Automated Cyber Threat Identification and Natural Language Processing

Authors

  • Kuruvamanikindi Venkatesh Department of Artificial Intelligence and Machine Learning, Dr K V Subba Reddy Institute of Technology, Kurnool, Andhra Pradesh, India Author
  • M Sai Kumar Department of Artificial Intelligence and Machine Learning, Dr K V Subba Reddy Institute of Technology, Kurnool, Andhra Pradesh, India Author
  • Shaik Mohammed Maaz Department of Artificial Intelligence and Machine Learning, Dr K V Subba Reddy Institute of Technology, Kurnool, Andhra Pradesh, India Author
  • Surekari Yashwanth Teja Department of Artificial Intelligence and Machine Learning, Dr K V Subba Reddy Institute of Technology, Kurnool, Andhra Pradesh, India Author
  • Dr. K. Pavan Kumar Department of Artificial Intelligence and Machine Learning, Dr K V Subba Reddy Institute of Technology, Kurnool, Andhra Pradesh, India Author

DOI:

https://doi.org/10.32628/IJSRSET2512317

Keywords:

Cybersecurity, Emerging Threats, Machine Learning, Threat Profiling, MITRE ATTACK

Abstract

The time window between the disclosure of a new cyber vulnerability and its use by Cyber criminals has been getting smaller and smaller over time. Recent episodes, such asLog4j vulnerability, exemplifies this well. Within hours after the exploit being released, attackers started scanning the internet looking for vulnerable hosts to deploy threats like crypto currency miners and ransom ware on vulnerable systems.Thus,it becomes imperative for the cyber security defense strategy to detect threats and their capabilities as early as possible to maximize the success of prevention actions.Althoughcrucial, discovering new threatsisa challenging activity for security analysts due to the immense volume of data and information sources to be analyzed for signs that a threat is emerging. In this sense,wepresenta framework for automatic identification and profiling of emerging threats using Twitter messages as a source of events and MITRE ATT&CK as a source of knowledge for threat characterization.Theframeworkcomprises three main parts: identification of cyber threats and their names; profilingtheidentifiedthreatintermsofitsintentionsorgoalsbyemploying two machine learning layers to filter and classify tweets; and alarm generation based on the threat’srisk.Themaincontributionofourworkistheapproachtocharacterizeor profile the identified threats in terms of their intentions or goals, providing additional context on the threat and avenues for mitigation. In our experiments, theprofilingstagereachedanF1 score of 77% in correctly profiling discovered threats.

Downloads

Download data is not yet available.

References

B. D. Le, G. Wang, M. Nasim, and A. Babar, ‘‘Gathering cyber threat intelligence from Twitter using novelty classification,’’ 2019, arXiv:1907.01755.

Definition:ThreatIntelligence,GartnerResearch,Stamford,CO,USA,2013.

R. D. Steele, ‘‘Open source intelligence: What is it? why is it important to the military,’’ Journal, vol. 17, no. 1, pp. 35–41, 1996.

Saqib, M., Malhotra, S., Mehta, D., Jangid, J., Yashu, F., & Dixit, S. (2025). Optimizing spot instance reliability and security using cloud-native data and tools. Journal of Information Systems Engineering and Management, 10(14s), 720–731. https://doi.org/10.52783/jisem.v10i14s.2387

C.Sabottke,O.Suciu,andT.Dumitras,‘‘Vulnerabilitydisclosureintheageofsocial media:ExploitingTwitterforpredictingreal-worldexploits,’’inProc.24thUSENIX Secur. Symp. (USENIX Secur.), 2015, pp. 1041– 1056.

Jangid, J. (2025). Secure microservice communication in optical networks. Journal of Information Systems Engineering and Management, 10(21s), 911–926. https://doi.org/10.52783/jisem.v10i21s.3455

A. Sapienza, A. Bessi, S. Damodaran, P. Shakarian, K. Lerman, and E. Ferrara, ‘‘Early warnings of cyber threats in online discussions,’’ in Proc. IEEE Int. Conf. Data Mining Workshops (ICDMW), Nov. 2017, pp. 667–674.

Dixit, S., & Jangid, J. (2025). Exploring smart contracts and artificial intelligence in FinTech. Journal of Information Systems Engineering and Management, 10(14s), 282–295. https://doi.org/10.52783/jisem.v10i14s.2208

E. Nunes, A. Diab, A. Gunn, E. Marin, V. Mishra, V. Paliath, J. Robertson, J. Shakarian, A. Thart, and P. Shakarian, ‘‘Darknet and deepnet mining for proactive cybersecuritythreat intelligence,’’inProc. IEEEConf.Intell.Secur.Informat.(ISI), Sep. 2016, pp. 7– 12.

S.Mittal,P.K.Das,V.Mulwad,A.Joshi,andT.Finin,‘‘CyberTwitter:UsingTwitter togeneratealerts for cybersecuritythreatsand vulnerabilities,’’ in Proc. IEEE/ACM Int. Conf. Adv. Social Netw. Anal. Mining (ASONAM), Aug. 2016, pp. 860–867.

A.Attarwala,S.Dimitrov,andA.Obeidi,‘‘HowefficientisTwitter:Predicting2012 U.S. presidential elections using support vector machine via Twitter and comparing against Iowaelectronicmarkets,’’inProc.Intell.Syst.Conf.(IntelliSys),Sep.2017, pp.646– 652.

N. Dionísio, F. Alves, P. M. Ferreira, and A. Bessani, ‘‘Towards end-to-end cyberthreat detection from Twitter using multi-task learning,’’ in Proc. Int. Joint Conf.Neural Netw. (IJCNN), Jul. 2020, pp. 1–8. [10]O. Oh, M. Agrawal, andH. R. Rao, ‘‘Information control and terrorism: Tracking the Mumbai terrorist attack through Twitter,’’ Inf. Syst. Frontiers, vol. 13, no. 1, pp. 33–43, Mar. 2011.

Downloads

Published

09-05-2025

Issue

Vol. 12 No. 3 (2025): May-June

Section

Research Articles

License

Copyright (c) 2025 International Journal of Scientific Research in Science, Engineering and Technology

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Kuruvamanikindi Venkatesh, M Sai Kumar, Shaik Mohammed Maaz, Surekari Yashwanth Teja, and Dr. K. Pavan Kumar, “Automated Cyber Threat Identification and Natural Language Processing”, Int J Sci Res Sci Eng Technol, vol. 12, no. 3, pp. 89–97, May 2025, doi: 10.32628/IJSRSET2512317.

Similar Articles

1-10 of 161

You may also start an advanced similarity search for this article.