Vol. 1 No. 1 (2026): January 2026
Artificial Intelligence : Technology

Enhancing TARA Through a Continuous Improvement Method Based on Cybersecurity Threat Intelligence

DOWNLOAD PDF
  • M Munibabu,
  • P Naga Sashank,
  • C Bhanu,
  • B Praveen Kumar,
  • J Duraj Reddy
M Munibabu
Department of CSE (IoT, Cyber Security including Block Chain Technology), Annamacharya Institute of Technology & Sciences (Autonomous), Tirupati, A.P, India.
P Naga Sashank
Department of CSE (IoT, Cyber Security including Block Chain Technology), Annamacharya Institute of Technology & Sciences (Autonomous), Tirupati, A.P, India.
C Bhanu
Department of CSE (IoT, Cyber Security including Block Chain Technology), Annamacharya Institute of Technology & Sciences (Autonomous), Tirupati, A.P, India.
B Praveen Kumar
Department of CSE (IoT, Cyber Security including Block Chain Technology), Annamacharya Institute of Technology & Sciences (Autonomous), Tirupati, A.P, India.
J Duraj Reddy
Department of CSE (IoT, Cyber Security including Block Chain Technology), Annamacharya Institute of Technology & Sciences (Autonomous), Tirupati, A.P, India.
DOI: https://doi.org/10.5281/zenodo.18508416

Published 2026-02-06

Keywords

  • Cybersecurity Threat Intelligence,
  • Threat Analysis and Risk Assessment,
  • CVSS Prediction,
  • Ensemble Learning,
  • Random Forest,
  • XGBoost,
  • BERT,
  • Continuous Risk Assessment
    • ...More
    Less

How to Cite

M Munibabu, P Naga Sashank, C Bhanu, B Praveen Kumar, & J Duraj Reddy. (2026). Enhancing TARA Through a Continuous Improvement Method Based on Cybersecurity Threat Intelligence. Milestone Transactions on Artificial Intelligence, 1(1), 34–48. https://doi.org/10.5281/zenodo.18508416

Abstract

The ever-increasing complexity and dynamics of cyber threats demand risk assessment tools that extend beyond the realm of static and periodic risk assessments. Although Threat Analysis and Risk Assessment (TARA) techniques are systematic, they are not flexible enough to handle dynamic cyber threats. To overcome the limitations of the conventional Threat Analysis and Risk Assessment techniques, this paper proposes a continuous improvement approach that incorporates Cybersecurity Threat Intelligence (CTI) and an intelligent risk prediction model. In this paper, a hybrid multimodal ensemble approach has been proposed to predict the CVSS score based on the structured vulnerability attributes and unstructured textual threat intelligence obtained from the CVE data. Comprehensive experiments have been performed using the large-scale CVE dataset to prove the efficiency of the proposed approach in efficiently predicting the risk with an R² value of 0.9947 and a Mean Absolute Error of 0.0133. Explainability analysis is performed to ensure that the proposed approach meets the predefined cybersecurity risk principles. The experimental outcome clearly demonstrates that the proposed CTI-based continuous TARA approach can enhance the accuracy of risk prediction in a dynamic cybersecurity setting.

DOWNLOAD PDF

References

  1. Conti, M., Dehghantanha, A., Franke, K., & Watson, S. (2018). Internet of Things security and forensics: Challenges and opportunities. Future Generation Computer Systems, 78, 544–546.
  2. Tounsi, S., & Rais, H. (2018). A survey on technical threat intelligence in the age of sophisticated cyber attacks. Computers & Security, 72, 212–233.
  3. International Organization for Standardization. (2021). ISO/SAE 21434: Road vehicles—Cybersecurity engineering. ISO.
  4. Shostack, A. (2014). Threat modeling: Designing for security. Wiley.
  5. Mavroeidis, R., & Bromander, S. (2017). Cyber threat intelligence model: An evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence. In Proceedings of the European Intelligence and Security Informatics Conference (EISIC) (pp. 91–98). IEEE.
  6. European Union Agency for Cybersecurity. (2022). Cyber threat intelligence: ENISA good practice guide. ENISA.
  7. Breiman, L. (2001). Random forests. Machine Learning, 45(1), 5–32.
  8. Husák, M., Komárková, J., Bou-Harb, E., & Čeleda, P. (2019). Survey of attack projection, prediction, and forecasting in cybersecurity. IEEE Communications Surveys & Tutorials, 21(1), 640–660.
  9. Rahmati, M. (2025). Towards explainable and lightweight AI for real-time cyber threat hunting in edge networks (arXiv preprint). arXiv.
  10. Sorokoletova, O., Antonioni, E., & Colò, G. (2025). A scalable AI-driven framework for cyber threat intelligence information extraction (arXiv preprint). arXiv.
  11. Al-Yasiri, J. H., et al. (2025). A threat intelligence event extraction conceptual model for CTI feeds (arXiv preprint). arXiv.
  12. Barakat, A. (2025). AI-driven threat intelligence for strengthening cyber defense mechanisms. International Journal of Scientific Research Archives.
  13. Balasubramanian, P., et al. (2025). Generative AI for cyber threat intelligence: Applications and challenges. Artificial Intelligence Review.
  14. Kwentoa, I. K. (2025). AI-driven threat intelligence for enterprise cybersecurity. Journal of Next-Generation Research.
  15. Panda, S., et al. (2025). AI-driven predictive cyber threat intelligence framework. Journal of Emerging Technologies and Innovative Research (JETIR).
  16. Studies on AI-based cyber attack forecasting models. (2025).
  17. Research on NLP-enhanced CTI automation pipelines. (2025).
  18. Systematic review on cyber threat intelligence technologies and effectiveness. (2025). Sensors.
  19. Fatima, N., Noorain, A., Ahmed, S. T., & Siddiqha, S. A. (2025, December). Automated Medical System for Rural Communities to Provide Medication without Human Interruption Using Machine Learning Techniques. In 2025 IEEE 5th International Conference on ICT in Business Industry & Government (ICTBIG) (pp. 1-5). IEEE.