A Systematic Review of Predictive AI for

Cybersecurity Threats
Samarth S A,Kartik R P Vishal Sharma
School Of CyberSecurity National Forensic Sciences University Dharwad

National Forensic Sciences University Dharwad [email protected]

[email protected]

Abstract
Cyber-attacks are on the rise as a result of globalization and the rapid development in
internet connectivity, thanks to hackers’ exploitation of new digital technology. In addition,
cybercriminals are carrying out cyber-attacks, making cyber security a rapidly expanding
area. Although machine learning approaches have shown effective in handling large-scale
cybersecurity problems, the increasing sophistication of cyber threats needs the development
of improved strategies for anticipating and mitigating such threats. Predictive artificial in-
telligence (AI) has emerged as a game changer in the cybersecurity scene. The proposed
work examines current developments in predictive AI and its applications in cybersecurity,
as well as the obstacles and future paths for research and implementation. By leveraging
machine learning, data analytics, and threat intelligence, predictive AI can enhance an orga-
nization’s ability to foresee potential vulnerabilities and attack vectors, ultimately improving
its security posture.

1 Introduction
Artificial Intelligence (AI) involves simulating human intelligence in machines to enable them
to reason, learn, and make decisions autonomously. In cybersecurity, AI excels at analyzing
large volumes of data quickly, making it ideal for detecting and responding to cyber threats
like malware and phishing. Using machine learning, AI systems learn from past threats and
can identify new, unknown risks by recognizing patterns and anomalies in data. AI’s ability to
adapt to evolving cybercriminal tactics is one of its key strengths. Unlike traditional methods
that rely on fixed rules, AI can detect modified malware or new attack methods by focusing on
behavior rather than signatures. It can also monitor user activity in real-time, flagging unusual
behavior that could signal a security breach. AI is also increasingly integrated into Virtual Pri-
vate Networks (VPNs), where predictive intelligence helps detect and mitigate potential threats
before they cause damage. By processing vast amounts of data and learning from past incidents,
AI enhances cybersecurity, providing proactive defense against a wide range of evolving risks. [1].

A cyber security threat is a malicious act that gains unauthorized access to computer net-
works or another person’s or organization’s network to damage, disrupt, or steal data. Commonly
known threat types are described in detail, as follows in Figure 1.

Approximately 2,220 cyberattacks occur daily, totaling over 800,000 attacks annually, as
reported by Security Magazine. Here are five of the most significant or notable cyber incidents

1
 Figure 1: Common computer threats

from 2023

• Hackers infiltrated Microsoft Exchange and compromised hundreds of thousands of emails,

including at least 60,000 emails from the Outlook accounts of personnel at the US State
Department.

• DarkBeam, a company specializing in digital protection, faced a major security breach that
revealed 3.8 billion records, ranking it among the largest data breaches in recent times. The
compromised records included user email addresses and passwords.

• At the beginning of 2023, the Royal Mail in the UK experienced a ransomware attack
that hindered its international mailing operations. The hackers demanded a ransom of 80
million dollars, causing disruptions across 11,500 Post Office locations, leaving them unable
to process international parcels.

• Cybercriminal groups took advantage of vulnerabilities in Progress Software’s MOVEit file

transfer tool, leading to the theft of data from its databases. It is believed that over 2,000
organizations were affected, with estimates suggesting that the personal information of
more than 60 million individuals may have been compromised.

• The passport information of 34 million Indonesian citizens was compromised after a breach
at the Indonesian Immigration Directorate General, executed by a hacktivist named Bjorka,
who intended to sell the data on the dark web. Given that the stolen information contained

2
 Figure 2: Evolution of Cyber-attacks over the years 1994-2021

full names, genders, passport numbers, and birth dates, the country is now preparing for
potential scams and identity theft.
Figure 2 illustrates the evolution of cyber-attacks from 1994 to 2021, highlighting the increasing
sophistication and frequency of threats over the years.

