A review report on Cyber security attacks, threats,

vulnerabilities, and future research direction

C S SHEKAR KARTHIK
21MID0113

[Link] in the current digital era. The number and intensity of

cyberattacks, which are becoming more complicated, have
The nature and frequency of cyber security attacks have increased due to the exponential rise of digital technology
significantly risen due to technological advancements, and the growing sophistication of cybercriminals. Protecting
making them one of the biggest hazards to people and even whole infrastructures, sensitive data, and vital services
entire countries. The current level of cyber security is across industries like finance, healthcare, energy, and
reviewed in this paper, along with some of the main threats, national defense is now part of cybersecurity, which goes
risks, and vulnerabilities of modern information systems. beyond simply protecting individual devices.
APTs, malware, crimeware, social engineering through
emails, and [Link] are just a few of the 2.1. The Growing Cyber Threat Landscape
cyberthreats it looks at.
Because of the increased attack surface brought about by the
The study looks at the fundamental flaws that world's reliance on digital technologies, cybersecurity is a
cybercriminals take advantage of in network protocols, critical issue. The risks have grown more varied and
hardware, software, and human factors and provides advice extensive, ranging from ransomware interfering with vital
on how to fix them. It also explores the changing strategies systems to targeted attacks on financial institutions. These
and tactics used by attackers and the increasing use of days, state-sponsored actors, organized crime syndicates,
machine learning and artificial intelligence (AI) in and even hacktivist groups are involved in cyberattacks;
cyberattacks and defenses. they are no longer limited to lone hackers. Given the
complexity of the threat landscape, cybersecurity requires a
continuous, proactive approach that foresees emerging
The impact of cyber security breaches on privacy, national threats, reduces vulnerabilities, and offers defense and
security, and critical infrastructure is also covered in the recovery solutions.
report, which highlights how global the cyber threat
landscape is. It emphasizes how crucial it is to share threat
intelligence, conduct ongoing monitoring, and incorporate
2.2. Understanding Cybersecurity Attacks
cutting-edge defensive techniques in order to combat new
threats. Cybersecurity attacks can take many forms, each posing
different risks to the confidentiality, integrity, and
availability of systems and data. Common types of attacks
The report concludes by outlining a number of potential
include:
avenues for further research, including the creation of
stronger encryption protocols, sophisticated AI-powered • Malware: Malicious software designed to
security systems, and improved regulatory frameworks. To infiltrate, damage, or disrupt systems. This category
protect digital ecosystems from ever-more-sophisticated and includes viruses, worms, Trojans, ransomware, and
ubiquitous threats, a proactive approach to research and spyware.
innovation is necessary due to the dynamic nature of cyber
threats. • Phishing: Deceptive attempts to acquire sensitive
information such as usernames, passwords, or
credit card details by impersonating trustworthy
Researchers, decision-makers, and practitioners who want to entities.
comprehend the intricacies of cyber security and help create
more potent defenses will find this review to be an • Denial-of-Service (DoS) and Distributed Denial-
invaluable resource. of-Service (DDoS) Attacks: Attacks that
overwhelm systems with traffic, rendering them
[Link] unavailable to users.
Cybersecurity has become one of the most important issues
facing people, businesses, governments, and society at large
1
 • SQL Injection: A technique used to exploit • Quantum Cryptography: Exploring quantum-
vulnerabilities in web applications by injecting resistant encryption methods to counteract the
malicious SQL queries to manipulate databases. potential threat posed by quantum computing.

• Man-in-the-Middle (MitM) Attacks: Where an • Human Factors in Cybersecurity: Understanding

attacker intercepts and potentially alters how human behaviors contribute to security
communications between two parties. breaches and developing training programs to
enhance cybersecurity awareness and vigilance.
As attackers adopt more sophisticated methods, their
objectives have expanded beyond financial gain to include • IoT Security: As the Internet of Things (IoT)
espionage, political influence, and even cyber warfare. expands, research on securing interconnected
devices and networks will become increasingly
2.3. Cybersecurity Threats and Vulnerabilities critical.
Threats refer to any potential danger to an information
• Automated Incident Response and Recovery:
system or network, while vulnerabilities are weaknesses or
Developing systems that can autonomously
flaws in the system that can be exploited by those threats.
respond to cybersecurity breaches, minimizing
These vulnerabilities can exist within hardware, software,
damage and accelerating recovery times.
network configurations, or even human behaviors. Common
sources of vulnerabilities include:

