AI-driven cybersecurity framework for software development based on the ANN-ISM paradigm
Abstract With the increasing reliance on software applications, cybersecurity threats have become a critical concern for developers and organizations. The answer to this vulnerability is AI systems, which help us adapt a little better, as traditional measures in security have failed to respond to th...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Nature Portfolio
2025-04-01
|
| Series: | Scientific Reports |
| Subjects: | |
| Online Access: | https://doi.org/10.1038/s41598-025-97204-y |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850146326207004672 |
|---|---|
| author | Habib Ullah Khan Rafiq Ahmad Khan Hathal S. Alwageed Alaa Omran Almagrabi Sarra Ayouni Mohamed Maddeh |
| author_facet | Habib Ullah Khan Rafiq Ahmad Khan Hathal S. Alwageed Alaa Omran Almagrabi Sarra Ayouni Mohamed Maddeh |
| author_sort | Habib Ullah Khan |
| collection | DOAJ |
| description | Abstract With the increasing reliance on software applications, cybersecurity threats have become a critical concern for developers and organizations. The answer to this vulnerability is AI systems, which help us adapt a little better, as traditional measures in security have failed to respond to the upcoming threats. This paper presents an innovative cybersecurity framework using AI, by the Artificial Neural Network (ANN)—Interpretive Structural Modeling (ISM) model, to improve threat detection, vulnerability assessment, and risk response during software development. This framework helps realize dynamic, intelligent security as a part of the Software Development life cycle (SDLC). Initially, existing cybersecurity risks in software coding are systematically evaluated to identify potential gaps and integrate best practices into the proposed model. In the second phase, an empirical survey was conducted to identify and validate the findings of the systematic literature review (SLR). In the third phase, a hybrid approach is employed, integrating ANN for real-time threat detection and risk assessment. It utilizes ISM to analyze the relationships between cybersecurity risks and vulnerabilities, creating a structured framework for understanding interdependencies. A case study was conducted in the last stage to test and evaluate the AI-driven cybersecurity Mitigation Model for Secure Software Coding. A multi-level categorization system is also used to assess maturity across five key levels: Ad hoc, Planned, Standardized, Metrics-Driven, and Continuous Improvements. This study identifies 15 cybersecurity risks and vulnerabilities in software coding, along with 158 AI-driven best practices for mitigating these risks. It also identifies critical areas of insecure coding practices and develops a scalable model to address cybersecurity risks across different maturity levels. The results show that AI outperforms traditional systems in detecting security weaknesses and simultaneously fixing problems. During Levels 1–3 of the system improvement process, advanced security methods are used to protect against threats. Our analysis reveals that organizations at Levels 4 and 5 still need to entirely shift to using AI-based protection tools and techniques. The proposed system provides developers and managers with valuable insights, enabling them to select security enhancements tailored to their organization's development stages. It supports automated threat analysis, helping organizations stay vigilant against potential cybersecurity threats. The study introduces a novel ANN-ISM framework integrating AI tools with cybersecurity modeling formalisms. By merging AI systems with secure software coding principles, this research enhances the connection between AI-generated insights and real-world cybersecurity usage. |
| format | Article |
| id | doaj-art-d2727f790da0467b88e894c238b6325c |
| institution | OA Journals |
| issn | 2045-2322 |
| language | English |
| publishDate | 2025-04-01 |
| publisher | Nature Portfolio |
| record_format | Article |
| series | Scientific Reports |
| spelling | doaj-art-d2727f790da0467b88e894c238b6325c2025-08-20T02:27:53ZengNature PortfolioScientific Reports2045-23222025-04-0115114510.1038/s41598-025-97204-yAI-driven cybersecurity framework for software development based on the ANN-ISM paradigmHabib Ullah Khan0Rafiq Ahmad Khan1Hathal S. Alwageed2Alaa Omran Almagrabi3Sarra Ayouni4Mohamed Maddeh5Department of Accounting and Information Systems, College of Bussiness and Economics, Qatar UniversitySoftware Engineering Research Group, Department of Computer Science and IT, University of MalakandCollege of Computer and Information Sciences, Jouf UniversityDepartment of Information Systems, Faculty of Computing and Information Technology, King Abdulaziz UniversityDepartment of Information Systems, College of Computer and Information