AI-Powered Cyber Threat Intelligence: Real-Time Detection, Prediction, and Response through Machine Learning

Abstract

The rise in sophisticated cyberattacks has revealed the inadequacy of traditional security measures such as firewalls and signature-based intrusion detection systems, particularly against novel and zero-day threats. This study presents an AI-powered cyber threat intelligence (CTI) framework that integrates Natural Language Processing (NLP), machine learning (ML), and malware analysis to enable real-time detection, prediction, and automated mitigation of threats. The proposed framework follows a four-phase architecture: data collection, data analysis, risk assessment, and mitigation, with a continuous feedback loop for adaptive learning. Experiments were conducted using LUFlow and IEC 60870–5-104 intrusion detection datasets, yielding a detection accuracy of approximately 99.96% and significant improvements in precision, recall, and F1-score compared with baseline models such as SecurityBERT, XAI, and DNN-based solutions. The findings demonstrate the framework’s scalability, generalizability, and suitability for deployment in enterprise and critical infrastructure networks. Future research will focus on integrating semi-supervised learning, adversarial robustness, and edge-based deployments for enhanced threat response.