In recent years, the increasing frequency and ferocity of cyberattacks has driven the cybersecurity community to establish advanced and intelligent solutions to share and use cyber threat intelligence (CTI) to enhance our ability to identify malicious activity and its sources, inform decision-making solutions, and mitigate attacks in a timely manner. CTI facilitates situational awareness of the threat landscape, a deeper understanding of threat actors and their tactics, techniques, and procedures (TTPs), and greater agility to defend against evolving threats.

However, the management of accurate, reliable, and complete cyber threat information from deployed security appliances, deception solutions, and third parties is increasingly challenging. The adoption of various methods, standards, and practices introduces major interoperability concerns. Legal requirements that dictate appropriate protection of users’ privacy must be respected and automating the process to improve the community’s readiness in counteracting cyber threats is essential. Investment in artificial intelligence and machine learning techniques is necessary for more efficient analysis of the vast amounts of information produced and exchanged among stakeholders to enhance the ability to reveal unexpected insights from communicated data, cope with the smart and innovative methods used by threat actors, and to identify advanced anti-forensics and evasion methods adopted by cyber-criminals. Considering the above and the increasing reliance of defense mechanisms on CTI sharing, research on advanced solutions for CTI management and sharing is significantly important.

This Special Issue aims to publish work relating to recent advances in CTI, regarding every step of its lifecycle, from its creation and sharing to analysis and consumption, aiming to significantly enhance the value of CTI for the cyber community. We welcome both original research and review articles.

Potential topics include but are not limited to the following:

• Threat modelling
• Threat and vulnerability analysis
• Artificial intelligence/machine learning-based cyber threat analysis
• Data privacy in CTI management
• Interoperability issues in CTI sharing
• CTI evaluation
• Deception technologies
• Dynamic risk management analysis
• Cyber-threat detection and response
• CTI sharing
• CTI consumption and integration
• Cyber-threat hunting and curation
• Blockchain-based CTI management
• Dark web CTI exploration
• Threat analysis for cyber-physical systems
• CTI-based dynamic risk management