Proactive Cyber Threat Intelligence Automating the Intelligence Cycle based on Open Sources

This book explores innovative methods to enhance cybersecurity by leveraging official and unofficial information sources on the web. While traditional approaches like Cyber Threat Intelligence (CTI) and Security Information and Event Management (SIEM) rely on past breaches, this work emphasizes a proactive stance, utilizing Open Source Intelligence (OSINT) to predict and prepare for emerging threats. Drawing from crisis informatics and data mining, the research introduces automated approaches for collecting, enriching, and analyzing cybersecurity information across diverse web sources, providing security teams with tools to identify emerging threats while reducing manual workload. For security professionals and researchers, this work demonstrates how automation can enhance human expertise in cybersecurity, paving the way for more robust and proactive threat detection.

Introduction.- Research Background and Field.- Research Methodology and Context.- Findings.- Discussion.- The Notion of Relevance in Cybersecurity: A Categorization of Security
Tools and Deduction of Relevance Notions.- A Domain-Adapted Language Model for the Cybersecurity Domain.- Bandit on the Hunt: Dynamic Crawling for Cyber Threat Intelligence.- Navigating the Shadows: Evaluating the Dark Web for Cyber Threat.- OVANA: An Approach to Analyze and Improve the Information Quality of Vulnerability Databases.- Common Vulnerability Scoring System Prediction based on Open Source Intelligence Information Sources.- Reducing Information Overload: Because Even Security Experts Need to Blink.

Dr.-Ing. Philipp Kühn is a post-doctoral researcher at the Chair of Science and Technology for Peace and Security (PEASEC) at the Technical University of Darmstadt, where he focuses on information retrieval for IT security using Natural Language Processing and Large Language Models while examining the intersection of technology and intergovernmental cybersecurity cooperation.