An Integrated Generative AI Framework for Autonomous Cyberattack Prediction, Detection, and Mitigation

Description

Page: 81-86

Ajay Prasad¹, Nit Nayana², and Sajid Parwez³ (Department of Computer Science and Technology, Sona Devi University, Ghatsila, Jharkhand^1,2 and Department of Psychology
Sona Devi University, Ghatsila, Jharkhand³)

This paper presents a novel, integrated framework for autonomous cybersecurity, leveraging advanced machine learning (ML), explainable AI (XAI), and large language models (LLMs) to predict, detect, and mitigate cyberattacks (Smith et al., 2023; Zhao & Patel, 2024). The framework is composed of four interconnected modules: (1) an Empirical Mode Decomposition (EMD) and K-Nearest Neighbors (KNN)-based network traffic forecasting model for early attack prediction; (2) an end-to-end system for attack detection and explanation using XAI and LLMs; (3) a privacy-preserving fine-tuning methodology (Low-Rank Adaptation, LoRA) for adapting open-source LLMs to cybersecurity tasks; and (4) a Reasoning and Acting (ReAct) agent for real-time, automated incident response. The EMD-KNN model achieved a significant reduction in prediction error compared to conventional baselines (Huang et al., 1998). The XAI-LLM module successfully provided human-readable explanations of complex attack patterns, as evidenced by SHAP and LIME analysis (Lundberg & Lee, 2017; Ribeiro et al., 2016). Fine-tuning with LoRA enabled open-source models like Mistral-7B and LLaMA2-7B to perform competitively with proprietary models while ensuring data privacy (Hu et al., 2022). The ReAct agent successfully demonstrated autonomous mitigation of simulated attacks within a cloud-based testbed, proving the framework’s real-world viability (Yao et al., 2022). This research demonstrates a comprehensive, end-to-end solution that bridges the gap between theoretical AI models and practical, autonomous cybersecurity defence systems, paving the way for more intelligent and adaptable security infrastructure.