International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 13 Issue: 01 | Jan 2026
p-ISSN: 2395-0072
www.irjet.net
AI-Driven Cyber Threat Detection and Prevention Framework Using Machine Learning and Block chain Simulation Trapti Agrawal1 , Pawan Yadav2 1Department of Computer Science and Engineering, Eshan College of Engineering, Mathura, India, 2Department of Computer Science and Engineering, Eshan College of Engineering, Mathura, India,
-----------------------------------------------------------------------***--------------------------------------------------------------------------
Abstract - The growing complexity of cyber-attacks requires intelligent, autonomous, and tamperproof security systems that are able to identify and log threats in real-time. This study intends to establish an AI-oriented Cyber Threat Detection and Prevention Framework, which would offer a combination of the machine-learning-based intrusion-detecting mechanism with block chain-capable secure logging. The methodology uses a systematic experimental pipeline that includes pre-processing of the dataset, feature engineering, multi-model training, performance analysis, and decentralisation of the log simulation. CICIDS2017 and NSL-KDD (artificially manipulated to be experimental) are two benchmark intrusion detection datasets that were processed and assessed. Three machine learning models, including the Random Forest, Support Vector Machine, and a Deep Neural Network have been trained and assessed in terms of accuracy, precision, recall, F1-score, and ROC–AUC. The findings demonstrate that Deep Neural Network was much better compared to the classical models and was the most accurate at classifying and discriminating. The block chain simulation was able to effectively generate immutable and hash-linked data on identified threats, which is evidence of improved auditability and anti-tampering effects. The AI-Block chain model is a powerful and transparent system of security that has solved the shortcomings of intrusion detection systems in place. In general, the results demonstrate the effectiveness and viability of combining predictive analytics and decentralised verification to support next-generation cyber security applications. Keywords: AI-Driven Intrusion Detection, Block chain-Secured Logging, Deep Neural Networks, Cyber security Automation, Decentralised Threat Auditing, Block chain Simulation
1. Introduction The pace of digital change in industries is increasing, broadening the international cyber security environment and introducing complex and multi-dimensional attack surfaces. The contemporary business is becoming more based on linked systems; cloud computing, IoTs and artificial intelligence (AI), which are all highly increasing the vulnerability exposure. Due to the increasing trend of automation, adaptability, and the scale of cyber-attacks, the conventional rule-based intrusion detection systems (IDS) are incapable of detecting zero-day attacks and polymorphous malware [1]. This has redirected the focus of the world to AI-inspired, data-driven, anticipatory cyber security systems that are able to autonomously learn threat behaviours and block attacks in real-time [2], [3]. At the same time block chain has become one of the safest and non-modifiable technologies as a flexible technology to maintain non-centralised logging and verification to allow visibility to audit trails [4]. The intersection of AI, machine learning (ML) and block chain thus poses a significant opportunity to the next generation of cyber-defence systems that will enhance both detection quality and reduce false positives and introduce a degree of transparency in security governance [5]. The recent literature has also critically facilitated development of AIbased cyber security systems, reflected the strengths and revealed the persistent limitations. The ANN-ISM-based frameworks [3], smart-contract-enabled response systems [6], hybrid AI-block chain models to cyber-resilience in industrial systems [7], cognitive cities [8], and cyber-physical systems [9] have been explored by researchers. There has also been research on machine-learning-based anomaly detection in IoT [10], DDoS detection through feature selection [11], meta-learning-based server attack detection [12], ensemble-based threats quantification [13] and deep-learning models through optimization [14]. Nevertheless, despite the fact that these works can reveal the high level of improvement of such studies as threat detecting, they do not always include end-to-end integration, performance evaluation in real-time, hybrid AI and block chain simulation, or comparison of the ML model analysis with multiple cyber-attack datasets [15]. The general overview of AI-assisted detection approaches highlights the advanced learning procedures but also mentions the lack of holistic threat intelligence pipelines [2], whereas machine learning in the industrial control systems continues to problematize explain ability and generalizability [16], [17]. DDoS- and malware-entered research have only reported variability of algorithms yet have little use of block chain to introduce incident logging with security [18], [19].
© 2026, IRJET
|
Impact Factor value: 8.315
|
ISO 9001:2008 Certified Journal
|
Page 187