Title: A Rule-Based Expert System for Cybersecurity Threat Detection: Evolution, Applications, and the Hybrid AI Paradigm
Authors: Abdallah Quffa and Samy S. Abu-Naser
Volume: 9
Issue: 8
Pages: 44-62
Publication Date: 2025/08/28
Abstract:
This paper examines the evolution and role of Rule-Based Expert Systems (RBES) in cybersecurity threat detection, highlighting their strengths, limitations, and the growing shift toward hybrid AI approaches. RBES have historically offered clear, rule-driven methods for identifying known threats, but their static nature struggles to keep pace with today's fast-changing cyber landscape-especially against zero-day exploits and advanced persistent threats (APTs). To address these challenges, researchers are increasingly turning to hybrid AI systems that combine symbolic reasoning with machine learning and deep learning. These neuro-symbolic models offer both adaptability and transparency, making them well-suited for high-stakes cybersecurity environments. This study explores the architecture of RBES, compares traditional and hybrid threat detection methods, and presents real-world applications and empirical findings. It also discusses ethical concerns such as bias, accountability, and explainability. Ultimately, the paper argues for the development of intelligent, adaptive, and trustworthy AI systems to strengthen cyber defense in an ever-evolving threat landscape.