An Evolutionary Framework for Intelligent Cyber Defense: From Deep Learning to Autonomous Response

The exponential growth of network complexity and the escalating sophistication of cyber threats have rendered conventional, static intrusion detection systems inadequate for secur ing modern, heterogeneous network environments. This dissertation addresses this critical challenge through a comprehensive, evolutionary framework that systematically advances in trusion detection capabilities across five progressive research thrusts: from foundational model optimization to fully autonomous, collaborative cyber defense. The research commences by establishing high-performance baselines through synergistic deep learning architectures, en hanced by advanced data balancing and hyperparameter optimization techniques, achieving exceptional accuracy on benchmark datasets. Building upon this foundation, the second thrust introduces enhanced Graph Neural Network models that capture complex relational contexts within network traffic, significantly improving the detection of multi-stage and topologically aware attacks. To bridge the gap between model capability and practical deployment con straints, the third research thrust pioneers efficient and adaptive transformer architectures. Novel mechanisms like Multi-scale Attention Fusion (MAF) and lightweight residual designs enable robust temporal pattern recognition while maintaining computational efficiency suit able for real-time inference and continual learning in non-stationary data streams. A pivotal contribution of this work is the development of trustworthy and adaptive systems. The fourth thrust introduces explainable causal frameworks (X-CGNN) that provide human-actionable security intelligence, reducing alert investigation time by 89%. Concurrently, novel continual (DRIFT-CL) and federated (FedATA-APFL) learning paradigms are developed to ensure model longevity and enable privacy-preserving, collaborative defense across organizational boundaries, improving robustness against novel attacks and data heterogeneity. The culmina tion of this evolutionary progression is a paradigm shift from reactive detection to proactive and autonomous defense. The final research thrust develops multi-agent Deep Reinforcement Learning systems and a Cyber Defense Digital Twin. These frameworks implement hierar chical decision-making that autonomously orchestrates strategic defense policies and tactical responses, demonstrating a proven reduction in attack dwell time and effective mitigation of multi-vector threats. This dissertation substantiates that next-generation security for dynamic networks neces sitates systems that are not merely intelligent but are fundamentally explainable, collabo rative, continual, and autonomous. By integrating and advancing multiple artificial intel ligence paradigms into a cohesive research trajectory, this work provides both deployable solu tions for current security challenges and a foundational blueprint for the future of autonomous cybersecurity. The contributions advance the theoretical understanding of AI-driven network defense and pave the way toward resilient, self-adapting network infrastructures capable of enduring evolving cyber threats.