English
Related papers

Related papers: Looking Beyond IoCs: Automatically Extracting Atta…

200 papers

Cyber threats are constantly evolving. Extracting actionable insights from unstructured Cyber Threat Intelligence (CTI) data is essential to guide cybersecurity decisions. Increasingly, organizations like Microsoft, Trend Micro, and…

Cryptography and Security · Computer Science 2024-07-04 Romy Fieblinger , Md Tanvirul Alam , Nidhi Rastogi

Proactive approaches to security, such as adversary emulation, leverage information about threat actors and their techniques (Cyber Threat Intelligence, CTI). However, most CTI still comes in unstructured forms (i.e., natural language),…

Cryptography and Security · Computer Science 2022-08-26 Vittorio Orbinato , Mariarosaria Barbaraci , Roberto Natella , Domenico Cotroneo

The automation of Cyber Threat Intelligence (CTI) relies heavily on Named Entity Recognition (NER) to extract critical entities from unstructured text. Currently, Large Language Models (LLMs) primarily address this task through…

Cryptography and Security · Computer Science 2025-12-23 Jiaren Peng , Hongda Sun , Xuan Tian , Cheng Huang , Zeqing Li , Rui Yan

Over the last years, threat intelligence sharing has steadily grown, leading cybersecurity professionals to access increasingly larger amounts of heterogeneous data. Among those, cyber attacks' Tactics, Techniques and Procedures (TTPs) have…

Cryptography and Security · Computer Science 2020-04-30 Valentine Legoy , Marco Caselli , Christin Seifert , Andreas Peter

Defending from cyberattacks requires practitioners to operate on high-level adversary behavior. Cyberthreat intelligence (CTI) reports on past cyberattack incidents describe the chain of malicious actions with respect to time. To avoid…

Cryptography and Security · Computer Science 2024-01-04 Md Rayhanur Rahman , Brandon Wroblewski , Quinn Matthews , Brantley Morgan , Tim Menzies , Laurie Williams

Large Language Models (LLMs) are intensively used to assist security analysts in counteracting the rapid exploitation of cyber threats, wherein LLMs offer cyber threat intelligence (CTI) to support vulnerability assessment and incident…

Cryptography and Security · Computer Science 2025-10-03 Luoxi Tang , Yuqiao Meng , Ankita Patra , Weicheng Ma , Muchao Ye , Zhaohan Xi

As the number and sophistication of cyber attacks have increased, threat hunting has become a critical aspect of active security, enabling proactive detection and mitigation of threats before they cause significant harm. Open-source cyber…

Cryptography and Security · Computer Science 2024-07-09 Yuval Schwartz , Lavi Benshimol , Dudu Mimran , Yuval Elovici , Asaf Shabtai

As artificial intelligence (AI) becomes deeply embedded in critical services and everyday products, it is increasingly exposed to security threats which traditional cyber defenses were not designed to handle. In this paper, we investigate…

Cryptography and Security · Computer Science 2026-03-06 Natalia Krawczyk , Mateusz Szczepkowski , Adrian Brodzik , Krzysztof Bocianiak

Monitoring the threat landscape to be aware of actual or potential attacks is of utmost importance to cybersecurity professionals. Information about cyber threats is typically distributed using natural language reports. Natural language…

Computation and Language · Computer Science 2024-04-12 Lukas Lange , Marc Müller , Ghazaleh Haratinezhad Torbati , Dragan Milchevski , Patrick Grau , Subhash Pujari , Annemarie Friedrich

Cyber Threat Intelligence (CTI) plays a crucial role in assessing risks and enhancing security for organizations. However, the process of extracting relevant information from unstructured text sources can be expensive and time-consuming.…

Despite the high volume of open-source Cyber Threat Intelligence (CTI), our understanding of long-term threat actor-victim dynamics remains fragmented due to inconsistent reporting standards and the lack of structured datasets containing…

Cryptography and Security · Computer Science 2026-05-22 Manuel Suarez-Roman , Francesco Marchiori , Mauro Conti , Juan Tapiador

Publicly available information contains valuable information for Cyber Threat Intelligence (CTI). This can be used to prevent attacks that have already taken place on other systems. Ideally, only the initial attack succeeds and all…

Cryptography and Security · Computer Science 2025-03-25 Philipp Kuehn , Mike Schmidt , Markus Bayer , Christian Reuter

The rise of IT-dependent operations in modern organizations has heightened their vulnerability to cyberattacks. As a growing number of organizations include smart, interconnected devices in their systems to automate their processes, the…

Cryptography and Security · Computer Science 2024-06-21 Dincy R. Arikkat , Mert Cihangiroglu , Mauro Conti , Rafidha Rehiman K. A. , Serena Nicolazzo , Antonino Nocera , Vinod P

In response to the escalating cyber threats, the efficiency of Cyber Threat Intelligence (CTI) data collection has become paramount in ensuring robust cybersecurity. However, existing works encounter significant challenges in preprocessing…

Cryptography and Security · Computer Science 2025-06-05 Jamal H. Al-Yasiri , Mohamad Fadli Bin Zolkipli , Nik Fatinah N Mohd Farid , Mohammed Alsamman , Zainab Ali Mohammed

With the proliferation of digitization and its usage in critical sectors, it is necessary to include information about the occurrence and assessment of cyber threats in an organization's threat mitigation strategy. This Cyber Threat…

Cryptography and Security · Computer Science 2024-06-21 Alfonso Iacovazzi , Han Wang , Ismail Butun , Shahid Raza

Cyber threat intelligence (CTI) is being used to search for indicators of attacks that might have compromised an enterprise network for a long time without being discovered. To have a more effective analysis, CTI open standards have…

Cryptography and Security · Computer Science 2019-10-02 Sadegh M. Milajerdi , Birhanu Eshete , Rigel Gjomemo , V. N. Venkatakrishnan

Threat analysis is continuously growing in importance due to the always-increasing complexity and frequency of cyber attacks. Analyzing threats demands significant effort from security experts: different cybersecurity knowledge bases…

Cryptography and Security · Computer Science 2026-01-13 Andrea Ciavotta , Alessandro Palma , Simone Lenti , Silvia Bonomi

In the digital era, threat actors employ sophisticated techniques for which, often, digital traces in the form of textual data are available. Cyber Threat Intelligence~(CTI) is related to all the solutions inherent to data collection,…

Cryptography and Security · Computer Science 2023-11-16 Marco Arazzi , Dincy R. Arikkat , Serena Nicolazzo , Antonino Nocera , Rafidha Rehiman K. A. , Vinod P. , Mauro Conti

The swift spread of fake news and disinformation campaigns poses a significant threat to public trust, political stability, and cybersecurity. Traditional Cyber Threat Intelligence (CTI) approaches, which rely on low-level indicators such…

Cryptography and Security · Computer Science 2025-10-20 Domenico Cotroneo , Roberto Natella , Vittorio Orbinato

Cyber Threat Intelligence (CTI) is the knowledge of cyber and physical threats that help mitigate potential cyber attacks. The rapid evolution of the current threat landscape has seen many organisations share CTI to strengthen their…

Cryptography and Security · Computer Science 2022-08-26 Kealan Dunnett , Shantanu Pal , Guntur Dharma Putra , Zahra Jadidi , Raja Jurdak