Cyber Threat Intelligence Framework for Enhancing the Robustness of AI Models Against Adversarial Machine Learning
Loading...
Date
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
The British University in Dubai (BUiD)
Abstract
Adversarial Machine Learning (AML) threats pose critical challenges to the robustness of Intrusion Detection System (IDS) models, as existing IDS often lack intelligence-driven mechanisms to anticipate and mitigate evolving adversarial machine learning attacks. This research addresses these challenges by developing a Cyber Threat Intelligence (CTI)-based framework to enhance the resilience of AI-driven IDS. The framework integrates activity attack graphs, similarity analysis across tactical, technical, operational, and strategic intelligence, and cross-intelligence comparison supported by historical threat data to identify evolving threats and control gaps. The study follows an explanatory mixed-methods design. In the quantitative phase, experimental adversarial attacks were conducted against three IDS models: Artificial Neural Networks (ANN), Support Vector Machine (SVM), and Decision Tree using the CICIDS2017 dataset. Findings demonstrated that certain activity threads (e.g., model poisoning and targeted evasion) shared overlapping indicators, adversarial operations, and control gaps across intelligence types, thereby validating the framework’s ability to uncover hidden relationships between adversarial threats. In the qualitative phase, semi-structured interviews with domain experts validated the framework, highlighting its strengths in integrating monitoring, analytics, and threat hunting while identifying executional challenges such as data quality, scalability, and ethical constraints. This research makes a novel contribution by integrating CTI practices with AML defence to improve IDS model’s robustness. The findings provide both theoretical insight and practical guidance for organizations seeking to implement intelligence-driven strategies to protect AI models against adversarial attacks.
Keywords: adversarial machine learning, cyber threat intelligence, artificial intelligence, network security