Open Access
ADVANCING PROACTIVE CYBERSECURITY THROUGH CYBER THREAT INTELLIGENCE MINING: A COMPREHENSIVE REVIEW AND FUTURE DIRECTIONS
4
School of Computer Science, Carnegie Mellon University, Pittsburgh, PA, USA
Abstract
In an era of increasingly sophisticated cyber threats, proactive cybersecurity has become essential for defending digital infrastructures. Cyber Threat Intelligence (CTI) mining plays a pivotal role in anticipating, detecting, and mitigating potential attacks by analyzing structured and unstructured threat data. This paper presents a comprehensive review of existing approaches, tools, and frameworks in CTI mining, highlighting advancements in natural language processing, machine learning, and threat taxonomy extraction. The study categorizes key methodologies used to extract actionable insights from threat reports, dark web sources, social media, and malware analysis. It also identifies current limitations in scalability, real-time analysis, and data reliability. Finally, the paper proposes future research directions to enhance automation, contextual awareness, and integration of CTI into security operations. This review aims to support the development of more intelligent, adaptive, and proactive cybersecurity strategies.
Keywords
Cyber Threat Intelligence (CTI),
Threat Intelligence Mining,
Proactive Cybersecurity,
Threat Detection
References
“SolarWinds hackers linked to known Russian spying tools, investigators say.” (2022). Accessed: Oct. 10, 2022. [Online]. Available: https://cybernews.com/news/solarwinds-hackers-linked-to-known-russianspying-tools-investigators-say/
McMillan, R. “Definition: Threat intelligence.” Accessed: Nov. 10, 2022. [Online]. Available: https://gartner.com/
Shackleford, D. (2015). Who’s Using Cyberthreat Intelligence and How. SANS Institute, North Bethesda, MD, USA.
Dalziel, H. (2014). How to Define and Build an Effective Cyber Threat Intelligence Capability. Syngress, Waltham, MA, USA.
Fachkha, C., & Debbabi, M. (2015). Darknet as a source of cyber intelligence: Survey, taxonomy, and characterization. IEEE Communications Surveys & Tutorials, 18(2), 1197–1227.
Robertson, J., et al. (2017). Darkweb Cyber Threat Intelligence Mining. Cambridge University Press, Cambridge, U.K.
Tounsi, W., & Rais, H. (2018). A survey on technical threat intelligence in the age of sophisticated cyber attacks. Computers & Security, 72, 212–233.
Wagner, T. D., Mahbub, K., Palomar, E., & Abdallah, A. E. (2019). Cyber threat intelligence sharing: Survey and research directions. Computers & Security, 87, Article 101589.
Abu, M. S., Selamat, S. R., Ariffin, A., & Yusof, R. (2018). Cyber threat intelligence—Issue and challenges. Indonesian Journal of Electrical Engineering and Computer Science, 10(1), 371–379.
Ibrahim, A., Thiruvady, D., Schneider, J.-G., & Abdelrazek, M. (2020). The challenges of leveraging threat intelligence to stop data breaches. Frontiers in Computer Science, 2, Article 36.
Rahman, M. R., Mahdavi-Hezaveh, R., & Williams, L. (2021). What are the attackers doing now? Automating cyber threat intelligence extraction from text on pace with the changing threat landscape: A survey. arXiv preprint arXiv:2109.06808.
Rahman, M. R., Mahdavi-Hezaveh, R., & Williams, L. (2020). A literature review on mining cyberthreat intelligence from unstructured texts. In Proceedings of the IEEE International Conference on Data Mining Workshops (ICDMW), 516–525.
Brown, R., & Stirparo, P. (2022). SANS 2022 Cyber Threat Intelligence Survey. SANS Institute, North Bethesda, MD, USA.
Ramsdale, A., Shiaeles, S., & Kolokotronis, N. (2020). A comparative analysis of cyber-threat intelligence sources, formats and languages. Electronics, 9(5), Article 824.
“What is cyber threat intelligence? 2022 threat intelligence report.” (2022). Accessed: Feb. 13, 2023. [Online]. Available: https://www.crowdstrike.com/cybersecurity-101/threat-intelligence/
Sun, N., Li, C.-T., Chan, H., Islam, M. Z., Islam, M. R., & Armstrong, W. (2022). How do organizations seek cyber assurance? Investigations on the adoption of the common criteria and beyond. IEEE Access, 10, 71749–71763.
Sun, N., Zhang, J., Gao, S., Zhang, L. Y., Camtepe, S., & Xiang, Y. (2020). Data analytics of crowdsourced resources for cybersecurity intelligence. In Proceedings of the 14th International Conference on Network and System Security (NSS), Melbourne, VIC, Australia, 3–21.
“AlienVault open threat intelligence.” (2022).
Similar Articles
- Dr. Dmitry V. Sokolov, Synergizing Generative AI and Explainable Machine Learning in Security Operations Centers: Mitigating Alert Fatigue and Enhancing Analyst Performance , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 10 (2025): Volume 02 Issue 10
- Dr. Thomas Becker, Kevin Brooks, STRENGTHENING CYBER RESILIENCE: A COMPREHENSIVE EVALUATION OF SOCIAL ENGINEERING AWARENESS PROGRAMS , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 1 No. 01 (2024): Volume 01 Issue 01
- Dr. Elena Petrova, Dr. Hassan Al-Mansoori, EVALUATING AND ENHANCING CYBERSECURITY AND RESILIENCE IN HEALTHCARE: A UNIFIED RISK AND COMPLIANCE FRAMEWORK , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 05 (2025): Volume 02 Issue 05
- Dr. Tanvi Das, James D. Walker, A FEDERATED MULTI-MODAL SYSTEM FOR INSIDER THREAT DETECTION IN ENERGY INFRASTRUCTURE USING BIOMETRIC AND CYBER DATA , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 01 (2025): Volume 02 Issue 01
- Dr. Amara Ndlovu, Dr. Faisal Khan, CYBERSECURITY IN VIRTUAL GATHERINGS: RISKS AND REMEDIAL STRATEGIES FOR VIDEO CONFERENCING SOFTWARE , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 04 (2025): Volume 02 Issue 04
- Dr. Jakob R. Neumann, Prof. Leila F. Mahmoud, Securing the Virtual Meeting Space: An Analysis of Cybersecurity Risks and Mitigation Strategies for Video Conferencing Platforms , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 09 (2025): Volume 02 Issue 09
- Prof. Hans-Peter Vogel, Dr. Farah Al-Dabbagh, UNINTENDED CONSEQUENCES AND SPILLOVER EFFECTS IN OFFENSIVE CYBER OPERATIONS: A SYSTEMATIC LITERATURE REVIEW , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 1 No. 01 (2024): Volume 01 Issue 01
- Dr. Wei-Lin Cheng, COLLATERAL EFFECTS AND UNINTENDED REPERCUSSIONS IN OFFENSIVE CYBER OPERATIONS: A SYSTEMATIC LITERATURE REVIEW , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 03 (2025): Volume 02 Issue 03
- Farah Al-Mansouri, THE IMPLICIT LANGUAGE OF CYBERSECURITY: EDUCATIONAL CHALLENGES AND IMPLICATIONS , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 07 (2025): Volume 02 Issue 07
- Dr. Alistair Finch, Navigating the Digital Battlefield: A Systematic Review of Collateral Effects in Offensive Cyber Operations , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 08 (2025): Volume 02 Issue 08
You may also start an advanced similarity search for this article.