CyberDualNER: A Dual-Stage Approach for Few-Shot Named Entity Recognition in Cybersecurity

Abstract

As the frequency of cyberattacks rises, extracting actionable cyber threat intelligence (CTI) from diverse online sources has become critical for proactive threat detection and defense. Named entity recognition (NER) serves as a foundational task in CTI extraction, supporting downstream applications such as cybersecurity knowledge graph construction and attack attribution. However, existing NER methods face significant challenges in the cybersecurity domain, including the need to identify highly specialized entity types and adapt to rapidly evolving threats. These challenges are further exacerbated in few-shot scenarios with limited annotated data. In this work, we focus on few-shot NER for CTI extraction in general cyber environments. Our goal is to develop robust and adaptable methods that are not restricted to specific infrastructures (e.g., traditional IT systems), but instead can generalize across diverse cybersecurity contexts. Specifically, to address these issues, we propose CyberDualNER, a novel dual-stage framework for few-shot NER, which includes span detection and entity classification. In the first stage, we proposed a span detector that can utilize data from large-scale general domains to detect possible entity spans. Based on the detected spans, in the second stage, we propose a prompt-enhanced metric-based classifier. We use category descriptions to build prompt templates, extract category anchor representations, and classify entities based on similarity to span representations. By incorporating prior knowledge, we improve performance while reducing data dependency, which ensures generalizability in the face of emerging entities. Extensive experiments on real-world CTI datasets demonstrate the effectiveness of CyberDualNER, with significant performance improvements over baseline methods. Notably, the framework achieves robust results in scenarios with minimal annotated samples, highlighting its potential for practical applications in cybersecurity intelligence extraction.

1. Introduction

With the exponential expansion of the internet in recent decades, the frequency of cyberattacks has surged, posing serious risks to individuals and organizations alike. According to the annual report “The State of Cyber Security 2025” released by Check Point [1], the number of global cyber attacks has increased sharply by 44% year-on-year. A vast amount of CTI is widely distributed across public media platforms such as technical blogs, community forums, and social media. These information sources are broad in scope and highly timely, offering crucial support for threat warning and defense. By extracting relevant information from CTI data during the early and often stealthy stages of a cyberattack, it becomes possible to predict potential threats earlier [2]. Consequently, security organizations are increasingly focused on extracting CTI from cybersecurity-related texts available online to comprehensively understand current or future cyber threats and enhance defensive capabilities. This demand has spurred intensive research into CTI extraction techniques. Within the realm of cybersecurity, NER [3,4,5] serves as a foundational task for CTI analysis, particularly in constructing cybersecurity knowledge graphs [6,7] or modeling threat [8], which in turn facilitates attack attribution and supports proactive threat hunting, thus paving the way to improve the resilience of the network.

In recent years, numerous studies related to CTI extraction have emerged [9], and existing methods can be broadly categorized into rule-based and model-based approaches. The rule-based approaches [10] employ generic, pre-defined rules and domain-specific dictionaries to extract CTI, which suffer from poor generalization, high maintenance costs, and difficulty in identifying complex entities. On the other hand, the model-based approaches [11,12] leverage pre-trained models such as BERT [13,14] to obtain adaptive word embeddings for CTI extraction, which has demonstrated exceptional performance. However, these methods heavily rely on large-scale, high-quality annotated datasets, resulting in a significant performance degradation due to limited annotated data. Furthermore, their susceptibility to adversarial attacks raises serious concerns regarding their robustness, limiting their reliability in safety-critical or real-world applications [15]. As opposed to conventional NER, few-shot NER [16,17,18,19] aims to perform NER with as few annotated samples as possible and has become a major research focus in general-domain information extraction, which is more helpful for information extraction in specific domains such as cybersecurity.

The NER tasks in the cybersecurity domain also face several significant challenges, such as unique and specialized textual characteristics, for example, special characters and numbers. The emerging entity terms in evolving cybersecurity threats also pose a challenge to NER tasks in the cybersecurity domain.

