SECDFAN: A Cyber Threat Intelligence System for Discussion Forums Utilization

Sakellariou, Georgios; Fouliras, Panayotis; Mavridis, Ioannis

doi:10.3390/eng4010037

Cited by 3 publications

(2 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…On the other hand, Sakellariou et al [ 43 ] emphasized using discussion forums as the raw data source for CTI and suggested a semantic schema for organizing the gathered data. The paper introduces the SECDFAN system, a comprehensive method for generating CTI products by analyzing forum content.…”

Section: Resultsmentioning

confidence: 99%

See 1 more Smart Citation

A Systematic Literature Review on Cyber Threat Intelligence for Organizational Cybersecurity Resilience

Saeed,

Suayyid,

Al-Ghamdi

et al. 2023

Sensors

View full text Add to dashboard Cite

Cybersecurity is a significant concern for businesses worldwide, as cybercriminals target business data and system resources. Cyber threat intelligence (CTI) enhances organizational cybersecurity resilience by obtaining, processing, evaluating, and disseminating information about potential risks and opportunities inside the cyber domain. This research investigates how companies can employ CTI to improve their precautionary measures against security breaches. The study follows a systematic review methodology, including selecting primary studies based on specific criteria and quality valuation of the selected papers. As a result, a comprehensive framework is proposed for implementing CTI in organizations. The proposed framework is comprised of a knowledge base, detection models, and visualization dashboards. The detection model layer consists of behavior-based, signature-based, and anomaly-based detection. In contrast, the knowledge base layer contains information resources on possible threats, vulnerabilities, and dangers to key assets. The visualization dashboard layer provides an overview of key metrics related to cyber threats, such as an organizational risk meter, the number of attacks detected, types of attacks, and their severity level. This relevant systematic study also provides insight for future studies, such as how organizations can tailor their approach to their needs and resources to facilitate more effective collaboration between stakeholders while navigating legal/regulatory constraints related to information sharing.

show abstract

Section: Resultsmentioning

confidence: 99%

“…The paper introduces the SECDFAN system, a comprehensive method for generating CTI products by analyzing forum content. Furthermore, a reference architecture was created systematically to address all CTI-related concerns, including product sharing and collaboration among security experts [ 43 ].…”

Section: Resultsmentioning

confidence: 99%

A Systematic Literature Review on Cyber Threat Intelligence for Organizational Cybersecurity Resilience

Saeed,

Suayyid,

Al-Ghamdi

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

Uncovering Hidden Threats: Automated, Machine Learning-based Discovery & Extraction of Cyber Threat Intelligence from Online Sources

Ellinitakis,

Fysarakis,

Bountakas

et al. 2024

2024 IEEE International Conference on Cyber Security and Resilience (CSR)

View full text Add to dashboard Cite

Artificial Intelligence and Large Language Models in Advancing Cyber Threat Intelligence: A Systematic Literature Review

Alturkistani,

Chuprat

2024

Preprint

View full text Add to dashboard Cite

The evolution of Cyber Threat Intelligence (CTI) is pivotal in addressing the increasingly sophisticated landscape of cyber threats. Traditional CTI methods, while foundational, are rapidly obsoleting by the complexity and dynamism of modern cyber threats. This demands a shift towards more advanced, adaptive strategies integrating Artificial Intelligence (AI) and Large Language Models (LLMs). This literature survey examines recent developments in CTI, focusing on traditional methods, the incorporation of AI for enhanced forecasting and detection, and the pioneering application of LLMs for automating intelligence report generation, enhancing threat detection, recognition, and mitigation accuracy, and facilitating the construction of comprehensive threat prevention framework. Key findings indicate that while traditional CTI methods provide a critical baseline for threat intelligence, their static nature and reliance on outdated indicators of compromise limit their effectiveness against novel, sophisticated cyber threats. Integrating AI techniques, particularly machine learning and deep learning, marks a significant advancement in CTI, offering improved predictive capabilities, dynamic threat detection, and more nuanced analysis of cyber threats. Further, the advent of LLMs in CTI represents a transformative shift, enabling the automated generation of intelligence reports, processing of unstructured CTI data, threat detection, recognition, and actionable step generation to mitigate potential cyber threats. However, challenges persist, including data privacy concerns, the dynamic nature of cyber threats, and the integration of LLMs into existing cybersecurity frameworks. The reviews provide limitations for each study and future research directions with particular emphasis on developing adaptive, intelligent CTI systems capable of proactively addressing the evolving cyber threat landscape.

show abstract

SECDFAN: A Cyber Threat Intelligence System for Discussion Forums Utilization

Cited by 3 publications

References 23 publications

A Systematic Literature Review on Cyber Threat Intelligence for Organizational Cybersecurity Resilience

A Systematic Literature Review on Cyber Threat Intelligence for Organizational Cybersecurity Resilience

Uncovering Hidden Threats: Automated, Machine Learning-based Discovery & Extraction of Cyber Threat Intelligence from Online Sources

Artificial Intelligence and Large Language Models in Advancing Cyber Threat Intelligence: A Systematic Literature Review

Contact Info

Product

Resources

About