With the rapid growth of digital networks and cloud services, cybersecurity threats have become more complex and common. Traditional signature-based intrusion detection systems can identify known attacks, but they struggle with new or evolving threats. Anomaly-based detection systems can spot unusual behaviours and unknown attacks, but they often produce a high number of false positives. To address these issues, this research suggests an AI-powered hybrid threat detection system that combines signature-based and anomaly-based methods to improve accuracy and flexibility. This system uses machine learning algorithms like Random Forest, Support Vector Machines (SVM), and Isolation Forest to examine network traffic and system behaviour. Signature-based detection finds known threats through pattern matching, while anomaly detection identifies deviations from typical activity, allowing the system to catch previously unseen attacks. The system is tested using standard datasets like NSL-KDD and CIC-IDS2017[1]. Its performance is measured by accuracy, precision, recall, F1-score, and false positive rate. Experimental results show that the hybrid approach improves detection performance and reduces false alarms, making it a scalable and smart solution for today's cybersecurity challenges. The proposed framework emphasizes a balanced approach by combining the strengths of traditional detection mechanisms with the adaptability of machine learning models. By leveraging data-driven analysis, the system is capable of identifying complex traffic patterns and responding to emerging threats more effectively. The integration of a hybrid decision mechanism further enhances reliability by minimizing false alarms while maintaining high detection sensitivity. The results indicate that AI-driven hybrid models can significantly contribute to building more secure, scalable, and proactive cybersecurity infrastructures suitable for modern enterprise environments.
Artificial Intelligence, Cybersecurity, Hybrid Threat Detection, Anomaly Detection, Signature-Based Detection, Machine Learning, Intrusion Detection, Network Security, Behavioural Analysis
International Journal of Trend in Scientific Research and Development - IJTSRD having
online ISSN 2456-6470. IJTSRD is a leading Open Access, Peer-Reviewed International
Journal which provides rapid publication of your research articles and aims to promote
the theory and practice along with knowledge sharing between researchers, developers,
engineers, students, and practitioners working in and around the world in many areas
like Sciences, Technology, Innovation, Engineering, Agriculture, Management and
many more and it is recommended by all Universities, review articles and short communications
in all subjects. IJTSRD running an International Journal who are proving quality
publication of peer reviewed and refereed international journals from diverse fields
that emphasizes new research, development and their applications. IJTSRD provides
an online access to exchange your research work, technical notes & surveying results
among professionals throughout the world in e-journals. IJTSRD is a fastest growing
and dynamic professional organization. The aim of this organization is to provide
access not only to world class research resources, but through its professionals
aim to bring in a significant transformation in the real of open access journals
and online publishing.