Citation:

Lathakannan Arumugam, 2026. "Autonomous Quarantine Networks: AI-Driven Incident Isolation in Cloud Infrastructure", ESP Journal of Engineering & Technology Advancements  6(1): 186-193.

Abstract:

The advent of cloud computing has posed tremendous platform security concerns due to the distribution, dynamic as well as multi-tenant nature of modern infrastructure. Autonomous Quarantine Networks are artificial intelligence-based frameworks proposed for real-time threat detection and containment in cloud environments. These systems rely on advanced machine learning techniques, behavioral analytics, and automated orchestration to isolate malicious workloads without human intervention. The review discusses the technologies under the hood, architectural designs, experimental analyses, and the new research directions of incident isolation based on AI. The review emphasizes anomaly detection models, quarantine enforcement strategies, latency reduction, and trust based decision-making. The main experimental benchmarks and the industry case studies are examined to evaluate performance on the basis of accuracy, false positive rate, and response time. The review also outlines the research gaps and suggests future research to enhance scalability, adversarial robustness, and integration of autonomous security systems in the cloud across domains.

References:

[1] R. Sadeghi, C. Wachsmann, and M. Waidner, Security and privacy challenges in industrial internet of things. Proc. 52nd Annual Design Automation Conf. 2015, 1–6.

[2] R. Sommer and V. Paxson, Outside the closed world: On using machine learning for network intrusion detection, IEEE Symp. Security and Privacy. 2010, 305–316.

[3] Verizon, Data Breach Investigations Report. Verizon Enterprise. 2022.

[4] Redhat Inc., The State of Kubernetes Security Report. 2021.

[5] V. Chandola, A. Banerjee, and V. Kumar, Anomaly detection: A survey, ACM Comput. Surv. 41(3) (2009) 1–58.

[6] B. Biggio and F. Roli, Wild patterns: Ten years after the rise of adversarial machine learning, Pattern Recognit. 84 (2018) 317-331.

[7] A. Javaid, Q. Niyaz, W. Sun, and M. Alam, Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study, J. Inf. Secur. Appl. 44 (2019) 13–24.

[8] P. Kumar, A. Bhardwaj, and R. Singh, Cloud incident response framework using AI-driven detection and quarantine, Future Gener. Comput. Syst. 110 (2020) 714–728.

[9] H. Hu, Y. Wang, and L. Chen, AutoSec: Automated cloud security using reinforcement learning, IEEE Trans. Cloud Comput. 9(3) (2021) 845–858.

[10] M. Ali, S. Khan, and A. V. Vasilakos, Dynamic isolation of malware in cloud infrastructures using SDN and AI, Comput. Netw. 187 (2021) 107794.

[11] J. Zhang, X. Li, and K. Wang, Intelligent orchestration of quarantine in multi-cloud environments, J. Cloud Comput. 11(1) (2022) 1–15.

[12] R. Shokri, M. Stronati, C. Song, and V. Shmatikov, Enhancing cloud threat intelligence using federated learning, IEEE Trans. Inf. Forensics Secur. 17 (2022) 430–445.

[13] H. Bedi and R. Lemos, Zero-trust and AI for proactive incident containment in cloud systems, ACM Trans. Privacy Secur. 25(4) (2022) 1–27.

[14] R. M. Noor and M. Hassan, Mitigating ransomware in cloud workloads through autonomous quarantine, Comput. Secur. 126 (2023) 102702.

[15] L. Huang, A. D. Joseph, B. Nelson, B. I. Rubinstein, and J. D. Tygar, Adversarial machine learning threats in autonomous cloud defence, IEEE Trans. Dependable Secure Comput. 20(1) (2023) 123–138.

[16] Y. Guo, Z. Sun, and H. Liu, Trust-aware quarantine enforcement in distributed cloud architectures, J. Syst. Softw. 198 (2023) 111536.

[17] P. Bahl, S. Kandula, and J. Padhye, Towards trusted cloud services: Foundations, implications, and challenges, Commun. ACM. 61(4) (2018) 62–71.

[18] A. L. Buczak and E. Guven, A survey of data mining and machine learning methods for cyber security intrusion detection, IEEE Commun. Surv. Tutor. 18(2) (2016) 1153–1176.

[19] W. Yu, F. Liang, X. He, W. G. Hatcher, C. Lu, J. Lin, and X. Yang, A survey on edge computing for the Internet of Things, IEEE Access. 6 (2018) 6900–6919.

[20] J. Kramer and J. Magee, Self-managed systems: An architectural challenge, Future Softw. Eng. (FOSE). 2007, 259–268.

[21] M. Ring, S. Wunderlich, D. Scheuring, D. Landes, and A. Hotho, A survey of network-based intrusion detection data sets, Comput. Secur. 86 (2019) 147–167.

[22] C. Yin, Y. Zhu, J. Fei, and X. He, A deep learning approach for intrusion detection using recurrent neural networks, IEEE Access. 5 (2017) 21954–21961.

[23] Patel, D. G. (2025). Supply Chain Security in Cloud: Implementing Tamper Resistant Image Life Cycle Management. International Journal of Innovative Research in Technology (IJIRT), 12(1), 530–537.

[24] Y. Kim, J. Lee, J. Kim, and S. Park, Secure microservice architecture using AI-driven container network isolation in Kubernetes, J. Netw. Comput. Appl. 176 (2021) 102933.

[25] J. Zhang, Y. Wang, and Q. Han, Real-time anomaly detection and quarantine enforcement in cloud-native environments using SDN and AI, Comput. Commun. 185 (2022) 108–120.

[26] Q. Yang, Y. Liu, T. Chen, and Y. Tong, Federated machine learning: Concept and applications, ACM Trans. Intell. Syst. Technol. 10(2) (2019) 1–19.

[27] R. Shokri and V. Shmatikov, Privacy-preserving deep learning, Proc. 22nd ACM SIGSAC Conf. Comput. Commun. Secur. 2016, 1310–1321.

[28] A. Madry, A. Makelov, L. Schmidt, D. Tsipras, and A. Vladu, Towards deep learning models resistant to adversarial attacks, Int. Conf. Learn. Represent. (ICLR). 2018.

[29] F. Doshi-Velez and B. Kim, Towards a rigorous science of interpretable machine learning, arXiv Preprint. 2017.

[30] W. Ghanem, M. M. Mahmoud, and J. Abawajy, Secure and adaptive multi-agent reinforcement learning-based security framework for cloud computing, J. Parallel Distrib. Comput. 153 (2021) 1–13.

[31] K. Christidis and M. Devetsikiotis, Blockchains and smart contracts for the Internet of Things, IEEE Access. 4 (2016) 2292-2303.

[32] B. Chandrasekaran, T. Benson, and A. Akella, Tolerating SDN application failures with LegoSDN, Proc. USENIX Symp. Networked Syst. Design Implement. (NSDI). 2017, 19–35.

Keywords:

AI-Driven Isolation, Anomaly Detection, Autonomous Quarantine Networks, Cloud Computing, Cloud Security, Machine Learning, SDN, Threat Containment, Trust Scoring, Zero-Trust.