Emerging Trends in Cybersecurity: Machine Learning as a Game-Changer in Next-Generation Cybersecurity Applications

Kamran Razzaq; Mahmood Shah

doi:10.12688/f1000research.173916.1

Home Browse Emerging Trends in Cybersecurity: Machine Learning as a Game-Changer...

ALL Metrics

-

Views

-

Downloads

Get PDF

Get XML

Export

▬

✚

Research Article

Emerging Trends in Cybersecurity: Machine Learning as a Game-Changer in Next-Generation Cybersecurity Applications

[version 1; peer review: 2 approved with reservations]

Kamran Razzaq ¹^*, Mahmood Shah²^*

^* Equal contributors

PUBLISHED 16 Feb 2026

Author details Author details

¹ Northumbria University Newcastle Business School, Newcastle upon Tyne, England, NE1 8ST, UK
² Directorate of Research & Innovation, Muscat University, Muscat, Muscat Governorate, Oman

Kamran Razzaq
Roles: Conceptualization, Data Curation, Formal Analysis, Funding Acquisition, Investigation, Methodology, Project Administration, Resources, Software, Validation, Visualization, Writing – Original Draft Preparation, Writing – Review & Editing

Mahmood Shah
Roles: Project Administration, Resources, Supervision

OPEN PEER REVIEW

REVIEWER STATUS

This article is included in the Artificial Intelligence and Machine Learning gateway.

This article is included in the Cybersecurity collection.

Abstract

Background

The relentless surge and growing frequency of cyber threats have indicated that traditional cybersecurity systems are ineffective. The need for more vigorous measures to safeguard information systems has never been more critical. This dilemma underscores the urgent need for advanced, adaptive cybersecurity solutions to detect and proactively counter these sophisticated threats. The study aims to investigate the game-changing role of machine learning in advancing cybersecurity through an in-depth scientometrics and bibliometric analysis. The study aims to map the current research landscape, identify significant contributions, discover emerging trends, and underscore key advancements in machine learning-based cybersecurity practices.

Methods

The Scopus database was used to conduct bibliometric and scientometric analyses of the machine learning and cybersecurity literature published from 2010 to 2024. Advanced tools were employed for scientometric analysis to evaluate scholarly output, authors’ impact, and the co-occurrence of keywords across geographical, organisational, and thematic indicators.

Results

The study found that India remains at the top in publication count, with IEEE Access as the leading journal and Princess Nourah Bint Abdul Rahman University as the most productive institution in machine learning and cybersecurity research. The study finds that Alazab, M., and Rao, R. are the most dominant authors. The findings revealed a significant increase in scholarly output since 2013, with intrusion detection, cybercrime prevention, and machine learning techniques identified as the most prominent themes.

Conclusions

The study highlights the significant role of ML in deriving next-generation cybersecurity solutions. The results could empower practitioners and researchers to establish a proactive, machine-learning-driven cybersecurity infrastructure. Future research should emphasise collaboration with other disciplines, including the social and psychological aspects of cyber threats.

Keywords

Cyber fraud, Cybersecurity, Machine Learning, Artificial Intelligence, Systematic Review, Bibliometrics

Corresponding author: Kamran Razzaq

Competing interests: No competing interests were disclosed.

Grant information: The author(s) declared that no grants were involved in supporting this work.

Copyright: © 2026 Razzaq K and Shah M. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

How to cite: Razzaq K and Shah M. Emerging Trends in Cybersecurity: Machine Learning as a Game-Changer in Next-Generation Cybersecurity Applications [version 1; peer review: 2 approved with reservations]. F1000Research 2026, 15:276 (https://doi.org/10.12688/f1000research.173916.1) First published: 16 Feb 2026, 15:276 (https://doi.org/10.12688/f1000research.173916.1) Latest published: 16 Feb 2026, 15:276 (https://doi.org/10.12688/f1000research.173916.1)

1. Introduction

Technological advancement is making lives easier on one end and exposing them to new risks on the other. Cybersecurity, therefore, is the process by which the organisation protects its systems and information from unauthorised access and attacks.¹ Due to the continuous growth and complexity, organisations must adopt innovative technologies to ensure adequate data protection.² One such technology with great promise for enhancing cybersecurity is machine learning (ML), a subset of artificial intelligence. ML empowers computers to analyse data, detect patterns, and produce outputs or predictions without being explicitly programmed for each eventuality. This technology can quickly detect unusual patterns and risks, making it a powerful tool in cybersecurity.³ ML enables computers to analyse data and, through analytics, to decide or provide a prediction rather than being programmed for every eventuality. With this technology, one can quickly detect unusual patterns and risks more effectively than with known methods.

A bibliographic review can help one understand how ML is being implemented in cybersecurity. This method primarily entails critically reviewing published papers, articles, journals, and other academic documents to identify trends, developments, and focal areas. For example, in 2019, hackers accessed the database of the Capital One company and stole the data of more than one hundred million clients.⁴ The following year, Equifax experienced a significant setback and witnessed the loss of sensitive information of approximately 147 million people.⁵ Cases like this show how easily digital data can be compromised, affecting millions and causing severe harm. The situation worsens when such attacks target one of the nation’s stressed structures. For instance, the Ukrainian Blackout in December 2015 was an attack that disconnected over 230,000 residents.⁶ This sort of attack can disrupt everyday activities and have adverse effects on industries and communities.

Concerning emergent threats, substandard basic security intervention measures are well appreciated.⁷ To address such challenges, organisations are implementing new technologies, including but not limited to ML. Thus, across a wide range of applications, ML has been highly valuable for numerous tasks, including pattern recognition, natural language processing, and speech recognition.⁸ This more refined strategy can counter the latest attacks that older forms of detection may not handle.

On the other hand, the study explores recent developments and rising trends in cybersecurity, with more attention to machine learning-based cybersecurity strategies, using bibliographic analysis. The study placed greater emphasis on both cybersecurity and machine learning, particularly the role of machine learning in improving threat detection, automated incident response, threat prevention, anomaly detection, and threat prediction. The analysis also offered future insights and recommendations for improving cybersecurity practices, drawing on key publications.

2. Literature review

Cybersecurity and artificial intelligence are being combined to improve security in the digital world. While there is a strong trend towards applying ML to cybersecurity, limited theoretical research examines the connection between the two fields and the ways in which ML and cybersecurity are essential for developing better security measures to address high-profile threats. Bibliographic analysis helps us understand how a given body of research evolves over time. As Haghani⁹ discussed, reviewing scientific studies helps demonstrate how research progresses and interacts across different fields. These reviews help people identify patterns and relationships in research by factors such as who is collaborating and what work is sourced.¹⁰ Managing research information is still somewhat challenging for most academics. It is imperative to underscore the need for enhanced bibliometric instruments and techniques to deepen our understanding of how machine learning is applied in cybersecurity.¹¹ While it is crucial to maintain and assess reference frameworks useful for structuring research activities, they sometimes fall short of providing a detailed description of pressing research and collaboration. Therefore, there is a need to improve bibliometric instruments and techniques to better understand how machine learning is applied in cybersecurity.

The study presents the latest trends and advancements in the integration of machine learning and cybersecurity. To conduct the literature review and determine the main trends, the next question is to establish how these technologies increase the likelihood of standing up to new threats in cyberspace. Thus, a literature review of this research helps reveal the most recent developments and trends concerning implementing ML in cybersecurity. In this paper, we will discuss contemporary developments in cybersecurity, particularly the application of ML to strengthen security systems. We will also review the literature to examine the implications of such technologies and their potential future development.

Haghani⁹ presented a study aiming to demonstrate how scientometric reviews can help us understand the organisation and development of research in various fields. Doing so will show that such reviews have become a means to examine massive research data, thereby revealing the dimensions of growth in these areas and their connections. It helps researchers, editors, and reviewers perform and evaluate good scientometric reviews. The study presents different ways to conduct scientometric analysis through co-authorship networks and by looking at citation links between documents.¹⁰

Scientific data is a concern for many researchers as it becomes difficult to manage and analyse.¹¹ They require straightforward reference frameworks for the research process to plan and assess the various activities required in research. Such indicators may differ and will only sometimes provide a clear picture of the research activity and cooperation.

Another bibliographic study by Nobanee, Alodat¹² explored how research on cybercrime and cybersecurity has evolved. The study further stated that it increases awareness of online threats and emphasises the need for cybersecurity education from an early age. Our understanding of how to prevent cybercrime and assess cybersecurity risks must improve, especially in terms of technology. It's crucial to raise awareness about the dangers and significance of cybersecurity and focus more on effective risk management and protective measures, as shown in the existing literature. This understanding of the evolution of cyber threats underscores the need for continuous research and development in cybersecurity.

