BERT-spaCy hybrid NLP and blockchain-enhanced adaptive CTI for IOC extraction and threat prediction
Shailendra Mishra, Ruba Ahmed Alfahidah, Fayez Alharbi

TL;DR
A new cybersecurity system uses BERT and blockchain to detect and predict threats with high accuracy and speed.
Contribution
A hybrid CTI system combining BERT, blockchain, and adaptive ML for IOC extraction and threat prediction with high accuracy and latency reduction.
Findings
BERT-spaCy model achieved 95% accuracy and 95.7% F1-score for IOC extraction with 55% latency reduction.
System validated with strong statistical significance (p < 0.001) across CIC-IDS2017 and UNSW-NB15 datasets.
BERT outperformed LSTM, SVM, and Naïve Bayes in cross-dataset robustness with a CRI of 0.999.
Abstract
Cyber-attacks pose a significant risk to digital infrastructure, resulting in losses at both individual and organizational levels, underscoring the need for proactive and intelligent defense mechanisms. This study proposes a hybrid Cyber Threat Intelligence (CTI) system integrating an immutable blockchain ledger, adaptive machine-learning models, and natural-language processing algorithms for timely detection, classification, and secure sharing of threat data. The system forecasts future attacks by analyzing aggregated data and recommending mitigation strategies. A BERT-based model, combined with spaCy and regular expressions for extracting Indicators of Compromise (IOCs) from unstructured data, achieved 95% accuracy and a 95.7% F1-score, with a 55% latency reduction (from 120ms to 54ms for 200 reports). Validation used 10-fold cross-validation with paired t-tests across 10,000 Monte…
Genes, proteins, chemicals, diseases, species, mutations and cell lines named across the full text — each resolved to its canonical identifier and authoritative record.
Click any figure to enlarge with its caption.
Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11
Figure 12Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Information and Cyber Security · Cybercrime and Law Enforcement Studies
