A Comprehensive Survey of AI-Driven Cloud Security: Threat Detection, Misconfiguration Analysis, and Autonomous Defense Systems (2024–2025)

Artificial intelligence (AI) is transforming the way cloud systems are secured by making it possible to detect threats earlier, analyze misconfigurations more accurately, and automate defensive actions that once required manual intervention. As cloud environments become larger and more dynamic, traditional security methods struggle to keep pace with constantly changing resources, growing log volumes, and increasingly sophisticated attack techniques. This paper explores how AI can significantly strengthen cloud security, with a focus on anomaly detection, policy analysis, behavior modeling, and automated response systems in AWS environments. To demonstrate these concepts in practice, three AWS-based experiments are conducted: (1) analyzing IAM policies to detect misconfigurations, (2) identifying API misuse using behavioral patterns and sequence modeling, and (3) detecting suspicious activity in CloudTrail logs through machine-learning-based anomaly detection. A mathematical formulation is also introduced to unify risk scoring and anomaly evaluation. Building on these findings, the paper proposes a new AI-driven cloud security framework called AICSM-X. The framework combines policy intelligence, behavioral monitoring, machine learning, and reinforcement-learning-based automated mitigation into a single, real-time defense system. The study concludes by outlining open research challenges, practical considerations for deployment, and future directions for AI-enhanced cloud security—supported by a collection of 38 recent references from cloud computing, cybersecurity, and AI research.