  31047 

31043 28939 28938 34240


29070    The papers in this journal are licensed under a Creative Commons Attribution-NonCommercial 4.0 International License