Sciences, Princess Nourah Bint Abdulrahman UniversityCollege of Applied Computer Science, King Saud UniversityAbstract With the increasing reliance on software applications, cybersecurity threats have become a critical concern for developers and organizations. The answer to this vulnerability is AI systems, which help us adapt a little better, as traditional measures in security have failed to respond to the upcoming threats. This paper presents an innovative cybersecurity framework using AI, by the Artificial Neural Network (ANN)—Interpretive Structural Modeling (ISM) model, to improve threat detection, vulnerability assessment, and risk response during software development. This framework helps realize dynamic, intelligent security as a part of the Software Development life cycle (SDLC). Initially, existing cybersecurity risks in software coding are systematically evaluated to identify potential gaps and integrate best practices into the proposed model. In the second phase, an empirical survey was conducted to identify and validate the findings of the systematic literature review (SLR). In the third phase, a hybrid approach is employed, integrating ANN for real-time threat detection and risk assessment. It utilizes ISM to analyze the relationships between cybersecurity risks and vulnerabilities, creating a structured framework for understanding interdependencies. A case study was conducted in the last stage to test and evaluate the AI-driven cybersecurity Mitigation Model for Secure Software Coding. A multi-level categorization system is also used to assess maturity across five key levels: Ad hoc, Planned, Standardized, Metrics-Driven, and Continuous Improvements. This study identifies 15 cybersecurity risks and vulnerabilities in software coding, along with 158 AI-driven best practices for mitigating these risks. It also identifies critical areas of insecure coding practices and develops a scalable model to address cybersecurity risks across different maturity levels. The results show that AI outperforms traditional systems in detecting security weaknesses and simultaneously fixing problems. During Levels 1–3 of the system improvement process, advanced security methods are used to protect against threats. Our analysis reveals that organizations at Levels 4 and 5 still need to entirely shift to using AI-based protection tools and techniques. The proposed system provides developers and managers with valuable insights, enabling them to select security enhancements tailored to their organization's development stages. It supports automated threat analysis, helping organizations stay vigilant against potential cybersecurity threats. The study introduces a novel ANN-ISM framework integrating AI tools with cybersecurity modeling formalisms. By merging AI systems with secure software coding principles, this research enhances the connection between AI-generated insights and real-world cybersecurity usage.https://doi.org/10.1038/s41598-025-97204-yAISecure software codingCybersecurity risks and practicesSystematic literature reviewEmpirical surveyCase study |
| spellingShingle | Habib Ullah Khan Rafiq Ahmad Khan Hathal S. Alwageed Alaa Omran Almagrabi Sarra Ayouni Mohamed Maddeh AI-driven cybersecurity framework for software development based on the ANN-ISM paradigm Scientific Reports AI Secure software coding Cybersecurity risks and practices Systematic literature review Empirical survey Case study |
| title | AI-driven cybersecurity framework for software development based on the ANN-ISM paradigm |
| title_full | AI-driven cybersecurity framework for software development based on the ANN-ISM paradigm |
| title_fullStr | AI-driven cybersecurity framework for software development based on the ANN-ISM paradigm |
| title_full_unstemmed | AI-driven cybersecurity framework for software development based on the ANN-ISM paradigm |
| title_short | AI-driven cybersecurity framework for software development based on the ANN-ISM paradigm |
| title_sort | ai driven cybersecurity framework for software development based on the ann ism paradigm |
| topic | AI Secure software coding Cybersecurity risks and practices Systematic literature review Empirical survey Case study |
| url | https://doi.org/10.1038/s41598-025-97204-y |
| work_keys_str_mv | AT habibullahkhan aidrivencybersecurityframeworkforsoftwaredevelopmentbasedontheannismparadigm AT rafiqahmadkhan aidrivencybersecurityframeworkforsoftwaredevelopmentbasedontheannismparadigm AT hathalsalwageed aidrivencybersecurityframeworkforsoftwaredevelopmentbasedontheannismparadigm AT alaaomranalmagrabi aidrivencybersecurityframeworkforsoftwaredevelopmentbasedontheannismparadigm AT sarraayouni aidrivencybersecurityframeworkforsoftwaredevelopmentbasedontheannismparadigm AT mohamedmaddeh aidrivencybersecurityframeworkforsoftwaredevelopmentbasedontheannismparadigm |