Open Access
ADVANCING PROACTIVE CYBERSECURITY THROUGH CYBER THREAT INTELLIGENCE MINING: A COMPREHENSIVE REVIEW AND FUTURE DIRECTIONS
4
School of Computer Science, Carnegie Mellon University, Pittsburgh, PA, USA
Abstract
In an era of increasingly sophisticated cyber threats, proactive cybersecurity has become essential for defending digital infrastructures. Cyber Threat Intelligence (CTI) mining plays a pivotal role in anticipating, detecting, and mitigating potential attacks by analyzing structured and unstructured threat data. This paper presents a comprehensive review of existing approaches, tools, and frameworks in CTI mining, highlighting advancements in natural language processing, machine learning, and threat taxonomy extraction. The study categorizes key methodologies used to extract actionable insights from threat reports, dark web sources, social media, and malware analysis. It also identifies current limitations in scalability, real-time analysis, and data reliability. Finally, the paper proposes future research directions to enhance automation, contextual awareness, and integration of CTI into security operations. This review aims to support the development of more intelligent, adaptive, and proactive cybersecurity strategies.
Keywords
Cyber Threat Intelligence (CTI),
Threat Intelligence Mining,
Proactive Cybersecurity,
Threat Detection
References
“SolarWinds hackers linked to known Russian spying tools, investigators say.” (2022). Accessed: Oct. 10, 2022. [Online]. Available: https://cybernews.com/news/solarwinds-hackers-linked-to-known-russianspying-tools-investigators-say/
McMillan, R. “Definition: Threat intelligence.” Accessed: Nov. 10, 2022. [Online]. Available: https://gartner.com/
Shackleford, D. (2015). Who’s Using Cyberthreat Intelligence and How. SANS Institute, North Bethesda, MD, USA.
Dalziel, H. (2014). How to Define and Build an Effective Cyber Threat Intelligence Capability. Syngress, Waltham, MA, USA.
Fachkha, C., & Debbabi, M. (2015). Darknet as a source of cyber intelligence: Survey, taxonomy, and characterization. IEEE Communications Surveys & Tutorials, 18(2), 1197–1227.
Robertson, J., et al. (2017). Darkweb Cyber Threat Intelligence Mining. Cambridge University Press, Cambridge, U.K.
Tounsi, W., & Rais, H. (2018). A survey on technical threat intelligence in the age of sophisticated cyber attacks. Computers & Security, 72, 212–233.
Wagner, T. D., Mahbub, K., Palomar, E., & Abdallah, A. E. (2019). Cyber threat intelligence sharing: Survey and research directions. Computers & Security, 87, Article 101589.
Abu, M. S., Selamat, S. R., Ariffin, A., & Yusof, R. (2018). Cyber threat intelligence—Issue and challenges. Indonesian Journal of Electrical Engineering and Computer Science, 10(1), 371–379.
Ibrahim, A., Thiruvady, D., Schneider, J.-G., & Abdelrazek, M. (2020). The challenges of leveraging threat intelligence to stop data breaches. Frontiers in Computer Science, 2, Article 36.
Rahman, M. R., Mahdavi-Hezaveh, R., & Williams, L. (2021). What are the attackers doing now? Automating cyber threat intelligence extraction from text on pace with the changing threat landscape: A survey. arXiv preprint arXiv:2109.06808.
Rahman, M. R., Mahdavi-Hezaveh, R., & Williams, L. (2020). A literature review on mining cyberthreat intelligence from unstructured texts. In Proceedings of the IEEE International Conference on Data Mining Workshops (ICDMW), 516–525.
Brown, R., & Stirparo, P. (2022). SANS 2022 Cyber Threat Intelligence Survey. SANS Institute, North Bethesda, MD, USA.
Ramsdale, A., Shiaeles, S., & Kolokotronis, N. (2020). A comparative analysis of cyber-threat intelligence sources, formats and languages. Electronics, 9(5), Article 824.
“What is cyber threat intelligence? 2022 threat intelligence report.” (2022). Accessed: Feb. 13, 2023. [Online]. Available: https://www.crowdstrike.com/cybersecurity-101/threat-intelligence/
Sun, N., Li, C.-T., Chan, H., Islam, M. Z., Islam, M. R., & Armstrong, W. (2022). How do organizations seek cyber assurance? Investigations on the adoption of the common criteria and beyond. IEEE Access, 10, 71749–71763.
Sun, N., Zhang, J., Gao, S., Zhang, L. Y., Camtepe, S., & Xiang, Y. (2020). Data analytics of crowdsourced resources for cybersecurity intelligence. In Proceedings of the 14th International Conference on Network and System Security (NSS), Melbourne, VIC, Australia, 3–21.
“AlienVault open threat intelligence.” (2022).
Similar Articles
- Dr. Arben Kola, Dr. Elira Hoxha, Dr. Gentian Leka, Study of Threat Evaluation and Forecasting Framework for Communication Infrastructure Using Neural Intelligence Techniques , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 3 No. 04 (2026): Volume 03 Issue 04
- Dr. Ahmed Saeed Al-Mansoori, Detection of Malicious Query Attack Weaknesses within Online Software Systems Using Byte-Level Pattern Matching , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 3 No. 04 (2026): Volume 03 Issue 04
- Dr. Marcus Fletcher, Dr. Elena Novak, ASSESSING AND ENSURING CYBERSECURITY AND RESILIENCE IN HEALTHCARE: A RISK AND CONFORMITY FRAMEWORK , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 1 No. 01 (2024): Volume 01 Issue 01
- Dr. Dmitry V. Sokolov, Synergizing Generative AI and Explainable Machine Learning in Security Operations Centers: Mitigating Alert Fatigue and Enhancing Analyst Performance , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 10 (2025): Volume 02 Issue 10
- Dr. Nyra Quellin, Strategic Risk-Based Cybersecurity Governance: Integrating Policy Frameworks, Organizational Controls, and Compliance Mechanisms for Contemporary Information Systems , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 3 No. 01 (2026): Volume 03 Issue 01
- Dr. Marcus A. Rodriguez, A Longitudinal Analysis of Cybersecurity Technology and Innovation: A Technology Mining Approach Using Bibliometric and Patent Analysis , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 3 No. 05 (2026): Volume 03 Issue 05
- Dr. Thomas Becker, Kevin Brooks, STRENGTHENING CYBER RESILIENCE: A COMPREHENSIVE EVALUATION OF SOCIAL ENGINEERING AWARENESS PROGRAMS , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 1 No. 01 (2024): Volume 01 Issue 01
- Dr. Elena Petrova, Dr. Hassan Al-Mansoori, EVALUATING AND ENHANCING CYBERSECURITY AND RESILIENCE IN HEALTHCARE: A UNIFIED RISK AND COMPLIANCE FRAMEWORK , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 05 (2025): Volume 02 Issue 05
- Dr. Tanvi Das, James D. Walker, A FEDERATED MULTI-MODAL SYSTEM FOR INSIDER THREAT DETECTION IN ENERGY INFRASTRUCTURE USING BIOMETRIC AND CYBER DATA , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 01 (2025): Volume 02 Issue 01
- Dr. Elena Marovic, Dr. Sofia Markovic, Cybersecurity Governance and Resilience in Small and Medium-Sized Enterprises: A Socio-Technical, Resource-Based, and Regulatory Framework for Sustainable Digital Competitiveness , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 3 No. 04 (2026): Volume 03 Issue 04
You may also start an advanced similarity search for this article.