Automated Cyber Threat Detection and Incident Response Using AI-Enabled Infrastructure Analytics
DOI:
https://doi.org/10.54536/ajise.v5i2.7219Keywords:
Artificial Intelligence, Cybersecurity, Incident Response, Threat DetectionAbstract
This systematic literature review (SLR) examines the role of artificial intelligence (AI) in enhancing cyber threat detection and automating incident response within network and cloud-based environments. The objective is to assess the effectiveness, susceptibility and organizational relevance of AI-based cybersecurity systems. Forty-two peer-reviewed papers published between 2019 and 2025 were synthesized following PRISMA 2020 guidelines. The data was thematically analyzed following four key themes: AI techniques for threat detection, the impact of AI-enabled automation on Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), adversarial vulnerabilities, and the integration of AI with human expertise in Security Operations Centers (SOCs). The results showed a high level of effectiveness of deep learning algorithms like CNNs, LSTMs, and hybrid nets other than conventional ones in detection of sophisticated cyber threats. Autonomous techniques based on AI mechanisms yielded a consistent decrease in MTTD and MTTR (by 30-50%) in simulated scenarios. Nevertheless, attack types, such as data poisoning and evasion, are significant threats, and mitigation methods are little grounded in practicality. Moreover, the process of AI adoption demands collaboration between human and AI, reskilling human workforce, and reorganization. Conclusively, despite AI being an effective tool in real-time cybersecurity, its application will require resilience, explainability, and human control. Recommendations include conducting tests in live environment, standardized adversarial benchmarks and adaptive governance frameworks around AI-enabled SOC transformation.
Downloads
References
Alshammari, A., & Aldribi, A. (2021). Apply machine learning techniques to detect malicious network traffic in cloud computing. Journal of Big Data, 8(1), 90.
Ankhi, R. B. (2025). Leveraging Business Intelligence and AI-Driven Analytics to Strengthen US Cybersecurity Infrastructure. International Journal of Engineering & Extended Technologies Research (IJEETR), 7(2), 9637-9652.
Aramide, O. O. (2025). AI-Driven Automated Incident Response and Remediation in Networks. International Journal of Technology, Management and Humanities, 11(02), 1-9.
Babatunde, L. A., Etim, E. D., Essien, I. A., Cadet, E., Ajayi, J. O., Erigha, E. D., & Obuse, E. (2020). Adversarial machine learning in cybersecurity: Vulnerabilities and defense strategies. Journal of Frontiers in Multidisciplinary Research, 1(2), 31-45.
Baruwal Chhetri, M., Tariq, S., Singh, R., Jalalvand, F., Paris, C., & Nepal, S. (2024). Towards human-ai teaming to mitigate alert fatigue in security operations centres. ACM Transactions on Internet Technology, 24(3), 1-22.
Bompally, S. D. (2025). AI-Driven Incident Response for Digital Forensics and Incident Response: A Comprehensive Framework. Journal of Computer Science and Technology Studies, 7(2), 467-472.
Chaganti, K. (2024). Adversarial Attacks on AI-driven Cybersecurity Systems: A Taxonomy and Defense Strategies. Authorea Preprints.
Chinta, P. C. R., Jha, K. M., Velaga, V., Moore, C., Routhu, K., & SADARAM, G. (2024). Harnessing Big Data and AI-Driven ERP Systems to Enhance Cybersecurity Resilience in Real-Time Threat Environments. Available at SSRN 5151788.
Chirra, D. R. (2023). Towards an AI-Driven Automated Cybersecurity Incident Response System. International Journal of Advanced Engineering Technologies and Innovations, 1(01), 429-451.
Dhanushkodi, K., & Thejas, S. (2024). Ai enabled threat detection: Leveraging artificial intelligence for advanced security and cyber threat mitigation. IEEE access, 12, 173127-173136.
Dong, Y., Wang, R., & He, J. (2019). Real-time network intrusion detection system based on deep learning. In 2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS) (pp. 1-4). IEEE.
Elsayed, S., Mohamed, K., & Madkour, M. A. (2024). A comparative study of using deep learning algorithms in network intrusion detection. IEEE Access, 12, 58851-58870.
Faheem, H., & Molloholli, M. (2024). Enhancing SOC Operations with AI-Driven Predictive Analytics and Threat Intelligence.
Farzaan, M. A. M., Ghanem, M. C., El-Hajjar, A., & Ratnayake, D. N. (2024). Ai-enabled system for efficient and effective cyber incident detection and response in cloud environments. arXiv preprint arXiv:2404.05602.
Farzaan, M. A., Ghanem, M. C., El-Hajjar, A., & Ratnayake, D. N. (2025). AI-powered system for an efficient and effective cyber incidents detection and response in cloud environments. IEEE Transactions on Machine Learning in Communications and Networking.
Goffer, M. A., Uddin, M. S., Hasan, S. N., Barikdar, C. R., Hassan, J., Das, N., ... & Hasan, R. (2025). AI-Enhanced Cyber Threat Detection and Response Advancing National Security in Critical Infrastructure. Journal of Posthumanism, 5(3), 1667-1689.