• Outdated software and unpatched systems: [Link] review

Cybercriminals often exploit unpatched security
flaws in widely-used software and operating In order to protect systems, networks, and data from
systems. malevolent attacks, unauthorized access, and damage,
cybersecurity includes a wide range of procedures, tools,
• Human error: Employees failing to recognize and regulations. As digital transformation continues to
phishing attempts, reusing weak passwords, or not evolve, the scope of cybersecurity has grown beyond
following security protocols can inadvertently protecting information systems in isolated contexts to
expose systems to attack. defending vital infrastructures such as healthcare, finance,
government, and transportation.
2.4. The Need for Advanced Cybersecurity Solutions
3.1. Cybersecurity Attacks
The strategies for preventing and managing cyberattacks
must change along with their tactics. Firewalls, antivirus Cybersecurity attacks refer to intentional and malicious
programs, and intrusion detection systems are examples of efforts by threat actors to disrupt, damage, or gain
traditional security measures that are no longer adequate unauthorized access to systems. Various types of attacks
when used alone. Artificial intelligence (AI), machine exist, each targeting different layers of an organization’s
learning (ML), blockchain, and quantum computing are infrastructure:
some of the new and developing technologies that are
becoming essential to the cybersecurity field. These • Malware Attacks: Malicious software such as
technologies have a lot of potential to improve threat viruses, worms, trojans, and ransomware are
detection, anticipate weaknesses, and automate real-time frequently used by cybercriminals to breach
incident response. systems. Ransomware attacks, in particular, have
Organizations are simultaneously transitioning from reactive seen a significant rise, with attackers encrypting
to proactive cybersecurity tactics. Protecting sensitive data files and demanding a ransom payment for their
and systems is becoming more and more dependent on ideas release (Choi et al., 2021).
like zero trust architecture, which believes that no one is
• Phishing Attacks: Phishing remains one of the
intrinsically trustworthy, and defense in depth, which layers
most prevalent methods used to gain access to
various security mechanisms.
sensitive information. Attackers often impersonate
legitimate entities in emails, websites, or phone
2.5. Future Research Directions in Cybersecurity calls to trick users into revealing confidential data
(Samarati & Guitton, 2021).
Given the rapid pace of technological advancements and the
growing sophistication of cyber threats, there is a pressing • Denial-of-Service (DoS) and Distributed Denial-
need for continuous research in the field of cybersecurity. of-Service (DDoS): DoS attacks overwhelm a
Future research can be focused on: system's resources, making it unavailable to its
intended users. DDoS attacks amplify this by using
• AI and Machine Learning in Threat Detection: multiple compromised systems to execute the
Investigating how AI and ML can be applied to attack, often targeting websites or critical
detect anomalies, identify patterns, and predict infrastructure (Ali et al., 2020).
emerging threats.

2
 • Man-in-the-Middle (MitM) Attacks: In MitM protection are frequently exploited (Zhou et al.,
attacks, attackers intercept and alter communication 2020).
between two parties without their knowledge.
These attacks are commonly seen in unsecured • Human Vulnerabilities: Human error is one of the
networks, such as public Wi-Fi (Alsmadi et al., leading causes of cybersecurity breaches. Weak
2020). passwords, poor adherence to security protocols,
and lack of user awareness all contribute to
• Advanced Persistent Threats (APT): APTs are vulnerabilities in an organization’s cybersecurity
highly sophisticated, targeted attacks often posture (Yang et al., 2020).
launched by nation-state actors. These attacks
typically aim to steal sensitive data or gain long- • Zero-Day Vulnerabilities: These vulnerabilities
term access to critical systems (González et al., are unknown to the software vendor and can be
2021). exploited by attackers before patches or fixes are
made available. Zero-day exploits are highly
3.2. Cybersecurity Threats valuable in the cybercriminal underground
(Shevchenko et al., 2021).
Cybersecurity threats refer to the potential causes or sources
of security breaches. These threats evolve with technological 3.4. Cybersecurity Frameworks and Mitigation
advancements and often exploit system vulnerabilities. Strategies