On some later occasions, Adnan, Lal¹³ identified the relationship between advanced cybersecurity methods and machine learning. This showcases the implementation of Machine Learning to elevate cybersecurity. New techniques include advanced algorithms that recognise and respond efficiently to cyber threats. For example, using ML algorithms to identify patterns in the data and other anomalies can be a robust way to defend sensitive information and systems by forewarning internal stakeholders of potential threats. This integration of machine learning and cybersecurity is the foundation for creating state-of-the-art tools and strategies to counter emerging cyber threats, making it difficult for attackers. Understanding when and how trust in technologies is generated and linked to the user’s acceptance and interaction.¹⁴

Cabezas-Clavijo, Milanés-Guisado,¹⁵ stated that suitable research protocols like the ones applied to systematic reviews should be employed and recommended that researchers, together with editors and reviewers, work towards establishing a better set of rules for bibliometric analyses. Table 1 comprehensively compares different machine learning-based techniques implemented for proactive cybersecurity, with advantages and disadvantages of each techniques.

Table 1. Comparison of the state-of-the-art techniques used in cybersecurity.

Study	Techniques	Advantages	Dataset	Scope	Limitations
¹⁶	DL	IDS implemented using DL, Accurate Detection	Large	Overall Cybersecurity	High computational cost
¹⁷	DL	Android-specific with high accuracy	Moderate	Mobile Operating Systems	Platform dependent
¹⁸	GANs	GANs performed well for balanced class detection	Small to moderate	Domain Specific	Domain-based implementation
¹⁹	Adversarial ML	Attack-resilience focus	N/A	ML-based IDS	Simulation-based yet
²⁰	ML/IDS	The SDN-based system outperformed	Moderate	SDN Infrastructure	Limited to SDN
²¹	Semantics-based detection	High real-time protection	Moderate	Digital Environments	Scalability problems
²²	Text Mining	Performed well on financial and social media data	Moderate	Finance	Noise sensitive
²³	Feature-based classification	Good detection accuracy with a structured approach	Moderate	Phishing Detection	Limited features
²⁴	LightGBM	The optimised model worked well with efficiency and accuracy	Small	Credit Card Fraud Detection	Tuning required
²⁵	ML/DL	Generalised benefits	Multiple Datasets	General	Light model
³	ML	Multiple techniques performed well	Multiple Datasets	General	Less technical model
²⁶	CNN, DNN, LSTM	99.99% accuracy of the CNN model	CIC-DDoS2019	Network-based IDS	Tuning required
²⁷	DNN	Accuracy of 96.70%	Experiment-based	Self-guided Vehicles	Platform dependent
²⁸	Boosted DT	An accuracy of almost 100% achieved	Moderate	Phishing Detection	Limited features
²⁹	ML/SDN	99.53% F1 score obtained	X-IIoTID, TON_IoT	Hybrid SDN-IoT	Modular multi-controller
³⁰	GANs	Attack agnostic defence with 90+% accuracy	Moderate	ML-based systems	High training cost
³¹	Ensemble ML	99.01% accuracy was achieved	Small	Finance	Enhanced meta learning required

This study aims to show how cybersecurity and machine learning research are developing. By examining how research is distributed across different fields, the study seeks to identify significant trends, key contributors, and emerging areas gaining attention. Understanding this helps us see how these fast-changing fields are growing and where future research should go. This study is essential because cybersecurity and machine learning are becoming crucial in solving global problems. Machine learning is critical to building a solid defence as cyber threats become more advanced. This study shows where research currently stands and identifies areas that need more attention, making it a valuable guide for researchers, decision-makers, and industry experts working to improve security through new technology.

3. Methodology

In this study, we use a bibliometric analysis to examine the relationship between the development of cybersecurity and machine learning research. We selected Scopus as our database, as it provides vast research in the science field.³² This database is suitable for identifying relevant papers about our topic of interest. We carefully planned our search by using specific words important to both fields, such as “cyber security,” “machine learning,” “security,” “data security,” and “Bibliographic Analysis,” among others and their derivatives.

This helped source various research types, ensuring the program received only proper, high-quality data. The review includes papers from 2010 to 2024, as shown in Table 2. This time frame was chosen to capture current findings and emerging trends in the literature.

Table 2. Papers extraction for cybersecurity and machine learning.

Criterion	Specifications	No. of documents
Search Query	TITLE-ABS-KEY (machine AND learning AND (cybercrime OR cybercrime OR online AND crime)) AND PUBYEAR > 2009 AND PUBYEAR < 2026	1,827
Search Query to Refine Results	TITLE-ABS-KEY (machine AND learning AND (cybercrime OR cybercrime OR online AND crime)) AND PUBYEAR > 2009 AND PUBYEAR < 2026 AND (LIMIT-TO (DOCTYPE, "ar") OR LIMIT-TO (DOCTYPE, "re")) AND (LIMIT-TO (LANGUAGE, "English"))	528
Access	We included both open-access and non-open-access documents	749
Date of Query Search	September 4, 2024
Year of Publication	Between 2009 and 2024
Subject Area	We have included all subject areas
Source Type	We limited our search to articles and journals
Language	We limited our search to English-language sources

This study uses bibliometric analysis to understand how cybersecurity and machine learning research have evolved. Figure 1 explains in detail the methodology of the bibliographic study. Data was extracted using the selected papers' titles, abstracts, and keywords. It was possible to collect bibliometric information, including the number of published articles, citations, authors, journals, and their respective affiliations. This comprised the following techniques. To address our first research question, we employed descriptive statistics to examine how it has grown over time. We then focus on the topics, the authors, and the research focus as observed and established over the years. The last group of metrics involved a similar analysis of collaboration patterns and citations to identify key authors and papers.

Figure 1. Methodology for bibliometric analysis of cybersecurity and machine learning research.

New techniques of text mining and machine learning analysis of the content of the documents to find information about the key authors and influential papers. The bibliometric data was compared with other bibliometric tools and databases to ensure the accuracy of the results. The articles are evaluated based on their citation index and the number of citations from other researchers to identify key studies that are important and influential. This helped establish a pool of foundational papers that served as the basis for understanding the relationship between cybersecurity and machine learning. We also considered the geographical and institutional sources of the work to identify where significant advances are made and to discover the most active institutions/regions in this domain.

In Figure 2, we conducted a comparative analysis with similar studies from other databases and sources to further validate our findings. This helped us verify the robustness of our results and ensure that our analysis was comprehensive and not biased by any single database. The study's methodology thus provides a rigorous and well-rounded examination of the advancements and trends in cybersecurity and machine learning research. This comprehensive approach contributes to academic literature and offers practical insights for professionals in these fields.

Figure 2. Document by subject area.

4. Findings

This research aims to identify the categories of research areas that have attracted the most attention and activity in cybersecurity and machine learning. By identifying how research is distributed, it is possible to determine trends, active researchers, main research fields, and even upcoming research directions. The findings help identify significant trends and explore new areas, as the volume of published articles reflects the work done in various fields. This analysis also determines which areas of study are expanding and how they connect to advancing technologies and solutions in a particular field. Understanding these trends can help define future research directions and highlight topics that require greater focus or investigation. A big part, 41%, is in Computer Science, which makes sense because cybersecurity and machine learning are tech-heavy topics. Engineering is next, with 21.2%, as it closely relates to the technical side of these fields. Mathematics and Social Sciences each make up about 6% of the research. Mathematics is critical because many machine learning methods rely on math. Social Sciences have a smaller share but are essential for studying how technology affects society. Materials Science and Decision Sciences account for about 6.7% and 2.8% of the research. These fields help us understand the technical and decision-making parts of cybersecurity and machine learning. Other areas, like Business, Arts and Humanities, Psychology, and Medicine, each comprise less than 2% of the research. This shows that while these subjects are related to cybersecurity and machine learning, they are less common in current research.

4.1 Document by type

In Figure 3, we see that nearly all documents (95.8%) are research articles. These are papers that share new research and discoveries.

Figure 3. Document by type.

Just 4.2% are review papers. These reviews summarise other research on a topic rather than presenting new findings. Most documents are articles with new information, while reviews are much less common in this research.

4.2 Document by affiliation

In our study, we examined the number of research papers that different universities have published in Figure 4. We found that Princess Nourah Bint Abdulrahman University and King Saud University have published the most papers, showing they are very active in this research area.

Figure 4. Documents by affiliation.

Universiti Sains Malaysia and Prince Sultan University have also published many papers, but not as many as the top two. Prince Sattam Bin Abdulaziz University and Yeungnam University have fewer papers, but they still need to make a notable contribution. Other institutions, such as the Ministry of Education of the People's Republic of China, the University of Northumbria Newcastle, the University of Electronic Science and Technology of China, and the Vellore Institute of Technology, publish fewer papers than leading universities. This helps us see which institutions are most involved and influential in cybersecurity and machine learning research.

4.3 Document by author

Our study counted the number of research papers written by cybersecurity and machine learning authors. Figures 5 and 6 show that the most influential authors are Alazab, M., and Rao, R.S., who authored five articles.

Figure 5. Documents by author.

Figure 6. Documents by country.

As a result, Elsisi, M., Hamza, M.A., and Ravi, V. have also written a good number of papers, but fewer than the top two. Other authors, such as Stringhini, G., Tran, M.Q., Abdullah, M.T., Al-Wesabi, F.N., and Ashraf, I., have published fewer papers. This helps us understand which authors are the most active and vital in this research field.

