AI-driven cybersecurity framework for software development based on the ANN-ISM paradigm

Abstract

With the increasing reliance on software applications, cybersecurity threats have become a critical concern for developers and organizations. The answer to this vulnerability is AI systems, which help us adapt a little better, as traditional measures in security have failed to respond to the upcoming threats. This paper presents an innovative cybersecurity framework using AI, by the Artificial Neural Network (ANN)-Interpretive Structural Modeling (ISM) model, to improve threat detection, vulnerability assessment, and risk response during software development. This framework helps realize dynamic, intelligent security as a part of the Software Development life cycle (SDLC). Initially, existing cybersecurity risks in software coding are systematically evaluated to identify potential gaps and integrate best practices into the proposed model. In the second phase, an empirical survey was conducted to identify and validate the findings of the systematic literature review (SLR). In the third phase, a hybrid approach is employed, integrating ANN for real-time threat detection and risk assessment. It utilizes ISM to analyze the relationships between cybersecurity risks and vulnerabilities, creating a structured framework for understanding interdependencies. A case study was conducted in the last stage to test and evaluate the AI-driven cybersecurity Mitigation Model for Secure Software Coding. A multi-level categorization system is also used to assess maturity across five key levels: Ad hoc, Planned, Standardized, Metrics-Driven, and Continuous Improvements. This study identifies 15 cybersecurity risks and vulnerabilities in software coding, along with 158 AI-driven best practices for mitigating these risks. It also identifies critical areas of insecure coding practices and develops a scalable model to address cybersecurity risks across different maturity levels. The results show that AI outperforms traditional systems in detecting security weaknesses and simultaneously fixing problems. During Levels 1-3 of the system improvement process, advanced security methods are used to protect against threats. Our analysis reveals that organizations at Levels 4 and 5 still need to entirely shift to using AI-based protection tools and techniques. The proposed system provides developers and managers with valuable insights, enabling them to select security enhancements tailored to their organization's development stages. It supports automated threat analysis, helping organizations stay vigilant against potential cybersecurity threats. The study introduces a novel ANN-ISM framework integrating AI tools with cybersecurity modeling formalisms. By merging AI systems with secure software coding principles, this research enhances the connection between AI-generated insights and real-world cybersecurity usage.