Machine learning and AI for security mechanisms: A Systematic Literature Review Using a PRISMA Framework

Cyber threats are evolving rapidly, posing significant risks to individuals, organizations, and digital infrastructure. Traditional cybersecurity measures, which rely on predefined rules and static defence mechanisms, struggle to counter emerging threats such as zero-day attacks and advanced persistent threats (APTs). The integration of artificial intelligence (AI) and machine learning (ML) into cybersecurity presents a transformative approach, enhancing threat detection, anomaly identification, and automated response mechanisms. This study systematically reviews the role of ML and AI in cybersecurity defence using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) framework. A comprehensive literature search was conducted across multiple academic databases, identifying and analyzing studies published within the last decade. The review focuses on AI-driven cybersecurity applications, including intrusion detection systems (IDS), malware analysis, and anomaly detection in cloud and IoT environments. Findings indicate that ML models, such as neural networks, support vector machines, and ensemble learning techniques, improve detection accuracy and adaptability to evolving threats. AI-driven automated response systems enhance incident mitigation, reducing reliance on human intervention. However, challenges such as adversarial attacks, data privacy concerns, and computational resource demands persist. The study concludes that AI and ML significantly enhance cybersecurity resilience but require continuous advancements in model robustness, interpretability, and ethical considerations. Future research should focus on refining AI-driven security mechanisms, addressing adversarial vulnerabilities, and improving regulatory frameworks to maximize AI’s potential in cybersecurity.