To address the challenges mentioned above in the cybersecurity domain, we propose a dual-stage NER model called CyberDualNER, which performs well in the data-scarcity setting. To be specific, to use rich annotated examples from the general domain, we divide the NER task into two subtasks: span detection and entity classification. The first stage focuses on detecting all mentioned entities in any text, while the second stage assigns the detected spans to their corresponding cybersecurity entity categories. In the first stage, we focus on span detection, which is more related to linguistic features such as syntax and semantics, independent of the domain. Therefore, we adopt the “BIO” sequence labelling scheme and train a base span detector using rich general-domain corpora. Notably, in order to adapt the model to the unique characteristics of cybersecurity texts, we preprocess the texts while preserving the semantics, including cleaning, filtering, and anonymizing long words. In the second stage, to introduce prior knowledge and improve classification performance in the context of scarce cybersecurity samples, we design a prompt-enhanced metric learning approach. Specifically, we construct templates based on cybersecurity texts and related entity type descriptions to obtain entity type anchor representations that integrate contextual information for domain-specific entity types. We then assign entity types to candidate spans using a similarity-based metric learning strategy. This approach allows entity type representations to be independent of data and improves the detection of temporal dynamics and emergent entities, ensuring generalizability. Experiments on real-world annotated CTI datasets demonstrate that our model achieves significant performance improvements compared to the baseline approaches, highlighting its effectiveness.

To summarize, we make the following contributions:

• We propose an innovative dual-stage framework tailored for few-shot NER in the cybersecurity domain. This framework decouples span detection and entity classification into two separate tasks, leveraging abundant general-domain corpora to build a domain-independent span detector while focusing limited domain-specific resources on high-performance entity classification.
• To ensure the generalization of classification for emerging entities, we design a prompt-enhanced metric-based classifier. This module builds prompt templates to leverage prior knowledge of cybersecurity entity categories, obtains category anchor representations, and compares them with candidate entities based on similarity, achieving data-independent classification, which reduces the impact of few-shot bias.
• Extensive experiments on real-world datasets under various few-shot conditions demonstrate the superiority of our CyberDualNER model. Notably, our method maintains effectiveness even in extremely few-shot scenarios, significantly outperforming baseline models.

2. Problem Definition

2.1. Preliminaries

In this section, we first introduce the notations and definitions used throughout this paper. Then, we formally define the NER and few-shot NER problems.

Table 1. Notations and comments.

Notation	Comments
x	text sequences.
$y^{BIO}$	label for span detection
$y^{SC}$	label for span classification
H	contextualized representations of x.
$\mathcal{K}$	$\mathcal{K}$ is the set of named entity Types.
$c_j$	The center vector of the j-th entity category.
$s_i$	The i-th span in a sentence.
$rep{r}_{s_i}$	The representation of the i-th span.

lists the notations that will be used in this paper.

NER is a fundamental task in information extraction, which aims to identify contiguous spans in a text sequence $x=\{x_1,x_2,\dots ,x_L\}$ of length L that refer to entities belonging to a predefined set of categories $\mathcal{T}=\{t_1,t_2,\dots ,t_k\}$ (e.g., Person, Location, Organization). Formulated as a sequence labeling problem, each token $x_i$ is assigned a label $y_i$ indicating whether it is part of an entity.

Traditional NER methods typically rely on a supervised learning paradigm, requiring a large number of annotated examples per entity type to achieve satisfactory generalization. However, in many real-world domains such as medicine, finance, and law, obtaining high-quality labeled data is costly and time-consuming. This practical constraint motivates the few-shot NER setting, where only m annotated instances are available for each category, with m often being as small as 1, 2, 5, or 10. Formally, let

$$\mathcal{D}={\mathcal{D}}_{\mathrm{train}}\cup {\mathcal{D}}_{\mathrm{val}}\cup {\mathcal{D}}_{\mathrm{test}},{\mathcal{D}}_{\mathrm{train}}=\bigcup _{t\in \mathcal{T}}{\mathcal{D}}_t^{\mathrm{train}},\left|{\mathcal{D}}_t^{\mathrm{train}}\right|=m,$$

(1)

the objective of few-shot NER is to learn a model $f:\mathcal{X}\to \mathcal{Y}$ using only the limited training set ${\mathcal{D}}_{\mathrm{train}}$, such that it can accurately detect and classify entity spans in the test set ${\mathcal{D}}_{\mathrm{test}}$.

