WAITI 2025

Workshop on AI for Cyber Threat Intelligence 

WAITI 2025: AI and LLMs Revolutionizing Cyber Threat Intelligence

The Second Workshop on AI for Cyber Threat Intelligence (WAITI 2025), co-located with the Annual Computer Security Applications Conference (ACSAC) in Hawaii on December 8, 2025, will explore how Artificial Intelligence (AI), particularly Natural Language Processing (NLP) and Large Language Models (LLMs), are transforming cyber threat intelligence (CTI). This year, WAITI has merged with the IoT Security and Cyber Threat Intelligence (IoT-SCTI) Workshop to offer a broader scope.

The cybersecurity landscape is overwhelmed by a constant influx of data. Traditional CTI methods, often manual or keyword-based, struggle to keep up with the volume and sophistication of modern threats, leading to inefficiencies and missed threat signals. LLMs are proving revolutionary in addressing these challenges, offering unparalleled capabilities to comprehend context, generate insights, and reason over unstructured textual data. This enables scalable automation, accurate threat interpretation, and real-time intelligence extraction, empowering organizations to move from reactive defenses to proactive, anticipatory strategies.

WAITI 2025 invites original, high-quality contributions, preliminary work, and novel ideas on topics including:

• Information extraction, deep learning architectures, and visualization techniques for CTI.
• Applying LLMs for CTI, including threat-hunting, attribution, sharing, and tracking adversaries.
• Threat quantification & prioritization, explainable AI in cybersecurity, and dynamic threat adaptation with LLMs.
• Multimodal threat intelligence fusion, LLMs for malware detection, and bias mitigation in LLMs.
• Federated learning for threat detection, LLMs for social media threat analysis, and understanding technical language for CTI.
• Cross-lingual threat intelligence, misinformation detection, and LLM-powered threat scenario generation.
• Human-in-the-loop systems, explainable CTI reports, and benchmarking LLM performance.
• Legal and ethical considerations for AI, and Zero Trust in relation to CTI.
• CTI in the IoT domain, including network/host-based intrusion detection, web crawlers for IoT threat info, malware analysis, threat actor profiling, and correlating IoT threat data.
• AI/GenAI applications for user behavior analysis, mobility management, network control, and within 6G networks.
• Blockchain-based approaches for CTI, and real-world CTI case studies.
• LLMs for network security and privacy, including anomaly/fault detection, malware detection in traffic, QoS/QoE prediction, federated learning, and network data analytics.
• Summarization of network incidents and logs via LLMs, and LLM applications in 6G, IoT, and space-terrestrial integrated networks.
• Ethical considerations, fairness, and bias in LLM-driven systems, and LLMs for cybersecurity education and training.

This workshop will serve as a vibrant platform for researchers, practitioners, and enthusiasts to explore cutting-edge approaches and foster collaboration in shaping the future of intelligent cyber defense.