• Insider Threats: Employees or individuals with Over the years, several cybersecurity frameworks have been
access to an organization’s network and data can developed to provide structured approaches to managing
intentionally or unintentionally cause harm. Insider cyber risks. Notable examples include:
threats are challenging to defend against because
they often involve trusted individuals (Zhou et al., • The NIST Cybersecurity Framework: Developed
2021). by the National Institute of Standards and
Technology (NIST), this framework provides a
• Social Engineering: Social engineering attacks comprehensive approach to identify, protect, detect,
exploit human psychology to manipulate respond, and recover from cybersecurity incidents
individuals into performing actions that (NIST, 2023).
compromise security, such as sharing login
credentials or clicking on malicious links (Hassan • ISO/IEC 27001: This international standard
et al., 2021). outlines the requirements for establishing,
implementing, and maintaining an information
• Supply Chain Attacks: Attackers compromise an security management system (ISMS) to manage
organization's third-party vendors or suppliers to security risks effectively (Koh et al., 2021).
gain access to its network. These attacks can be
difficult to detect and mitigate, as they often • Risk-Based Approaches: Risk management
involve trusted partners (Stojanovic et al., 2020). models, such as the FAIR (Factor Analysis of
Information Risk) framework, focus on identifying
• Emerging Threats from IoT: The Internet of and mitigating potential risks based on their
Things (IoT) expands the attack surface by likelihood and impact (Aven, 2020).
introducing a myriad of connected devices. Many
3.5. Future Research Directions in Cybersecurity
of these devices lack robust security features,
making them vulnerable to exploitation (Fernandes Given the increasing sophistication of cyberattacks and the
et al., 2019). rapid pace of technological advancements, several key
research areas are emerging in the cybersecurity domain:
3.3. Cybersecurity Vulnerabilities

Vulnerabilities are weaknesses in systems, applications, or • Artificial Intelligence (AI) and Machine
networks that can be exploited by attackers. These can be Learning (ML) for Threat Detection: AI and ML
classified into several categories: are being leveraged to identify anomalies and
predict cyberattacks. Future research will likely
• Software Vulnerabilities: Bugs or flaws in focus on improving the accuracy of AI-based
software that can be exploited by attackers to gain detection systems, particularly in detecting zero-
unauthorized access to systems. Common examples day vulnerabilities and advanced persistent threats
include buffer overflows and unpatched software (Yin et al., 2021).
vulnerabilities (Cheng et al., 2021).
• Blockchain for Security: Blockchain technology
• Network Vulnerabilities: Insecure network offers promising potential for enhancing
configurations or weak encryption protocols are cybersecurity, particularly in areas such as secure
prime targets for cyberattacks. Vulnerabilities like transactions, data integrity, and identity
unsecured Wi-Fi networks and inadequate firewall management. Research is focusing on developing
3
 efficient blockchain-based solutions for may become vulnerable to attacks. Research should
decentralized security models (Yli-Huumo et al., focus on developing quantum-resistant algorithms
2016). that can withstand the computational power of
quantum machines.
• Quantum Computing and Cryptography:
Quantum computing presents both a threat and an • Quantum Key Distribution (QKD): The use of
opportunity for cybersecurity. As quantum quantum mechanics for secure communication is an
computers become more powerful, they could emerging field. Future work can explore the
potentially break traditional cryptographic integration of QKD in securing communication
algorithms. Research is exploring quantum- channels against potential quantum threats.
resistant cryptography to prepare for this
eventuality (Shor, 1994). 4.3. Cybersecurity in the Internet of Things (IoT)

• Cybersecurity for IoT and Edge Computing: As • Securing IoT Ecosystems: As IoT devices
the number of connected devices continues to grow, proliferate, they often lack robust security features,
new challenges related to securing the IoT and edge making them a target for cybercriminals. Future
networks emerge. Research will focus on research should focus on building lightweight,
lightweight encryption, secure communication scalable, and effective security frameworks for IoT,
protocols, and device authentication for IoT including secure device authentication, data
ecosystems (Singh & Sood, 2021). privacy, and integrity mechanisms.