In the few-shot regime, two core challenges arise: (1) span detection, since scarce examples hinder accurate boundary identification; and (2) entity type representation, as limited samples make it difficult to learn robust semantic features for each category, especially in domain-specific contexts where specialized terminology appears. To address these issues, recent studies have explored the integration of domain-specific priors (e.g., knowledge graphs) into few-shot learning frameworks, as well as metric-learning and meta-learning approaches such as prototypical networks and contrastive learning, to enhance generalization under few-shot conditions.

2.2. General Domain vs. Cybersecurity Domain

In this section, we introduce the difference between the general domain and the cybersecurity domain in the NER task. Compared to the extensively studied general domain, the cybersecurity domain faces several significant challenges, making it difficult to directly transfer and apply solutions from the general domain.

1. Unique textual characteristics: Texts in the cybersecurity domain have distinctive features. In general domains, entities might be ambiguous, but pre-trained language models can leverage contextual dependencies to enhance disambiguation. In contrast, cybersecurity texts often include terms composed of a mix of uppercase and lowercase letters, special characters, and numbers (e.g., malware names such as “AgentTesla2” or lengthy paths, hash values, and URLs). Such characteristics degrade the tokenization quality of default generic tokenizers, leading to subpar token-level representations in pre-trained models, which ultimately impacts performance.

2. Domain-specific entity types: Entity types in the field of cybersecurity exhibit a high degree of specialization. Compared to the general-domain entity types shown in Figure 1, cybersecurity entity types are not only more fine-grained (e.g., “Tool” is refined into “Malware” and “Loophole”) and more specific (e.g., “Time” refers specifically to “Attack Time”), but also include special miscellaneous entity categories such as “MalwareType” and “OS”, which are associated with potential cybersecurity threats. These categories often require domain-specific prior knowledge for accurate differentiation, thus increasing the complexity of extraction.

3. Temporal dynamics and emerging entities: Cybersecurity threats evolve rapidly, with attack methods and entities continuously changing. Emerging entity terms often have novel morphological structures that lack direct semantic references or are entirely new coinages. These characteristics hinder extraction models trained on outdated textual data from accurately recognizing specialized terms in new threat intelligence.

Therefore, due to the many challenges mentioned above, we need to design specific pre-processing and external knowledge injection operations for the network security text in order to improve the effectiveness of NER tasks in the cybersecurity domain.

3. Related Work

To provide a comprehensive understanding of the research landscape, we categorize existing studies into three major areas. First, we introduce prior work on CTI extraction, which serves as the primary task of our study. Given the limited availability of annotated CTI data, we further review few-shot NER approaches that aim to alleviate data scarcity. Specifically, we divide these into two categories: metric-based methods, which rely on distance-based learning for entity classification, and prompt-based methods, which utilize the expressive power of pre-trained language models through task-specific prompting. Our approach is designed by integrating ideas from both metric- and prompt-based few-shot learning to improve CTI entity extraction in few-shot scenarios.

3.1. Cyber Threat Intelligence Extraction

Automating the extraction of authoritative CTI plays a pivotal role in identifying, tracking, and mitigating cyberattacks [2]. A fundamental aspect of this process is recognizing cybersecurity entities. Accurate NER not only facilitates the construction of cybersecurity knowledge graphs but also supports informed decision-making in defense strategies and promotes information sharing among organizations.

Early studies predominantly relied on predefined rules [20]. For instance, Liu et al. [21] designed rule-based methods tailored for extracting target entities from XML-formatted data. Burger et al. [10] employed general predefined rules to extract Indicators of Compromise (IoC), such as IP addresses and hashes. While effective, these approaches demanded extensive domain knowledge and imposed stringent requirements on data standardization. In contrast, statistical methods [22,23,24,25] such as those based on support vector machines (SVMs) [24] and conditional random fields (CRFs) [26] bypassed the need for explicit rules, offering greater flexibility. However, these methods struggled with automation in feature extraction and exhibited performance limitations when processing large-scale text data.

