From Signature-Based to AI-Driven Frameworks: A Review of the Evolution of Cybersecurity Evaluation Methods

Abstract

The rapid evolution of cyber threats has necessitated the development of more sophisticated cybersecurity evaluation frameworks. This review paper explores the transition from traditional signature-based methods to AI-driven frameworks, highlighting each approach's strengths, limitations, and advancements. Signature-based systems, once the cornerstone of cybersecurity defense, excel at detecting known threats by matching attack patterns against predefined signatures. However, these systems struggle to address emerging and unknown threats, often leaving systems vulnerable to novel attack vectors. In response, AI-driven frameworks utilizing Machine Learning (ML), Deep Learning (DL), and anomaly detection have emerged as powerful tools capable of adapting to new threats, improving detection accuracy, and reducing false positives. This paper examines key AI techniques, such as supervised, unsupervised, and reinforcement learning, in the context of cyber-security evaluation.

Furthermore, it discusses AI models' challenges, including the need for high-quality datasets, interpretability issues, and adversarial vulnerability. The review also identifies promising hybrid models combining signature-based and AI-driven methods, aiming to leverage the strengths of both approaches. Finally, we outline future directions for research, emphasizing the importance of enhancing AI robustness, scalability, and ethical considerations in cybersecurity systems.