NLP for Cyber Threat Intelligence: Extracting Indicators and Relationships from Unstructured Text

AI & Machine Learning in Security2024Journal of Information Security and Applications

ByJulian Calvo, Ed.D., MBA, M.S.2024

APA Citation

Gomez, L. & Park, S. (2024). NLP for Cyber Threat Intelligence: Extracting Indicators and Relationships from Unstructured Text. *Journal of Information Security and Applications*. https://doi.org/10.1016/j.jisa.2024.103756

View original paper →

Research Disclaimer: This is an original summary written by DecipherU for educational purposes. We do not host or reproduce the original paper. Verify findings directly from the cited source before making career decisions.

What Did This Cybersecurity Research Find?

This cybersecurity AI application study evaluated NLP models for extracting indicators of compromise (IOCs) and threat relationships from security reports, blogs, and advisories. Cybersecurity threat intelligence teams using NLP-based extraction processed 8 times more sources per analyst and identified IOCs an average of 18 hours faster than manual analysis.

Key Findings

1NLP-based extraction processed 8x more intelligence sources per analyst
2IOC identification was 18 hours faster on average compared to manual analysis
3Named entity recognition for threat actors achieved 89% F1 score
4Relationship extraction between threat actors and techniques achieved 76% accuracy
5Analyst review of NLP-extracted intelligence was still necessary, reducing the speed advantage to 4x for validated intelligence

How Does This Apply to Cybersecurity Careers?

Threat intelligence analysts should develop NLP and data processing skills. This research shows how automation is changing the speed requirements for intelligence production.

Who Should Read This?

mid careerseniorresearcher

Frequently Asked Questions

What did this cybersecurity research find?

How is this research relevant to cybersecurity careers?

Threat intelligence analysts should develop NLP and data processing skills. This research shows how automation is changing the speed requirements for intelligence production.

Where was this cybersecurity research published?

This study was published in Journal of Information Security and Applications in 2024. The DOI is 10.1016/j.jisa.2024.103756. Access the original paper through the publisher link above.

Sources

Last verified: 2026-04-01Report an inaccuracy

Explore Related Cybersecurity Resources

Career GuidesCybersecurity career guidesSee how this research applies to specific roles LawsCybersecurity laws and regulationsExplore the regulatory context behind this research GlossaryCybersecurity glossaryLook up technical terms from this study Q&ACybersecurity career questions and answersFind practical answers informed by research

Get cybersecurity career insights delivered weekly

Join cybersecurity professionals receiving weekly intelligence on threats, job market trends, salary data, and career growth strategies.

Get Cybersecurity Career Intelligence

Weekly insights on threats, job trends, and career growth.

Unsubscribe anytime. More options

NLP for Cyber Threat Intelligence: Extracting Indicators and Relationships from Unstructured Text

APA Citation

View original paper →

What Did This Cybersecurity Research Find?

Key Findings

1NLP-based extraction processed 8x more intelligence sources per analyst
2IOC identification was 18 hours faster on average compared to manual analysis
3Named entity recognition for threat actors achieved 89% F1 score
4Relationship extraction between threat actors and techniques achieved 76% accuracy
5Analyst review of NLP-extracted intelligence was still necessary, reducing the speed advantage to 4x for validated intelligence

How Does This Apply to Cybersecurity Careers?

Threat intelligence analysts should develop NLP and data processing skills. This research shows how automation is changing the speed requirements for intelligence production.

Who Should Read This?

mid careerseniorresearcher

Frequently Asked Questions

What did this cybersecurity research find?

How is this research relevant to cybersecurity careers?

Threat intelligence analysts should develop NLP and data processing skills. This research shows how automation is changing the speed requirements for intelligence production.

Where was this cybersecurity research published?

This study was published in Journal of Information Security and Applications in 2024. The DOI is 10.1016/j.jisa.2024.103756. Access the original paper through the publisher link above.

Get cybersecurity career insights delivered weekly

Join cybersecurity professionals receiving weekly intelligence on threats, job market trends, salary data, and career growth strategies.

Get Cybersecurity Career Intelligence

Weekly insights on threats, job trends, and career growth.

Unsubscribe anytime. More options