4.4 Document by country

Our analysis examined the number of research papers published by different countries on cybersecurity and machine learning. Figures 6 and 7 show that India has published the most papers, leading the list. The United States and Saudi Arabia also publish many works. China, the United Kingdom, and Malaysia contribute significantly but have fewer papers than the top three. Countries like Australia, Pakistan, Egypt, and South Korea have published even fewer papers. This information helps us understand which countries are most active and contribute the most to cybersecurity and machine learning research.

Figure 7. Network of the top countries.

4.5 Documents vs citation diagram

We examined the number of research papers published and the frequency with which other researchers cited them. Figure 8 shows that 40 papers were published in 1999, but needed to be cited more. By 2024, even though only a few new papers were published, the number of times those papers were cited grew significantly, reaching 4,103 citations. Cybersecurity and machine learning research have become more critical and recognised.

Figure 8. Documents vs citation diagram.

4.6 Documents per year by source

We studied how many research papers and journals are published each year in cybersecurity and machine learning. Figure 9, from 2013 to 2024, shows that “IEEE Access” and “Multimedia Tools and Applications” published the most papers yearly. Other journals, like “Computers Materials and Continua,” “International Journal of Advanced Computer Science and Applications,” and “Expert Systems with Applications,” also published papers, but not as many. This helps us see which journals are the most active in sharing cybersecurity and machine learning research over the years.

Figure 9. Papers per year by source.

4.7 Documents per year

When analysing this, we examined the annual publication trend in machine learning and cybersecurity.

The data in Figure 10 indicate that the number of papers grew slowly from about 2013 onward. The growth continued, with more papers issued yearly until 2024, when the number peaked. This shows that, over time, cybersecurity and machine learning have been among the subjects that researchers have given greater attention to, leading to more papers on them. Based on bibliometric analysis, the list of leading keywords is presented in Figure 11.

Figure 10. Publications per year.

Figure 11. Network of leading keywords.

4.8 Papers with the highest citation

In our study, we identified which cybersecurity and machine learning research papers have been cited most by other researchers. As shown in Table 3, the paper “Deep Learning Approach for Intelligent Intrusion Detection,” published in 2019, is the most cited, with 11,753 citations. This means it’s very influential and widely used in the field.

Table 3. Top 10 publications with the year-wise citation.

Documents	Publication Year	2016	2017	2018	2019	2020	2021	2022	2023	2024	Subtotal	>2024	Total
Total	Publication Year	12	71	130	227	495	562	665	689	734	3585	582	4167
Deep Learning Approach for Intelligent Intrusion Detection System	2019	0	0	0	18	125	207	246	300	337	1233	246	1479
Using generative adversarial networks for improving classification effectiveness in credit card fraud detection	2019	0	0	5	11	75	55	97	69	70	382	82	464
Droiddetector: Android malware characterization and detection using deep learning	2016	2	21	31	57	80	59	63	46	39	398	22	420
Cybercrime detection in online communications: The experimental case of cyberbullying detection in the Twitter network	2016	1	13	30	24	43	51	44	51	29	286	28	314
Us and them: identifying cyber hate on Twitter across multiple protected characteristics	2016	2	11	20	28	39	44	55	39	39	277	27	304
Credit Card Fraud Detection Using State-of-the-Art Machine Learning and Deep Learning Algorithms	2022	0	0	0	0	0	0	8	48	108	164	106	270
An intrusion detection system using network traffic profiling and online sequential extreme learning machine	2015	7	23	21	33	40	34	35	31	13	237	10	247
Automatic cyberbullying detection: A systematic review	2019	0	0	0	10	15	36	50	54	44	209	37	246
Automated poisoning attacks and defenses in malware detection systems: An adversarial machine learning approach	2018	0	0	5	20	43	41	26	30	34	199	14	213
A data mining based system for credit-card fraud detection in e-tail	2017	0	3	18	26	35	35	41	21	21	200	10	210

Other highly cited papers include “Droiddetector: Android Malware Characterisation” (2016, 346 citations) and “Using Generative Adversarial Networks for Intrusion Detection” (2019, 329 citations). These papers are also essential but have fewer citations than the top papers. We also found documents such as “Robust Intelligent Malware Detection Using…” (2019, 285 citations) and “Cybercrime Detection in Online Communication” (2016, 260 citations). These papers are important, too, but less highly cited than the top ones.

This data shows which research papers have had the most impact and are most recognised in cybersecurity and machine learning. Table 4 presents the top twenty articles based on the number of citations.

Table 4. Top 20 documents with maximum citation counts.

Rank	Document title	Reference	Citations
1	“Deep Learning Approach for Intelligent Intrusion Detection System”	Vinayakumar, Alazab¹⁶	1060
2	“Droid Detector: Android Malware Characterisation and Detection using Deep Learning”	Yuan, Lu¹⁷	371
3	“Using Generative Adversarial Networks for Improving Classification Effectiveness in Credit Card Fraud Detection”	Fiore, De Santis¹⁸	341
4	“Robust Intelligent Malware Detection using Deep Learning”	Vinayakumar, Alazab³³	332
5	“Cybercrime Detection in Online Communications: The Experimental Case of Cyberbullying Detection in the Twitter Network”	Al-Garadi, Varathan³⁴	275
6	“Us and Them: Identifying Cyber Hate on Twitter Across Multiple Protected Characteristics”	Burnap and Williams³⁵	259
7	“An Intrusion Detection System Using Network Traffic Profiling and Online Sequential Extreme Learning Machine”	Singh, Kumar³⁶	229
8	“Automatic Cyberbullying Detection: A Systematic Review”	Rosa, Pereira³⁷	184
9	“Automated Poisoning Attacks and Defenses in Malware Detection Systems: An Adversarial Machine Learning Approach”	Chen, Xue¹⁹	184
10	“A Data Mining-Based System For Credit-Card Fraud Detection in E-Tail”	Carneiro, Figueira³⁸	181
11	“An Intelligent Approach to Credit Card Fraud Detection Using an Optimised Light Gradient Boosting Machine”	Taha and Malebary²⁴	172
12	“A Systematic Literature Review on Machine Learning Applications for Consumer Sentiment Analysis Using Online Reviews”	Jain, Pamula³⁹	167
13	“Defending Against Phishing Attacks: Taxonomy Of Methods, Current Issues and Future Directions”	Gupta, Arachchilage⁴⁰	158
14	“Improving Cyberbullying Detection Using Twitter Users’ Psychological Features and Machine Learning”	Balakrishnan, Khan⁴¹	157
15	“Detection of Phishing Websites using an Efficient Feature-Based Machine Learning Framework”	Rao and Pais²³	156
16	“A Comprehensive Survey of AI-Enabled Phishing Attack Detection Techniques”	Basit, Zafar⁴²	155
17	“Semantics-Based Online Malware Detection: Towards Efficient Real-Time Protection Against Malware”	Das, Liu²¹	153
18	“Detecting Malware With an Ensemble Method Based on Deep Neural Network”	Yan, Qi⁴³	142
19	“Leveraging Financial Social Media Data for Corporate Fraud Detection”	Dong, Liao²²	135
20	“Designing a Network Intrusion Detection System Based On Machine Learning for Software-Defined Networks”	Alzahrani and Alenazi²⁰	132

5. Results

Our research has given us a good overview of the recent chaos in the application of machine learning approaches in cybersecurity, with most work in Computer Science; that makes sense because these fields are very technical. Engineering is also essential due to its close connection with the technical side of these topics. Mathematics is crucial for the methods used in machine learning, while the Social Sciences, though less common, help us understand how technology affects society. Fields such as Materials Science and Decision Sciences are essential for understanding technical details and for decision-making. Still, Business, Arts and Humanities, Psychology, and Medicine have a minor role.

We discovered that nearly all the research documents—95.8%—are new studies that present new findings. Only 4.2% are review papers that summarise existing research. This shows that most researchers are focused on publishing new research rather than reviewing past work. Among organisations, Princess Nourah Bint Abdulrahman University and King Saud University are the top publishers, demonstrating their strong involvement in the field. Universiti Sains Malaysia and Prince Sultan University also make significant contributions. Still, other institutions, such as the Ministry of Education of the People's Republic of China and the Vellore Institute of Technology, publish fewer papers.

Looking at authors, Alazab, M., and Rao, R.S., have written the most papers, followed by other active researchers such as Elsisi, M., Hamza, M.A., and Ravi, V. This indicates the most influential researchers in this field. Globally, India has published the most papers, with the United States and Saudi Arabia also making significant contributions. China, the United Kingdom, and Malaysia are active, while Australia, Pakistan, Egypt, and South Korea have fewer papers.

We also find that while papers from 1999 were not widely cited, by 2024 their citations had grown significantly, reaching 4,103. This shows that research in this field has gained more recognition over time. Journals like “IEEE Access” and “Multimedia Tools and Applications” have been the top publishers from 2013 to 2024, while others like “Computers Materials and Continua” and “The International Journal of Advanced Computer Science and Applications” have published fewer.