Hassan, S. E. H., & Duong-Trung, N. (2024). Machine learning in cybersecurity: Advanced detection and classification techniques for network traffic environments. EAI Endorsed Transactions on Industrial Networks and Intelligent Systems, 11(3).
Ijiga, O. M., Idoko, I. P., Ebiega, G. I., Olajide, F. I., Olatunde, T. I., & Ukaegbu, C. (2024). Harnessing adversarial machine learning for advanced threat detection: AI-driven strategies in cybersecurity risk assessment and fraud prevention. J. Sci. Technol, 11, 001-024.
Ismail, B. I., Abdul, S., Khan, S. M., Sattar, S. A., & Muhammad, S. (2023). AI for Cyber Security: Automated Incident Response Systems. Available at SSRN 5477114.
Jabed, M. M. I., Ferdous, S., Ankhi, R. B., Gupta, A. B., & Hossain, M. S. (2025). AI-Driven Intrusion Detection Systems: A Business Analyst’s Framework for Enhancing Enterprise Security and Intelligence. International Journal of Research Publications in Engineering, Technology and Management (IJRPETM), 8(5), 12708-12719.
Jain, V., & Mitra, A. (2025). Real-time threat detection in cybersecurity: leveraging machine learning algorithms for enhanced anomaly detection. In Machine Intelligence Applications in Cyber-Risk Management (pp. 315-344). IGI Global Scientific Publishing.
Johnson, O. B., Olamijuwon, J., Cadet, E., Osundare, O. S., & Weldegeorgise, Y. W. (2024). Developing real-time monitoring models to enhance operational support and improve incident response times. Int J Eng Res Dev, 20(11), 1296-1304.
Khalaf, N. Z., Al Barazanchi, I. I., Radhi, A. D., Parihar, S., Shah, P., & Sekhar, R. (2025). Development of real-time threat detection systems with AI-driven cybersecurity in critical infrastructure. Mesopotamian Journal of CyberSecurity, 5(2), 501-513.
Khalid, I., & Purdie, M. S. (2024). AI-Powered SOC Operations: Revolutionizing Cyber Security Incident Response and Management.
Kocher, G., & Kumar, G. (2021). Machine learning and deep learning methods for intrusion detection systems: recent developments and challenges. Soft Computing, 25(15), 9731-9763.
Komaragiri, V. B., & Edward, A. (2022). AI-Driven Vulnerability Management and Automated Threat Mitigation. International Journal of Scientific Research and Management (IJSRM), 10(10), 981-998.
Kuforiji, J. (2025). Digital Forensics and Incident Response (DFIR) Automation: Leveraging AI to Accelerate Breach Investigation, Evidence Collection, and Cyberattack Mitigation. Journal of Data Analysis and Critical Management, 1(04), 1-19.
Liu, H., & Lang, B. (2019). Machine learning and deep learning methods for intrusion detection systems: A survey. applied sciences, 9(20), 4396.
Maddireddy, B. R., & Maddireddy, B. R. (2023). Enhancing network security through AI-powered automated incident response systems. International Journal of Advanced Engineering Technologies and Innovations, 1(02), 282-304.
Marapu, N. R. (2022). Harnessing AI for Advanced Threat Detection: Enhancing SOC Operations Across US Critical Industries. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(1), 49-62.
Mintoo, A. A., Saimon, A. S. M., Bakhsh, M. M., & Akter, M. (2022). National Resilience Through Ai-Driven Data Analytics And Cybersecurity For Real-Time Crisis Response And Infrastructure Protection. American Journal of Scholarly Research and Innovation, 1(01), 137-169.
Mollah, M. H. O. R. (2025). Ai-Driven Threat Detection And Response Framework For Cloud Infrastructure Security. American Journal of Scholarly Research and Innovation, 4(01), 494-535.
Nallapareddy, V. S. S. R., & Katta, S. K. R. (2025, February). AI-Enhanced Cyber Security Proactive Threat Detection and Response Systems. In 2025 4th International Conference on Sentiment Analysis and Deep Learning (ICSADL) (pp. 1510-1514). IEEE.
Nazeer, O. A. (2021). AI-Powered Security Operations Centers (SOC) in the Cloud: Automating Threat Detection and Response. International Journal of Emerging Trends in Computer Science and Information Technology, 2(2), 8-16.
Ndibe, O. S. (2025). Ai-driven forensic systems for real-time anomaly detection and threat mitigation in cybersecurity infrastructures. International Journal of Research Publication and Reviews, 6(5), 389-411.
Noshi, A., & Blaser, F. (2024). Integrating artificial intelligence and machine learning for advanced cyber security in soc operations.
Obuse, E., Etim, E. D., Essien, I. A., Cadet, E., Ajayi, J. O., Erigha, E. D., & Babatunde, L. A. (2023). AI-powered incident response automation in critical infrastructure protection. International Journal of Advanced Multidisciplinary Research Studies, 3(1), 1156-1171.
