EVOLVING PARADIGMS AND FUTURE TRAJECTORIES IN CYBER THREAT INTELLIGENCE
DOI:
https://doi.org/10.55640/ijctisn-v02i06-01Keywords:
Cyber Threat Intelligence (CTI), Evolving Cybersecurity Paradigms, Threat Detection, Predictive IntelligenceAbstract
Cyber Threat Intelligence (CTI) has emerged as a cornerstone of modern cybersecurity, enabling organizations to anticipate, detect, and respond to evolving threats. As the cyber threat landscape becomes increasingly dynamic and complex, CTI paradigms are undergoing significant transformation. This paper explores the evolving paradigms of CTI, tracing its shift from reactive models to predictive and proactive frameworks driven by automation, artificial intelligence, and threat contextualization. Through a comprehensive analysis of current methodologies, tools, and applications, the study identifies key trends such as collaborative intelligence sharing, integration with Security Operations Centers (SOCs), and real-time threat hunting. It also examines the challenges in data quality, standardization, and adversarial deception. Finally, the paper outlines future trajectories for CTI, emphasizing the need for adaptive, interoperable, and intelligence-driven security ecosystems.
References
Aldauiji, F., Batarfi, O., & Bayousif, M. (2022). Utilizing cyber threat hunting techniques to find ransomware attacks: A survey of the state of the art. IEEE Access.
Statista. (2024). Statista-report. Retrieved March 14, 2024, from https://www.statista.com/topics/4136/ransomware/#topicOverview
Lutf, M. (2018). Threat intelligence sharing: a survey. Journal of Applied Science and Computation, 8(11), 1811–1815.
Zrahia, A. (2018). Threat intelligence sharing between cybersecurity vendors: Network, dyadic, and agent views. Journal of Cybersecurity, 4(1), tyy008.
Borges Amaro, L. J., Percilio Azevedo, B. W., Lopes de Mendonca, F. L., Giozza, W. F., Albuquerque, R. D., & García Villalba, L. J. (2022). Methodological framework to collect, process, analyze and visualize cyber threat intelligence data. Applied Sciences, 12(3), 1205.
Gandotra, V., Singhal, A., & Bedi, P. (2012). Threat-oriented security framework: A proactive approach in threat management. Procedia Technology, 4, 487–494.
Dasgupta, D., Akhtar, Z., & Sen, S. (2022). Machine learning in cybersecurity: a comprehensive survey. Journal of Defense Modeling and Simulation, 19(1), 57–106.
de Melo e Silva, A., Costa Gondim, J. J., de Oliveira Albuquerque, R., & García Villalba, L. J. (2020). A methodology to evaluate standards and platforms within cyber threat intelligence. Future Internet, 12(6), 108.
Menges, F., Putz, B., & Pernul, G. (2021). DEALER: Decentralized incentives for threat intelligence reporting and exchange. International Journal of Information Security, 20(5), 741–761.
Pala, A., & Zhuang, J. (2019). Information sharing in cybersecurity: A review. Decision Analysis, 16(3), 172–196.
Sigholm, J., & Bang, M. (2013). Towards offensive cyber counterintelligence: Adopting a target-centric view on advanced persistent threats. In 2013 European Intelligence and Security Informatics Conference (pp. 166–171). IEEE.
Schlette, D., Caselli, M., & Pernul, G. (2021). A comparative study on cyber threat intelligence: The security incident response perspective. IEEE Communications Surveys & Tutorials, 23(4), 2525–2556.
Abu, M. S., Selamat, S. R., Ariffin, A., & Yusof, R. (2018). Cyber threat intelligence–issue and challenges. Indonesian Journal of Electrical Engineering and Computer Science, 10(1), 371–379.
Fortino, G., Savaglio, C., Spezzano, G., & Zhou, M. (2020). Internet of things as system of systems: A review of methodologies, frameworks, platforms, and tools. IEEE Transactions on Systems, Man, and Cybernetics: Systems, 51(1), 223–236.
Johnson, C., Badger, L., Waltermire, D., Snyder, J., & Skorupka, C. (2016). Guide to cyber threat information sharing. NIST Special Publication, 800(150).
Ramsdale, A., Shiaeles, S., & Kolokotronis, N. (2020). A comparative analysis of cyber-threat intelligence sources, formats and languages. Electronics, 9(5), 824.
Nweke, L. O., & Wolthusen, S. (2020). Legal issues related to cyber threat information sharing among private entities for critical infrastructure protection. In 12th International Conference on Cyber Conflict (CyCon) (Vol. 1300, pp. 63–78). IEEE.
Schaberreiter, T., Roning, J., Quirchmayr, G., et al. (2019). A cybersecurity situational awareness and information-sharing solution for local public administrations based on advanced big data analysis: The CS-AWARE project. In Challenges in Cybersecurity and Privacy – The European Research Landscape (pp. 149–180).