2 Review of Literatures
2.1 Cybersecurity Landscape
The field of cybersecurity has undergone remarkable evolution in recent decades, largely in-
fluenced by rapid technological advancements and the increasing integration of digital systems
across various sectors. As cyber threats grow more sophisticated—encompassing malware, ran-
somware, phishing attacks, and advanced persistent threats (APTs)—organizations encounter
significant challenges in safeguarding their systems and sensitive data (Kshetri, 2020).[4]
The proliferation of the Internet of Things (IoT), coupled with advancements in artificial intel-
ligence (AI) and cloud computing, has broadened the attack surface, introducing new vulnera-
bilities and potential entry points for cybercriminals (Raggad, 2021). Traditional cybersecurity

3
measures, which often rely on signature-based detection and reactive strategies, are increasingly
inadequate against these evolving threats (Pfleeger and Pfleeger, 2018).[5]
To effectively combat these challenges, organizations must transition to proactive and adap-
tive security frameworks that can dynamically respond to the sophisticated tactics employed
by cyber adversaries. This shift is crucial for maintaining robust cybersecurity defenses in an
ever-changing threat landscape (Stallings and Brown, 2019).[6]

2.2 Predictive Analytics Overview

Predictive analytics is a specialized area within advanced analytics that focuses on using historical
data to forecast future events or behaviors. This field applies a wide range of techniques, such
as machine learning, data mining, and statistical modeling, to identify trends, patterns, and
relationships in data that can help predict potential outcomes. By analyzing past data, predictive
analytics aims to uncover insights that guide decision-making and strategic planning (Mayer-
Schönberger and Cukier, 2013). One of the key elements of predictive analytics is machine
learning, which involves algorithms that allow systems to automatically learn from historical
data. These algorithms continually improve their ability to make predictions as they are exposed
to more data, refining their accuracy and providing more reliable forecasts over time (Goodfellow,
Bengio, and Courville, 2016). Through this iterative learning process, machine learning models
can detect complex patterns and offer increasingly precise predictions, making them a crucial
tool for anticipating future trends and behaviors.[8]

2.3 Threat Detection

The use of predictive analytics is increasingly being embraced as part of the tools applied in
cybersecurity frameworks as it is useful in improving threat intelligence capabilities. Predictive
analytics assists in anticipating threats by consulting past experiences and recognizing patterns
that can lead to trouble. For instance, IDS, intrusion detection systems utilize anticipation over
abnormal patterns and abnormal behaviors to detect possible attacks. For instance, Aldawood
and Skinner (2017) describe network-based IDS that can track movement and use traffic patterns
based on machine learning approaches to see how the typical state is different and from when a
threat is active or is developing.[9]
Another significant aspect of using predictive analytics is anomaly detection, which refers
to a situation whereby the normal behavior pattern is disturbed and needs to be addressed to
avert malicious information. The such techniques include the ordinary clustering methods and
classification algorithms which compute system returned logs and active user ng mobile network’s
usage to check for abnormal behavior which may otherwise not be picked through the regular
security filter(Soonchandola et al, 2009). [10] For instance, if one who usually downloads files only
in the office starts downloading files at 3 am, the system can consider that abnormal behavior
and possibly malicious Ahmed et al (2016). [11]

2.4 Threat Prevention

Predictive analytics plays a crucial role in enhancing cybersecurity by helping organizations
foresee potential threats based on patterns in historical data. Using advanced statistical models
and machine learning algorithms, businesses can predict future risks, identify emerging attack
strategies, and detect common tactics used by cybercriminals. This forward-looking approach
allows organizations to anticipate where and when cyberattacks are likely to occur, giving them
a significant advantage in preventing incidents before they escalate.

4
 By applying predictive models, organizations can strengthen security measures, improve ac-
cess controls, and deploy additional monitoring systems. These proactive steps help safeguard
critical infrastructure, reducing the likelihood of successful breaches. Predictive analytics also
helps businesses stay one step ahead of evolving cyber threats, enhancing their ability to defend
against sophisticated attacks.(Suthaharan, 2016).[12]

Integrating predictive analytics into security strategies not only improves immediate threat
detection but also bolsters long-term cybersecurity resilience. In an ever-changing cyber threat
landscape, the ability to predict and mitigate risks before they materialize is key to maintaining
secure and resilient IT environments ( Sethi and Kim, 2018).[13]