• Cybersecurity Education and Awareness: There • Blockchain for IoT Security: Blockchain’s
is a growing need for enhancing cybersecurity decentralized nature offers an innovative way to
education and training. Future research will likely secure IoT devices, providing tamper-proof data
investigate more effective ways to cultivate storage and secure authentication protocols.
cybersecurity awareness among employees and the 4.4. Cloud Security and Data Protection
general public, using gamification, simulations, and
interactive learning techniques (Cheng et al., 2021). • Zero Trust Architecture (ZTA): Adopting a Zero
Trust approach to cloud security, where no entity is
• Resilience and Recovery Strategies: In light of trusted by default, is becoming crucial in
increasing cyberattacks, organizations are focusing distributed cloud environments. Future research
not just on prevention, but also on improving their could focus on designing more robust ZTA
resilience and recovery capabilities. Research in implementations and evaluating their effectiveness
this area focuses on rapid detection, automated in preventing data breaches.
response, and business continuity planning to
minimize the impact of attacks (Amritraj et al., • Data Privacy in Cloud Environments: With the
2021). increasing adoption of cloud computing, the
protection of sensitive data in the cloud is of
paramount importance. Research can investigate
[Link] directions techniques like homomorphic encryption and
secure multi-party computation to ensure data
4.1. Advanced Threat Detection Techniques privacy without sacrificing functionality.

• AI/ML-Driven Threat Detection: As cyber threats 4.5. Privacy-Enhancing Technologies (PETs)

become more sophisticated, leveraging artificial
intelligence (AI) and machine learning (ML) for • Differential Privacy: With growing concerns
predictive analysis, anomaly detection, and real- around personal data, differential privacy
time threat identification will be crucial. Future techniques can be a key area of future research,
helping organizations to collect and analyze data
research can focus on improving AI models for
while preserving individuals' privacy.
detecting zero-day vulnerabilities, advanced
persistent threats (APTs), and insider attacks. • Privacy by Design: Research can explore better
• Explainable AI: Increasing adoption of AI in implementation of privacy by design principles,
integrating privacy and security features directly
cybersecurity necessitates the development of
into the design and development phases of
explainable AI to ensure transparency and
technologies and systems.
trustworthiness in automated threat detection
systems. 4.6. Human-Centric Cybersecurity
4.2. Quantum Computing and Cryptography • Social Engineering Attack Mitigation: Despite
• Post-Quantum Cryptography: With the advent of technological advancements, human error remains
one of the most significant threats in cybersecurity.
quantum computers, existing encryption algorithms
4
 Future research should explore behavioral • Global Cybersecurity Standards: With cyber
analytics, gamification, and user training threats transcending borders, future research should
strategies to reduce susceptibility to phishing and focus on creating and harmonizing global
social engineering attacks. cybersecurity standards that promote
collaboration between governments, businesses,
• Psychology of Cybersecurity: Understanding the and academic institutions.
psychology behind cyberattacks, including
motivations of attackers and decision-making • Legal and Ethical Frameworks: As cybercrime
processes of users, could provide insights into becomes more sophisticated, there is a need for
