An Adaptive Architecture for Cybersecurity Threat Intelligence: A Case Study on Kenyan Courts

Paul Okanda; Sarah Muriithi

doi:10.25159/3005-4222/20239

Authors

Paul Okanda United States International University-Africa https://orcid.org/0000-0001-5215-4368
Sarah Muriithi United States International University-Africa

DOI:

https://doi.org/10.25159/3005-4222/20239

Keywords:

cybersecurity, incident management, real-time threat detection, cyber

Abstract

Current threat intelligence systems often lack scalable, adaptive AI architectures capable of delivering real-time incident detection and dynamic response, particularly in resource-constrained environments. This paper presents a novel AI-driven architectural design for operational threat intelligence, specifically tailored to enhance cybersecurity in global and Kenyan judiciaries. The proposed model integrates three foundational frameworks, which are Integrated Adaptive Cyber Defence (IACD), the Cyber Kill Chain, and Moving Target Defence (MTD), into an architecture that supports real-time data ingestion, continuous AI model retraining, and automated response orchestration. The research design for this study adopts a mixed-methods approach, combining qualitative and quantitative methods to ensure a comprehensive understanding of the AI-driven operational Cyber Threat Intelligence (CTI) model. Key features include a dynamic feedback loop for adaptive learning, AI-powered multi-stage threat detection aligned with attack lifecycle mapping, and resource-efficient dynamic defence mechanisms suitable for low-resource judicial environments. This design significantly improves incident response capabilities by enabling faster, more accurate threat detection and automated mitigation, reducing mean time to detect and respond. By providing a scalable, transparent, and explainable AI model, the architecture offers a practical blueprint for enhancing cybersecurity resilience in judicial systems worldwide, with applicability to the unique challenges faced by Kenyan courts. This work lays the foundation for future extensions involving federated learning to enable secure, multi-court deployments, further strengthening collective judicial cybersecurity defences.

References

Adesokan-Imran, T. O., Popoola, A. D., Ejiofor, V. O., Salako, A. O., and Onyenaucheya, O. S. 2025. "Predictive Cybersecurity Risk Modeling in Healthcare by Leveraging AI and Machine Learning for Proactive Threat Detection." Journal of Engineering Research and Reports 27(4): 144-165. https://doi.org/10.9734/jerr/2025/v27i41463

Alfatemi, A., M. Rahouti, R. Amin, S. ALJamal, K. Xiong, and Y. Xin. 2024. Advancing DDoS Attack Detection: A Synergistic Approach Using Deep Residual Neural Networks and Synthetic Oversampling. https://arxiv.org/pdf/2401.0311

Anomali. 2024. How AI is Driving the Evolution of Threat Intelligence | Anomali. Blog Article. https://www.anomali.com/blog/ai-and-threat-intelligence

Arora, S., P. Khare, and S. Gupta. 2024. "AI-Driven DDoS Mitigation at the Edge: Leveraging Machine Learning for Real-Time Threat Detection and Response." 2024 International Conference on Data Science and Network Security (ICDSNS), 1-7. https://doi.org/10.1109/ICDSNS62112.2024.10690930

Aswani, P., T. Soumya, B. Shaji, and J. Justin. 2025. "Enhancing Cyber Threat Detection Accuracy: An AI-Powered Approach with Feature Selection and Machine Learning with Ensemble Learning for Cyber Threat Detection." IJFMR - International Journal for Multidisciplinary Research 7(2). https://doi.org/10.36948/IJFMR.2025.V07I02.39812

Bala, B., and S. Behal. 2024. "A Brief Survey of Data Preprocessing in Machine Learning and Deep Learning Techniques." 8th International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud), I-SMAC 2024 - Proceedings, 1755-1762. https://doi.org/10.1109/I-SMAC61858.2024.10714767

Balbix. 2025. Understanding Agentic AI and Its Cybersecurity Applications. https://www.balbix.com/insights/understanding-agentic-ai-and-its-cybersecurity-applications/

Chen, F., T. Wu, V. Nguyen, S. Wang, H. Hu, A. Abuadbba, and C. Rudolph. 2024. PEEK: Phishing Evolution Framework for Phishing Generation and Evolving Pattern Analysis Using Large Language Models. https://arxiv.org/pdf/2411.11389

Communications Authority of Kenya. 2024. Cybersecurity Report 2024. https://www.ca.go.ke/sites/default/files/2025-01/Cyber%20Security%20Report%20Q2%202024-2025.pdf

Dai, Y., X. Qian, and C. Yang. 2025. "Deep Reinforcement Learning-based Asymmetric Convolutional Autoencoder for Intrusion Detection." Journal of ICT Standardization. https://doi.org/10.13052/JICTS2245-800X.1314

DARKTRACE. 2025. Cyber Kill Chain. https://www.darktrace.com/cyber-ai-glossary/cyber-kill-chain

Deimos Blog. 2024. AI and Cybersecurity: Cloud Security. https://www.deimos.io/blog-posts/major-ai-trends-redefining-cybersecurity-in-2024

