Implementing and Evaluating an IoC-Driven Early Warning System for Enhanced Cybersecurity Resilience

Article Sidebar

Page Numbers: 422-440
Download PDF
Published: Jul 22, 2025
Digital Object Identifier: 10.58578/amjsai.v2i2.6805
Save this to:
Save to Mendeley Download RIS

Article Metrics:
Viewed: 217 times
Downloaded: 147 times
Article can trace at:

Author Fee:
Free Publication Fees for Foreign Researchers (USD 0.00)
Check for article on SINTA:

LYAS Publisher cordially invites qualified professionals to serve as Editors or Reviewers. Your expertise will make an important contribution to maintaining and strengthening the academic quality of our publications. Interested applicants are kindly requested to complete the application form at the following link: Editors & Reviewers

Connected Papers:
Connected Papers

Please feel free to contact us if you need any further information about the submission process or if you have any additional questions.

Authors:
Adereti Rasak Raji1, Adenomon M. O.2, Gilbert I. O.3, Aimufua Steven I. Bassey4
Copyright :

Authors retain copyright and grant the journal right of first publication.


Main Article Content

Adereti Rasak Raji
Nasarawa State University Keffi, Nigeria
Adenomon M. O.
Nasarawa State University Keffi, Nigeria
Gilbert I. O.
Nasarawa State University Keffi, Nigeria
Aimufua Steven I. Bassey
Nasarawa State University Keffi, Nigeria

Abstract

In the contemporary digital landscape, organizations are increasingly confronted by sophisticated cyber threats that render traditional reactive security measures inadequate, particularly in the face of advanced persistent threats (APTs) and rapidly evolving attack vectors. This paper proposes the design, implementation, and evaluation of an Indicator of Compromise (IoC)-driven Early Warning System (EWS) to proactively bolster cybersecurity resilience. Grounded in the principles of Cyber Threat Intelligence (CTI) and Design Science Research (DSR), the proposed framework termed the Intelligent Detection and Early Warning (IDEW) System integrates multiple threat intelligence feeds, employs advanced analytics for real-time threat detection, and delivers actionable insights to support timely incident response. The study explores the theoretical foundations of CTI and DSR, outlines key architectural considerations for the IDEW System, and presents a conceptual case study illustrating its application in identifying and mitigating emerging threats, including the 'Salt Typhoon' APT campaign. Additionally, the paper addresses challenges in operationalizing CTI, such as data integration, contextual relevance, and alert fatigue, and underscores the importance of human expertise, robust data governance, and iterative refinement for effective system deployment. This research contributes to the evolving discourse on proactive cybersecurity strategies, offering a structured, intelligence-driven approach to building adaptive and resilient defense mechanisms in a dynamic threat environment.

Keywords:
Share Article:

Citation Metrics:

 Scopus



Downloads

Download data is not yet available.

Scopus Citation Data

Data source Crossref
0
citations
Check Secondary Documents in Scopus
Open this article in Scopus, then check the Secondary documents tab. Use Manual Citation Fallback only for counts you have verified manually.
Open in Scopus
Similar Scopus Articles
Scopus
  1. Chen M. (2027)
    Thermal regulation of mineral structural evolution during the early-stage oxygen-lean oxidation of sulfur-bearing coal gangue
    Fuel, 427
  2. Zhang L. (2027)
    A multiscale simulation model for shale gas production considering multiphase flow characteristics under nano-confined conditions
    Fuel, 427
  3. Fan Y. (2027)
    Unraveling radical-mediated mechanisms in lignin pyrolysis: Diffusion-controlled kinetics and structure–reactivity–product correlations
    Fuel, 427

Article Details

How to Cite
Raji, A. R., O., A. M., O., G. I., & Bassey, A. S. I. (2025). Implementing and Evaluating an IoC-Driven Early Warning System for Enhanced Cybersecurity Resilience. African Multidisciplinary Journal of Sciences and Artificial Intelligence, 2(2), 422-440. https://doi.org/10.58578/amjsai.v2i2.6805