creating more effective security policies and updated legal frameworks to address issues like
defenses. cyber espionage, data breaches, and cyber
terrorism. Research can explore how laws can be
4.6. Human-Centric Cybersecurity
adapted to account for new technologies and attack
• Social Engineering Attack Mitigation: Despite vectors.
technological advancements, human error remains 4.10. Autonomous Security Systems
one of the most significant threats in cybersecurity.
Future research should explore behavioral • Self-Healing Networks: Future research should
analytics, gamification, and user training explore how to create self-healing networks that
strategies to reduce susceptibility to phishing and can autonomously detect and respond to attacks in
social engineering attacks. real-time, reducing the reliance on human
intervention.
• Psychology of Cybersecurity: Understanding the
psychology behind cyberattacks, including • Autonomous Defense Mechanisms: The
motivations of attackers and decision-making development of intelligent, autonomous defense
processes of users, could provide insights into mechanisms using AI to automatically adapt
creating more effective security policies and security measures against evolving threats without
defenses. the need for manual configuration could be a
significant area of focus.
4.7. Threat Intelligence Sharing
4.11. Securing Critical Infrastructure
• Cross-Industry Collaboration: As cyber threats
continue to evolve, sharing threat intelligence • Industrial Control Systems (ICS) Security:
across industries and countries can enhance Critical infrastructure systems such as power grids,
collective defense mechanisms. Research can water supply networks, and transportation systems
investigate frameworks for sharing cybersecurity are increasingly targeted by cybercriminals.
information while respecting privacy concerns and Research should focus on securing ICS and
intellectual property. SCADA (Supervisory Control and Data
Acquisition) systems, which are vulnerable to
• Threat Intelligence Platforms (TIPs): Future attacks due to their interconnected nature.
research should focus on the development of AI-
powered TIPs to enhance automation, improve the • Resilience and Recovery Strategies: Future
quality of intelligence shared, and facilitate faster research can explore strategies for improving
responses to emerging threats. resilience and faster recovery in the face of
cyberattacks targeting critical infrastructure.
4.8. Advanced Persistent Threat (APT) Mitigation
4.12. Cybersecurity in the Metaverse
• APT Detection and Prevention: Advanced
Persistent Threats (APTs) are increasingly targeting • Metaverse Security: As virtual and augmented
critical infrastructure. Research into better reality technologies continue to grow, the
detection techniques using machine learning, big Metaverse presents a new frontier for
data analytics, and behavioral analysis can cybersecurity challenges. Future research should
provide more effective defenses. explore secure digital identities, fraud prevention,
and data privacy in virtual environments.
• Red Teaming and Blue Teaming: The evolution of
red teaming (attack simulations) and blue teaming • Virtual Asset Protection: The protection of digital
(defense strategies) could benefit from more assets (e.g., NFTs, virtual currencies) within the
sophisticated simulations of APT tactics, Metaverse, and preventing theft, counterfeiting, and
techniques, and procedures (TTPs) to improve other forms of financial fraud, should also be a key
defensive readiness. area of exploration.
4.9. Cybersecurity Regulations and Policy