Mavroeidis, V. (2021). Towards automated threat-informed cyberspace defense.
Pal, S., Hitchens, M., & Varadharajan, V. (2020). Access control for Internet of Things—Enabled assistive technologies: An architecture, challenges and requirements. In Assistive Technology for the Elderly (pp. 1–43). Elsevier.
Griffioen, H., Booij, T., & Doerr, C. (2020). Quality evaluation of cyber threat intelligence feeds. In International Conference on Applied Cryptography and Network Security (pp. 277–296). Springer.
Zibak, A., & Simpson, A. (2019). Cyber threat information sharing: Perceived benefits and barriers. In Proceedings of the 14th International Conference on Availability, Reliability and Security (pp. 1–9).
Oosthoek, K., & Doerr, C. (2021). Cyber threat intelligence: A product without a process? International Journal of Intelligence and CounterIntelligence, 34(2), 300–315.
Arafune, M., Rajalakshmi, S., Jaldon, L., et al. (2022). Design and development of automated threat hunting in industrial control systems. In IEEE International Conference on Pervasive Computing and Communications Workshops (pp. 618–623).
Czekster, R. M., Metere, R., & Morisset, C. (2022). CyberaCTIve: A STIX-based tool for cyber threat intelligence in complex models. arXiv preprint arXiv:2204.03676.
Skopik, F., Settanni, G., & Fiedler, R. (2016). A problem shared is a problem halved: A survey on the dimensions of collective cyber defense through security information sharing. Computers & Security, 60, 154–176.
Wagner, T. D., Mahbub, K., Palomar, E., & Abdallah, A. E. (2019). Cyber threat intelligence sharing: Survey and research directions. Computers & Security, 87, Article 101589.
Du, L., Fan, Y., Zhang, L., Wang, L., & Sun, T. (2020). A summary of the development of cyber security threat intelligence sharing. International Journal of Digital Crime and Forensics (IJDCF), 12(4), 54–67.
Sukhabogi, S., et al. (2021). A theoretical review on the importance of threat intelligence sharing & the challenges intricated. Turkish Journal of Computer and Mathematics Education (TURCOMAT), 12(3), 3950–3956.
Xiaohui, Z., & Xianghua, M. (2021). A reputation-based approach using consortium blockchain for cyber threat intelligence sharing. arXiv preprint arXiv:2107.06662.
McMillan, R. (2013). Definition: Threat intelligence. Gartner.com.
Montasari, R., Carroll, F., Macdonald, S., Jahankhani, H., Hosseinian-Far, A., & Daneshkhah, A. (2021). Application of artificial intelligence and machine learning in producing actionable cyber threat intelligence. In Digital Forensic Investigation of Internet of Things (IoT) Devices (pp. 47–64). Springer.
Pawlinski, P., Jaroszewski, P., Kijewski, P., Siewierski, L., Jacewicz, P., Zielony, P., & Zuber, R. (2014). Actionable information for security incident response. European Union Agency for Network and Information Security, Heraklion, Greece.
Doerr, C. (2018). Cyber threat intelligence standards – a high-level overview. TU Delft CTI Labs.
CrowdStrike-CTI. (2022). Retrieved May 31, 2022, from https://crowdstrike.com/cybersecurity-101/threat-intelligence/
Kaspersky-CTI. (2022). Retrieved March 20, 2022, from https://kaspersky.com/resource-center/definitions/threat-intelligence/
Samtani, S., Li, W., Benjamin, V., & Chen, H. (2021). Informing cyber threat intelligence through dark web situational awareness: The AZSecure hacker assets portal. Digital Threats: Research and Practice (DTRAP), 2(4), 1–10.
Bou-Harb, E., Debbabi, M., & Assi, C. (2013). Cyber scanning: A comprehensive survey. IEEE Communications Surveys & Tutorials, 16(3), 1496–1519.
Pal, S., & Jadidi, Z. (2021). Analysis of security issues and countermeasures for the industrial Internet of Things. Applied Sciences, 11(20), 9393.
Farnham, G., & Leune, K. (2013). Tools and standards for cyber threat intelligence projects. SANS Institute.
van Haastrecht, M., Golpur, G., Tzismadia, G., Kab, R., Priboi, C., David, D., Răcătăian, A., Baumgartner, L., Fricker, S., Ruiz, J. F., et al. (2021). A shared cyber threat intelligence solution for SMEs. Electronics, 10(23), 291.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Dr. Layla Hassan, Reem Al-Mazrouei (Author)
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain the copyright of their manuscripts, and all Open Access articles are disseminated under the terms of the Creative Commons Attribution License 4.0 (CC-BY), which licenses unrestricted use, distribution, and reproduction in any medium, provided that the original work is appropriately cited. The use of general descriptive names, trade names, trademarks, and so forth in this publication, even if not specifically identified, does not imply that these names are not protected by the relevant laws and regulations.