With the advent of annotated datasets and advancements in NLP and deep learning, numerous automated approaches for identifying cybersecurity-related entities and relationships have emerged  [27]. Dionísio et al. [28] annotated five categories of entities from Twitter data and employed BiLSTM networks for entity recognition. Satyapanich et al. [29] expanded the annotation of 1000 English news articles to include 20 cybersecurity-specific entities (e.g., files, devices, and software). Building on BiLSTM, their work introduced an attention mechanism to highlight salient parts of the text, improving extraction accuracy. Wang et al. [11] developed a dataset annotated by experts with 13 types of cybersecurity entities and provided a benchmark evaluation using deep learning models. Simran et al. [30] combined stacked Bi-GRU and CNN layers to capture high-level token representations. Evangelatos et al. [31] used transformer-based models to perform the NER task in CTI extraction in order to extract actionable information from various online sources. Zhou et al. [32] validated the application of the general-domain BERT-BiLSTM-CRF framework in the cybersecurity domain. Aravind et al. [33] compared five different NER models, such as BiLSTM, BiLSTM-CRF, and BERT-BiLSTM-CRF, and found that the BERT-BiLSTM-CRF model outperforms others. To enhance domain adaptability, Gao et al. [34] leveraged external domain dictionaries and incorporated attention mechanisms to refine specialized representations.

The inherent complexity of cybersecurity entities poses challenges in capturing non-local and non-sequential dependencies in NER. To address this, Fang et al. [35] employed graph neural networks (GNNs) to model both local contexts and global dependencies, thereby enhancing the recognition of professional-domain entities.

Despite their successes, fully supervised approaches heavily rely on the availability of large, high-quality annotated datasets. Constructing such datasets involves extensive data cleaning and relies on expert knowledge. Moreover, the rapid evolution of cyberattack techniques often renders these datasets outdated, making it challenging to adapt to new scenarios. This highlights the necessity of developing few-shot NER frameworks tailored to address the data scarcity challenges in the cybersecurity domain.

3.2. Metric-Based Few-Shot NER

The high cost of annotated data has sparked increasing interest in few-shot learning across the NLP field. In NER, few-shot NER focuses on identifying and classifying entity types with minimal annotated data. Fritzler et al. [17] applied the few-shot prototypical network concept to NER tasks, laying the foundation for subsequent proto-based approaches.

Metric-based learning methods emphasize constructing robust entity representations using limited labeled data and performing entity classification based on similarity calculations. Snell et al. [16] proposed prototypical networks, which learn class anchor representations from a small number of samples, enabling similarity-based classification during the testing phase. Hou et al. [36] adapted CRF for few-shot scenarios by calculating emission scores using token-level similarity and nearest-neighbor strategies, while deriving transition scores from abstract (BIO) matrices. Yang and Katiyar [37] enhanced these abstract matrices into probabilistic distributions in their StructShot framework. Zhang et al. [38] proposed a model-agnostic meta-learning approach that adapts label dependency relationships with few gradient updates and designs adaptive hyperparameters for effective domain-specific learning.

One challenge in learning class anchor representations is that virtual representations derived from limited samples often fail to generalize well, introducing bias. To address this, Tong et al. [39] proposed MUCO, a method that optimizes class-centric representations by training mapping functions. By incorporating clustering principles, they improved inter-class differentiation, enhancing the representation quality for metric-based learning.

Entity boundary or span detection is a critical subtask in NER. Ziyadi et al. [40] fine-tuned BERT to compute similarity for identifying span boundaries and performed span-level classification, extending token-based proto-based methods to span-level implementations. Similarly, Ma et al. [41] fine-tuned BERT to develop a general span detector for recognizing BIO tags and subsequently optimized ProtoNet for span classification. Wang et al. [42] proposed ESD, which emphasized enhancing span representations through interactive learning, thereby improving ProtoNet performance. Yang et al. [43] devised a three-stage approach comprising seed initialization, expansion, and entailment classification for span-based entity recognition. Ji et al. [44] introduced a three-stage framework integrating a distillation learning module to enhance span detection before classification with an adapted ProtoNet. Chen et al. [45] utilized DCONTaiNER [46], hypothesizing Gaussian distribution for representations, and introduced prompts interacting with sequences to produce token representations, with similarity calculated via JS divergence entropy.

3.3. Prompt-Based Few-Shot NER

Pre-trained models excel in semantic and syntactic understanding in general domains. To activate domain-specific knowledge and improve generalization across different scenarios with minimal cost, prompt-based fine-tuning has emerged as a significant research trend. Cui et al. [18] introduced TemplateNER, which employs a BART encoder–decoder framework and designs a prompt template “<xx xx is a type>” to traverse and fine-tune spans, initiating prompt-based few-shot NER research.

