From Reactive to Resilient: An OpenCTI-Driven Cyber Threat Intelligence Framework for Academic Institutions

Chika Lilian Onyagu; Izunna Lucky Chibuike

doi:10.63363/aijfr.2025.v06i04.1112

From Reactive to Resilient: An OpenCTI-Driven Cyber Threat Intelligence Framework for Academic Institutions

Author(s)	Dr. Chika Lilian Onyagu, Mr. Izunna Lucky Chibuike
Country	Nigeria
Abstract	The education sector; spanning universities, colleges, and research institutions, has increasingly become a prime target for cyber adversaries. Its open network environments, large and diverse user populations, and valuable intellectual property present a unique and challenging security landscape. Traditional reactive cybersecurity measures are often insufficient against the sophistication and persistence of modern threats. This paper introduces a proactive cyber threat intelligence (CTI) framework tailored specifically for the academic environment. Leveraging the open-source OpenCTI platform and integrating it with external intelligence sources such as AlienVault Open Threat Exchange (OTX), the proposed framework enables automated ingestion, enrichment, and analysis of threat data. By mapping this intelligence to the MITRE ATT&CK® framework, the approach provides deep insights into threat actors, their tactics, techniques, and procedures (TTPs). Using current OpenCTI data, the study identifies MirrorFace, LODEINFO, and MirrorStealer as significant threats to the sector, detailing their methods and associated attack models.Beyond identifying threats, the research outlines a four-pillar mitigation strategy: integrating threat intelligence into daily operations, hardening systems and managing patches, improving user awareness against phishing and social engineering, and strengthening incident response preparedness. This combination of technical and human-focused defenses shifts institutions from a reactive posture to a proactive, intelligence-driven security stance. By grounding the framework in open-source tools and community-driven data, the solution remains cost-effective and accessible; key considerations for resource-constrained academic environments. The findings demonstrate how structured intelligence, when operationalized effectively, can help institutions detect threats earlier, reduce risk exposure, and protect both institutional integrity and national research assets. This work contributes a practical, scalable, and actionable model for improving cybersecurity resilience in the education sector, with broader applicability to other open, collaborative environments facing similar challenges.
Keywords	Cyber threat intelligence, education sector, OpenCTI framework, proactive security
Field	Computer > Network / Security
Published In	Volume 6, Issue 4, July-August 2025
Published On	2025-08-23
DOI	https://doi.org/10.63363/aijfr.2025.v06i04.1112
Short DOI	https://doi.org/g9zx7k

View / Download PDF File

E-ISSN 3048-7641

doi

CrossRef DOI is assigned to each research paper published in our journal.

AIJFR DOI prefix is
10.63363/aijfr

Downloads

Research Paper Format Copyright Permission Form and Undertaking Form

All research papers published on this website are licensed under Creative Commons Attribution-ShareAlike 4.0 International License, and all rights belong to their respective authors/researchers.

CC-BY-SA

About AIJFR Fees & Payment Current Issue Publication Archive	Submit Research Paper Track Submission Status Publication Guidelines Publication Ethics Peer Review & Plagiarism	Join as a Reviewer Editors & Reviewers Reviewer Referral Program Get Reviewer Membership Certi.	Website/Journal Policies Usage Policy Content Policies Privacy Policy

Contact Us		+91-91574-37535	editor@aijfr.com

Advanced International Journal for Research

A Widely Indexed Open Access Peer Reviewed Multidisciplinary Bi-monthly Scholarly International Journal

From Reactive to Resilient: An OpenCTI-Driven Cyber Threat Intelligence Framework for Academic Institutions

Share this