Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Tackling Cyberattacks through AI-based Reactive Systems: A Holistic Review and Future Vision

Sergio Bernardez Molina, Pantaleone Nespoli, Félix Gómez Mármol

TL;DR

The paper addresses the need for AI-driven reactive cyber defenses by surveying recent AI-based threat response systems. It compiles 22 representative works and identifies five key features for homogeneous comparison, along with seven research challenges to guide future work. The review highlights predominant use of Attack Graphs, Bayesian networks, reinforcement learning, and game-theoretic approaches, while noting gaps in standardization, scalability, and the integration of generative AI. The contributions include a structured cross-study analysis, a comparative framework, and a roadmap toward unified, collaborative, evolutive AI-enabled defense mechanisms with practical implications for critical infrastructure and CPS security.

Abstract

There is no denying that the use of Information Technology (IT) is undergoing exponential growth in today's world. This digital transformation has also given rise to a multitude of security challenges, notably in the realm of cybercrime. In response to these growing threats, public and private sectors have prioritized the strengthening of IT security measures. In light of the growing security concern, Artificial Intelligence (AI) has gained prominence within the cybersecurity landscape. This paper presents a comprehensive survey of recent advancements in AI-driven threat response systems. To the best of our knowledge, the most recent survey covering the AI reaction domain was conducted in 2017. Since then, considerable literature has been published, and therefore, it is worth reviewing it. In this comprehensive survey of the state of the art reaction systems, five key features with multiple values have been identified, facilitating a homogeneous comparison between the different works. In addition, through a meticulous methodology of article collection, the 22 most relevant publications in the field have been selected. Then each of these publications has been subjected to a detailed analysis using the features identified, which has allowed for the generation of a comprehensive overview revealing significant relationships between the papers. These relationships are further elaborated in the paper, along with the identification of potential gaps in the literature, which may guide future contributions. A total of seven research challenges have been identified, pointing out these potential gaps and suggesting possible areas of development through concrete proposals.

Tackling Cyberattacks through AI-based Reactive Systems: A Holistic Review and Future Vision

TL;DR

The paper addresses the need for AI-driven reactive cyber defenses by surveying recent AI-based threat response systems. It compiles 22 representative works and identifies five key features for homogeneous comparison, along with seven research challenges to guide future work. The review highlights predominant use of Attack Graphs, Bayesian networks, reinforcement learning, and game-theoretic approaches, while noting gaps in standardization, scalability, and the integration of generative AI. The contributions include a structured cross-study analysis, a comparative framework, and a roadmap toward unified, collaborative, evolutive AI-enabled defense mechanisms with practical implications for critical infrastructure and CPS security.

Abstract

There is no denying that the use of Information Technology (IT) is undergoing exponential growth in today's world. This digital transformation has also given rise to a multitude of security challenges, notably in the realm of cybercrime. In response to these growing threats, public and private sectors have prioritized the strengthening of IT security measures. In light of the growing security concern, Artificial Intelligence (AI) has gained prominence within the cybersecurity landscape. This paper presents a comprehensive survey of recent advancements in AI-driven threat response systems. To the best of our knowledge, the most recent survey covering the AI reaction domain was conducted in 2017. Since then, considerable literature has been published, and therefore, it is worth reviewing it. In this comprehensive survey of the state of the art reaction systems, five key features with multiple values have been identified, facilitating a homogeneous comparison between the different works. In addition, through a meticulous methodology of article collection, the 22 most relevant publications in the field have been selected. Then each of these publications has been subjected to a detailed analysis using the features identified, which has allowed for the generation of a comprehensive overview revealing significant relationships between the papers. These relationships are further elaborated in the paper, along with the identification of potential gaps in the literature, which may guide future contributions. A total of seven research challenges have been identified, pointing out these potential gaps and suggesting possible areas of development through concrete proposals.
Paper Structure (47 sections, 2 equations, 5 figures, 1 table)

This paper contains 47 sections, 2 equations, 5 figures, 1 table.

Table of Contents

  1. Introduction
  2. Background
  3. Features
  4. Methodology
  5. Algorithm
  6. Strategy Objectives
  7. Measurements and results
  8. Use Case
  9. Features Summary
  10. Survey
  11. Cybersecurity risk analysis model using fault tree analysis and fuzzy decision theory id4
  12. AI- and Metrics-Based Vulnerability-Centric Cyber Security Assessment and Countermeasure Selection: An Artificial Intelligence Approach id5
  13. Heuristic Approach Towards Countermeasure Selection using Attack Graphs id1
  14. Introducing Deep Learning Self-Adaptive Misuse Network Intrusion Detection Systems id2
  15. A Dynamic Decision-Making Approach for Intrusion Response in Industrial Control Systems id24
  16. ...and 32 more sections

Figures (5)

  • Figure 1: Methodology used for the selection of the papers to be analyzed in search of a comprehensive overview of the state of the art.
  • Figure 2: Prevention, response, and detection AI-based systems scenario.
  • Figure 3: The methodology employed for selecting the comparative attributes to analyze the selected papers.
  • Figure 8: Identified comparison features and values within the selected works
  • Figure 9: Graph showing the interconnections of the research challenges according to their similarity and their dependence on collaboration.