Dimitriadis, A., A. Papoutsis, D. Kavalieros, T. Tsikrika, S. Vrochidis, and I. Kompatsiaris. 2025. EVACTI: Evaluating the Actionability of Cyber Threat Intelligence. International Journal of Information Security 24(3): 1-13.

https://doi.org/10.1007/s10207-025-01033-z

E'mari, S., Y. Al, Sanjalawe, F. Fataftah, and F. Fataftah. 2025. "AI-Driven Security Systems and Intelligence Threat Response Using Autonomous Cyber Defense." Https://Services.Igi-Global.Com/Resolvedoi/Resolve.Aspx?Doi=10.4018/979-8-3373-0954-5.Ch002, 35-78. https://doi.org/10.4018/979-8-3373-0954-5.CH002

Google, N. S. 2020. GLU Variants Improve Transformer. https://arxiv.org/pdf/2002.05202

Goswami, S, S. Mondal, S. Halder, R. Nayak, and A. Sil. 2024. "Exploring the Impact of Artificial Intelligence Integration on Cybersecurity: A Comprehensive Analysis." Journal of Industrial Intelligence 2(2): 73-93. https://doi.org/10.56578/JII020202

Gummadi, H. S. B. 2025. "AI-augmented Workflow Resilience Framework for Cybersecurity Risk Mitigation in Hospital AI Systems." World Journal of Advanced Research and Reviews 26(2): 1175-1182. https://doi.org/10.30574/WJARR.2025.26.2.1754

Haug, M., and G. Velarde. 2025. "Performance of Machine Learning Classifiers for Anomaly Detection in Cyber Security Applications." Lecture Notes in Networks and Systems, 1346

https://doi.org/10.1007/978-3-031-87647-9_25

Hejleh, A. A., M. Sufian, O. Almallah, and H. Abdelnabi. 2025. "AI-Driven Intrusion Detection: A Machine Learning-Based Approach." 2025 International Conference on New Trends in Computing Sciences, ICTCS 2025, 64-71. https://doi.org/10.1109/ICTCS65341.2025.10989292

Hemanth Kumar, B., S. Teja Nuka, M. Malempati, H. Kumar Sriram, S. Mashetty, S. Kannan, and A. Professor. 2025. "Big Data in Cybersecurity: Enhancing Threat Detection with AI and ML". Metallurgical and Materials Engineering 31(3): 12-20. https://doi.org/10.63278/1315

IACD. 2024. Getting Ready for SOAR: Readiness Framework - IACD. https://www.iacdautomate.org/getting-ready-for-soar

IACD. 2025. Orchestration - IACD. https://www.iacdautomate.org/orchestration

Irshad, E., and A.B. Siddiqui. 2024. "Accurate Attack Detection in Intrusion Detection System for Cyber Threat Intelligence Feeds Using Machine Learning Techniques." KIET Journal of Computing and Information Sciences 7(1): 28-41. https://doi.org/10.51153/KJCIS.V7I1.198

Jaiswal, B. D. 2025. "Designing Scalable Software Automation Frameworks for Cybersecurity Threat Detection and Response." International Journal of Scientific Research and Management (IJSRM) 13(02): 1958-1980. https://doi.org/10.18535/IJSRM/V13I02.EC03

Judiciary. 2024. State of the Judiciary and Administration of Justice. https://www.judiciary.go.ke/wp-content/uploads/2024/11/POPULAR-VERSION-SOJAR-REPORT-FY-2023_24.pdf

Khodaskar, M., D. Medhane, R. Ingle, A. Buchade, and A. Khodaskar. 2022. "Feature-based Intrusion Detection System with Support Vector Machine." 2022 IEEE International Conference on Blockchain and Distributed Systems Security, ICBDS 2022. https://doi.org/10.1109/ICBDS53701.2022.9935972

Kwentoa, I. K. 2025. "AI-Driven Threat Intelligence for Enterprise Cybersecurity." Journal of Next-Generation Research 5.0 1(4). https://doi.org/10.70792/JNGR5.0.V1I4.125

Lakshmanan, M., M.M. Adnan, R.A Reddy, G. Vasukidevi, and G. Aarthy. 2024. "A Graph Neural Network and Transformer Encoder Technique for Anomaly and Cyber Threat Detection in Smart Grids." International Conference on Intelligent Algorithms for Computational Intelligence Systems, IACIS 2024. https://doi.org/10.1109/IACIS61494.2024.10721753

Lakshmi, S., M.R. Maalan, and R. Kishore Kumar. 2024. "Parametric Cyber Defense: A Sophisticated Machine Learning Architecture for Advanced Intrusion Detection and Threat Classification." Proceedings of the 5th International Conference on Data Intelligence and Cognitive Informatics, ICDICI 2024, 87-93. https://doi.org/10.1109/ICDICI62993.2024.10810824

