English
Related papers

Related papers: Actionable Cyber Threat Intelligence using Knowled…

200 papers

Effective Cyber Threat Intelligence (CTI) relies upon accurately structured and semantically enriched information extracted from cybersecurity system logs. However, current methodologies often struggle to identify and interpret malicious…

Cryptography and Security · Computer Science 2026-04-28 Luca Cotti , Anisa Rula , Devis Bianchini , Federico Cerutti

Attack knowledge graph construction seeks to convert textual cyber threat intelligence (CTI) reports into structured representations, portraying the evolutionary traces of cyber attacks. Even though previous research has proposed various…

Cryptography and Security · Computer Science 2024-05-09 Yongheng Zhang , Tingwen Du , Yunshan Ma , Xiang Wang , Yi Xie , Guozheng Yang , Yuliang Lu , Ee-Chien Chang

Cyber Threat Intelligence (CTI) parsing aims to extract key threat information from massive data, transform it into actionable intelligence, enhance threat detection and defense efficiency, including attack graph construction, intelligence…

Cryptography and Security · Computer Science 2025-06-23 Yongheng Zhang , Xinyun Zhao , Yunshan Ma , Haokai Ma , Yingxiao Guan , Guozheng Yang , Yuliang Lu , Xiang Wang

Cyber threat intelligence (CTI) is a crucial tool to prevent sophisticated, organized, and weaponized cyber attacks. However, few studies have focused on the credibility assessment of CTI, and this work still requires manual analysis by…

Cryptography and Security · Computer Science 2025-07-28 Zongzong Wu , Fengxiao Tang , Ming Zhao , Yufeng Li

Organizations are increasingly targeted by Advanced Persistent Threats (APTs), which involve complex, multi-stage tactics and diverse techniques. Cyber Threat Intelligence (CTI) sources, such as incident reports and security blogs, provide…

Cryptography and Security · Computer Science 2025-04-09 Sofia Della Penna , Roberto Natella , Vittorio Orbinato , Lorenzo Parracino , Luciano Pianese

This work evaluates the performance of Cyber Threat Intelligence (CTI) extraction methods in identifying attack techniques from threat reports available on the web using the MITRE ATT&CK framework. We analyse four configurations utilising…

Cryptography and Security · Computer Science 2025-05-07 Hoang Cuong Nguyen , Shahroz Tariq , Mohan Baruwal Chhetri , Bao Quoc Vo

Cyber Threat Intelligence (CTI) is information describing threat vectors, vulnerabilities, and attacks and is often used as training data for AI-based cyber defense systems such as Cybersecurity Knowledge Graphs (CKG). There is a strong…

Computation and Language · Computer Science 2022-08-04 Casey Hanks , Michael Maiden , Priyanka Ranade , Tim Finin , Anupam Joshi

Large language models (LLMs) can be used to analyze cyber threat intelligence (CTI) data from cybercrime forums, which contain extensive information and key discussions about emerging cyber threats. However, to date, the level of accuracy…

System logs represent a valuable source of Cyber Threat Intelligence (CTI), capturing attacker behaviors, exploited vulnerabilities, and traces of malicious activity. Yet their utility is often limited by lack of structure, semantic…

Artificial Intelligence · Computer Science 2026-04-28 Luca Cotti , Idilio Drago , Anisa Rula , Devis Bianchini , Federico Cerutti

To address the increasing complexity and frequency of cybersecurity incidents emphasized by the recent cybersecurity threat reports with over 10 billion instances, cyber threat intelligence (CTI) plays a critical role in the modern…

Cryptography and Security · Computer Science 2024-06-04 Hangyuan Ji , Jian Yang , Linzheng Chai , Chaoren Wei , Liqun Yang , Yunlong Duan , Yunli Wang , Tianzhen Sun , Hongcheng Guo , Tongliang Li , Changyu Ren , Zhoujun Li

Proactive approaches to security, such as adversary emulation, leverage information about threat actors and their techniques (Cyber Threat Intelligence, CTI). However, most CTI still comes in unstructured forms (i.e., natural language),…

Cryptography and Security · Computer Science 2022-08-26 Vittorio Orbinato , Mariarosaria Barbaraci , Roberto Natella , Domenico Cotroneo

Large Language Models (LLMs) are intensively used to assist security analysts in counteracting the rapid exploitation of cyber threats, wherein LLMs offer cyber threat intelligence (CTI) to support vulnerability assessment and incident…

Cryptography and Security · Computer Science 2025-10-03 Luoxi Tang , Yuqiao Meng , Ankita Patra , Weicheng Ma , Muchao Ye , Zhaohan Xi

Effective incident response (IR) is critical for mitigating cyber threats, yet security teams are overwhelmed by alert fatigue, high false-positive rates, and the vast volume of unstructured Cyber Threat Intelligence (CTI) documents. While…

Cryptography and Security · Computer Science 2025-08-15 Amine Tellache , Abdelaziz Amara Korba , Amdjed Mokhtari , Horea Moldovan , Yacine Ghamri-Doudane

The construction of attack technique knowledge graphs aims to transform various types of attack knowledge into structured representations for more effective attack procedure modeling. Existing methods typically rely on textual data, such as…

Cryptography and Security · Computer Science 2024-11-14 Jian Wang , Tiantian Zhu , Chunlin Xiong , Yan Chen

Textual descriptions in cyber threat intelligence (CTI) reports, such as security articles and news, are rich sources of knowledge about cyber threats, crucial for organizations to stay informed about the rapidly evolving threat landscape.…

Cryptography and Security · Computer Science 2025-04-22 Yutong Cheng , Osama Bajaber , Saimon Amanuel Tsegai , Dawn Song , Peng Gao

Threat intelligence on malware attacks and campaigns is increasingly being shared with other security experts for a cost or for free. Other security analysts use this intelligence to inform them of indicators of compromise, attack…

Cryptography and Security · Computer Science 2023-01-20 Nidhi Rastogi , Sharmishtha Dutta , Mohammed J. Zaki , Alex Gittens , Charu Aggarwal

The swift spread of fake news and disinformation campaigns poses a significant threat to public trust, political stability, and cybersecurity. Traditional Cyber Threat Intelligence (CTI) approaches, which rely on low-level indicators such…

Cryptography and Security · Computer Science 2025-10-20 Domenico Cotroneo , Roberto Natella , Vittorio Orbinato

Cyber Threat Intelligence (CTI) has emerged as a vital complementary approach that operates in the early phases of the cyber threat lifecycle. CTI involves collecting, processing, and analyzing threat data to provide a more accurate and…

Cryptography and Security · Computer Science 2026-05-25 Samaneh Shafee , Alysson Bessani , Pedro M. Ferreira

Cyber Threat Intelligence (CTI) plays a crucial role in assessing risks and enhancing security for organizations. However, the process of extracting relevant information from unstructured text sources can be expensive and time-consuming.…

Cybersecurity researchers have contributed to the automated extraction of CTI from textual sources, such as threat reports and online articles, where cyberattack strategies, procedures, and tools are described. The goal of this article is…

Cryptography and Security · Computer Science 2024-01-04 Md Rayhanur Rahman , Rezvan Mahdavi-Hezaveh , Laurie Williams
‹ Prev 1 2 3 10 Next ›