Intelligent Dynamic Cybersecurity Risk Management Framework with Explainability and Interpretability of AI models for Enhancing Security and Resilience of Digital Infrastructure

Intelligent Dynamic Cybersecurity Risk Management Framework with Explainability and Interpretability of AI models for Enhancing Security and Resilience of Digital Infrastructure | Research Square window.SnipcartSettings = { analytics: { enabled: false } }; (function() { var accessVector = localStorage.getItem('access_vector') || ''; window.dataLayer = window.dataLayer || []; if (accessVector) { window.dataLayer.push({ user: { profile: { profileInfo: { snid: accessVector } } } }); } })(); (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-K279D39R'); Browse Preprints In Review Journals COVID-19 Preprints AJE Video Bytes Research Tools Research Promotion AJE Professional Editing AJE Rubriq About Preprint Platform In Review Editorial Policies Our Team Advisory Board Help Center Sign In Submit a Preprint Cite Share Download PDF Research Article Intelligent Dynamic Cybersecurity Risk Management Framework with Explainability and Interpretability of AI models for Enhancing Security and Resilience of Digital Infrastructure Shareeful Islam, Nihala Basheer, Stefano Silvestri, Spyridon Papastergiou, and 1 more This is a preprint; it has not been peer reviewed by a journal. https://doi.org/ 10.21203/rs.3.rs-4796809/v1 This work is licensed under a CC BY 4.0 License Status: Published Journal Publication published 09 Jul, 2025 Read the published version in Journal of Reliable Intelligent Environments → Version 1 posted 13 You are reading this latest preprint version Abstract The sophistication of cyberattacks has significantly increased, making it almost certain that organizations can be victims of cyberattacks at any time. Managing cybersecurity risk is critical for any organization so that informed decisions can be made to tackle risks before they materialize. Cybersecurity risk management is context-specific and heavily relies on the specific organization’s context. However, performing effective risk management is always challenging due to the constant changes in organizational infrastructure and security posture, including the adoption of new applications and the reconfiguration or updating of existing assets and their dependencies, as well as the potential exploitation of vulnerabilities. Despite the wider adoption of AI enabled cybersecurity risk management, there is a lack of focus on the integration of these systems along with the dynamic elements of the risk management. In this context, this research proposes a novel dynamic Cyber Security Risk Management (d-CSRM)) framework to tackle this challenge by integrating dynamic parameters such as vulnerability exploitation and assets dependencies for assessing and managing the risk. The framework consists of a systemic process and makes use of a hybrid AI-enabled model that combines both linear regression and deep learning, to prioritize the vulnerabilities. Additionally, d-CSRM integrates the explainability and interpretability characteristics of the AI model for explaining model decision making and the inner working parameters. This allows the extraction of the key features that are linked with the risk and informed decision making to tackle the risks. An experiment was performed to prioritize the vulnerabilities from the widely used CVEjoin dataset using the proposed hybrid model to quantify the dynamic risk with explainability. The results show that the hybrid model effectively identifies and prioritizes the most critical vulnerabilities using the selected key features such as exploit type, exploit platform and impact that can further enhance the dynamic risk assessment. Cybersecurity Risk Assessment Artificial Intelligence Explainability Interpretability Full Text Additional Declarations No competing interests reported. Cite Share Download PDF Status: Published Journal Publication published 09 Jul, 