A major focus of prompt-based work lies in template design. Lee et al. [47] proposed DemonstrationNER, which appends examples of entities or instances to the original sentence to form input templates, using BERTTagger for recognition. Ma et al. [41] developed EntLM, a template-independent fine-tuning approach that maps entity outputs to synonymous tokens within the same class without altering other positions, eliminating template dependency. Huang et al. [48] fine-tuned BERT using label-only, delimiter-separated label sequences, and soft prompt templates for entity representation learning. To mitigate the reliance on rigid prompt designs, Layegh et al. [49] incorporated contrastive learning with masked soft prompt templates, reducing the encoding distance between entities of the same class.

Span detection also poses challenges in prompt-based approaches. Shen et al. [19] designed a task objective with a reconstructed template “<start><end><type>” that leverages interaction learning to infer spans and entity types without traversal, significantly improving performance. Ye et al. [50] used BMES sequence tagging for span detection, followed by masked span traversal for predictions. Xu et al. [51] proposed a model to determine entity membership and further identify start and end positions, reducing the traversal space for masked prompt prediction while handling complex entities.

In summary, our proposed CyberDualNER addresses the unique challenges of few-shot NER in the cybersecurity domain through a hybrid design that integrates metric-based and prompt-based paradigms. By decomposing the task into span detection and entity classification, we enable better knowledge transfer from general-domain models while improving model interpretability and robustness. This dual-stage, domain-aware design distinguishes our method from existing works and provides a more effective solution for few-shot CTI entity extraction.

4. Model

4.1. Overview of the CyberDualNER Model

To address the challenges of data scarcity and the incompatibility of general knowledge in the cybersecurity domain, we proposed the CyberDualNER model, which operates in a dual-stage framework: (1) Span Detection: This stage focuses on identifying the start and end positions of all entity spans in the input sequence. To tackle the data scarcity challenge in the cybersecurity domain, CyberDualNER leverages a “pre-training + fine-tuning” paradigm. It pre-trains a generic span detector using large-scale annotated datasets from general domains and fine-tunes it on domain-specific data, enabling effective adaptation to cybersecurity contexts. (2) Span Classification: In this stage, CyberDualNER employs prompt-based templates constructed from entity type descriptions to derive data-agnostic type representations. This approach addresses the representation bias caused by limited entity samples while incorporating domain-specific prior knowledge to enhance the quality of entity type representations. A metric-based learning strategy then calculates similarity scores to classify each detected span into its corresponding entity type. The overall structure of CyberDualNER Model is illustrated in Figure 2.

For instance, given the input text “Indeed, AO Kaspersky Lab started tracking the BlueNoroff actor a long time ago.”, the first stage identifies entity spans as (2, 4) and (8, 8). In the second stage, prompt-based templates generate robust type representations, allowing the model to classify “AO Kaspersky Lab” as an Organization entity and “BlueNoroff” as an Attacker entity. This dual-stage design reflects CyberDualNER’s targeted focus on separating span detection and classification, ensuring a robust and adaptable solution for cybersecurity NER tasks, particularly in few-shot scenarios.

4.2. Span Detection

NER inherently involves two critical tasks: the accurate detection of entity spans and further classification into predefined categories. Compared to classification, span detection is more syntax- and semantics-driven, often exhibiting greater generalizability across domains. It focuses on training a highly generalized span detector using universal data, with parameters shared across different domains and classes. Specifically, we adopt a “pre-training-finetuning” paradigm within the widely used BERT framework to develop a robust span detection model.

4.2.1. Pre-Training on General Domain

In this work, we implement a span detector through sequence labeling. We employ the standard BIO schema to provide detailed information about entity boundaries. For the encoder, we leverage BERT (https://huggingface.co/google-bert/bert-base-uncased (accessed on 12 December 2024)). Given an input sequence $x={\left\{x_i\right\}}_{i=1}^L$ of L tokens, the encoder $f_{\theta }$ first generates contextualized representations $H={\left\{h_i\right\}}_{i=1}^L$ for all tokens:

$$H=f_{\theta }\left(x\right)=BERT\left(x\right)$$

(2)

For each representation $h_i$, a linear classification layer combined with the softmax function computes the probability distribution over span labels $\mathcal{C}=\{B,I,O\}$:

$${\widehat{y}}_i^{BIO}=p_{\Theta }\left(x_i\right)=\mathrm{softmax}(W{h}_i+b)$$

(3)

where $\Theta =\{\theta ,W,b\}$ represents the trainable parameters.

