MAD-CTI: Cyber Threat Intelligence Analysis of the Dark Web Using a Multi-Agent Framework
The dark web is a host to illicit activities where hacker forums, blogs, and articles provide significant insights into Cyber Threat Intelligence (CTI) that are frequently unavailable on the surface web. The increasing incidence of security breaches underscores the necessity for advanced CTI solutio...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10908603/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850250788311400448 |
|---|---|
| author | Sayuj Shah Vijay K. Madisetti |
| author_facet | Sayuj Shah Vijay K. Madisetti |
| author_sort | Sayuj Shah |
| collection | DOAJ |
| description | The dark web is a host to illicit activities where hacker forums, blogs, and articles provide significant insights into Cyber Threat Intelligence (CTI) that are frequently unavailable on the surface web. The increasing incidence of security breaches underscores the necessity for advanced CTI solutions to defend against emerging threats. This paper introduces MAD-CTI, a novel multi-agent framework based on Large Language Models (LLM) designed to extract insights from dark web sources. It independently scrapes, analyzes, and classifies content related to vulnerabilities, malware, and hacking, by leveraging a multi-agent architecture to improve efficiency, scalability, and consistency. By utilizing state-of-the-art LLM models and agents, we demonstrate how organizations can adopt this methodology to enhance the accuracy and efficiency of CTI. |
| format | Article |
| id | doaj-art-622c81dec5d44a2c9c2edac63895716d |
| institution | OA Journals |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-622c81dec5d44a2c9c2edac63895716d2025-08-20T01:58:05ZengIEEEIEEE Access2169-35362025-01-0113401584016810.1109/ACCESS.2025.354717210908603MAD-CTI: Cyber Threat Intelligence Analysis of the Dark Web Using a Multi-Agent FrameworkSayuj Shah0Vijay K. Madisetti1https://orcid.org/0000-0002-6539-6769College of Computing, Georgia Institute of Technology, Atlanta, GA, USASchool of Cybersecurity and Privacy, Georgia Institute of Technology, Atlanta, GA, USAThe dark web is a host to illicit activities where hacker forums, blogs, and articles provide significant insights into Cyber Threat Intelligence (CTI) that are frequently unavailable on the surface web. The increasing incidence of security breaches underscores the necessity for advanced CTI solutions to defend against emerging threats. This paper introduces MAD-CTI, a novel multi-agent framework based on Large Language Models (LLM) designed to extract insights from dark web sources. It independently scrapes, analyzes, and classifies content related to vulnerabilities, malware, and hacking, by leveraging a multi-agent architecture to improve efficiency, scalability, and consistency. By utilizing state-of-the-art LLM models and agents, we demonstrate how organizations can adopt this methodology to enhance the accuracy and efficiency of CTI.https://ieeexplore.ieee.org/document/10908603/Cybersecurity defensecyber threat intelligencedark webhacklarge language models (LLMs)malware |
| spellingShingle | Sayuj Shah Vijay K. Madisetti MAD-CTI: Cyber Threat Intelligence Analysis of the Dark Web Using a Multi-Agent Framework IEEE Access Cybersecurity defense cyber threat intelligence dark web hack large language models (LLMs) malware |
| title | MAD-CTI: Cyber Threat Intelligence Analysis of the Dark Web Using a Multi-Agent Framework |
| title_full | MAD-CTI: Cyber Threat Intelligence Analysis of the Dark Web Using a Multi-Agent Framework |
| title_fullStr | MAD-CTI: Cyber Threat Intelligence Analysis of the Dark Web Using a Multi-Agent Framework |
| title_full_unstemmed | MAD-CTI: Cyber Threat Intelligence Analysis of the Dark Web Using a Multi-Agent Framework |
| title_short | MAD-CTI: Cyber Threat Intelligence Analysis of the Dark Web Using a Multi-Agent Framework |
| title_sort | mad cti cyber threat intelligence analysis of the dark web using a multi agent framework |
| topic | Cybersecurity defense cyber threat intelligence dark web hack large language models (LLMs) malware |
| url | https://ieeexplore.ieee.org/document/10908603/ |
| work_keys_str_mv | AT sayujshah madcticyberthreatintelligenceanalysisofthedarkwebusingamultiagentframework AT vijaykmadisetti madcticyberthreatintelligenceanalysisofthedarkwebusingamultiagentframework |