Authors : Mohamed Riyaz M. Meera Rawuthar; Ali M. Iqbal

Volume/Issue : Volume 10 - 2025, Issue 10 - October

Google Scholar : https://tinyurl.com/mryr2wdv

Scribd : https://tinyurl.com/yuadybrx

DOI : https://doi.org/10.38124/ijisrt/25oct1310

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.

Note : Google Scholar may take 30 to 40 days to display the article.

Abstract : Cloud platforms deliver elasticity and scale but also widen the attack surface via multi‐tenancy, rapid change, and opaque dependencies. This narrative survey synthesizes peer‐reviewed work (2020–2025) and major‐vendor documentation on how artificial intelligence (AI)—including anomaly detection, intrusion detection systems (IDS), user and entity behavior analytics (UEBA), privacy‐preserving/federated learning (FL), and reinforcement learning (RL)—strengthens cloud defense. Evidence across recent studies indicates that (i) supervised and unsupervised learning detect previously unseen behaviors beyond signature baselines; (ii) Shapley‐value explanations for log anomalies can improve analyst triage with minimal accuracy loss; (iii) FL with secure/verifiable aggregation and differential privacy reduces raw‐data exposure but remains vulnerable to poisoning and Byzantine behaviors; and (iv) RL can automate containment/response steps in closed‐loop SOC workflows. Persistent challenges include dataset shift and class imbalance, adversarial robustness, and latency/cost at cloud scale. We outline directions in robust/verified FL, lightweight edge–cloud models, graph learning for threat intelligence, and standardized cloud‐native benchmarks with calibration and latency reporting. No new experiments were conducted; we provide a structured synthesis and an explicit selection protocol.

Keywords : Cloud Security; Intrusion Detection; Anomaly Detection; User & Entity Behavior Analytics (UEBA); Explainable AI; Federated Learning; Differential Privacy; Reinforcement Learning.

References :

1. Parameswarappa, P.; Shah, T.; Lanke, G.R. "A Machine Learning‑Based Approach for Anomaly Detection for Secure Cloud Computing Environments." Proc. 2023 Int. Conf. on Intelligent Data Communication Technologies and Internet of Things (IDCIoT), IEEE, 2023. https://doi.org/10.1109/IDCIoT56793.2023.10053518
2. Attou, H.; Guezzaz, A.; Benkirane, S.; Azrour, M.; Farhaoui, Y. "Cloud‑Based Intrusion Detection Approach Using Machine Learning Techniques." Big Data Mining and Analytics 6(3), 311–320, 2023. https://doi.org/10.26599/BDMA.2022.9020038
3. Alam, K.; Kifayat, K.; Sampedro, G.A.; Karovič, V.; Naeem, T. "SXAD: Shapely eXplainable AI‑Based Anomaly Detection Using Log Data." IEEE Access 12, 95659–95672, 2024. https://doi.org/10.1109/ACCESS.2024.3425472
4. Rahman, A.; Redino, C.; Nandakumar, D.; Cody, T.; Shetty, S.; Radke, D. Reinforcement Learning for Cyber Operations: Applications of Artificial Intelligence for Penetration Testing. Wiley–IEEE Press, 2025. https://doi.org/10.1002/9781394206483
5. Cunha Neto, H.N.; Hribar, J.; Dusparic, I.; Mattos, D.M.F.; Fernandes, N.C. "A Survey on Securing Federated Learning: Analysis of Applications, Attacks, Challenges, and Trends." IEEE Access 11, 41928–41953, 2023. https://doi.org/10.1109/ACCESS.2023.3269980
6. Ozkan‑Okay, M.; Akin, E.; Aslan, Ö.; Kosunalp, S.; Iliev, T.; Stoyanov, I.; Beloev, I. "A Comprehensive Survey: Evaluating the Efficiency of Artificial Intelligence and Machine Learning Techniques on Cyber Security Solutions." IEEE Access 12, 12229–12256, 2024. https://doi.org/10.1109/ACCESS.2024.3355547
7. Hu, K. et al. "An overview of implementing security and privacy in federated learning." Artificial Intelligence Review (2024). https://doi.org/10.1007/s10462-024-10846-8
8. Lycklama, H.; Burkhalter, L.; Viand, A.; Küchler, N.; Hithnawi, A. "RoFL: Robustness of Secure Federated Learning." Proc. IEEE Symposium on Security and Privacy (S&P), 2023, pp. 453–476. https://doi.org/10.1109/SP46215.2023.10179400
9. Eltaras, T.; Sabry, F.; Labda, W.; Alzoubi, K.; Malluhi, Q. "Efficient Verifiable Protocol for Privacy‑Preserving Aggregation in Federated Learning." IEEE Transactions on Information Forensics and Security 18, 2977–2990, 2023. https://doi.org/10.1109/TIFS.2023.3273914
10. Tavallaee, M.; Bagheri, E.; Lu, W.; Ghorbani, A.A. "A Detailed Analysis of the KDD CUP 99 Data Set." IEEE CISDA, 2009. https://doi.org/10.1109/CISDA.2009.5356528
11. Koroniotis, N.; Moustafa, N.; Sitnikova, E.; Turnbull, B. "Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: BoT‑IoT Dataset." arXiv:1811.00701, 2018. https://arxiv.org/abs/1811.00701
12. Google Cloud. "Overview of Event Threat Detection (ETD) — Security Command Center." 2025. https://cloud.google.com/security-command-center/docs/concepts-event-threat-detection-overview
13. Google Cloud. "Virtual Machine Threat Detection (VMTD) overview — Security Command Center." 2025. https://cloud.google.com/security-command-center/docs/concepts-vm-threat-detection-overview
14. Microsoft Learn. "Microsoft Sentinel — User and Entity Behavior Analytics (UEBA) reference." 2025. https://learn.microsoft.com/en-us/azure/sentinel/ueba-reference
15. Microsoft Learn. "Enable User and Entity Behavior Analytics (UEBA) in Microsoft Sentinel." 2025. https://learn.microsoft.com/en-us/azure/sentinel/enable-entity-behavior-analytics

16. Alibaba Cloud. "What is Security Center (CNAPP)." 2025. https://www.alibabacloud.com/help/en/security-center/product-overview/what-is-security-center