AI for Cyber Threat Intelligence (CTI) Automation

Abstract

Following this, in today's constantly changing cybersecurity landscape, organisations continue to face complex as well as advanced persistent cyber threats (APT). Cyber threat intelligence has become a potent weapon that belongs to the cybersecurity toolbox (CTI). Conventional cyber threat intelligence (CTI) methodologies are unable to keep up with the ongoing evolution of cyber threats in terms of sophistication. AI provides a potential remedy by improving and simplifying a range of processes, from resilience assessment to data intake. Nevertheless, there are certain difficulties with incorporating AI into CTI. As a result, we talk about the moral conundrums, and possible biases, including the necessity of openness in decisions made by AI. Following this, in this study, we also conducted the literature review on which basis the utilization of AI in cyber threat intelligence and automation has been explored. To conduct this review and propose a framework such as a Smart Vactor Machine secondary data has been used and analysed. The findings of the paper revealed that, might have some limitations to being used but has the possibility more in the context of CTI when using the SVM. The limitation of the paper outlines that, AI/ML systems may find it difficult to handle new attack vectors or identify unfamiliar indicators of compromise (IoCs).