2025 Read the published version in Journal of Reliable Intelligent Environments → Version 1 posted Editorial decision: Revision requested 26 Apr, 2025 Reviews received at journal 08 Apr, 2025 Reviewers agreed at journal 29 Mar, 2025 Reviewers agreed at journal 12 Dec, 2024 Reviewers agreed at journal 12 Dec, 2024 Reviewers agreed at journal 07 Oct, 2024 Reviews received at journal 03 Sep, 2024 Reviewers agreed at journal 01 Sep, 2024 Reviewers agreed at journal 02 Aug, 2024 Reviewers invited by journal 02 Aug, 2024 Editor assigned by journal 27 Jul, 2024 Submission checks completed at journal 25 Jul, 2024 First submitted to journal 24 Jul, 2024 You are reading this latest preprint version Research Square lets you share your work early, gain feedback from the community, and start making changes to your manuscript prior to peer review in a journal. As a division of Research Square Company, we’re committed to making research communication faster, fairer, and more useful. We do this by developing innovative software and high quality services for the global research community. Our growing team is made up of researchers and industry professionals working together to solve the most critical problems facing scientific publishing. Also discoverable on Platform About Our Team In Review Editorial Policies Advisory Board Help Center Resources Author Services Accessibility API Access RSS feed Manage Cookie Preferences © Research Square 2026 | ISSN 2693-5015 (online) Privacy Policy Terms of Service Do Not Sell My Personal Information {"props":{"pageProps":{"initialData":{"identity":"rs-4796809","acceptedTermsAndConditions":true,"allowDirectSubmit":false,"archivedVersions":[],"articleType":"Research Article","associatedPublications":[],"authors":[{"id":341496225,"identity":"6fb97e76-e713-4cad-8930-1eb5607e13b3","order_by":0,"name":"Shareeful Islam","email":"","orcid":"","institution":"Anglia Ruskin University","correspondingAuthor":false,"prefix":"","firstName":"Shareeful","middleName":"","lastName":"Islam","suffix":""},{"id":341496226,"identity":"5ef59fd7-9c16-47bd-8155-1a40ecc9862b","order_by":1,"name":"Nihala Basheer","email":"","orcid":"","institution":"Anglia Ruskin University","correspondingAuthor":false,"prefix":"","firstName":"Nihala","middleName":"","lastName":"Basheer","suffix":""},{"id":341496227,"identity":"ff08e71d-623e-45c1-b5d8-7a476d38996a","order_by":2,"name":"Stefano Silvestri","email":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAAyAQMAAABI0h/eAAAABlBMVEX///8AAABVwtN+AAAACXBIWXMAAA7EAAAOxAGVKw4bAAABIElEQVRIie2RMUvEMBTHXyjEJadrS/XyFVJuOIR+mHbp6urYEHi3eLrq5FdwVHBICdSlH8Jy4KTQ2zyoYO6uHIeGG5wc8hsSyHs/3v8RAI/nn9JtziAoNzc9kuWupF39FMjtViHrTgGUVXuKy9kpMCgQZntlh8LvVVWuHlPgM4Jh1/cXx9FCdqtn4NNYE9P9VkRNczlvChCGYHSH4hzjXEVXb5A8XWfOYIKy6esIDYiAqMmoFILGOQLTkInGvQvHk6X8sgpXVul7q0QVkv6AAjUjaj0FDJELoFYJCQaHpoi6SNQZFszuIts5TmzSXMWnOkweGlLqxhFMmVZ+YDrmN0brz34s+OylXb7rlIsmMN2lI9gA+/kQwvBTHo/H4/kD39ENZ5v3kiiJAAAAAElFTkSuQmCC","orcid":"","institution":"National Research Council","correspondingAuthor":true,"prefix":"","firstName":"Stefano","middleName":"","lastName":"Silvestri","suffix":""},{"id":341496228,"identity":"b6830bf9-65f0-4a26-a2d8-e432d9d45a9e","order_by":3,"name":"Spyridon Papastergiou","email":"","orcid":"","institution":"Maggioli S.p.A.","correspondingAuthor":false,"prefix":"","firstName":"Spyridon","middleName":"","lastName":"Papastergiou","suffix":""},{"id":341496229,"identity":"8bafcf3d-24a9-4f2f-95e4-56e89f8b3858","order_by":4,"name":"Mario Ciampi","email":"","orcid":"","institution":"National Research Council","correspondingAuthor":false,"prefix":"","firstName":"Mario","middleName":"","lastName":"Ciampi","suffix":""}],"badges":[],"createdAt":"2024-07-24 16:17:41","currentVersionCode":1,"declarations":"","doi":"10.21203/rs.3.rs-4796809/v1","doiUrl":"https://doi.org/10.21203/rs.3.rs-4796809/v1","draftVersion":[],"editorialEvents":[{"content":"https://doi.org/10.1007/s40860-025-00253-3","type":"published","date":"2025-07-09T15:57:29+00:00"}],"editorialNote":"","failedWorkflow":false,"files":[{"id":86699490,"identity":"15183553-20cd-48f8-967c-66df6d770482","added_by":"auto","created_at":"2025-07-14 