Enhancing Cybersecurity Through AI: A Machine Learning-Based Framework for Real-Time Threat Detection and Mitigation

Abstract

With the continually increasing evolution of cyber threats in both their complexity and occurrence, the signature based intrusion detection systems have been found inadequate in providing proactive and responsive network protection. The paper proposes a machine learning framework, which maximizes cybersecurity by performing real-time threat detection and mitigation in a layer-based approach by utilizing both unsupervised and supervised models. This framework uses the K-Means clustering method to find anomalies and then uses the Random Forest and Deep Neural Network (DNN) classifier to precisely detect and label the threat. When tested on the CICIDS2017 dataset, the system showed high detection accuracy (up to 98.4%), minimal false positives, and effective differentiation of different types of attacks such as DDoS, Botnet, Brute Force, and Port Scans. The hybrid architecture supports both the detection of known threat and the discovery of previously unseen attacks without labeling. Also, this framework includes a rule-based mitigation engine to automate the response to threats to provide real-time protection with low latency. The work is a part of the emerging area of smart cyber defense tools and proves the feasibility of AI implementation in dynamic and high-rate networks. These findings promote the continuation of explainable AI and reinforcement learning advances in the creation of adaptive cybersecurity systems.

Keywords:  Cybersecurity, Machine Learning, Threat Detection, Deep Learning, Intrusion Detection System, Real-Time Mitigation, Anomaly Detection, Random Forest, Neural Networks, K-Means Clustering