Authors: Priya Sharma
Abstract: The modern cyber threat landscape has evolved into a high-velocity adversarial environment where automated botnets, polymorphic malware, and AI-driven exploits outpace human cognitive limits. Traditional reactive security models, which rely on manual intervention and static rule-based thresholds, are increasingly inadequate against multi-stage, stealthy campaigns. This review examines the paradigm shift toward Autonomous Cyber Defense Systems (ACDS) powered by Artificial Intelligence (AI) and Machine Learning (ML). Unlike conventional tools, ACDS are designed to operate within the "OODA loop" (Observe, Orient, Decide, Act) at machine speed, performing real-time threat discovery, risk-weighted decision-making, and automated remediation without human oversight. This article categorizes current ACDS methodologies, including Reinforcement Learning (RL) for dynamic policy optimization, Deep Learning (DL) for behavioral anomaly detection, and Graph Neural Networks (GNNs) for mapping lateral movement. We explore the transition from "Security Orchestration" to "Autonomous Orchestration," where the system self-configures its defensive posture based on shifting environmental variables. Furthermore, the review addresses critical challenges, such as the "Black Box" transparency problem, the risk of "automated cascading failures," and the emerging threat of adversarial machine learning. By synthesizing recent academic breakthroughs and industrial case studies, this paper provides a strategic roadmap for achieving "Self-Healing" infrastructures. The findings suggest that while human-in-the-loop models remain necessary for high-level strategic oversight, the tactical frontline of cyber defense must become fully autonomous to ensure resilience against the next generation of automated adversarial competition.
DOI: https://doi.org/10.5281/zenodo.19427289