3 Techniques and Models

3.1 Machine Learning Algorithms
Machine learning algorithms are at the forefront of applying predictive analytics to enhance
cybersecurity, offering powerful tools to detect, analyze, and mitigate potential cyber threats.
These algorithms can sift through vast amounts of data to uncover patterns and anomalies that
might otherwise go unnoticed by traditional security methods. By leveraging these techniques,
organizations can proactively identify vulnerabilities, detect suspicious activities, and respond to
threats before they escalate into full-scale security breaches. Two of the most commonly used
machine learning algorithms in this context are Neural Networks and Support Vector Machines
(SVMs), both of which play a critical role in modern cybersecurity defense systems.
• Neural networks, particularly deep learning models, are highly effective in detecting com-
plex patterns in large, unstructured datasets. Inspired by the human brain, these models
learn iteratively, improving over time. In cybersecurity, neural networks are crucial for
identifying advanced attack patterns and subtle anomalies that traditional methods often
miss.
Convolutional Neural Networks (CNNs) are commonly used to analyze network traffic and
detect threats like DDoS attacks or malware. They excel at processing time-series data,
allowing them to identify shifts in network behavior. By training on large datasets of
both normal and malicious traffic, CNNs can distinguish between legitimate activity and
potential attacks, enabling real-time threat detection.
The CNN model is trained on labeled datasets of benign and malicious network traffic.
Through backpropagation, it learns to recognize attack patterns by adjusting its weights.
Once trained, the model can predict real-time anomalies, providing adaptive cybersecurity
solutions (LeCun, Bengio, and Hinton, 2015).

• Support Vector Machines (SVMs) are another powerful machine learning technique that
has proven highly effective in the detection and classification of cyber threats. SVMs work
by finding the optimal boundary or ”hyperplane” that separates different classes of data
in a high-dimensional space. This makes them particularly useful for classification tasks,
where the goal is to categorize data into predefined labels, such as distinguishing between
benign and malicious network traffic or classifying different types of intrusions.
In cybersecurity, Support Vector Machines (SVMs) are widely used in intrusion detection
systems (IDS) to classify network traffic or system activities as either normal or malicious.
A key strength of SVMs is their ability to process complex, high-dimensional data, such as
the varied characteristics of network traffic, while maintaining high classification accuracy.

5
 By training on labeled datasets that include both benign and malicious examples, SVMs
can effectively identify future threats, from known attack signatures to advanced zero-day
exploits (Cortes and Vapnik, 1995)[15].

3.2 Data Sources and Preprocessing

The effectiveness of predictive analytics in cybersecurity depends largely on the quality and
relevance of the data used. High-quality data enables more accurate predictions and better
identification of potential threats. Common data sources include network traffic logs, historical
security incident records, user activity data, and system performance metrics. By analyzing
data from these various sources, predictive models can help organizations spot vulnerabilities,
detect early signs of attacks, and anticipate future threats, ultimately strengthening cybersecurity
defenses.
• User behavior data is essential for detecting anomalies that could indicate potential security
risks. By continuously monitoring and analyzing user activities, organizations can identify
deviations from typical behavioral patterns, which may signal malicious behavior or insider
threats. To ensure the data is ready for accurate analysis, preprocessing steps such as
normalization and aggregation are commonly applied. These steps help to standardize the
data and combine it into a more manageable format, making it easier for predictive models
to identify irregularities and improve the effectiveness of threat detection (Dandurand,
2018)[16].

• Data preprocessing is a crucial step in preparing datasets for predictive modeling, as it

ensures that the input data is clean, relevant, and structured in a way that enhances the
performance of machine learning models. This process typically involves tasks such as data
cleaning, where inconsistencies and errors are corrected, data normalization to scale the
features appropriately, and feature selection to eliminate irrelevant or redundant variables.
By addressing these issues, data preprocessing helps reduce noise and improve the accuracy
and effectiveness of the models (Han et al., 2011)[17].

