eISSN: 3087-4297 editor@aimjournals.com
All Journals
Submit your article

International Journal of Cyber Threat Intelligence and Secure Networking

Open Access Peer Review International
Open Access

From Reactive to Predictive Security: Integrating Threat Intelligence with SIEM for Proactive Threat Hunting

DOI https://doi.org/10.55640/
PDF
Dr. Mateo Alvarez-Ruiz 1 ,
4 Department of Computer Science and Information Assurance, Universidad de Granada, Spain

Abstract

The accelerating sophistication, scale, and coordination of cyber threats have rendered traditional reactive security postures insufficient for modern digital ecosystems. As adversaries increasingly exploit the clear web, social media platforms, and the dark web to coordinate campaigns, trade exploits, and leak sensitive data, the strategic value of cyber threat intelligence has expanded from operational alerting toward anticipatory, intelligence-driven defense. This research article presents a comprehensive, theory-driven examination of contemporary cyber threat intelligence practices, with a particular focus on dark web monitoring, natural language processing, and the emerging role of large language models in transforming raw threat data into predictive security insight. Drawing strictly on established academic literature, industry research, and recent scholarly advancements, the article synthesizes crawler architectures, adversary behavior models, intelligence kill chains, and AI-driven analytics into a unified conceptual framework. Special attention is given to the epistemological challenges of trust, explainability, and bias in automated intelligence generation, as well as the operational implications of integrating threat intelligence into security information and event management systems. Through extensive theoretical elaboration, the article argues that the convergence of dark web intelligence harvesting, NLP-driven semantic enrichment, and LLM-powered reasoning marks a paradigm shift from reactive cybersecurity toward continuous, predictive threat hunting. The study concludes by articulating key limitations, ethical considerations, and future research directions necessary to ensure that advanced threat intelligence systems remain reliable, accountable, and strategically valuable in an increasingly adversarial digital landscape.

Keywords

Cyber Threat Intelligence, Dark Web Monitoring, Natural Language Processing

References

πŸ“„ Arazzi, R., Munro, R., & Wilson, R. (2023). Natural language processing for cyber threat intelligence: A survey. arXiv preprint arXiv:2311.08807.
πŸ“„ CrowdStrike. (n.d.). Threat intelligence & hunting.
πŸ“„ Cybersixgill. (n.d.). Real-time cyber threat intelligence dark web.
πŸ“„ Demirkapi, B. (2025). Thousands of corporate secrets were left exposed. This guy found them all. Wired.
πŸ“„ Finch, A. C. (2025). From reactive to predictive: A framework for integrating threat intelligence with SIEM for proactive threat hunting. International Journal of Cyber Threat Intelligence and Secure Networking, 2(10), 1–10.
πŸ“„ Fieblinger, C., Fiebrich, M., & Zimmer, C. (2024). Constructing a knowledge graph from cyber threat intelligence using LLMs. arXiv preprint arXiv:2407.02528.
πŸ“„ Hutchins, E. M., Cloppert, M. J., & Amin, R. M. (2011). Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Leading Issues in Information Warfare & Security Research, 1, 80.
πŸ“„ Ismail, H. (2024). The role of artificial intelligence and NLP in modern cybersecurity. Journal of Information Systems and Security, 20(1), 1–15.
πŸ“„ Koloveas, P., Chantzios, T., Tryfonopoulos, C., & Skiadopoulos, S. (2021). A crawler architecture for harvesting the clear, social, and dark web for IoT-related cyber-threat intelligence. arXiv preprint arXiv:2109.06932.
πŸ“„ Liu, K., Li, X., & Xu, H. (2025). CYLENS: A cyber threat intelligence copilot powered by large language models. arXiv preprint arXiv:2502.20791.
πŸ“„ Mezzi, S., Bertossi, L., & Sabetta, A. (2025). Can large language models be trusted for cyber threat intelligence tasks? arXiv preprint arXiv:2503.23175.
πŸ“„ Nunes, E., Diab, A., Gunn, A., Marin, E., Mishra, V., Paliath, V., Robertson, J., Shakarian, J., Thart, A., & Shakarian, P. (2016). Darknet and deepnet mining for proactive cybersecurity threat intelligence. arXiv preprint arXiv:1607.08583.
πŸ“„ Ojo, O., & Tomy, N. (2025). Outsmarting cyber threats: AI-powered deep learning and NLP frameworks for malicious URL detection. ResearchGate Preprint.
πŸ“„ Olaoluwa, S., & Potter, M. (2024). Enhancing social media threat intelligence through NLP techniques. Preprints.
πŸ“„ Owenson, G. (2025). What I learnt about the dark web. The Times.
πŸ“„ Rodriguez, L., & Costa, M. (2024). Predictive threat intelligence for government networks using AI and ML. Academic Pinnacle Cybersecurity Journal, 7(2), 43–59.
πŸ“„ SOCRadar. (n.d.). Tracking cybercriminals on the dark web: The role of AI-powered threat intelligence.
πŸ“„ SOCRadar. (n.d.). Advanced dark web monitoring.
πŸ“„ Strider Technologies. (2025). Cyber intelligence company Strider raises $55 million in funding. The Wall Street Journal.
πŸ“„ ZeroFox. (n.d.). Dark web threat intelligence.
πŸ“„ Zhao, H., Wang, J., & Zhang, Y. (2024). LLM-TIKG: Constructing threat intelligence knowledge graphs from text using large language models. Computers & Security, 133, 103357.
πŸ“„ Song, Y. (2022). Leveraging natural language processing for explainable threat intelligence analysis. International Journal of Cybersecurity Intelligence & Cybercrime, 5(3), 29–43.