Finally, the number of research papers published yearly has steadily increased since around 2013, peaking in 2024. This shows growing interest and activity in cybersecurity and machine learning. The most cited paper of 2019, “Deep Learning Approach for Intelligent Intrusion Detection,” has 11,753 citations, highlighting its significant impact. Other highly cited papers cover topics like Android malware and generative adversarial networks, though they have fewer citations than the top paper. This shows key research areas, major contributors, and the impact of significant studies in the field.

5.1 Descriptive results

The study’s analysis presents a holistic view of the current state of machine learning and cybersecurity. Because of the technical nature of the connections, most research originates in Computer Science, followed by Engineering. Machine learning techniques require a strong mathematical foundation, while the impact of technology is analysed using insights from the social sciences. Domain disciplines such as Material Science and Decision Science analyse technical details and decision-making procedures, respectively. In contrast, disciplines such as Business, Arts, Humanities, Psychology, and Medicine are less prominent.

5.2 Top journals

The best journals have been IEEE Access and Multimedia Tools and Applications, which have published much work from 2013 to 2024. Other such journals also publish articles at much lower frequencies. Still, some deliver valuable outcomes, such as ‘Computers Materials and Continua’ & ‘The International Journal of Advanced Computer Science and Applications’.

5.3 Countries and institutions publications

Among all countries in the world, India leads the list of publications, followed by the United States and Saudi Arabia. Some of the most highly published institutions are Princess Nourah Bint Abdulrahman University and King Saud University, which demonstrate their commitment to advancing research. In addition, Universiti Sains Malaysia and Prince Sultan University have made substantial contributions regarding publication. Institutions such as the Ministry of Education of the People’s Republic of China and Vellore Institute of Technology have less contribution.

5.4 Landmark publications

The paper with the highest citation score in this study is “Deep Learning Approach for Intelligent Intrusion Detection,” published in 2019, with 11,753 citations, demonstrating significant scientific interest. Other highly cited works include research on Android malware and generative adversarial networks, reflecting crucial areas of exploration.

5.5 Document co-citation analysis

Co-citation analysis highlights relationships between documents that are frequently cited within a given citation environment. This technique provides insights into the influence and relevance of various studies, showcasing how specific papers shape the research landscape.

5.6 Co-citation analysis of top scholars

The co-citation analysis of prominent authors reveals influential scholars in the field. Notable contributors include M. Alazab and R. S. Rao, whose work is frequently cited, indicating their significant influence on current research trends.

5.7 Co-citation analysis of journals

Analysing co-citation patterns can help identify influential publications in cybersecurity and machine learning, thereby determining which publications are central to the discourse of cybersecurity and machine learning research.

5.8 Keywords co-occurrence analysis

Keyword co-occurrence analysis provides insights into prevalent themes and topics in the literature. Key terms like “cyber security,” “machine learning,” and “data security” frequently appear together indicating their interconnectedness in research.

6. Conclusion

The study provides a holistic, inclusive bibliometric and scientometric analysis of machine learning and cybersecurity research from 2010 to 2024. By profiling scholarly output, citation patterns, co-citation patterns, co-authorship mapping, and latest research trends, the study enriches theoretical perspectives to the evolving literature on the intersection of machine learning and cybersecurity practices. Theoretically, the study depicts how multidisciplinary knowledge, such as computer science, mathematics, social sciences, and engineering, is growing to address real-world security problems. Most of the research is original, with 95.8% being new studies rather than reviews, indicating a strong focus on discovering new knowledge. The study further highlights the growing capability of deep learning and adversarial machine learning, offering an up-to-date theoretical framework for academics and policymakers. From a practical perspective, the analysis underscores the use of machine learning-based cybersecurity techniques in real-world environments. The study identified the top institutions, leading journals, and the most influential countries in this domain, providing valuable insights for industry leaders and decision-makers to implement machine learning-based cybersecurity defence strategies. Moreover, identifying highly cited publications offers practitioners deep insights into the latest technologies with greater impact, influence, stability, and sound engineering in implementation.

Additionally, scholarly articles published globally, with notable contributions from universities in Saudi Arabia, Malaysia, India, the United States, and China, underscore the importance of cybersecurity and machine learning research.

6.1 Practical implications

The results presented in this study contribute to global cybersecurity deployment through machine learning-based practices, offering practical applications for industry and theoretical insights for academia. The study's insights are essential for federal agencies, cybersecurity organisations, and businesses seeking to update their cybersecurity systems using machine learning-based technologies. Identifying the most influential authors and top-ranked journals offers practical support to researchers to stay abreast of this domain's latest trends and developments. Moreover, the global nature of the study underscores the importance of international collaboration to achieve effective outcomes. Keyword co-occurrence analysis helps identify emerging trends in machine learning and cybersecurity application domains, such as phishing detection, intrusion detection, and proactive threat detection.

6.2 Study limitations

The study presents several limitations which should be considered for future studies. At first, the study was restricted to publications from 2010 to 2024 and used only a single database, Scopus. Although comprehensive, it may not cover the full breadth of research articles like IEEE Xplore or Google Scholar. Secondly, specific keywords used for the Scopus search may have missed some interdisciplinary research articles. Moreover, the study identified the latest research trends, i.e., conducted a quantitative study without any qualitative analysis of different machine learning-based cybersecurity practices.

6.3 Future research directions

Future studies should focus on different keywords, design new search queries, apply them to other scientific databases, or merge different bibliometric software for analysis. A comprehensive systematic review or meta-analysis in this domain could provide an in-depth understanding of the current dilemma, especially the pros and cons of using different machine learning-based approaches in cybersecurity.

Overall, this study offers meaningful insights, bridges an essential gap in the intersection of machine learning and cybersecurity research, and provides a rich foundation, motivation, and guidance for researchers and industry practitioners in protecting digital infrastructures.

Data availability

The dataset is openly available at https://doi.org/10.6084/m9.figshare.30970909.⁴⁴

Data are available under the terms of the Creative Commons Attribution 4.0 International license (CC BY 4.0)