Creative Commons License
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

References

[1] Ainslie, S., Thompson, D., Maynard, S., & Ahmad, A. (2023). Cyber-threat intelligence for security decision-making: A review and research agenda for practice. Computers & Security, 132, 103352. https://doi.org/10.1016/j.cose.2023.103352
[2] Goel, N., Mansi, & Sethi, N. (2022). CYBER THREAT INTELLIGENCE: A SURVEY ON PROGRESSIVE TECHNIQUES AND CHALLENGES. International Journal of Advances in Science Engineering and Technology, 10(3), 65-70. https://iraj.in/journal/IJASEAT/paper_detail.php?paper_id=18902&name=Cyber_Threat_Intelligence:_A_Survey_on_Progressive_Techniques_and_Challenges
[3] Sree, G. N., & Modali, S. (2022). Understanding the behaviour of IOCs during their lifecycle. Blekinge Institute of Technology. https://www.diva-portal.org/smash/get/diva2:1721508/FULLTEXT02.pdf
[4] Hevner, A. R., March, S. T., Park, J., & Ram, S. (2004). Design Science in Information Systems Research. MIS Quarterly, 28(1), 75-105. https://wise.vub.ac.be/sites/default/files/thesis_info/design_science.pdf
[5] MITRE. (n.d.). ATT&CK® Design and Philosophy. Retrieved from
https://attack.mitre.org/docs/ATTACK_Design_and_Philosophy_March_2020.pdf
[6] CISA. (2024, February 7). PRC-Sponsored Cyber Actors Known as Volt Typhoon Target U.S.
Critical Infrastructure. Cybersecurity and Infrastructure Security Agency. https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-038a
[7] Fortinet. (n.d.). What are Indicators of Compromise (IoCs)?. Retrieved from
https://www.fortinet.com/resources/cyberglossary/indicators-of-compromise
[8] Splunk. (n.d.). Indicators of Compromise (IoCs): An Introductory Guide. Retrieved from
https://www.splunk.com/en_us/blog/learn/ioc-indicators-of-compromise.html
[9] Cisco. (n.d.). What Are Indicators of Compromise (IOC)?. Retrieved from https://www.cisco.com/site/us/en/learn/topics/security/what-are-indicators-of-compromise-ioc.html
[10] SentinelOne. (n.d.). What are Indicators of Compromise (IoCs)? A Comprehensive Guide. Retrieved from https://www.sentinelone.com/cybersecurity-101/threat-intelligence/what-are-indicators-of-compromise-iocs-a-comprehensive-guide/
[11] CrowdStrike. (n.d.). Indicators of Compromise (IOC) Security Explained. Retrieved from https://www.crowdstrike.com/en-us/cybersecurity-101/threat-intelligence/indicators-of-compromise-ioc/
[12] Group-IB. (n.d.). Indicators of Compromise (IoCs): Detect & Prevent Cyber Attacks.
Retrieved from https://www.group-ib.com/resources/knowledge-hub/iocs/
[13] IKARUS Security. (n.d.). Indicators of Compromise (IoC) and Indicators of Attack (IoA). Retrieved from https://www.ikarussecurity.com/en/security-news-en/ioc-and-ioa-definition-examples-benefits/
[14] Microsoft. (n.d.). What Are Indicators of Compromise (IOC)?. Retrieved from https://www.microsoft.com/en-us/security/business/security-101/what-are-indicators-of-compromise-ioc
[15] Wiz. (n.d.). IOC Security: The Role Of Indicators Of Compromise In Cybersecurity.
Retrieved from https://www.wiz.io/academy/ioc-security
[16] Cyble. (n.d.). What Is IOC In Cybersecurity? | Indicators Of Compromise. Retrieved from https://cyble.com/knowledge-hub/what-is-ioc-in-cybersecurity/
[17] Arctic Security. (2023, January 27). How do Early Warning Systems improve cyber and IT effectiveness?. Retrieved from https://www.arcticsecurity.com/resources/how-do-early-warning-systems-improve-cyber-and-it-effectiveness
[18] Number Analytics. (2025, May 25). Early Warning Systems: A Key to International Security. Retrieved from https://www.numberanalytics.com/blog/early-warning-systems-international-security
[19] UNDRR. (2023, December 2). Global Status of Multi-Hazard Early Warning Systems 2023. Retrieved from https://www.undrr.org/media/91954/download
[20] UNU-EHS. (2024, March 15). Assessment of early warning systems in four Indian Ocean island states. Retrieved from https://unu.edu/ehs/project/assessment-early-warning-systems-four-indian-ocean-island-states-ioc-ews
[21] UNISDR. (2005, February 16). Evaluation and strengthening of Early Warning Systems in the Indian Ocean. Retrieved from https://www.unisdr.org/2006/ppew/tsunami/pdf/flash-appeal-TEWS-project.pdf
[22] ResearchGate. (2024, August 30). (PDF) Early Warning Systems for Natural Disasters. Retrieved from https://www.researchgate.net/publication/383565185_Early_Warning_Systems_for_Natural_Disasters
[23] IEEE Xplore. (2024). Early-warning systems built on an AI-powered, IoT-driven multi-gas sensor platform. Retrieved from https://ieeexplore.ieee.org/document/10658655/
[24] ScienceDirect. (2024). A critical review of digital technology innovations for early warning systems. Retrieved from https://www.sciencedirect.com/science/article/pii/S2212420923006313
[25] SpringerLink. (2025). An expert-based assessment of early warning systems in the South Ethiopia Regional State. Retrieved from https://link.springer.com/article/10.1007/s43621-025-00943-1
[26] Congress.gov. (n.d.). CRS Product IF12798. Retrieved from
https://www.congress.gov/crs-product/IF12798
[27] U.S. Department of Justice. (n.d.). Cybersecurity & Infrastructure Security Agency (CISA) Advisory: PRC-Sponsored Cyber Actors Known as Volt Typhoon Target U.S. Critical Infrastructure. Retrieved from https://www.justice.gov/opa/pr/cybersecurity-infrastructure-security-agency-cisa-advisory-prc-sponsored-cyber-actors-known
[28] MITRE. (n.d.). ATT&CK® Navigator. Retrieved from https://attack.mitre.org/navigator/
[29] Mandiant. (n.d.). APT41: A Dual Espionage and Cyber Crime Operation. Retrieved from
https://www.mandiant.com/resources/apt41-dual-espionage-cyber-crime-operation
[30] FireEye. (n.d.). APT28: A Look Back at a Decade of Russian Cyber Espionage. Retrieved from https://www.fireeye.com/blog/threat-research/2020/03/apt28-decade-of-russian-cyber-espionage.html
[31] Palo Alto Networks. (n.d.). Unit 42: Threat Intelligence. Retrieved from.

Explore Our Journals
Find the most suitable journal for your research. If this journal does not fully align with the scope of your manuscript, we invite you to explore our wider portfolio of journals covering diverse fields of study. Please select one of the journals below to identify the most appropriate publication platform for your work.