4 Methodology
4.1 Deep Learning application to Cybersecurity
Deep learning has shown considerable promise in various cybersecurity applications due to its
ability to process large volumes of data and detect patterns that might otherwise be missed
by traditional methods. The ability of deep learning models to learn from vast datasets allows
them to adapt to evolving threats, making them a valuable tool in the ever-changing cybersecu-
rity landscape. Below are some key applications of deep learning in cybersecurity. Deep learning
models, especially convolutional neural networks (CNNs) and recurrent neural networks (RNNs),
can be trained to identify malware by analyzing various aspects such as file structure, behavior,
and system calls. Unlike traditional signature-based methods that rely on known threats, deep
learning-based systems can detect new, previously unseen malware by recognizing patterns and
anomalies.
Researchers are increasingly using deep learning (DL) techniques to enhance cybersecurity, ap-
plying them to areas like threat detection, malware classification, and intrusion prevention. How-
ever, several challenges persist. One issue is false positives and unnecessary security warnings,
which can overwhelm analysts and result from noisy data or overfitting. Another challenge is
poor model performance when DL models encounter bad or irrelevant data, leading to incorrect

6
 Figure 3: Block diagram of Deep Learning application to Cybersecurity

conclusions and low confidence in predictions.Most research in this area uses public databases
for training and testing models. While these datasets allow for performance comparisons, they
may not always reflect the latest attack tactics or contain balanced representations of various
threats, leading to biased model results. Researchers are working to improve models to reduce
errors, handle new threats, and ensure more robust training datasets.The Figure 3 shows the
block diagram of Deep Learning applications to cybersecurity

5 Challenges and Limitations

5.1 Data Privacy and Security
The use of predictive analytics in cybersecurity raises significant concerns regarding data privacy
and ethical implications. Handling sensitive data, such as personal and organizational informa-
tion, necessitates stringent privacy measures to prevent misuse and unauthorized access. The
collection and analysis of this data can pose risks to individual privacy and lead to potential
breaches if not managed properly (Cavoukian, 2011). [18]
Additionally, ethical considerations come into play when implementing predictive analytics. The

7
balance between enhancing security and respecting user privacy must be carefully managed.
Predictive models often require access to vast amounts of data, which can include sensitive in-
formation about user behaviors and interactions. Ensuring that data collection and analysis
practices comply with privacy laws and ethical standards is crucial to maintaining public trust
and avoiding legal repercussions (Solove, 2020).[19]

5.2 Technical Challenges

The integration of predictive analytics into cybersecurity faces several significant technical hur-
dles, which can complicate the creation and deployment of effective security models. These
challenges stem from both the nature of cybersecurity data and the evolving landscape of cyber
threats, and they require careful attention to ensure that predictive models can deliver accurate
and reliable results.
• Need for Large Datasets:Building effective predictive models in cybersecurity requires
access to vast amounts of high-quality, representative data. This data needs to cover a
wide array of both typical behaviors (to recognize what is ”normal”) and diverse threat
scenarios (to identify potential risks). However, obtaining such comprehensive datasets can
be difficult. Many datasets may be incomplete, biased, or insufficiently varied, which can
severely impact the performance of the model. When the training data does not accurately
reflect the full scope of cyber threats or user behaviors, the resulting predictive model may
make inaccurate predictions, leading to security vulnerabilities or false alarms. Incomplete
or skewed data can diminish the reliability of the model, making it harder to develop
effective security strategies (Chandola et al., 2009)[10].
• Model Interpretability:Many of the most powerful machine learning algorithms used
in predictive analytics, particularly deep learning models, operate as ”black boxes.” This
means that, while the model can provide accurate predictions, the underlying logic or
decision-making process is not easily interpretable by human users. In the context of cy-
bersecurity, where decisions based on model outputs can have critical implications, this
lack of transparency becomes a major concern. Security professionals need to understand
how and why a model arrived at a specific decision, especially when it comes to high-stakes
actions like identifying potential breaches or responding to threats. Without clear inter-
pretability, the model’s predictions may be viewed with skepticism, undermining trust in
its ability to safeguard systems. Furthermore, in situations where accountability is essen-
tial—such as in regulatory environments—lack of transparency in the predictive process
can pose significant challenges to ensuring proper governance and compliance (Ribeiro et
al., 2016)[20].
• Dynamic Nature of Cyber Threats: The landscape of cyber threats is continuously
changing, with attackers constantly devising new methods, tools, and tactics to circum-
vent existing security measures. This dynamic nature presents a substantial challenge for
predictive models, which need to be adaptable and capable of incorporating new threat
intelligence as it emerges. Traditional static models may quickly become obsolete if they
are not regularly updated to reflect these shifting threat dynamics. As a result, predictive
models in cybersecurity must undergo continuous retraining, which requires both ongoing
data collection and adaptation to emerging trends in cyberattacks. The process of keeping
models relevant in the face of evolving threats adds complexity to their development and
deployment. Furthermore, the frequent need for model retraining can introduce opera-
tional burdens, as the models must be reassessed and refined to maintain their accuracy
and predictive power over time,