To train the span detector, we employ a cross-entropy loss function over the BIO label space. Given the groundtruth labels $y^{BIO}={\left\{y_i^{BIO}\right\}}_{i=1}^L$, the loss for a single token $x_i$ is computed as

$${\mathcal{L}}_{\mathrm{d}}({\widehat{y}}_i^{BIO},y_i^{BIO})=-\sum _{c\in \mathcal{C}}1(y_i^{BIO}=c)log{\widehat{y}}_i^{BIO}\left(c\right)$$

(4)

where ${\widehat{y}}_i^{BIO}\left(c\right)$ is the predicted probability of $x_i$ belonging to class c and $1(y_i^{BIO}=c)$ is an indicator function that equals 1 if the label $y_i^{BIO}$ matches the class c, and 0 otherwise. This ensures that the loss computation focuses only on the probability assigned to the correct class c, while ignoring others.

The total loss for the sequence x is then

$${\mathcal{L}}_{\mathrm{Detection}}={\displaystyle \frac{1}{L}}\sum _{i=1}^L{\mathcal{L}}_{\mathrm{d}}({\widehat{y}}_i^{BIO},y_i^{BIO})$$

(5)

This formulation ensures token-wise supervision, enabling the model to accurately learn the boundaries of entity spans.

As general-purpose pre-trained models often lack specific training for entity localization, pre-training on a relevant dataset is essential before domain-specific application. To address this, we utilize the CoNLL03 dataset (https://www.clips.uantwerpen.be/conll2003/ner/ (accessed on 10 January 2025)) for pre-training. This dataset [52], comprising Reuters news articles annotated with entities such as Person, Location, Organization, and Miscellaneous, provides a robust foundation for span detection with broad applicability.

4.2.2. Fine-Tuning on Cybersecurity-Specific Domain

In cybersecurity-specific applications, the distinct style of CTI text poses challenges for direct application of general models. CTI often contains domain-specific artifacts such as URLs and hash values, which differ significantly from general-purpose text and can disrupt downstream performance when processed without adaptation. To address this, we fine-tune the pre-trained span detector using cleaned and domain-adapted data.

Prior to fine-tuning, we perform the following cleaning steps to improve the quality of CTI texts:

1.

Special character separation: Following prior works [7,53], we replace specific characters (e.g., “@” in email addresses or “/” in URLs) with spaces to facilitate tokenization while adjusting corresponding “O” labels.

• Before: text: [“name@email.com”], labels: [O];
• After: text: [“name”, “at”, “email.com”], Labels: [O, O, O].

2.

Handling over-segmented tokens: For tokens excessively segmented by the encoder tokenizer (e.g., tokens with more than 10 subwords, such as hash values), previous methods either delete long tokens entirely [7], losing semantics, or use handcrafted placeholders [54], limiting generalizability. We instead retain the first three sub-tokens as lightweight, schema-free surrogates.

• Before: text: [“5d41402abc4b2a76b9719d911017c592”], Tokens: [‘5’, ‘d’, ‘41402’, ‘ab’, ‘c’, ‘4’, ‘b’, ‘2’, ‘a’, ‘76’, ‘b’, ‘97’, ‘19’, ‘d’, ‘91’, ‘1017’, ‘c’, ‘592’], labels: [O];
• After: text: [“5d41402”], Tokens: [‘5’, ‘d’, ‘41402’], Labels: [O].

Since only non-entity tokens are modified without affecting semantics, these data cleaning steps do not impact model performance. The cleaned small-sample dataset is then used for fine-tuning the pre-trained span detector, thereby improving its adaptability to cybersecurity texts. This step ensures that the span detector effectively captures entity boundaries while maintaining high generalizability and robustness, even in few-shot settings.