16:10:30","extension":"pdf","order_by":1,"title":"","display":"","copyAsset":false,"role":"manuscript-pdf","size":1056913,"visible":true,"origin":"","legend":"","description":"","filename":"CybersecJournalofIntelligentReliableenvironments.pdf","url":"https://assets-eu.researchsquare.com/files/rs-4796809/v1_covered_a75d2350-fcc6-49d9-a3e5-16b81e6723f7.pdf"}],"financialInterests":"No competing interests reported.","formattedTitle":"Intelligent Dynamic Cybersecurity Risk Management Framework with Explainability and Interpretability of AI models for Enhancing Security and Resilience of Digital Infrastructure","fulltext":[],"fulltextSource":"","fullText":"","funders":[],"hasAdminPriorityOnWorkflow":false,"hasManuscriptDocX":false,"hasOptedInToPreprint":true,"hasPassedJournalQc":"","hasAnyPriority":false,"hideJournal":false,"highlight":"","institution":"","isAcceptedByJournal":true,"isAuthorSuppliedPdf":true,"isDeskRejected":"","isHiddenFromSearch":false,"isInQc":false,"isInWorkflow":false,"isPdf":true,"isPdfUpToDate":true,"isWithdrawnOrRetracted":false,"journal":{"display":true,"email":"[email protected]","identity":"journal-of-reliable-intelligent-environments","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":false,"externalIdentity":"jrie","sideBox":"Learn more about [Journal of Reliable Intelligent Environments](http://link.springer.com/journal/40860)","snPcode":"40860","submissionUrl":"https://submission.nature.com/new-submission/40860/3","title":"Journal of Reliable Intelligent Environments","twitterHandle":"","acdcEnabled":true,"dfaEnabled":true,"editorialSystem":"em","reportingPortfolio":"Springer Hybrid","inReviewEnabled":true,"inReviewRevisionsEnabled":false},"keywords":"Cybersecurity, Risk Assessment, Artificial Intelligence, Explainability, Interpretability","lastPublishedDoi":"10.21203/rs.3.rs-4796809/v1","lastPublishedDoiUrl":"https://doi.org/10.21203/rs.3.rs-4796809/v1","license":{"name":"CC BY 4.0","url":"https://creativecommons.org/licenses/by/4.0/"},"manuscriptAbstract":"The sophistication of cyberattacks has significantly increased, making it almost certain that organizations can be victims of cyberattacks at any time. Managing cybersecurity risk is critical for any organization so that informed decisions can be made to tackle risks before they materialize. Cybersecurity risk management is context-specific and heavily relies on the specific organization’s context. However, performing effective risk management is always challenging due to the constant changes in organizational infrastructure and security posture, including the adoption of new applications and the reconfiguration or updating of existing assets and their dependencies, as well as the potential exploitation of vulnerabilities. Despite the wider adoption of AI enabled cybersecurity risk management, there is a lack of focus on the integration of these systems along with the dynamic elements of the risk management. In this context, this research proposes a novel dynamic Cyber Security Risk Management (d-CSRM)) framework to tackle this challenge by integrating dynamic parameters such as vulnerability exploitation and assets dependencies for assessing and managing the risk. The framework consists of a systemic process and makes use of a hybrid AI-enabled model that combines both linear regression and deep learning, to prioritize the vulnerabilities. Additionally, d-CSRM integrates the explainability and interpretability characteristics of the AI model for explaining model decision making and the inner working parameters. This allows the extraction of the key features that are linked with the risk and informed decision making to tackle the risks. An experiment was performed to prioritize the vulnerabilities from the widely used CVEjoin dataset using the proposed