ADVANCING PROACTIVE CYBERSECURITY THROUGH CYBER THREAT INTELLIGENCE MINING: A COMPREHENSIVE REVIEW AND FUTURE DIRECTIONS
DOI:
https://doi.org/10.55640/ijctisn-v02i02-01Keywords:
Cyber Threat Intelligence (CTI), Threat Intelligence Mining, Proactive Cybersecurity, Threat DetectionAbstract
In an era of increasingly sophisticated cyber threats, proactive cybersecurity has become essential for defending digital infrastructures. Cyber Threat Intelligence (CTI) mining plays a pivotal role in anticipating, detecting, and mitigating potential attacks by analyzing structured and unstructured threat data. This paper presents a comprehensive review of existing approaches, tools, and frameworks in CTI mining, highlighting advancements in natural language processing, machine learning, and threat taxonomy extraction. The study categorizes key methodologies used to extract actionable insights from threat reports, dark web sources, social media, and malware analysis. It also identifies current limitations in scalability, real-time analysis, and data reliability. Finally, the paper proposes future research directions to enhance automation, contextual awareness, and integration of CTI into security operations. This review aims to support the development of more intelligent, adaptive, and proactive cybersecurity strategies.
References
“SolarWinds hackers linked to known Russian spying tools, investigators say.” (2022). Accessed: Oct. 10, 2022. [Online]. Available: https://cybernews.com/news/solarwinds-hackers-linked-to-known-russianspying-tools-investigators-say/
McMillan, R. “Definition: Threat intelligence.” Accessed: Nov. 10, 2022. [Online]. Available: https://gartner.com/
Shackleford, D. (2015). Who’s Using Cyberthreat Intelligence and How. SANS Institute, North Bethesda, MD, USA.
Dalziel, H. (2014). How to Define and Build an Effective Cyber Threat Intelligence Capability. Syngress, Waltham, MA, USA.
Fachkha, C., & Debbabi, M. (2015). Darknet as a source of cyber intelligence: Survey, taxonomy, and characterization. IEEE Communications Surveys & Tutorials, 18(2), 1197–1227.
Robertson, J., et al. (2017). Darkweb Cyber Threat Intelligence Mining. Cambridge University Press, Cambridge, U.K.
Tounsi, W., & Rais, H. (2018). A survey on technical threat intelligence in the age of sophisticated cyber attacks. Computers & Security, 72, 212–233.
Wagner, T. D., Mahbub, K., Palomar, E., & Abdallah, A. E. (2019). Cyber threat intelligence sharing: Survey and research directions. Computers & Security, 87, Article 101589.
Abu, M. S., Selamat, S. R., Ariffin, A., & Yusof, R. (2018). Cyber threat intelligence—Issue and challenges. Indonesian Journal of Electrical Engineering and Computer Science, 10(1), 371–379.
Ibrahim, A., Thiruvady, D., Schneider, J.-G., & Abdelrazek, M. (2020). The challenges of leveraging threat intelligence to stop data breaches. Frontiers in Computer Science, 2, Article 36.
Rahman, M. R., Mahdavi-Hezaveh, R., & Williams, L. (2021). What are the attackers doing now? Automating cyber threat intelligence extraction from text on pace with the changing threat landscape: A survey. arXiv preprint arXiv:2109.06808.
Rahman, M. R., Mahdavi-Hezaveh, R., & Williams, L. (2020). A literature review on mining cyberthreat intelligence from unstructured texts. In Proceedings of the IEEE International Conference on Data Mining Workshops (ICDMW), 516–525.
Brown, R., & Stirparo, P. (2022). SANS 2022 Cyber Threat Intelligence Survey. SANS Institute, North Bethesda, MD, USA.
Ramsdale, A., Shiaeles, S., & Kolokotronis, N. (2020). A comparative analysis of cyber-threat intelligence sources, formats and languages. Electronics, 9(5), Article 824.
“What is cyber threat intelligence? 2022 threat intelligence report.” (2022). Accessed: Feb. 13, 2023. [Online]. Available: https://www.crowdstrike.com/cybersecurity-101/threat-intelligence/
Sun, N., Li, C.-T., Chan, H., Islam, M. Z., Islam, M. R., & Armstrong, W. (2022). How do organizations seek cyber assurance? Investigations on the adoption of the common criteria and beyond. IEEE Access, 10, 71749–71763.
Sun, N., Zhang, J., Gao, S., Zhang, L. Y., Camtepe, S., & Xiang, Y. (2020). Data analytics of crowdsourced resources for cybersecurity intelligence. In Proceedings of the 14th International Conference on Network and System Security (NSS), Melbourne, VIC, Australia, 3–21.
“AlienVault open threat intelligence.” (2022).
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Dr. Laura Stein (Author)
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain the copyright of their manuscripts, and all Open Access articles are disseminated under the terms of the Creative Commons Attribution License 4.0 (CC-BY), which licenses unrestricted use, distribution, and reproduction in any medium, provided that the original work is appropriately cited. The use of general descriptive names, trade names, trademarks, and so forth in this publication, even if not specifically identified, does not imply that these names are not protected by the relevant laws and regulations.