•  
  •  
 

Abstract

In cyber threat intelligence (CTI), information security specialists face overwhelming data flows from multiple sources, including hacker forums, dark web markets, and social media. These diverse and multilingual information streams require extensive analysis and processing. However, the current state of CTI faces several challenges, such as reliance on manual annotation and evaluation, as well as limited support for non-English languages, which hinders advanced threat detection and comprehensive analysis. This systematic literature review proposes a conceptual framework designed to overcome existing state-of-the-art limitations. It evaluates recent advancements in CTI methodologies by following PRISMA guidelines and analyzing selected studies from reputable sources, including Scopus, IEEE Xplore, ACM Digital Library, ScienceDirect, and Google Scholar. Our findings emphasize the critical role of artificial intelligence, machine learning, and deep learning in enhancing CTI models by optimizing data collection, preprocessing, and multilingual support for event extraction. Despite significant improvements in event extraction accuracy and processing efficiency through AI-driven techniques, challenges remain in scaling automated systems and expanding language coverage. This review highlights the need for comprehensive, scalable frameworks that minimize manual effort while improving cross-lingual capabilities, ultimately enabling more robust, timely, and accurate threat intelligence extraction in the evolving cyber threat landscape.

Additional Files
KIJOMS supplementray material.docx (36 kB)

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.

Download

Share

COinS