8
These challenges highlight the technical complexities involved in leveraging predictive analytics
for cybersecurity. While predictive models have the potential to significantly enhance secu-
rity by identifying threats before they occur, overcoming issues related to data quality, model
transparency, and the rapidly changing nature of cyber threats is essential for their successful
application.

6 Future Directions
6.1 Advancements in Predictive Analytics
The field of predictive analytics is poised for significant advancements that could further enhance
its application in cybersecurity. Several promising developments are anticipated:
• Enhanced Algorithms: Future advancements in machine learning and statistical algo-
rithms are expected to improve the accuracy and efficiency of predictive models. Innova-
tions such as more sophisticated deep learning architectures and ensemble methods could
provide better detection and prediction capabilities, reducing false positives and false neg-
atives in cybersecurity applications (LeCun et al., 2015).[14]

• Real-Time Analytics: Real-time data processing and analysis are becoming crucial in
cybersecurity. With advancements in computing power and data processing technologies,
real-time predictive analytics can significantly improve threat detection and response times.
This enables organizations to identify emerging threats faster and take proactive measures
to prevent attacks before they escalate, enhancing overall security effectiveness (Krawczyk,
2016).[22]

• Adaptive Models: Future developments may focus on creating models that can dynam-
ically adapt to new and evolving threats. Techniques such as online learning and adaptive
algorithms could enable predictive systems to continuously update and refine their predic-
tions based on new data, enhancing their ability to handle the ever-changing cybersecurity
landscape (Gama et al., 2014). [23]

• Hybrid Approaches: Combining rule-based systems with machine learning models cre-
ates a more effective cybersecurity solution. Rule-based systems are fast at detecting known
threats through predefined signatures, but they struggle with new or unknown attacks. Ma-
chine learning models, on the other hand, excel at identifying patterns and anomalies in
data, making them effective for detecting novel threats like zero-day exploits or advanced
malware. By integrating both approaches, organizations can achieve a comprehensive de-
tection system that quickly identifies known attacks while adapting to new ones. This
hybrid model reduces false positives and enhances overall detection accuracy, improving
response times and security effectiveness.

• .Federated Learning: Federated learning is a privacy-preserving approach that enables

machine learning models to be trained on decentralized data without the need to share
sensitive information. Instead of collecting data in one central location, the model is trained
locally on individual devices or servers, and only model updates are shared. This approach
helps maintain data privacy and security, making it particularly valuable for industries like
healthcare and finance, where protecting sensitive personal and financial data is crucial.
By allowing organizations to collaborate on improving machine learning models without
compromising security, federated learning supports stronger, privacy-conscious predictive
analytics.

9
 • Context-Aware Models: Context-aware predictive systems will enhance threat detec-
tion by incorporating additional data, such as user behavior and network patterns, into
their analysis. This allows the system to consider the broader context of security events,
improving its ability to differentiate between normal activities and potential threats. For
example, an unusual login attempt may be flagged if it occurs from an unfamiliar location
or at an odd time. By factoring in context, these systems can make more accurate threat
assessments and reduce false positives.

6.2 Integration with Other Technologies

Integrating predictive analytics with other emerging technologies holds significant potential for
enhancing cybersecurity:
• Blockchain Technology: Blockchain technology, with its decentralized and tamper-proof
nature, can complement predictive analytics by providing a secure and immutable record of
transactions and events. Integration of blockchain with predictive analytics could improve
the integrity and traceability of data used for threat detection and prevention, making it
more difficult for attackers to alter or falsify information (Crosby et al., 2016). [24]

