Digital infrastructure is growing at a rapid pace in the United States, and as a result, exposure to advanced cyber threats to critical sectors including healthcare, finance, transportation, energy and government systems is growing. The traditional cybersecurity approaches, including signature-based intrusion detection systems, have become less effective against today's cyber attacks, as they are unable to detect unknown and changing attacks in real time. To overcome these constraints, this research suggests a smart cyber-defense system, which utilizes Artificial Intelligence (AI) and Machine Learning (ML) algorithms in the detection and prevention of cyber attacks in the U.S. digital infrastructure. This study uses the CSE-CIC-IDS2018 dataset, which is a realistic network traffic dataset, along with various cyber attack scenarios, including Distributed Denial of Service (DDoS), brute force attacks, botnets, infiltration attacks, and web-based attacks. A number of machine learning and deep learning models such as Random Forest, XGBoost, Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) networks are implemented and evaluated to be used in identifying malicious network behavior and boosting the accuracy of intrusion detection. The framework proposed combines data preprocessing, feature engineering, real-time traffic monitoring, intelligent threat classification with automated prevention mechanisms to build cybersecurity resilience. E

翻译：美国数字基础设施正快速发展，导致医疗、金融、交通、能源及政府系统等关键领域面临高级网络威胁的风险日益加剧。传统网络安全方法（包括基于签名的入侵检测系统）已难以应对当前网络攻击，因其无法实时检测未知且不断变化的攻击行为。为克服这些局限，本研究提出一种智能网络安全防御系统，利用人工智能（AI）与机器学习（ML）算法检测并预防美国数字基础设施中的网络攻击。研究采用CSE-CIC-IDS2018数据集（一个真实的网络流量数据集），涵盖分布式拒绝服务（DDoS）、暴力破解攻击、僵尸网络、渗透攻击及基于Web的攻击等多样化网络攻击场景。本研究实现并评估了随机森林、XGBoost、卷积神经网络（CNN）及长短期记忆（LSTM）网络等多种机器学习和深度学习模型，用于识别恶意网络行为并提升入侵检测精度。所提出的框架融合数据预处理、特征工程、实时流量监控、智能威胁分类及自动化防御机制，以增强网络安全韧性。