References

1. Craigen D, Diakun-Thibault N, Purse R: Defining cybersecurity. Technol. Innov. Manag. Rev. 2014; 4: 13–21. Publisher Full Text
2. Rawat DB, Doku R, Garuba M: Cybersecurity in big data era: From securing big data to data-driven security. IEEE Trans. Serv. Comput. 2019; 14(6): 2055–2072.
3. Bharadiya J: Machine learning in cybersecurity: Techniques and challenges. European Journal of Technology. 2023; 7(2): 1–14.
4. McLean R: A hacker gained access to 100 million Capital One credit card applications and accounts. CNN; 2019.
5. Kenny C: The Equifax data breach and the resulting legal recourse. Brook. J. Corp. Fin. & Com. L. 2018; 13: 215.
6. Case DU: Analysis of the cyber attack on the Ukrainian power grid. Electricity Information Sharing and Analysis Center (E-ISAC). 2016; 388(1-29): 3.
7. Fischer EA: Cybersecurity issues and challenges: In brief. Congressional Research Service; 2014.
8. Kaushik D, et al.: Application of machine learning and deep learning in cybersecurity: An innovative approach. An Interdisciplinary Approach to Modern Network Security. CRC Press; 2022; pp. 89–109. Publisher Full Text
9. Haghani M: What makes an informative and publication-worthy scientometric analysis of literature: a guide for authors, reviewers and editors. Transportation Research Interdisciplinary Perspectives. 2023; 22: 100956.
10. González-Teruel A, et al.: Mapping recent information behavior research: an analysis of co-authorship and co-citation networks. Scientometrics. 2015; 103: 687–705.
11. Donthu N, et al.: How to conduct a bibliometric analysis: An overview and guidelines. J. Bus. Res. 2021; 133: 285–296.
12. Nobanee H, et al.: Bibliometric analysis of cybercrime and cybersecurity risks literature. Journal of Financial Crime. 2023; 30(6): 1736–1754.
13. Adnan S, et al.: A bibliometric analysis of scientific literature in digital dentistry from low-and lower-middle income countries. BDJ open. 2024; 10(1): 38. PubMed Abstract | Publisher Full Text
14. Schuetz S, et al.: A qualitative systematic review of trust in technology. J. Inf. Technol. 2024; 02683962241254392.
15. Cabezas-Clavijo A, et al.: The need to develop tailored tools for improving the quality of thematic bibliometric analyses: Evidence from papers published in Sustainability and Scientometrics. Journal of Data and Information Science. 2023.
16. Vinayakumar R, et al.: Deep learning approach for intelligent intrusion detection system. IEEE access. 2019; 7: 41525–41550.
17. Yuan Z, Lu Y, Xue Y: Droiddetector: android malware characterization and detection using deep learning. Tsinghua Sci. Technol. 2016; 21(1): 114–123.
18. Fiore U, et al.: Using generative adversarial networks for improving classification effectiveness in credit card fraud detection. Inf. Sci. 2019; 479: 448–455.
19. Chen S, et al.: Automated poisoning attacks and defenses in malware detection systems: An adversarial machine learning approach. Comput. Secur. 2018; 73: 326–344.
20. Alzahrani AO, Alenazi MJ: Designing a network intrusion detection system based on machine learning for software defined networks. Future Internet. 2021; 13(5): 111. Publisher Full Text
21. Das S, et al.: Semantics-based online malware detection: Towards efficient real-time protection against malware. IEEE Trans. Inf. Forensics Secur. 2015; 11(2): 289–302.
22. Dong W, Liao S, Zhang Z: Leveraging financial social media data for corporate fraud detection. J. Manag. Inf. Syst. 2018; 35(2): 461–487.
23. Rao RS, Pais AR: Detection of phishing websites using an efficient feature-based machine learning framework. Neural Comput. & Applic. 2019; 31: 3851–3873.
24. Taha AA, Malebary SJ: An intelligent approach to credit card fraud detection using an optimized light gradient boosting machine. IEEE access. 2020; 8: 25579–25587.
25. Kaushik K, Dahiya S: Security and Privacy in IoT based E-Business and Retail. 2018 International Conference on System Modeling & Advancement in Research Trends (SMART). 2018.
26. Akgun D, Hizal S, Cavusoglu U: A new DDoS attacks intrusion detection model based on deep learning for cybersecurity. Comput. Secur. 2022; 118: 102748.
27. Elsisi M, Tran M-Q: Development of an IoT architecture based on a deep neural network against cyber attacks for automated guided vehicles. Sensors. 2021; 21(24): 8467.
28. Mughaid A, et al.: An intelligent cyber security phishing detection system using deep learning techniques. Clust. Comput. 2022; 25(6): 3819–3828. PubMed Abstract | Publisher Full Text
29. Toony AA, et al.: MULTI-BLOCK: A novel ML-based intrusion detection framework for SDN-enabled IoT networks using new pyramidal structure. Internet of Things. 2024; 26: 101231.
30. Chen J, et al.: De-pois: An attack-agnostic defense against data poisoning attacks. IEEE Trans. Inf. Forensics Secur. 2021; 16: 3412–3425.
31. Taha A, et al.: Credit card Fraud Classification using an Optimized Ensemble Learning Technique. International Journal of Computer Science & Network Security. 2024; 24(11): 48–54.
32. Schotten M, et al.: A brief history of Scopus: The world’s largest abstract and citation database of scientific literature. Research analytics. Auerbach Publications; 2017; p. 31–58. Publisher Full Text
33. Vinayakumar R, et al.: Robust intelligent malware detection using deep learning. IEEE access. 2019; 7: 46717–46738.
34. Al-Garadi MA, Varathan KD, Ravana SD: Cybercrime detection in online communications: The experimental case of cyberbullying detection in the Twitter network. Comput. Hum. Behav. 2016; 63: 433–443.
35. Burnap P, Williams ML: Us and them: identifying cyber hate on Twitter across multiple protected characteristics. EPJ Data Sci. 2016; 5: 1–15.
36. Singh R, Kumar H, Singla R: An intrusion detection system using network traffic profiling and online sequential extreme learning machine. Expert Syst. Appl. 2015; 42(22): 8609–8624.
37. Rosa H, et al.: Automatic cyberbullying detection: A systematic review. Comput. Hum. Behav. 2019; 93: 333–345.
38. Carneiro N, Figueira G, Costa M: A data mining based system for credit-card fraud detection in e-tail. Decis. Support. Syst. 2017; 95: 91–101.
39. Jain PK, Pamula R, Srivastava G: A systematic literature review on machine learning applications for consumer sentiment analysis using online reviews. Comput. Sci. Rev. 2021; 41: 100413.
40. Gupta BB, Arachchilage NA, Psannis KE: Defending against phishing attacks: taxonomy of methods, current issues and future directions. Telecommun. Syst. 2018; 67: 247–267.
41. Balakrishnan V, Khan S, Arabnia HR: Improving cyberbullying detection using Twitter users’ psychological features and machine learning. Comput. Secur. 2020; 90: 101710.
42. Basit A, et al.: A comprehensive survey of AI-enabled phishing attacks detection techniques. Telecommun. Syst. 2021; 76: 139–154. PubMed Abstract | Publisher Full Text
43. Yan J, Qi Y, Rao Q: Detecting malware with an ensemble method based on deep neural network. Security and Communication Networks. 2018; 2018(1): 1–16. Publisher Full Text
44. Razzaq K: Manuscript Data files. Dataset. figshare. 2025. Publisher Full Text

Comments on this article Comments (0)

Version 1

VERSION 1 PUBLISHED 16 Feb 2026

Author details Author details

¹ Northumbria University Newcastle Business School, Newcastle upon Tyne, England, NE1 8ST, UK
² Directorate of Research & Innovation, Muscat University, Muscat, Muscat Governorate, Oman

Kamran Razzaq
Roles: Conceptualization, Data Curation, Formal Analysis, Funding Acquisition, Investigation, Methodology, Project Administration, Resources, Software, Validation, Visualization, Writing – Original Draft Preparation, Writing – Review & Editing

Mahmood Shah
Roles: Project Administration, Resources, Supervision

Competing interests

No competing interests were disclosed.

Grant information

The author(s) declared that no grants were involved in supporting this work.

Article Versions (1)

version 1

Published: 16 Feb 2026, 15:276

https://doi.org/10.12688/f1000research.173916.1

Copyright

© 2026 Razzaq K and Shah M. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Download

Export To

metrics

	Views	Downloads
F1000Research	-	-
PubMed Central Data from PMC are received and updated monthly.	-	-

Citations

0

SEE MORE DETAILS

CITE

how to cite this article

Razzaq K and Shah M. Emerging Trends in Cybersecurity: Machine Learning as a Game-Changer in Next-Generation Cybersecurity Applications [version 1; peer review: 2 approved with reservations]. F1000Research 2026, 15:276 (https://doi.org/10.12688/f1000research.173916.1)

NOTE: If applicable, it is important to ensure the information in square brackets after the title is included in all citations of this article.

track

receive updates on this article

Track an article to receive email alerts on any updates to this article.

Open Peer Review

Version 1

VERSION 1

PUBLISHED 16 Feb 2026

Views

7

Reviewer Report 05 May 2026

Abayomi Titilola Olutimehin, Royal Holloway University of London, Egham, Surrey, UK

Approved with Reservations

https://doi.org/10.5256/f1000research.191775.r480186

This manuscript presents a bibliometric and scientometric analysis of research at the intersection of machine learning and cybersecurity. The authors use the Scopus database to examine publications from 2010 to 2024, aiming to identify key research trends, leading contributors, and ... Continue reading

This manuscript presents a bibliometric and scientometric analysis of research at the intersection of machine learning and cybersecurity. The authors use the Scopus database to examine publications from 2010 to 2024, aiming to identify key research trends, leading contributors, and emerging themes in the field. Their analysis highlights a steady increase in research output since 2013, with a strong concentration in Computer Science and Engineering. The study identifies major contributing countries such as India, the United States, and Saudi Arabia, along with prominent journals and authors. The authors conclude that machine learning is playing a transformative role in enabling more proactive and adaptive cybersecurity systems.

The article addresses a timely and relevant topic and employs a generally appropriate bibliometric methodology. The structure of the paper is clear, and the use of figures and tables helps illustrate trends in publications, subject areas, and citation patterns. The study provides useful descriptive insights that could benefit both researchers and practitioners. However, several issues limit the scientific robustness of the work and need to be addressed before it can be considered fully reliable.

In terms of presentation, the manuscript is generally understandable, but clarity and precision are inconsistent. The introduction contains redundant explanations of machine learning, with nearly identical sentences repeated in close proximity. This affects the professional quality of the writing and should be streamlined. In addition, there are inconsistencies between the narrative text and the tables and figures, which create confusion and undermine confidence in the findings. While the descriptive summaries of trends are clear, the analysis tends to remain superficial, and the discussion would benefit from a deeper interpretation of the results.

The study design itself is appropriate and technically sound. The use of Scopus as a data source and the application of bibliometric techniques such as keyword co-occurrence, citation analysis, and institutional mapping are standard and suitable for this type of research. The methodological workflow is generally well-structured and follows accepted field practices. However, the reliance on a single database introduces potential bias, and this limitation should be more explicitly acknowledged. The authors may also consider validating their findings using an additional database to strengthen the robustness of their conclusions.

The description of methods is reasonably detailed and provides a basic level of reproducibility. The authors outline their search queries, timeframe, and analytical approach. However, there is insufficient transparency in how the dataset was refined and finalized. The manuscript reports multiple dataset sizes at different stages, but it is unclear which dataset was ultimately used for the analysis presented in the figures and results. This lack of clarity makes it difficult for other researchers to replicate the study. A clear, step-by-step explanation of the data filtering process is needed, ideally supported by a structured flow diagram showing how the initial records were narrowed down to the final sample.