hybrid model to quantify the dynamic risk with explainability. The results show that the hybrid model effectively identifies and prioritizes the most critical vulnerabilities using the selected key features such as exploit type, exploit platform and impact that can further enhance the dynamic risk assessment.","manuscriptTitle":"Intelligent Dynamic Cybersecurity Risk Management Framework with Explainability and Interpretability of AI models for Enhancing Security and Resilience of Digital Infrastructure","msid":"","msnumber":"","nonDraftVersions":[{"code":1,"date":"2024-08-22 05:58:48","doi":"10.21203/rs.3.rs-4796809/v1","editorialEvents":[{"type":"communityComments","content":0},{"type":"decision","content":"Revision requested","date":"2025-04-26T08:56:23+00:00","index":"","fulltext":""},{"type":"editorInvitedReview","content":"","date":"2025-04-09T02:57:55+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"148177491631264540541513593516846388812","date":"2025-03-29T22:22:14+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"145168464286096303952643286619811205011","date":"2024-12-12T18:33:04+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"313163879013442082811826420116839428965","date":"2024-12-12T15:18:15+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"287055581400592885443311369730186509001","date":"2024-10-07T10:05:08+00:00","index":"hide","fulltext":""},{"type":"editorInvitedReview","content":"","date":"2024-09-04T00:04:45+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"99052677489010194882239903410035650701","date":"2024-09-01T16:46:49+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"5332743650439657679552157144882899512","date":"2024-08-02T14:23:41+00:00","index":"hide","fulltext":""},{"type":"reviewersInvited","content":"","date":"2024-08-02T14:17:18+00:00","index":"","fulltext":""},{"type":"editorAssigned","content":"","date":"2024-07-27T14:23:34+00:00","index":"","fulltext":""},{"type":"checksComplete","content":"","date":"2024-07-25T10:25:49+00:00","index":"","fulltext":""},{"type":"submitted","content":"Journal of Reliable Intelligent Environments","date":"2024-07-24T16:16:01+00:00","index":"","fulltext":""}],"status":"published","journal":{"display":true,"email":"[email protected]","identity":"journal-of-reliable-intelligent-environments","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":false,"externalIdentity":"jrie","sideBox":"Learn more about [Journal of Reliable Intelligent Environments](http://link.springer.com/journal/40860)","snPcode":"40860","submissionUrl":"https://submission.nature.com/new-submission/40860/3","title":"Journal of Reliable Intelligent Environments","twitterHandle":"","acdcEnabled":true,"dfaEnabled":true,"editorialSystem":"em","reportingPortfolio":"Springer Hybrid","inReviewEnabled":true,"inReviewRevisionsEnabled":false}}],"origin":"","ownerIdentity":"e28de7c3-951c-4a23-9db1-f7cc76ba5be2","owner":[],"postedDate":"August 22nd, 2024","published":true,"recentEditorialEvents":[],"rejectedJournal":[],"revision":"","amendment":"","status":"published-in-journal","subjectAreas":[],"tags":[],"updatedAt":"2025-07-14T16:05:39+00:00","versionOfRecord":{"articleIdentity":"rs-4796809","link":"https://doi.org/10.1007/s40860-025-00253-3","journal":{"identity":"journal-of-reliable-intelligent-environments","isVorOnly":false,"title":"Journal of Reliable Intelligent Environments"},"publishedOn":"2025-07-09 15:57:29","publishedOnDateReadable":"July 9th, 2025"},"versionCreatedAt":"2024-08-22 05:58:48","video":"","vorDoi":"10.1007/s40860-025-00253-3","vorDoiUrl":"https://doi.org/10.1007/s40860-025-00253-3","workflowStages":[]},"version":"v1","identity":"rs-4796809","journalConfig":"researchsquare"},"__N_SSP":true},"page":"/article/[identity]/[[...version]]","query":{"redirect":"/article/rs-4796809","identity":"rs-4796809","version":["v1"]},"buildId":"qtupq5eGEP_6zYnWcrvyt","isFallback":false,"isExperimentalCompile":false,"dynamicIds":[84888],"gssp":true,"scriptLoader":[]}