5
[Link] [3] Khorshed, M. T., Ali, A. S., & Wasimi, S. A.
(2012). A survey on gaps, threat remediation
Because of the ever changing digital ecosystem,
challenges and some thoughts for proactive attack
cybersecurity is becoming a major concern for people,
businesses, and governments. The need for proactive, detection in cloud computing. Future Generation
cutting-edge security solutions is critical as cyber threats computer systems, 28(6), 833-851.
become more complex and varied, encompassing everything
[4] Parkinson, S., Ward, P., Wilson, K., & Miller, J.
from classic attacks like malware and phishing to advanced
persistent threats (APTs) and weaknesses in new
(2017). Cyber threats facing autonomous and
technologies like IoT and quantum computing. connected vehicles: Future challenges. IEEE
Cybercriminals can easily take advantage of information transactions on intelligent transportation
system vulnerabilities such out-of-date software, human systems, 18(11), 2898-2915.
mistake, and inadequate network protections. The necessity
for increasingly sophisticated defensive tactics is highlighted [5] Pandey, S. K. (2012). A comparative study of risk
by the growing frequency and magnitude of cyberattacks. assessment methodologies for information
Traditional security measures are no longer adequate; in systems. Bulletin of Electrical Engineering and
order to detect and mitigate risks, integrated, adaptive Informatics, 1(2), 111-122.
techniques utilizing state-of-the-art technologies such as
blockchain, machine learning, and artificial intelligence (AI) [6] Hou, J., Hu, C., Lei, S., & Hou, Y. (2024). Cyber
are crucial. By enabling real-time response and recovery, resilience of power electronics-enabled power systems:
these technologies lessen the effect of security breaches. A review. Renewable and Sustainable Energy
Particularly at risk are critical infrastructure sectors such as Reviews, 189, 114036.
national defense, healthcare, finance, and energy. Public
safety, national security, and privacy can all be jeopardized [8] Al-Mhiqani, M. N., Ahmad, R., Abidin, Z. Z., Ali,
by breaches in these domains, underscoring the necessity of N. S., & Abdulkareem, K. H. (2019). Review of cyber
ongoing cybersecurity improvements and international attacks classifications and threats analysis in cyber-
collaboration. In order to handle the global nature of cyber physical systems. International Journal of Internet
threats, it will be essential to share threat intelligence and Technology and Secured Transactions, 9(3), 282-298.
create legislative frameworks that strike a balance between
security and privacy. [9] Latino, M. E., & Menegoli, M. (2022).
Cybersecurity in the food and beverage industry: A
reference framework. Computers in Industry, 141,
In the future, research should concentrate on creating robust
103702.
encryption protocols to fend off the dangers of quantum
computing, as well as blockchain solutions for protecting [10] Al‐Qahtani, A. F., & Cresci, S. (2022). The
IoT ecosystems, AI-driven threat detection, and automated COVID‐19 scamdemic: A survey of phishing attacks
response systems. Given that human mistake continues to be
and their countermeasures during COVID‐19. IET
a major contributor to breaches, it is also imperative to
Information Security, 16(5), 324-345.
address human aspects through increased awareness and
training. [11] Srivastava, G., Jhaveri, R. H., Bhattacharya, S.,
In conclusion, cybersecurity requires a proactive, Pandya, S., Maddikunta, P. K. R., Yenduri, G., ... &
multifaceted approach that anticipates new threats, leverages Gadekallu, T. R. (2022). XAI for cybersecurity: state
emerging technologies, and promotes global collaboration. of the art, challenges, open issues and future
Continued research and innovation are essential to ensuring directions. arXiv preprint arXiv:2206.03585.
the security and resilience of digital ecosystems in the face
of evolving cyber risks, protecting critical systems and [12] Asghar, M. R., Hu, Q., & Zeadally, S. (2019).
sensitive data in the digital age. Cybersecurity in industrial control systems: Issues,
technologies, and challenges. Computer
[Link] Networks, 165, 106946.
[1] Oruma, S. O., Sánchez-Gordón, M., Colomo- [13] Ige, A. B., Kupa, E., & Ilori, O. (2024). Analyzing
Palacios, R., Gkioulos, V., & Hansen, J. K. (2022). A defense strategies against cyber risks in the energy
systematic review on social robots in public spaces: sector: Enhancing the security of renewable energy
Threat landscape and attack sources. International Journal of Science and Research
surface. Computers, 11(12), 181. Archive, 12(1), 2978-2995.
[2] Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). [14] Miloslavskaya, N., & Tolstoy, A. (2019). Internet
Information security management needs more holistic of Things: information security challenges and
approach: A literature review. International journal of solutions. Cluster Computing, 22, 103-119.
information management, 36(2), 215-225.
6
[15] Tsohou, A., Diamantopoulou, V., Gritzalis, S., &
Lambrinoudakis, C. (2023). Cyber insurance: state of
the art, trends and future directions. International
Journal of Information Security, 22(3), 737-748.

