Bibliometric analysis of artificial intelligence cyberattack detection models
Why this work is in the frame
A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.
Bibliographic record
Abstract
Abstract Cybercriminals have increasingly adopted advanced and cutting-edge methods that expand the scale and speed of their attacks in recent years. This trend coincides with the rising demand for and scarcity of highly skilled cybersecurity specialists, making them both expensive and difficult to find. Recently, researchers have demonstrated the effectiveness of Artificial Intelligence (AI) approaches in combating sophisticated cyberattacks. However, comprehensive bibliometric data illustrating the study of AI approaches in cyberattack detection remain sparse. This study addresses this gap by investigating the current state of AI-based cyberattack detection research. The study analyzed the Scopus database using bibliometric analysis on a pool of over 2,338 articles published between 2014 and 2024, including 1217 journal articles, 828 conference papers, 121 conference reviews, 85 book chapters, 70 reviews, 5 editorials, and 2 books and short surveys. The study explores various AI-based cyberattack detection approaches globally, focusing on machine learning and deep learning algorithms. The bibliometric analysis was conducted using R, an open-source statistical tool, and Biblioshiny. The findings establish that AI, particularly machine learning and deep learning, enhances intrusion detection accuracy and is a growing research trend. Researchers have effectively employed these techniques for malware detection. The USA leads in AI cyberattack research, followed by India, China, Saudi Arabia, and Australia. Despite publishing fewer articles, Canada and Italy received significant citations. Additionally, strong research collaboration exists among the USA, China, Australia, Saudi Arabia, and India. Keyword analysis highlights AI’s effectiveness in identifying patterns and malicious behaviours, enhancing intrusion detection even in complex cyberattacks. Machine learning can detect intrusions based on anomalies caused by malicious or compromised devices, as well as unknown threats, with speed, accuracy, and a low false-positive rate.
Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.
Full frame distilled prediction
Teacher imitationNot calibrated prevalence, not ground truth. Human validation pending. Learned from the 10,348 direct Codex labels and 10,348 direct Gemma labels. Candidate is the union of thresholded teacher heads; consensus is their intersection. These outputs are machine_predicted_unvalidated and are not human labels or direct frontier model labels.
Codex and Gemma teacher scores by category
| Category | Codex | Gemma |
|---|---|---|
| Metaresearch | 0.002 | 0.001 |
| Meta-epidemiology (narrow) | 0.000 | 0.000 |
| Meta-epidemiology (broad) | 0.001 | 0.001 |
| Bibliometrics | 0.048 | 0.291 |
| Science and technology studies | 0.000 | 0.000 |
| Scholarly communication | 0.000 | 0.002 |
| Open science | 0.001 | 0.000 |
| Research integrity | 0.000 | 0.000 |
| Insufficient payload (model declined to judge) | 0.001 | 0.001 |
Machine scores (provisional)
The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.
Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.
score_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it