Machine Learning Based Relevance Filtering of Shared Cyber Threat Intelligence​

Doctoral Training Grant Funding Information 

This funding model includes a 36 month fully funded PhD Studentship, set in-line with UK Research & Innovation values. For 2025/6, this will be £20,780 per year. The tax-free stipend will be paid monthly. This PhD Studentship also includes a Full-Time Fee Scholarship for up to 3 years. The funding is subject to your continued registration on the research degree, making satisfactory progression within your PhD, as well as attendance on and successful completion of the Postgraduate Certificate in Research Practice.    

All applicants will receive the same stipend irrespective of fee status. 

Application Closing Date: 


Midday (UK Time) on Wednesday 17th September 2025 for a start date of 2nd February 2026.  

How to Apply 

To apply, please follow the below steps:  

  1. Complete the BCU Online Application Form. 
  2. Complete the Doctoral Studentship Proposal Form in full, ensuring that you quote the project ID. You will be required to upload your proposal in place of a personal statement on the BCU online application form.  
  3. Upload two references to your online application form (at least one of which must be an academic reference). 
  4. Upload your qualification(s) for entry onto the research degree programme. This will be Bachelor/Master’s certificate(s) and transcript(s). 
  5. International applicants must also provide a valid English language qualification. Please see the list of English language qualifications accepted here. Please check the individual research degree course page for the required scores. 

Frequently Asked Questions 

To help support you to complete your application, please consult the frequently asked questions below: 

Project titleMachine Learning Based Relevance Filtering of Shared Cyber Threat Intelligence

Project Lead: Dr Khaled Mahbub 

Project ID: 07 - 45488234 

Project description:

ue to the explosive growth of Internet cyber threats are evolving at an unprecedented pace, and Cyber Threat Intelligence (CTI) has become an important asset for organisations to the creation of situation awareness and safeguarding of their systems against new and emerging cyber threats. Moreover, in today's interconnected digital landscape organisations are employing dedicated platforms to facilitate the automated or semi-automated sharing of CTI. However, this CTI sharing introduces several challenges, and the most crucial challenge is to handle the plethora of shared threat information that may not be relevant to each organisation. Therefore, content based relevance filtering of CTI is necessary to facilitate the automated sharing of CTI. As Cyber Security and CTI involve sheer volume of information, Big Data and Machine Learning (ML) could prove a natural choice to bolster the effectiveness of CTI sharing. It is found in the literature that Machine Learning has been used in Cyber Security in various perspective, for example, A) Natural Language Processing (NLP) has been used to extract structured CTI from unstructured threat reports, or from unstructured CTI reports. Machine Learning and Deep Learning has been utilized to easily identify, collect, analyse, extract, integrate, and share cyber-threat intelligence from a wide variety of online sources. B) Various ML models have been used to detect anomalous behaviour and predicting cyber threats. However, as far our knowledge go, Machine Learning has not been applied in the relevance filtering of CTI. Various existing relevance filtering mechanisms are found in the literature, e.g. CTI is filtered based on specific key terms or attributes, domain tagging is applied for CTI filtering, where CTIs are classified into different domains related to different organisations, contextual information of business processes has been used to describe conditions under which a given CTI is actionable from an organization perspective. All these approaches suffer from their own limitations, e.g. keyword based relevance filtering error-prone, and demands expertise in order to define the proper keywords. Domain tagging and contextualization may only result into high level filtering. Moreover, all these approaches are labour intensive and require manual intervention that could be an obstacle for automated sharing of CTI. 

This PhD research would investigate to develop a framework by applying Machine Learning techniques for relevance filtering in order to share CTI among organisations. The framework aims to be fully automatic that will analyse unstructured CTI reports and transform the CTI into structured format and then classify the structured CTI relevant to the organisations participating in CTI sharing. 

Anticipated findings and contributions to knowledge:

his PhD research would investigate to develop a framework by applying Machine Learning techniques for relevance filtering in order to share CTI among organisations. The framework aims to be fully automatic that will analyse unstructured CTI reports and transform the CTI into structured format (e.g. STIX/TAXII) and then classify the structured CTI relevant to the organisations participating in CTI sharing. Anticipated findings of this study are listed below: 

  • A structured language to specify CTI requirements of the organisations in different domains. 

  • ML models to classify CTI relevance tailored to the requirements of different organisations.  

  • A conceptual framework for sharing CTI among participating organisations and implementation of a proof-of-concept prototype of the framework. 

  • Comparative evaluation of the implemented prototype against existing works. 

Person Specification:

Essential Criteria: 

  • Candidates should have strong academic record, including a first-class or upper second-class honours degree in computer science, engineering or a related discipline, and potentially a Master's degree.  

  • Strong programming skills. 

  • Demonstrated ability to conduct independent research, including critical assessment of existing research. 

Desirable Criteria: 

  • Ability to communicate complex information effectively, both verbally and in writing, engaging the interest and enthusiasm of the target audience. 

  • Familiarity with Machine Learning algorithms/models (e.g. Large Language Models) 

  • Familiarity with Cyber Security concepts (e.g. Cyber Threats)

Overseas applicants:

International applicants must also provide a valid English language qualification, such as International English Language Test System (IELTS) or equivalent with an overall score of 6.5 with no band below 6.0.  

Contact:

If you have any questions or need further information, please use the contact details below: 

- For enquiries about the funding or project proposal, please contact:Khaled.mahbub@bcu.ac.uk. 

- For enquiries about the application process, please contact: research.admissions@bcu.ac.uk.