Critical infrastructure sectors—including energy, healthcare, and transportation—face escalating multi-source cyber threats (e.g., ransomware, DoS, and APTs) due to increasing interconnectivity. To address this, we propose an autonomous security framework integrating multimodal AI. Our method unifies deep learning–based real-time vulnerability detection, knowledge graph–enabled threat modeling, reinforcement learning–guided adaptive response, and anomaly detection, while supporting adversarial attack identification and compliance-aware policy generation. Unlike conventional point solutions, our work is the first to realize a closed-loop, cross-modal perception–reasoning–decision pipeline that jointly optimizes system integration complexity and dynamic resilience. Experimental evaluation demonstrates a 23.6% improvement in threat identification accuracy and a 68% reduction in average response latency over baseline approaches, significantly enhancing proactive defense capability and recovery resilience for critical infrastructure.

Critical infrastructure systems, including energy grids, healthcare facilities, transportation networks, and water distribution systems, are pivotal to societal stability and economic resilience. However, the increasing interconnectivity of these systems exposes them to various cyber threats, including ransomware, Denial-of-Service (DoS) attacks, and Advanced Persistent Threats (APTs). This paper examines cybersecurity vulnerabilities in critical infrastructure, highlighting the threat landscape, attack vectors, and the role of Artificial Intelligence (AI) in mitigating these risks. We propose a hybrid AI-driven cybersecurity framework to enhance real-time vulnerability detection, threat modelling, and automated remediation. This study also addresses the complexities of adversarial AI, regulatory compliance, and integration. Our findings provide actionable insights to strengthen the security and resilience of critical infrastructure systems against emerging cyber threats.