Intelligent Threat Detection Systems: A Survey of Machine Learning Approaches in Cybersecurity

Abstract

The escalating sophistication of cyber threats has rendered traditional signature-based detection systems
increasingly inadequate in protecting modern digital infrastructures. Machine learning (ML) and artificial
intelligence (AI) have emerged as powerful enablers of intelligent threat detection, capable of identifying novel
attack patterns through behavioral analysis and anomaly detection. This paper surveys ML-based
approaches applied to cybersecurity threat detection, examining methodologies for intrusion detection,
malware classification, phishing identification, and advanced persistent threat (APT) detection. We analyze
the effectiveness of supervised classifiers, unsupervised anomaly detection algorithms, and deep learning
models in processing network traffic, system logs, and endpoint telemetry data. The survey further addresses
key challenges including adversarial machine learning, class imbalance, real-time processing requirements,
and the interpretability of detection models in operational security contexts. Our findings indicate that
ensemble methods and hybrid architectures combining signature-based and behavioral approaches yield
superior detection performance compared to standalone models