AI-Augmented Proactive Cyber-Detection and Mitigation of Cybersecurity Threats in the Banking Sector

Abstract

The digital transformation of the financial services sector, accelerated by the emergence of neobanks and advanced online platforms, has markedly increased its exposure to sophisticated cyberthreats. High-profile incidents, such as coordinated attacks on financial institutions in Iraq, have demonstrated the severe operational, economic, and reputational consequences that can arise from delayed threat detection and inadequate mitigation. Traditional cybersecurity measures, including firewalls, antivirus software, and signature-based intrusion detection systems, remain constrained by their dependence on known attack signatures, thereby leaving financial networks susceptible to zero-day exploits, AI-driven intrusions, and complex multi-vector threats. This study proposes and evaluates a supervised machine learning intrusion detection and prevention model aimed at proactively securing financial networks at a network level. To simulate realistic network conditions and generate representative traffic data, a banking environment was constructed using GNS3. To address class imbalance within the dataset, the Synthetic Minority Oversampling Technique (SMOTE) was employed, thereby improving the detection of minority-class attack instances. Several machine learning algorithms, including Support Vector Machine, Multi-Layer Perceptron Neural Network, and Long Short-Term Memory, were assessed using key performance metrics to determine their effectiveness. The Decision Tree model demonstrated superior performance, achieving an accuracy rate of 99.98%, perfect precision and recall, zero false positives, and only thirteen false negatives. These results underscore its capacity to deliver highly accurate, real-time threat detection while minimising operational disruptions caused by false alarms. Its transparent decision-making process enhances explainability, supports regulatory compliance, and fosters institutional trust, factors that are critical in financial cybersecurity. The findings validate the viability of interpretable, high-performance machine learning models for the real-time detection and mitigation of advanced cyberthreats, including Distributed Denial-of-Service (DDoS) attack patterns. Future research should prioritise scaling the simulation framework to encompass more complex financial network topologies, integrating adaptive online learning capabilities, and incorporating explainable artificial intelligence (XAI) techniques to investigate whether enhanced model interpretability improves threat detection accuracy and analyst response times.