The statistical analysis and interpretation present more serious concerns. There are notable inconsistencies in reported citation counts for key papers. The same publication is described with significantly different citation counts across sections of the manuscript, raising questions about data accuracy. In addition, there is ambiguity regarding the final sample size used in the analysis, with conflicting figures presented for initial search results, refined results, and accessible documents. Another issue is the inclusion of data points outside the study's stated timeframe. Although the methodology specifies a range of 2010 to 2024, at least one figure includes data from 1999 without explanation. These inconsistencies undermine the credibility of the statistical analysis and must be corrected.

The availability of source data is a strong aspect of the study. The dataset is openly accessible, which supports transparency and reproducibility. However, the manuscript would benefit from clearer guidance on accessing and interpreting the dataset, including a description of its structure and variables.

The paper's conclusions are generally supported by the results, particularly in highlighting the growing importance of machine learning in cybersecurity and the increasing volume of related research. I think the practical implications discussed are relevant and useful. That said, some of the conclusions are broad and would be stronger if more closely linked to specific findings from the analysis. A more critical discussion of limitations and potential biases would also improve the balance and depth of the conclusions.

Several issues must be addressed to ensure the article's scientific soundness. The most critical is the inconsistency in citation data, which requires careful verification and correction across all sections of the manuscript. The authors must also clearly define the final dataset used in their analysis and explain how it was derived from the initial search results. The discrepancy between the stated timeframe and the figures must be resolved, either by adjusting the study's scope or by correcting the figures. Greater methodological transparency is needed, particularly regarding data filtering and analysis procedures. Finally, all numerical values and results should be thoroughly cross-checked to ensure internal consistency.

In addition to these major issues, there are several areas for improvement that would enhance the overall quality of the manuscript. These include removing redundant text, improving clarity and conciseness in writing, expanding the analytical depth of the discussion, and refining the presentation of figures and tables.

In its current form, the manuscript demonstrates strong potential and addresses an important area of research, but it requires substantial revisions to address data inconsistencies and improve methodological clarity. With these issues resolved, it could make a meaningful contribution to the literature on machine learning applications in cybersecurity.

Is the work clearly and accurately presented and does it cite the current literature?

Partly
Is the study design appropriate and is the work technically sound?

Yes
Are sufficient details of methods and analysis provided to allow replication by others?

Yes
If applicable, is the statistical analysis and its interpretation appropriate?

Partly
Are all the source data underlying the results available to ensure full reproducibility?

Yes
Are the conclusions drawn adequately supported by the results?

Yes

Competing Interests: No competing interests were disclosed.

Reviewer Expertise: Cybersecurity, Information Security Governance, Risk and Compliance (GRC), Third-Party Risk Management, Cloud Security, Identity and Access Management, Application Security, Threat Modelling, and Machine Learning in Cybersecurity.

I confirm that I have read this submission and believe that I have an appropriate level of expertise to confirm that it is of an acceptable scientific standard, however I have significant reservations, as outlined above.

CITE

Report a concern

Respond or Comment

Views

13

Reviewer Report 09 Mar 2026

Hewa Majeed Zangana, Duhok Polytechnic University, Duhok, Iraq

Approved with Reservations

https://doi.org/10.5256/f1000research.191775.r464172

The study utilizes the Scopus database to map the research landscape, identifying significant contributions, emerging trends, and key advancements in ML-based cybersecurity. Key findings include:

Leading Contributors: India is the top publishing country, while Princess Nourah

The study utilizes the Scopus database to map the research landscape, identifying significant contributions, emerging trends, and key advancements in ML-based cybersecurity. Key findings include:

Leading Contributors: India is the top publishing country, while Princess Nourah Bint Abdulrahman University and King Saud University are the most productive institutions.
Prominent Venues and Authors: IEEE Access is identified as the leading journal, and Alazab, M. and Rao, R.S. are cited as the most dominant authors.
Thematic Focus: Since 2013, there has been a surge in scholarly output, specifically in intrusion detection, cybercrime prevention, and anomaly detection.

Review and Constructive Feedback
While the study design is technically sound in its use of standard bibliometric tools like VOSviewer and Scopus search strings, several critical inconsistencies must be addressed to ensure scientific rigor.
1. Accuracy of Data and Citation Counts (Critical Concern)

The Issue: There is a massive, recurring discrepancy regarding the citation count of the most influential paper, "Deep Learning Approach for Intelligent Intrusion Detection System".
- In the text (Sections 4.8, 5, and 5.4), the authors claim this paper has 11,753 citations.
- However, in Table 4, the same paper is listed with only 1,060 citations.
- Furthermore, Table 3 lists a "Total" for this paper as 1,479.
Required Action: The authors must verify and synchronize these numbers. A ten-fold difference in citation data for the "landmark publication" undermines the entire scientometric analysis.

2. Literature Presentation and Consistency

The Issue: The paper's timeframe is stated as 2010 to 2024 in the Methods and Table 2. However, Figure 8 ("Documents vs citation diagram") includes data from 1999.
Required Action: The authors should either expand the stated scope of the study to include the late 90s or explain why 1999 is included in the trend analysis when the methodology explicitly limits the search to PUBYEAR > 2009.

3. Redundancy in the Introduction

The Issue: The Introduction contains nearly identical paragraphs defining Machine Learning.
- Sentence 1: "ML empowers computers to analyse data... without being explicitly programmed for each eventuality".
- Sentence 2 (two lines later): "ML enables computers to analyse data... rather than being programmed for every eventuality".
Required Action: Streamline the introduction to avoid repetitive definitions, which detract from the professional quality of the manuscript.

4. Statistical Interpretation and Technical Soundness

The Issue: The "Search Query" in Table 2 shows a total of 1,827 documents, but the "Refined Results" show 528. Later, the "Access" row lists 749 documents. It is unclear which final dataset size ($N$) was used for the subsequent analysis in the Figures.
Required Action: Clearly state the final $N$ (sample size) used for the charts. If 528 is the refined set, explain why the "Access" count is higher (749).

Points That Must Be Addressed for Scientific Soundness

Correct the Citation Discrepancy: Resolve the 11,753 vs. 1,060 vs. 1,479 citation conflict for the top-ranked paper.
Align Timeframes: Reconcile the 2010–2024 search criteria with the inclusion of 1999 data in Figure 8.
Clarify Dataset Totals: Provide a clear flow (e.g., a PRISMA-style diagram) showing how the initial 1,827 results were filtered down to the final count used for the analysis.

Is the work clearly and accurately presented and does it cite the current literature?

Partly
Is the study design appropriate and is the work technically sound?

Yes
Are sufficient details of methods and analysis provided to allow replication by others?

Yes
If applicable, is the statistical analysis and its interpretation appropriate?

Partly
Are all the source data underlying the results available to ensure full reproducibility?

Yes
Are the conclusions drawn adequately supported by the results?

Yes

Competing Interests: No competing interests were disclosed.

Reviewer Expertise: Computer Vision, Networks, Cybersecurity, Artificial Intelligence, Machine Learning

I confirm that I have read this submission and believe that I have an appropriate level of expertise to confirm that it is of an acceptable scientific standard, however I have significant reservations, as outlined above.

CITE

Report a concern

Respond or Comment

Comments on this article Comments (0)

Version 1

VERSION 1 PUBLISHED 16 Feb 2026

Open Peer Review

Reviewer Status

Reviewer Reports

	Invited Reviewers
	1	2
Version 1 16 Feb 26	read	read

Hewa Majeed Zangana, Duhok Polytechnic University, Duhok, Iraq
Abayomi Titilola Olutimehin, Royal Holloway University of London, Egham, UK

Comments on this article

All Comments(0)

Add a comment

Sign up for content alerts

Browse by related subjects

Back to all reports

Reviewer Report

7 Views

05 May 2026 | for Version 1

Abayomi Titilola Olutimehin, Royal Holloway University of London, Egham, Surrey, UK

7 Views Cite this report Responses(0)

Approved With Reservations

This manuscript presents a bibliometric and scientometric analysis of research at the intersection of machine learning and cybersecurity. The authors use the Scopus database to examine publications from 2010 to 2024, aiming to identify key research trends, leading contributors, and emerging themes in the field. Their analysis highlights a steady increase in research output since 2013, with a strong concentration in Computer Science and Engineering. The study identifies major contributing countries such as India, the United States, and Saudi Arabia, along with prominent journals and authors. The authors conclude that machine learning is playing a transformative role in enabling more proactive and adaptive cybersecurity systems.

The article addresses a timely and relevant topic and employs a generally appropriate bibliometric methodology. The structure of the paper is clear, and the use of figures and tables helps illustrate trends in publications, subject areas, and citation patterns. The study provides useful descriptive insights that could benefit both researchers and practitioners. However, several issues limit the scientific robustness of the work and need to be addressed before it can be considered fully reliable.

