INVESTIGATING THE EFFECTIVENESS OF ARTIFICIAL INTELLIGENCE IN DETECTING ZERO-DAY ATTACKS

Abstract

This is an in-depth study on the applicability of artificial intelligence algorithms on the detection of zero-day attacks by using both quantitative experimental studies and qualitative expertise rating. The study tested five different AI-based algorithms Random Forest, Support Vector Machines, Long Short-Term Memory networks, Convolutional Neural Networks and ensemble models on detection performance across synthetically produced network traffic, a real-world organizational dataset and publicly available cybersecurity training datasets. The findings revealed that the best performance of detection accuracy belonged to ensemble techniques (87.3 percent), and LSTM networks (82.1 percent), and conventional machine learning algorithms were relatively low, with Random Forest having 76.8 percent detection accuracy. An analysis of real-world deployment showed that there were formidable obstacles in the form of a high false positive (12.4 to 23.7 percent depending on the algorithm) as well as significant demands on computational resources. The qualitative analysis involving interviews with experts pointed out some important implementation obstacles such as the complexity of integration, employee training requirements and the necessity to retrain the models continuously. The study was able to find that AI systems have demonstrated reasonable potential to detect new and previously unfamiliar discrimination behaviors but, in contrast, hybrid methods based on a combination of various algorithms with human knowledge have resulted in the most consistent breach detection. The results provide new information to the cybersecurity knowledge base on how beneficial the implementation of AI-based zero-day detection solutions will be and on how future research on automated threat detection solutions can be conducted