Obuse, E., Etim, E. D., Essien, I. A., Cadet, E., Ajayi, J. O., Erigha, E. D., & Babatunde, L. A. (2023). AI-powered incident response automation in critical infrastructure protection. International Journal of Advanced Multidisciplinary Research Studies, 3(1), 1156-1171.
Olutimehin, A. T., Ajayi, A. J., Metibemu, O. C., Balogun, A. Y., Oladoyinbo, T. O., & Olaniyi, O. O. (2025). Adversarial threats to AI-driven systems: Exploring the attack surface of machine learning models and countermeasures. Available at SSRN 5137026.
Page, M. J., McKenzie, J. E., Bossuyt, P. M., Boutron, I., Hoffmann, T. C., Mulrow, C. D., ... & Moher, D. (2021). The PRISMA 2020 statement: an updated guideline for reporting systematic reviews. bmj, 372.
Reddy, A. R. P. (2021). The role of artificial intelligence in proactive cyber threat detection in cloud environments. NeuroQuantology, 19(12), 764-773.
Reddy, A. R. P., & Ayyadapu, A. K. R. (2020). Automating incident response: AI-driven approaches to cloud security incident management. Chelonian Research Foundation, 15(2), 1-10.
Sarfraz, M., Sumra, I. A., Khalid, B., & Fatima, E. (2025). AI-driven predictive threat detection and cyber risk mitigation: a survey. Journal of Computing & Biomedical Informatics, 8(02).
Shaukat, K., Luo, S., Varadharajan, V., Hameed, I. A., Chen, S., Liu, D., & Li, J. (2020). Performance comparison and current challenges of using machine learning techniques in cybersecurity. Energies, 13(10), 2509.
Sivakumar, J., Salman, N. R., Salman, F. R., Salimova, H. R., & Ghimire, E. (2025). AI-driven cyber threat detection: enhancing security through intelligent engineering systems. Journal of Information Systems Engineering and Management, 10(19), 790-798.
Sivakumar, J., Salman, N. R., Salman, F. R., Salimova, H. R., & Ghimire, E. (2025). AI-driven cyber threat detection: enhancing security through intelligent engineering systems. Journal of Information Systems Engineering and Management, 10(19), 790-798.
Sultana, S., Uddin, M., Chy, M. A. R., Hasan, S. N., Hossain, E., Kaur, H., & Kaur, J. (2025). AI-augmented big data analytics for real-time cyber attack detection and proactive threat mitigation. International Journal of Computational and Experimental Science and Engineering, 11(3), 5639-5647.
Sundaramurthy, S. K., Ravichandran, N., Inaganti, A. C., & Muppalaneni, R. (2022). The future of enterprise automation: Integrating AI in cybersecurity, cloud operations, and workforce analytics. Artificial Intelligence and Machine Learning Review, 3(2), 1-15.
Sunkara, G. (2022). AI-driven cybersecurity: Advancing intelligent threat detection and adaptive network security in the era of sophisticated cyber attacks. Well Testing Journal, 31(1), 185-198.
Syed, S. A. (2025). Adversarial AI and cybersecurity: defending against AI-powered cyber threats. Iconic Research And Engineering Journals, 8(9), 1030-1041.
Tanikonda, A., Pandey, B. K., Peddinti, S. R., & Katragadda, S. R. (2022). Advanced AI-driven cybersecurity solutions for proactive threat detection and response in complex ecosystems. Journal of Science & Technology, 3(1).
Tatineni, S. (2023). AI-infused threat detection and incident response in cloud security. International Journal of Science and Research (IJSR), 12(11), 998-1004.
Thirimanne, S. P., Jayawardana, L., Yasakethu, L., Liyanaarachchi, P., & Hewage, C. (2022). Deep neural network based real-time intrusion detection system. SN Computer Science, 3(2), 145.
Veluru, S. P. (2021). Leveraging AI and ML for Automated Incident Resolution in Cloud Infrastructure. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 2(2), 51-61.
Vinayakumar, R., Alazab, M., Soman, K. P., Poornachandran, P., Al-Nemrat, A., & Venkatraman, S. (2019). Deep learning approach for intelligent intrusion detection system. IEEE access, 7, 41525-41550.
Xuan, C. D., Duong, D., & Dau, H. X. (2021). A multi-layer approach for advanced persistent threat detection using machine learning based on network traffic. Journal of Intelligent & Fuzzy Systems, 40(6), 11311-11329.
Yaseen, A. (2022). Accelerating the SOC: Achieve greater efficiency with AI-driven automation. International Journal of Responsible Artificial Intelligence, 12(1), 1-19.
Yousaf, Z., & Boomsma, D. (2024). AI-Driven SOC Operations: Improving Incident Response Time and Threat Analysis.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Onyinyechi Peace Ezeugwa, Ahmed Bello, Taofeek Akinwumi Raheem
This work is licensed under a Creative Commons Attribution 4.0 International License.
