AI-Driven Cybersecurity Strategies for Detecting Threats and Enhancing Network Resilience in Critical Infrastructure
Samuel Ajuwon
Electrical and Computer Systems Engineering, Morgan State University Baltimore Maryland, USA.
Emmanuel Olayinka Afolabi
Helsinki Metropolia University of Applied Sciences, Finland.
Aluma Michael Ako
Department of Cyber Security, The University of Toledo, USA.
Attah Nnaemeka Melford
Cybersecurity Department, Iowa State University, USA.
Muhammed Raji Moshood *
Kwara State University, Malete, Kwara, Nigeria.
*Author to whom correspondence should be addressed.
Abstract
The systems of critical infrastructure, such as energy, water, and healthcare networks, are becoming targets of advanced cyber threats, which can disrupt the provision of critical services and undermine the safety of the population. Conventional cybersecurity measures are usually ill-equipped to identify the persistent and dynamic attacks in real-time, and therefore, more sophisticated and dynamic solutions are required. The current systematic review is aimed at exploring the level at which artificial intelligence (AI) and machine learning (ML) models are effective in improving threat detection, automated response, and resilience in critical infrastructure settings. Peer-reviewed articles published between 2018 and 2025 were reviewed, and the applications targeted intrusion detection, anomaly detection, and automated mitigation measures. Key explored databases included IEEE Xplore, SpringerLink, ScienceDirect, Wiley Online Library, ACMe Digital Library, Taylor and Francis Online, and MDPI. Twenty-four journals were included in the final synthesis. Five were situated in the energy sector, four were in healthcare, two were in water infrastructure, one was in both the water and energy sectors, while twelve studies were for cross-sectoral AI cybersecurity infrastructure. It has been found that deep learning-based models like convolutional neural networks (CNN), long short-term memory networks (LSTM), and hybrid ensembles have 95 per cent detection accuracy and significantly lower false positive rates than conventional systems. Reinforcement learning and adaptive algorithms also enhance the resilience of a system by making it respond autonomously to cyber-attacks in real time. Although these benefits exist, data scarcity, and integration challenges with legacy systems, and ethical issues in terms of privacy, transparency, and accountability are major challenge to implementation. The review recognises the importance of explainable AI and federated learning as a significant contribution to these challenges without violating cybersecurity governance models. The review concludes that AI-based cybersecurity approaches offer a solid basis for enhancing the safety and resiliency of critical infrastructure, with practical implications offered to practitioners, policymakers, and researchers interested in protecting the safety and availability of essential services in increasingly more digitalised settings.
Keywords: Artificial Intelligence (AI), cybersecurity, critical infrastructure, intrusion detection, anomaly detection, network resilience, Machine Learning (ML), Explainable AI (XAI)