Lakshminarayana, S., S. Member, Y. Chen, C. Konstantinou, D. Mashima, and A.K. Srivastava. 2024. Survey of Moving Target Defense in Power Grids: Design Principles, Tradeoffs, and Future Directions. https://arxiv.org/pdf/2409.18317

Lin, Y. D., Y.H. Lu, R.H. Hwang, Y.C. Lai, D. Sudyana, and W.B. Lee. 2025. "Evolving ML-Based Intrusion Detection: Cyber Threat Intelligence for Dynamic Model Updates." IEEE Transactions on Machine Learning in Communications and Networking, 3, 605-622. https://doi.org/10.1109/TMLCN.2025.3564587

Liu, Y., W. Li, and T. Chao. 2025. "Defense System Modeling and Effectiveness Evaluation Analysis Based on Kill Chain Model." Advances in Transdisciplinary Engineering 68: 219-228. https://doi.org/10.3233/ATDE250045

Liu, Y., Y. Tian, Y. Zhao, H. Yu, L. Xie, Y. Wang, Q. Ye, J. Jiao, and Y. Liu. 2024. VMamba: Visual State Space Model. https://arxiv.org/pdf/2401.10166Manasa, K. 2025. "Survey On Cyber Kill Chain." International Journal of Engineering Technology and Management Sciences Website: Ijetms.in Special Issue 1, 9. https://doi.org/10.46647/ijetms.2025.v09si01.020

Martin Lockheed. 2023. Cyber Kill Chain® | Lockheed Martin. https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html

Ministry of ICT. 2025. Republic Of Kenya Ministry Of Information, Communications And The Digital Economy Kenya National Artificial Intelligence (Ai) Strategy 2025-2030 [DRAFT].

Ongojo, F., J. Theuri Gitonga, and A. Wairegi. 2022. Leveraging AI in the Kenyan Judiciary: A Case for Utilizing Text Classification Models for Data Completeness in Case Law Meta Data in Kenya's Employment and Labor Relations Court. https://kippra.or.ke/leveraging-on-digital-technology-in-administration-of-justice/

Pal, S., I. Joshi, and C.R. Devi. 2025. Deep Learning Architectures for Natural Language Understanding and Computer Vision Applications in Cybersecurity. https://www.rademics.com/books/35

Rahmati, M. 2025. "Towards Explainable and Lightweight AI for Real-Time Cyber Threat Hunting in Edge Networks." https://arxiv.org/pdf/2504.16118

Raj, P., A. Rocha, A. Simar, P. Singh, P. Pushan, K. Dutta, and Sundaravadivazhagan Editors, B. 2025. Building Embodied AI Systems: The Agents, the Architecture Principles, Challenges, and Application Domains. Springer.

https://doi.org/10.1007/978-3-031-68256-8

Sani, A. I., and A.I. Sani. 2025. "Cyber Threat Intelligence for Industrial Automation: Al-Powered Strategies." https://doi.org/10.4018/979-8-3373-3241-3.CH007

SERP. 2025. "ReGLU: GLU Activation Function and Its Variants." SERP AI. https://serp.ai/posts/reglu/

The Judiciary. 2024. All Courts Nationwide Go Digital. News. https://judiciary.go.ke/judiciary-launches-e-filing-in-all-courts-data-tracking-dashboard-and-causelist-portal-portal/

Team, G., M. Riviere, S. Pathak, P.G. Sessa, C. Hardin, S. Bhupatiraju, L. Hussenot, T. Mesnard, B. Shahriari, A. Ramé, J. Ferret, P. Liu, P. Tafti, A. Friesen, M. Casbon, S. Ramos, R. Kumar, C. Lan, S. Le, Jerome, and A. Andreev. 2024. Gemma 2: Improving Open Language Models at a Practical Size. https://arxiv.org/pdf/2408.00118

Uddin, M. A., and I.H. Sarker. 2024. An Explainable Transformer-based Model for Phishing Email Detection: A Large Language Model Approach. https://doi.org/10.2139/ssrn.4785953

Vardhan R, V., and V. Kumar. 2025. "AI-Driven Cyber Threat Detection and Log Analysis." 2025 International Conference on Inventive Computation Technologies (ICICT). 676-681. https://doi.org/10.1109/ICICT64420.2025.11004938

White and Case. 2024. AI Watch: Global Regulatory Tracker - Kenya | White & Case LLP. News. https://www.whitecase.com/insight-our-thinking/ai-watch-global-regulatory-tracker-kenya?utm_source=chatgpt.com

Zhang, N., and Q. Li. 2023. "MTD'23: 10th ACM Workshop on Moving Target Defense." CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. 3653-3654. https://doi.org/10.1145/3576915.3624022

Zhao, W. X., K. Zhou, J. Li, T. Tang, X. Wang, Y. Hou, Y. Min, B. Zhang, J. Zhang, Z. Dong, Y. Du, C. Yang, Y. Chen, Z. Chen, J. Jiang, R. Ren, Y. Li, X. Tang, Z. Liu, and J.R Wen. 2023. "A Survey of Large Language Models." https://arxiv.org/pdf/2303.18223