• Artificial Intelligence (AI): The integration of predictive analytics with AI technologies can
lead to more advanced and autonomous cybersecurity systems. AI-driven approaches, such
as natural language processing and computer vision, can enhance the ability of predictive
models to interpret complex patterns and behaviors, improving threat detection and re-
sponse. Combining AI with predictive analytics could also facilitate the development of
more intelligent and adaptive security solutions (Russell and Norvig, 2016).[25]

• Internet of Things (IoT): As the Internet of Things continues to expand, integrating pre-
dictive analytics with IoT technologies can enhance the security of connected devices and
networks. Predictive models can analyze data from a multitude of IoT sensors and devices
to identify potential vulnerabilities and threats, providing proactive measures to protect
against cyberattacks (Sethi and Sethi, 2017).[26]

Future advancements and integrations will likely drive the evolution of predictive analytics in
cybersecurity, making it an even more powerful tool for defending against complex and dynamic
cyber threats.

6.3 Importance of Predictive Analytics

Predictive analytics plays a pivotal role in the ongoing battle against cyber threats by providing
tools for early detection and proactive defense. Its ability to analyze large volumes of data and
identify patterns before they lead to security breaches is invaluable in a landscape where cyber
threats are becoming increasingly sophisticated. Recommendations for Future Research and
Practice should focus on:

• Advancing Algorithms: Continued innovation in machine learning algorithms is essen-

tial for improving predictive capabilities. Exploring novel techniques, such as deep learning
architectures and hybrid models that combine rule-based systems with machine learning,
can lead to more robust and accurate systems. These advancements will help better de-
tect both known and emerging threats, ensuring cybersecurity systems are adaptive and
effective.

10
 • Addressing Data Privacy: As predictive analytics often requires large datasets, safe-
guarding data privacy is crucial. Research should explore techniques like federated learning
and privacy-preserving analytics that enable secure data usage without compromising con-
fidentiality. Balancing the need for effective analytics with privacy concerns will be vital,
especially in industries like healthcare and finance where sensitive data is involved.
• Improving Integration: There is a need for research into integrating predictive analytics
with emerging technologies such as blockchain, AI-driven automation, and advanced en-
cryption methods. Cross-disciplinary collaboration will be key to creating comprehensive
cybersecurity solutions that leverage the strengths of various technologies.
• Evaluating Effectiveness: Continuous evaluation of predictive models through diverse
performance metrics and real-world testing is critical. Case studies and real-world ap-
plications will provide insights into the practical effectiveness of these systems, helping
to refine models and ensure they remain relevant and accurate in dynamic cybersecurity
environments.

7 Conclusion
This review has provided a comprehensive examination of the role of predictive analytics in
enhancing cybersecurity. Key points discussed include:
• Cybersecurity Landscape: The evolving nature of cyber threats presents significant
challenges for traditional security measures. Predictive analytics has emerged as a critical
tool in addressing these challenges by leveraging historical data and advanced algorithms
to anticipate and mitigate potential threats.
• Application of Predictive Analytics: Predictive analytics contributes to threat de-
tection and prevention by identifying patterns indicative of future threats and enabling
proactive security measures. Case studies have demonstrated its effectiveness in real-world
applications, showcasing its potential to enhance organizational security.
• Techniques and Models: The use of machine learning algorithms, such as neural net-
works and decision trees, has been instrumental in improving the accuracy of predictive
models. Data sources and preprocessing play a crucial role in ensuring the reliability of
these models, while performance metrics are essential for evaluating their effectiveness.
• Challenges and Limitations: Despite its advantages, predictive analytics faces chal-
lenges including data privacy concerns, technical limitations, and issues related to false
positives and negatives. Addressing these challenges is crucial for optimizing the utility of
predictive analytics in cybersecurity.
• Future Directions: Advancements in predictive analytics, including real-time processing
and adaptive models, are likely to enhance its effectiveness in cybersecurity. Integrating
predictive analytics with technologies such as block-chain, AI, and IoT presents opportu-
nities for further strengthening security measures.
Predictive analytics offers great potential to improve cybersecurity by identifying and mitigating
threats before they escalate. By overcoming challenges such as data privacy and model accuracy,
and leveraging advancements in machine learning and emerging technologies, organizations can
enhance their security posture. These innovations will enable more proactive, adaptive, and
efficient threat detection, helping businesses better defend against the evolving landscape of
cyber threats.