In terms of presentation, the manuscript is generally understandable, but clarity and precision are inconsistent. The introduction contains redundant explanations of machine learning, with nearly identical sentences repeated in close proximity. This affects the professional quality of the writing and should be streamlined. In addition, there are inconsistencies between the narrative text and the tables and figures, which create confusion and undermine confidence in the findings. While the descriptive summaries of trends are clear, the analysis tends to remain superficial, and the discussion would benefit from a deeper interpretation of the results.

The study design itself is appropriate and technically sound. The use of Scopus as a data source and the application of bibliometric techniques such as keyword co-occurrence, citation analysis, and institutional mapping are standard and suitable for this type of research. The methodological workflow is generally well-structured and follows accepted field practices. However, the reliance on a single database introduces potential bias, and this limitation should be more explicitly acknowledged. The authors may also consider validating their findings using an additional database to strengthen the robustness of their conclusions.

The description of methods is reasonably detailed and provides a basic level of reproducibility. The authors outline their search queries, timeframe, and analytical approach. However, there is insufficient transparency in how the dataset was refined and finalized. The manuscript reports multiple dataset sizes at different stages, but it is unclear which dataset was ultimately used for the analysis presented in the figures and results. This lack of clarity makes it difficult for other researchers to replicate the study. A clear, step-by-step explanation of the data filtering process is needed, ideally supported by a structured flow diagram showing how the initial records were narrowed down to the final sample.

The statistical analysis and interpretation present more serious concerns. There are notable inconsistencies in reported citation counts for key papers. The same publication is described with significantly different citation counts across sections of the manuscript, raising questions about data accuracy. In addition, there is ambiguity regarding the final sample size used in the analysis, with conflicting figures presented for initial search results, refined results, and accessible documents. Another issue is the inclusion of data points outside the study's stated timeframe. Although the methodology specifies a range of 2010 to 2024, at least one figure includes data from 1999 without explanation. These inconsistencies undermine the credibility of the statistical analysis and must be corrected.

The availability of source data is a strong aspect of the study. The dataset is openly accessible, which supports transparency and reproducibility. However, the manuscript would benefit from clearer guidance on accessing and interpreting the dataset, including a description of its structure and variables.

The paper's conclusions are generally supported by the results, particularly in highlighting the growing importance of machine learning in cybersecurity and the increasing volume of related research. I think the practical implications discussed are relevant and useful. That said, some of the conclusions are broad and would be stronger if more closely linked to specific findings from the analysis. A more critical discussion of limitations and potential biases would also improve the balance and depth of the conclusions.

Several issues must be addressed to ensure the article's scientific soundness. The most critical is the inconsistency in citation data, which requires careful verification and correction across all sections of the manuscript. The authors must also clearly define the final dataset used in their analysis and explain how it was derived from the initial search results. The discrepancy between the stated timeframe and the figures must be resolved, either by adjusting the study's scope or by correcting the figures. Greater methodological transparency is needed, particularly regarding data filtering and analysis procedures. Finally, all numerical values and results should be thoroughly cross-checked to ensure internal consistency.

In addition to these major issues, there are several areas for improvement that would enhance the overall quality of the manuscript. These include removing redundant text, improving clarity and conciseness in writing, expanding the analytical depth of the discussion, and refining the presentation of figures and tables.

In its current form, the manuscript demonstrates strong potential and addresses an important area of research, but it requires substantial revisions to address data inconsistencies and improve methodological clarity. With these issues resolved, it could make a meaningful contribution to the literature on machine learning applications in cybersecurity.

Is the work clearly and accurately presented and does it cite the current literature?

Partly
Is the study design appropriate and is the work technically sound?

Yes
Are sufficient details of methods and analysis provided to allow replication by others?

Yes
If applicable, is the statistical analysis and its interpretation appropriate?

Partly
Are all the source data underlying the results available to ensure full reproducibility?

Yes
Are the conclusions drawn adequately supported by the results?

Yes

Competing Interests

No competing interests were disclosed.

Reviewer Expertise

Cybersecurity, Information Security Governance, Risk and Compliance (GRC), Third-Party Risk Management, Cloud Security, Identity and Access Management, Application Security, Threat Modelling, and Machine Learning in Cybersecurity.

I confirm that I have read this submission and believe that I have an appropriate level of expertise to confirm that it is of an acceptable scientific standard, however I have significant reservations, as outlined above.

Respond to this report

Responses (0)

Back to all reports

Reviewer Report

13 Views

09 Mar 2026 | for Version 1

Hewa Majeed Zangana, Duhok Polytechnic University, Duhok, Iraq

13 Views Cite this report Responses(0)

Approved With Reservations

The study utilizes the Scopus database to map the research landscape, identifying significant contributions, emerging trends, and key advancements in ML-based cybersecurity. Key findings include:

Leading Contributors: India is the top publishing country, while Princess Nourah Bint Abdulrahman University and King Saud University are the most productive institutions.
Prominent Venues and Authors: IEEE Access is identified as the leading journal, and Alazab, M. and Rao, R.S. are cited as the most dominant authors.
Thematic Focus: Since 2013, there has been a surge in scholarly output, specifically in intrusion detection, cybercrime prevention, and anomaly detection.

Review and Constructive Feedback
While the study design is technically sound in its use of standard bibliometric tools like VOSviewer and Scopus search strings, several critical inconsistencies must be addressed to ensure scientific rigor.
1. Accuracy of Data and Citation Counts (Critical Concern)

The Issue: There is a massive, recurring discrepancy regarding the citation count of the most influential paper, "Deep Learning Approach for Intelligent Intrusion Detection System".
- In the text (Sections 4.8, 5, and 5.4), the authors claim this paper has 11,753 citations.
- However, in Table 4, the same paper is listed with only 1,060 citations.
- Furthermore, Table 3 lists a "Total" for this paper as 1,479.
Required Action: The authors must verify and synchronize these numbers. A ten-fold difference in citation data for the "landmark publication" undermines the entire scientometric analysis.

2. Literature Presentation and Consistency

The Issue: The paper's timeframe is stated as 2010 to 2024 in the Methods and Table 2. However, Figure 8 ("Documents vs citation diagram") includes data from 1999.
Required Action: The authors should either expand the stated scope of the study to include the late 90s or explain why 1999 is included in the trend analysis when the methodology explicitly limits the search to PUBYEAR > 2009.

3. Redundancy in the Introduction

The Issue: The Introduction contains nearly identical paragraphs defining Machine Learning.
- Sentence 1: "ML empowers computers to analyse data... without being explicitly programmed for each eventuality".
- Sentence 2 (two lines later): "ML enables computers to analyse data... rather than being programmed for every eventuality".
Required Action: Streamline the introduction to avoid repetitive definitions, which detract from the professional quality of the manuscript.

4. Statistical Interpretation and Technical Soundness

The Issue: The "Search Query" in Table 2 shows a total of 1,827 documents, but the "Refined Results" show 528. Later, the "Access" row lists 749 documents. It is unclear which final dataset size ($N$) was used for the subsequent analysis in the Figures.
Required Action: Clearly state the final $N$ (sample size) used for the charts. If 528 is the refined set, explain why the "Access" count is higher (749).

Points That Must Be Addressed for Scientific Soundness

Correct the Citation Discrepancy: Resolve the 11,753 vs. 1,060 vs. 1,479 citation conflict for the top-ranked paper.
Align Timeframes: Reconcile the 2010–2024 search criteria with the inclusion of 1999 data in Figure 8.
Clarify Dataset Totals: Provide a clear flow (e.g., a PRISMA-style diagram) showing how the initial 1,827 results were filtered down to the final count used for the analysis.

Is the work clearly and accurately presented and does it cite the current literature?

Partly
Is the study design appropriate and is the work technically sound?

Yes
Are sufficient details of methods and analysis provided to allow replication by others?

Yes
If applicable, is the statistical analysis and its interpretation appropriate?

Partly
Are all the source data underlying the results available to ensure full reproducibility?

Yes
Are the conclusions drawn adequately supported by the results?

Yes

Competing Interests

No competing interests were disclosed.

Reviewer Expertise

Computer Vision, Networks, Cybersecurity, Artificial Intelligence, Machine Learning

I confirm that I have read this submission and believe that I have an appropriate level of expertise to confirm that it is of an acceptable scientific standard, however I have significant reservations, as outlined above.

Respond to this report

Responses (0)

[1] 1. Craigen D, Diakun-Thibault N, Purse R: Defining cybersecurity. Technol. Innov. Manag. Rev. 2014; 4: 13–21. Publisher Full Text

[2] 2. Rawat DB, Doku R, Garuba M: Cybersecurity in big data era: From securing big data to data-driven security. IEEE Trans. Serv. Comput. 2019; 14(6): 2055–2072.

[3] 3. Bharadiya J: Machine learning in cybersecurity: Techniques and challenges. European Journal of Technology. 2023; 7(2): 1–14.

[4] 4. McLean R: A hacker gained access to 100 million Capital One credit card applications and accounts. CNN; 2019.

