AI-DRIVEN CYBERSECURITY: THREAT DETECTION AND MITIGATION STRATEGIES

Abstract

The increasing frequency, complexity, and operational impact of cybersecurity threats necessitate intelligent systems that can quickly detect and effectively remediate threats. Using an alert-level analytical design, this study assessed an AI-enabled cybersecurity framework for recognizing and mitigating cyber threat events. 500 Cybersecurity alert records were analyzed; both threat and non-threat events. The diagnostic performance of the AI-based model was evaluated using accuracy, sensitivity, specificity, positive and negative predictive values, and receiver operating characteristic curve analysis. Chi-square tests were used to assess correlations between cybersecurity indicators and cyber-threat status, and logistic regression was used to evaluate predictors of cyber-threat occurrence. Of the 500 analyzed alerts, 179 were actual cyber-threat events, or a 35.8% overall threat incidence. This AI-based model achieved an overall accuracy of 91.0%, sensitivity of 74.9%, specificity of 100.0%, positive predictive value of 100.0%, and negative predictive value of 87.7%. Then, the ROC-AUC was 0.997, indicating perfect discrimination. Actual threat status was most significantly associated with patch status, strange port access, geo-anomaly, and signature match. It indicates that threat detection, alert prioritization, and timely mitigation with autonomous decision-making capability can be improved by AI-driven systems. This result clearly demonstrates the need for continuous optimization of classification, threshold adjustment, and expert review to create stronger overall detection and improve threat capture.