11
References
[1] Shomili Duary; Pratyusha Choudhury; Sushruta Mishra; Cybersecurity Threats Detection
in Intelligent Networks using Predictive Analytics Approaches, IEEE 4th International Con-
ference on Innovative Practices in Technology and Management (ICIPTM), 21-23 February
2024, DOI: 10.1109/ICIPTM59628.2024.10563348
[2] Rakibul Hasan Chowdhury , Nayem Uddin Prince , etal ; The role of predictive analytics in
cybersecurity: Detecting and preventing threats, World Journal of Advanced Research and
Reviews, 2024, 23(02), 1615–1623, 15 August 2024; 10.30574/wjarr.2024.23.2.2494
[3] N. Kshetri, ”China’s Social Credit System: Data, Algorithms and Implications,” in IT Pro-
fessional, vol. 22, no. 2, pp. 14-18, 1 March-April 2020, doi: 10.1109/MITP.2019.2935662

[4] Raggad, B. G. (2021). Cybersecurity and privacy: An introduction. Springer

[5] Pfleeger, S. L., and Pfleeger, C. P. (2018). Security in computing (5th ed.). Pearson
[6] ] Stallings, W., and Brown, L. (2019). Computer security: Principles and practice (4th ed.).
Pearson.

[7] Mayer-Schönberger, V., and Cukier, K. (2013). Big data: A revolution that will transform
how we live, work, and think. Houghton Mifflin Harcourt
[8] Goodfellow, I., Bengio, Y., and Courville, A. (2016). Deep learning. MIT Press.
[9] Aldawood, H., and Skinner, G. (2017). Intrusion detection systems: A survey. Computers

[10] Chandola, V., Banerjee, A., and Kumar, V. (2009). Anomaly detection: A survey. ACM
Computing Surveys (CSUR)
[11] ] Ahmed, M., Hu, J., and Yi, X. (2016). A survey of network anomaly detection techniques.
Journal of Network and Computer Applications, 60, 19-31
[12] Suthaharan, S. (2016). Big data analytics for cybersecurity. Springer

[13] Sethi, A., and Kim, M. S. (2018). A survey of threat intelligence for cybersecurity. Journal
of Cyber Security Technology
[14] LeCun, Y., Bengio, Y., and Hinton, G. (2015). Deep learning. Nature, 521(7553), 436-444
[15] Cortes, C., and Vapnik, V. (1995). Support-vector networks. Machine Learning, 20(3), 273-
297.
[16] Dandurand, L. (2018). User behavior analytics: A new approach to cyber threat detection.
International Journal of Information Security
[17] Han, J., Kamber, M., and Pei, J. (2011). Data mining: Concepts and techniques (3rd ed.).
Morgan Kaufmann
[18] Cavoukian, A. (2011). Privacy by design: The 7 foundational principles. Information and
Privacy Commissioner of Ontario.
[19] Solove, D. J. (2020). Understanding privacy. Harvard University Press

12
[20] Ribeiro, M. T., Singh, S., and Guestrin, C. (2016). ”Why should I trust you?” Explaining
the predictions of any classifier. In Proceedings of the 22nd ACM SIGKDD International
Conference on Knowledge Discovery and Data Mining (pp. 1135-1144). ACM.
[21] Sikdar, B., and Balakrishnan, R. (2020). Machine learning for cybersecurity: An overview.
Journal of Computer Security, 28(1), 53-71.

[22] Krawczyk, B. (2016). A review of ensemble methods for data stream mining. Data Mining
and Knowledge Discovery, 30(4), 814-856
[23] Gama, J., Zimek, A., and Schuster, A. (2014). Knowledge discovery from data streams.
Springer

[24] ] Crosby, M., Pattanayak, P., Verma, S., and Kalyanaraman, V. (2016). Blockchain technol-
ogy: Beyond bitcoin. Applied Innovation Review, 1, 6-10.
[25] Russell, S., and Norvig, P. (2016). Artificial intelligence: A modern approach. Pearson
[26] Sethi, P., and Sethi, V. (2017). Internet of Things: Applications, opportunities, and threats.
In 2017 IEEE International Conference on Advanced Networks and Telecommunications Sys-
tems (ANTS) (pp. 1-6).

13