Authors : Shaban Somah Amadu; Bernice Asantewaa Kyere; Issac Owusu; Nicholas Donkor

Volume/Issue : Volume 10 - 2025, Issue 12 - December

Google Scholar : https://tinyurl.com/37s37b2x

Scribd : https://tinyurl.com/mwepvkww

DOI : https://doi.org/10.38124/ijisrt/25dec050

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.

Note : Google Scholar may take 30 to 40 days to display the article.

Abstract : Modern organizations increasingly depend on cloud platforms, distributed infrastructures, and remote technologies, yet traditional cybersecurity assurance practices rely on periodic reviews that cannot keep pace with rapidly evolving threats. This study proposes and validates an integrated AI-driven cybersecurity risk assurance framework that delivers continuous monitoring, predictive analytics, automated compliance validation, and governance decision support. Using a design science methodology, the framework is evaluated through machine learning and deep learning experiments conducted on public intrusion detection datasets and synthetic organizational logs. The results demonstrate clear improvements over existing methods. The CNN detection model achieved an accuracy of 97% and an F1 score of 95.5%, significantly outperforming signature-based systems that struggle with new or unknown attacks. Predictive analytics showed strong performance, achieving a mean absolute error of 8.1% and a root mean square error of 14%. Risk forecasting reached an R2 value of 89%, indicating reliable prediction of emerging high-risk conditions. Compliance monitoring detected 94% of configuration drift incidents and converted 91% of regulatory requirements into machine-readable rules. Governance evaluation recorded a 32% improvement in incident prioritization accuracy and a 41% reduction in audit reporting time. These findings confirm that the proposed framework strengthens real-time assurance, enhances cyber resilience, and supports more effective risk-informed decision making across enterprise environments.

Keywords : Artificial Intelligence, Cybersecurity Assurance, Threat Detection, Predictive Analytics, Compliance Automation.

References :

1. Buczak, A. L., & Guven, E. (2016). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), 1153–1176. https://doi.org/10.1109/COMST.2015.2494502
2. Sarker, I. H., Kayes, A. S. M., Badsha, S., Alqahtani, H., Watters, P., & Ng, A. (2020). Cybersecurity data science: An overview from machine learning perspective. Journal of Big Data, 7(1), 1–29. https://doi.org/10.1186/s40537-020-00318-5
3. Rjoub, G., Bentahar, J., Abdel Wahab, O., Mizouni, R., Song, A., Cohen, R. S., Otrok, H., & Mourad, A. (2023). A survey on explainable artificial intelligence for cybersecurity. IEEE Transactions on Network and Service Management, 20(4), 5115–5140. https://doi.org/10.1109/TNSM.2023.3282740
4. Ofusori, L., Bokaba, T., & Mhlongo, S. (2025). Explainability and interpretability of artificial intelligence use in cybersecurity. Discover Computing, 28, Article 241. https://doi.org/10.1007/s10791-025-09760-6
5. Al Siam, A., Alazab, M., Awajan, A., & Faruqui, N. (2025). A comprehensive review of AI’s current impact and future prospects in cybersecurity. IEEE Access, 13, 14029–14050. https://doi.org/10.1109/ACCESS.2025.3528114
6. Moamin, S. A., Abdulhameed, M. K., Al-Amri, R. M., Radhi, A. D., Naser, R. K., & Pheng, L. G. (2025). Artificial intelligence in malware and network intrusion detection: A comprehensive survey of techniques, datasets, challenges, and future directions. Babylonian Journal of Artificial Intelligence. https://doi.org/10.58496/BJAI/2025/008
7. Ali, M. A., & Alqaraghuli, A. (2023). A survey on the significance of artificial intelligence (AI) in network cybersecurity. Babylon Journal of Network, 21–29. https://doi.org/10.58496/BJN/2023/004
8. Capuano, N., Fenza, G., Loia, V., & Stanzione, C. (2022). Explainable artificial intelligence in cybersecurity: A survey. IEEE Access, 10, 93575–93600.
9. Charmet, F., Tanuwidjaja, H. C., Ayoubi, S., Gimenez, P.-F., Han, Y., Jmila, H., Blanc, G., Takahashi, T., & Zhang, Z. (2022). Explainable artificial intelligence for cybersecurity: A literature survey. Annals of Telecommunications, 1–24.
10. Zhang, Z., Al Hamadi, H., Damiani, E., Yeun, C. Y., & Taher, F. (2022). Explainable artificial intelligence applications in cyber security: State-of-the-art in research. IEEE Access, 10, 118393–118412.
11. Sarker, I. H., Janicke, H., Mohsin, A., Gill, A., & Maglaras, L. (2024). Explainable AI for cybersecurity automation, intelligence and trustworthiness in digital twin: Methods, taxonomy, challenges and prospects. ICT Express. https://doi.org/10.1016/j.icte.2024.05.007
12. Kalakoti, C. S., Bahşi, H., & Nõmm, S. (2025). Improving IoT security with explainable AI: Quantitative evaluation of explainability for IoT botnet detection. IEEE Internet of Things Journal. https://doi.org/10.1109/JIOT.2025.3526008
13. Houda, E. A., Brik, Z., & Khoukhi, B. (2022). Why should I trust your IDS? An explainable deep learning framework for intrusion detection systems in Internet of Things networks. IEEE Open Journal of the Communications Society, 3, 1164–1176. https://doi.org/10.1109/OJCOMS.2022.3188750
14. Georgiades, N., & Hussain, F. K. (2025). An explainable AI approach for interpretable cross-layer intrusion detection in Internet of Medical Things. Electronics, 14(16), 3543. https://doi.org/10.3390/electronics14163543
15. Shone, N., Ngoc, T. N., Phai, V. D., & Shi, Q. (2018). A deep learning approach to network intrusion detection. IEEE Transactions on Emerging Topics in Computational Intelligence, 2(1), 41–50. https://doi.org/10.1109/TETCI.2017.2772792
16. Chua, S. E., Hong, C. L., Liew, C. H., Goh, V. T., Lim, J. N., Yap, F. H., Loo, T. Y., & Lim, K.-T. (2023). Evaluation of machine learning algorithms in network intrusion detection. Symmetry, 15(3), 670. https://doi.org/10.3390/sym15030670
17. Ghani, M. U., Gul, I., Gul, A., Shinwari, S., Zaman, S. U., Mahmood, Z., Rauf, Q.-u.-A., Imran, M., Shah, P. A., & Hussain, S. (2023). A deep learning approach for network intrusion detection using a small features vector. Symmetry, 15(2), 430. https://doi.org/10.3390/sym15020430
18. Moustafa, N., & Slay, J. (2015). UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In 2015 Military Communications and Information Systems Conference (MilCIS) (pp. 1–6). IEEE. https://doi.org/10.1109/MilCIS.2015.7348942
19. Sharafaldin, I., Lashkari, A. H., & Ghorbani, A. A. (2018). Toward generating a new intrusion detection dataset and intrusion traffic characterization. In Proceedings of the 4th International Conference on Information Systems Security and Privacy (ICISSP 2018) (pp. 108–116). SciTePress.
20. Modi, C. N., Patel, D. R., Borisaniya, B., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in cloud. Journal of Network and Computer Applications, 36(1), 42–57. https://doi.org/10.1016/j.jnca.2012.05.003

21. Chang, V., Ramachandran, M., Younas, M., Dustdar, S., & Walters, R. (2022). A survey on intrusion detection systems for fog and cloud computing. Future Internet, 14(4), 89. https://doi.org/10.3390/fi14040089 MDPI