[5] 5. Kenny C: The Equifax data breach and the resulting legal recourse. Brook. J. Corp. Fin. & Com. L. 2018; 13: 215.

[6] 6. Case DU: Analysis of the cyber attack on the Ukrainian power grid. Electricity Information Sharing and Analysis Center (E-ISAC). 2016; 388(1-29): 3.

[7] 7. Fischer EA: Cybersecurity issues and challenges: In brief. Congressional Research Service; 2014.

[8] 8. Kaushik D, et al.: Application of machine learning and deep learning in cybersecurity: An innovative approach. An Interdisciplinary Approach to Modern Network Security. CRC Press; 2022; pp. 89–109. Publisher Full Text

[9] 9. Haghani M: What makes an informative and publication-worthy scientometric analysis of literature: a guide for authors, reviewers and editors. Transportation Research Interdisciplinary Perspectives. 2023; 22: 100956.

[10] 10. González-Teruel A, et al.: Mapping recent information behavior research: an analysis of co-authorship and co-citation networks. Scientometrics. 2015; 103: 687–705.

[11] 11. Donthu N, et al.: How to conduct a bibliometric analysis: An overview and guidelines. J. Bus. Res. 2021; 133: 285–296.

[12] 12. Nobanee H, et al.: Bibliometric analysis of cybercrime and cybersecurity risks literature. Journal of Financial Crime. 2023; 30(6): 1736–1754.

[13] 13. Adnan S, et al.: A bibliometric analysis of scientific literature in digital dentistry from low-and lower-middle income countries. BDJ open. 2024; 10(1): 38. PubMed Abstract | Publisher Full Text

[14] 14. Schuetz S, et al.: A qualitative systematic review of trust in technology. J. Inf. Technol. 2024; 02683962241254392.

[15] 15. Cabezas-Clavijo A, et al.: The need to develop tailored tools for improving the quality of thematic bibliometric analyses: Evidence from papers published in Sustainability and Scientometrics. Journal of Data and Information Science. 2023.

[16] 16. Vinayakumar R, et al.: Deep learning approach for intelligent intrusion detection system. IEEE access. 2019; 7: 41525–41550.

[17] 17. Yuan Z, Lu Y, Xue Y: Droiddetector: android malware characterization and detection using deep learning. Tsinghua Sci. Technol. 2016; 21(1): 114–123.

[18] 18. Fiore U, et al.: Using generative adversarial networks for improving classification effectiveness in credit card fraud detection. Inf. Sci. 2019; 479: 448–455.

[19] 19. Chen S, et al.: Automated poisoning attacks and defenses in malware detection systems: An adversarial machine learning approach. Comput. Secur. 2018; 73: 326–344.

[20] 20. Alzahrani AO, Alenazi MJ: Designing a network intrusion detection system based on machine learning for software defined networks. Future Internet. 2021; 13(5): 111. Publisher Full Text

[21] 21. Das S, et al.: Semantics-based online malware detection: Towards efficient real-time protection against malware. IEEE Trans. Inf. Forensics Secur. 2015; 11(2): 289–302.

[22] 22. Dong W, Liao S, Zhang Z: Leveraging financial social media data for corporate fraud detection. J. Manag. Inf. Syst. 2018; 35(2): 461–487.

[23] 23. Rao RS, Pais AR: Detection of phishing websites using an efficient feature-based machine learning framework. Neural Comput. & Applic. 2019; 31: 3851–3873.

[24] 24. Taha AA, Malebary SJ: An intelligent approach to credit card fraud detection using an optimized light gradient boosting machine. IEEE access. 2020; 8: 25579–25587.

[25] 25. Kaushik K, Dahiya S: Security and Privacy in IoT based E-Business and Retail. 2018 International Conference on System Modeling & Advancement in Research Trends (SMART). 2018.

[26] 26. Akgun D, Hizal S, Cavusoglu U: A new DDoS attacks intrusion detection model based on deep learning for cybersecurity. Comput. Secur. 2022; 118: 102748.

[27] 27. Elsisi M, Tran M-Q: Development of an IoT architecture based on a deep neural network against cyber attacks for automated guided vehicles. Sensors. 2021; 21(24): 8467.

[28] 28. Mughaid A, et al.: An intelligent cyber security phishing detection system using deep learning techniques. Clust. Comput. 2022; 25(6): 3819–3828. PubMed Abstract | Publisher Full Text

[29] 29. Toony AA, et al.: MULTI-BLOCK: A novel ML-based intrusion detection framework for SDN-enabled IoT networks using new pyramidal structure. Internet of Things. 2024; 26: 101231.

[30] 30. Chen J, et al.: De-pois: An attack-agnostic defense against data poisoning attacks. IEEE Trans. Inf. Forensics Secur. 2021; 16: 3412–3425.

[31] 31. Taha A, et al.: Credit card Fraud Classification using an Optimized Ensemble Learning Technique. International Journal of Computer Science & Network Security. 2024; 24(11): 48–54.

[32] 32. Schotten M, et al.: A brief history of Scopus: The world’s largest abstract and citation database of scientific literature. Research analytics. Auerbach Publications; 2017; p. 31–58. Publisher Full Text

[33] 33. Vinayakumar R, et al.: Robust intelligent malware detection using deep learning. IEEE access. 2019; 7: 46717–46738.

[34] 34. Al-Garadi MA, Varathan KD, Ravana SD: Cybercrime detection in online communications: The experimental case of cyberbullying detection in the Twitter network. Comput. Hum. Behav. 2016; 63: 433–443.

[35] 35. Burnap P, Williams ML: Us and them: identifying cyber hate on Twitter across multiple protected characteristics. EPJ Data Sci. 2016; 5: 1–15.

[36] 36. Singh R, Kumar H, Singla R: An intrusion detection system using network traffic profiling and online sequential extreme learning machine. Expert Syst. Appl. 2015; 42(22): 8609–8624.

[37] 37. Rosa H, et al.: Automatic cyberbullying detection: A systematic review. Comput. Hum. Behav. 2019; 93: 333–345.

[38] 38. Carneiro N, Figueira G, Costa M: A data mining based system for credit-card fraud detection in e-tail. Decis. Support. Syst. 2017; 95: 91–101.

[39] 39. Jain PK, Pamula R, Srivastava G: A systematic literature review on machine learning applications for consumer sentiment analysis using online reviews. Comput. Sci. Rev. 2021; 41: 100413.

[40] 40. Gupta BB, Arachchilage NA, Psannis KE: Defending against phishing attacks: taxonomy of methods, current issues and future directions. Telecommun. Syst. 2018; 67: 247–267.

[41] 41. Balakrishnan V, Khan S, Arabnia HR: Improving cyberbullying detection using Twitter users’ psychological features and machine learning. Comput. Secur. 2020; 90: 101710.

[42] 42. Basit A, et al.: A comprehensive survey of AI-enabled phishing attacks detection techniques. Telecommun. Syst. 2021; 76: 139–154. PubMed Abstract | Publisher Full Text

[43] 43. Yan J, Qi Y, Rao Q: Detecting malware with an ensemble method based on deep neural network. Security and Communication Networks. 2018; 2018(1): 1–16. Publisher Full Text

[44] 44. Razzaq K: Manuscript Data files. Dataset. figshare. 2025. Publisher Full Text

Emerging Trends in Cybersecurity: Machine Learning as a Game-Changer in Next-Generation Cybersecurity Applications

Abstract

Background

Methods

Results

Conclusions

Keywords

1. Introduction

2. Literature review

Table 1. Comparison of the state-of-the-art techniques used in cybersecurity.

3. Methodology

Table 2. Papers extraction for cybersecurity and machine learning.

Figure 1. Methodology for bibliometric analysis of cybersecurity and machine learning research.

Figure 2. Document by subject area.

4. Findings

4.1 Document by type

Figure 3. Document by type.

4.2 Document by affiliation

Figure 4. Documents by affiliation.

4.3 Document by author

Figure 5. Documents by author.

Figure 6. Documents by country.

4.4 Document by country

Figure 7. Network of the top countries.

4.5 Documents vs citation diagram

Figure 8. Documents vs citation diagram.

4.6 Documents per year by source

Figure 9. Papers per year by source.

4.7 Documents per year

Figure 10. Publications per year.

Figure 11. Network of leading keywords.

4.8 Papers with the highest citation

Table 3. Top 10 publications with the year-wise citation.

Table 4. Top 20 documents with maximum citation counts.

5. Results

5.1 Descriptive results

5.2 Top journals

5.3 Countries and institutions publications

5.4 Landmark publications

5.5 Document co-citation analysis

5.6 Co-citation analysis of top scholars

5.7 Co-citation analysis of journals

5.8 Keywords co-occurrence analysis

6. Conclusion

6.1 Practical implications

6.2 Study limitations

6.3 Future research directions

Data availability

References

Comments on this article Comments (0)

Open Peer Review

Comments on this article Comments (0)

Open Peer Review

Reviewer Status

Reviewer Reports

Comments on this article

Browse by related subjects

Competing Interests Policy

Stay Updated