Sl. Paper Title Objective Application Challenges Security Dataset Evaluation Key Limitation Results/Rem
No /Author Identified Technique Utilized Metrics Contributio s arks
/Reference s utilized ns
s
Sharma,
A., &
Explore
Sharma, A.
cloud Cloud Review of
(2017). A DoS, Public Emphasizes
computing computing Encryption Attack success cloud- Limited
Survey of DDoS, and datasets of adaptive
cyberattac environmen , IDS, rate, detection specific real-world
1 Cyber man-in-the- cloud security
ks and ts, data firewalls, rate, response cyberattacks case
Attacks and middle security solutions for
defense storage, and MFA time. and defense studies.
Defense attacks. incidents. the cloud.
mechanis security. strategies.
Mechanism
ms.
s in Cloud
Computing
Subashini,
S., &
Kavitha, V.
(2011). A Review of Cloud Stronger
Data Virtualizat Security Primarily
Survey of security service Literature Comprehens encryption
breaches, ion breach theoretical,
Cybersecur threats and models review on ive review of and access
account security, frequency, limited
2 ity in vulnerabili (IaaS, PaaS, cloud major cloud control
hijacking, encryption detection time, case study
Cloud ties in SaaS), security security measures
insecure , access mitigation application
Computing cloud cloud incidents. risks. recommende
APIs. control. response. .
: Threats computing. security. d.
and
Vulnerabili
ties
Khraisat,
A., Gondal,
I., & Overview of
General Evolving IDS, Focus on
Vamplew, To survey cyber- Proactive
cybersecurit nature of firewalls, Security older
P. (2017). cyberattac Detection rate, attacks, and adaptive
y across cyber- AI-based event attack
A Survey of ks and false positive defense security
3 industries, attacks, anomaly datasets types,
Cybersecur available rate, system strategies, needed for
emphasis high data detection, and attack lacking in-
ity: Attacks defense resilience. and emerging
on attack volume for cryptograp logs. depth APT
and strategies. development threats.
detection. analysis. hy. analysis.
Defense al insights.
Mechanism
s
Liao, H., &
Li, K. Signature-
Examine Layered
(2018). Evasion based
attack Cyberattack Security Classificatio Primarily defense
Understan tactics, detection, Detection
strategies detection, event n of attack theoretical, approach
ding Cyber large-scale anomaly- accuracy, false
4 and response, logs, strategies lacking recommende
Attack attack based positive/negati
defense and academic and defense empirical d for
Strategies: simulations detection, ve rates.
mechanis prevention. datasets. techniques. validation. effectiveness
A . machine
ms. .
Comprehen learning.
sive Survey
Li, Z., &
Li, B. Discuss Quantum
Cybersecuri Projection of
(2018). The future computing AI-driven Scenario- Limited
ty planning, Risk cybersecurit Preparation
Future of cybersecur risks, AI detection, based empirical
AI mitigation y trends, for quantum
Cyber ity integration quantum- datasets, data and
5 integration effectiveness, implications computing
Security: challenges challenges, safe cybersecu focus on
in AI model of emerging impacts
Challenges and smart tech cryptograp rity trend speculative
cybersecurit performance. technologies critical.
and opportuniti vulnerabilit hy. data. trends.
y. .
Opportunit es. ies.
ies
Mollah, M.
B., & Lightweig
IoT Multi-
Rahman, Lack of IoT ht
Investigate Internet of vulnerabil layered
M. M. security encryption Attack Scalability
IoT device Things ity Review of security
(2020). standards, , IoT- detection time, issues in
vulnerabili (IoT), smart databases IoT security approach for
6 Security device specific breach success large IoT
ties and homes, and smart threats and IoT
Vulnerabili authenticati firewalls, rate, energy deploymen
propose industrial device solutions. networks
ties and on, DDoS authenticat efficiency. ts.
solutions. IoT. breach recommende
Solutions attacks. ion
reports. d.
in IoT protocols.
Devices

7
 Shia, M.
M., &
Explore AI-based AI has high
Abdul- Lack of Security Comprehens
how AI intrusion ML, DL, Dependenc potential but
Rahman, labeled event Accuracy, ive overview
can detection, anomaly e on data faces
A. (2021). data, logs, false of AI
enhance malware detection, quality and challenges in
7 Artificial adversarial attack positives/nega techniques
cybersecur analysis, reinforcem model robustness
Intelligenc machine datasets tives, learning in
ity and automated ent explainabil and
e in learning for ML time. cybersecurit
identify threat learning. ity issues. transparency
Cybersecur risks. models. y.
gaps. response. .
ity: A
Review
Kaur, R., &
Sophisticat APT
Mehta, N. Behavior-
Study ed evasion attack
(2019). based Detection rate, Complex Integrated
APTs, Enterprise tactics, pattern Insights into
Advanced detection, system and multi-
their networks, evolving data, APT nature,
Persistent heuristic resilience, resource- layered
8 tactics, and government attack security effective
Threats: A analysis, attack intensive defense
future cybersecurit vectors, organizati detection
Survey and threat mitigation detection needed for
research y. long-term ons’ strategies.
Future intelligenc time. methods. APTs.
directions. threat incident
Research e sharing.
presence. reports.
Directions
Review
Evasion
Amiri, M. and Signature- Comparison
Malware techniques, Computati
E., & compare based, of malware ML shows
detection, fast- Malware onal cost
Naderi, M. malware heuristic detection promise, but
antivirus evolving datasets Detection rate, and
(2021). A detection analysis, techniques, new
9 software, malware, (VirusSha false positive evasion by
Survey on techniques, dynamic highlighting malware
cybersecurit resource re, rate, accuracy. new
Malware propose analysis, ML variants pose
y defense constraints AWID). malware
Detection future ML-based effectiveness challenges.
systems. in types.
Techniques improvem methods. .
detection.
ents.
Mellado, Examine
Lack of
D., & CTI
Cyber standardiza TIPs, ML- Public Threat Overview of
Garcia, J. models International
threat tion, based CTI feeds, detection CTI process, High cost
(2019). A and collaboratio
intelligence insufficient threat threat effectiveness, challenges, of
Comprehen framework n and
10 sharing, information modeling, intelligenc integration and integration
sive Survey s, and their standardizati
proactive sharing, informatio e efficiency, proposed and lack of
on Cyber role in on critical
security dynamic n sharing repositori real-time improvemen standards.
Threat enhancing for CTI.
defense. threat protocols. es. detection. ts.
Intelligenc defense
landscape.
e strategies.
Oghuma,
M., & Lack of Supervised
Security
Zhang, Y. Explore training learning,
event AI/ML
(2020). AI/ML Intrusion data, unsupervis Exploration Data
logs, Accuracy, enhances
Machine roles in detection, adversarial ed of AI/ML quality and
labeled precision, cybersecurit
Learning cybersecur anomaly attacks on learning, applications model
11 attack recall, F1- y but faces
and ity and detection, ML deep in transparen
datasets score, false challenges in
Artificial identify malware models, learning cybersecurit cy
(NSL- positive rate. practical
Intelligenc research analysis. high for y. challenges.
KDD, application.
e in Cyber gaps. computatio cybersecur
CICIDS).
Security: A nal cost. ity.
Survey
Kumar, V.,
Identify
& Mehta,
security
N. (2018). Wireless PKI, Review of
vulnerabili Proactive
Security Mobile data VPNs, Mobile Security vulnerabiliti Solutions
ties in security
Vulnerabili security, interception secure network breach rate, es in mobile may not
mobile and measures are
ties and wireless , authenticat traffic data leakage, and wireless scale to
12 wireless critical for
Mitigation communica unauthorize ion, datasets, attack networks, large
networks mobile and
Strategies tion, IoT d access, encryption attack mitigation offering deploymen
and wireless
for Mobile security. mobile techniques logs. rate. countermeas ts.
propose networks.
and malware. . ures.
mitigation
Wireless
strategies.
Networks
Sood, M.,
&
Review
Mehrotra, Lightweig
cybersecur Multi-
G. (2018). IoT Device ht Lack of
ity IoT attack Review of layered
Emerging networks, authenticati encryption Detection rate, IoT
challenges datasets, IoT security security
Cybersecur smart on, data , IoT- attack success security
13 in IoT and vulnerabil vulnerabiliti approach
ity homes, privacy, specific rate, false standards,
propose ity es and necessary
Challenges industrial DDoS firewalls, positive rate. scalability
future reports. solutions. for IoT
in the IoT. attacks. blockchain issues.
research networks.
Internet of .
directions.
Things
(IoT)
Li, J., & Review Enterprise Evolving Risk Cyberatta Risk Overview of Focused Integrated
14 Yang, X. cybersecur risk cyber assessment ck reduction, cybersecurit mainly on risk
(2019). ity risk managemen threats, framework frequency attack y risk general management
8
 Cybersecur manageme t, threat lack of s, security data, risk mitigation management concepts, for
ity Risk nt analysis, integration audits, assessmen effectiveness, , identifying less on cybersecurit
Manageme challenges risk with automated t reports. cost-benefit key research specific y is critical.
nt: and mitigation business risk analysis. directions. threat
Challenges research strategies. processes. manageme types.
, Trends, directions. nt tools.
and
Research
Directions
Rad, S., &
Survey
Haghparast Ransomwar Anti- Detailed
ransomwar Malware Ransomw
, M. e evasion, ransomwar analysis of Challenges Education
e evolution detection, are attack Infection rate,
(2020). rapid e tools, ransomware in and backup
and ransomware datasets, decryption
15 Ransomwa propagation system evolution detecting solutions are
suggest prevention, malware success rate,
re: A , user backups, and new key to
future cybersecurit analysis detection rate.
Survey and vulnerabilit behavioral countermeas variants. mitigation.
research y. reports.
Future y. analysis. ures.
directions.
Directions