4.3. Entity Classification Module

When it comes to span classification, the primary objective is to classify the detected entity spans. This stage necessitates not only the accurate modeling of entity categories but also the effective resolution of category representation bias in few-shot scenarios. Particularly in the cybersecurity domain, the class distribution is highly imbalanced, with certain categories having only a few samples or even no samples, posing significant challenges to the model’s generalization capability.

To tackle these issues, we propose a prompt-based category representation method. By incorporating domain-specific prior knowledge, we construct category description templates in natural language. Coupled with a metric-based learning approach, this method effectively mitigates the impact of class imbalance and limited samples, ultimately improving classification performance.

4.3.1. Prompt-Based Category Representation

To enhance category representation in few-shot scenarios, we introduce category descriptions as prompts, transforming them into data-independent category embeddings. By incorporating domain-specific prior knowledge, high-quality category vectors can be generated even with limited labeled data.

Specifically, each category is defined using domain expertise and described in natural language. These category prompts follow the structure of “<Category> <Definition> <Examples>”. For instance, the prompt for the “Malware” category could be: “Malware: Refers to malicious software designed to harm, exploit, or otherwise compromise computer systems or networks. Examples include viruses, worms, trojans, and ransomware”. Using the detected spans from the input sequence and the same encoder as the span detector, the prompt representation is extracted. Following the initial pre-training paradigm, the “CLS” token embedding is adopted as the category representation $c_k$. The mathematical formulation is as follows:

$$c_k=\mathrm{Encoder}{\left({\mathrm{Prompt}}_k\right)}_{\left[\mathrm{CLS}\right]}$$

(6)

where ${\mathrm{Prompt}}_k$ refers to the natural language prompt for category k.

4.3.2. Metric-Based Span Classification

The classification module leverages the spans detected in the first stage, which are extracted based on the “BIO” predictions.The representation $rep{r}_s$ of each span s can be obtained using the encoder in the first stage. The specific Algorithm 1 for extracting span representations is as follows:

Algorithm 1 MaxPool-based span representation extraction

Require:$\mathbf{sequence}\_\mathbf{output}\in {\mathbb{R}}^{\mathrm{bs} \times \mathrm{L} \times \dim }$, $\mathbf{spans}\in {\mathbb{Z}}^{\mathrm{bs} \times \mathrm{num}\_\mathrm{spans} \times 2}$. Ensure:$\mathbf{span}\_\mathbf{representations}\in {\mathbb{R}}^{\mathrm{bs} \times \max \_\mathrm{num}\_\mathrm{spans} \times \dim }$.   1: Initialize $\mathbf{span}\_\mathbf{representations}\leftarrow \varnothing$.   2: for each $\mathrm{batch}\_\mathrm{spans}$ in $\mathbf{spans}$ do   3:     if $\mathrm{batch}\_\mathrm{spans}=\varnothing$ then   4:        Append $\mathbf{default}\_\mathbf{repr}$ filled with padding values to $\mathbf{span}\_\mathbf{representations}$.   5:     else   6:        Initialize $\mathbf{span}\_\mathbf{outputs}\leftarrow \varnothing$.   7:        for each span s with $(\mathrm{start}\_\mathrm{idx},\mathrm{end}\_\mathrm{idx})$ in $\mathrm{batch}\_\mathrm{spans}$ do   8:            $\mathbf{span}\_\mathbf{tokens}\leftarrow \mathbf{sequence}\_\mathbf{output}[\mathrm{start}\_\mathrm{idx}:\mathrm{end}\_\mathrm{idx}+1]$.   9:            $\mathbf{max}\_\mathbf{pool}\_\mathbf{repr}\leftarrow max(\mathbf{span}\_\mathbf{tokens},\dim =0)$. 10:            Append $\mathbf{max}\_\mathbf{pool}\_\mathbf{repr}$ to $\mathbf{span}\_\mathbf{outputs}$. 11:        end for 12:        ${\mathbf{repr}}_s\leftarrow \mathrm{stack}\left(\mathbf{span}\_\mathbf{outputs}\right)$. 13:        Append ${\mathbf{repr}}_s$ to $\mathbf{span}\_\mathbf{representations}$. 14:     end if 15: end for 16: $\mathbf{span}\_\mathbf{representations}\leftarrow \mathrm{pad}\_\mathrm{sequence}(\mathbf{span}\_\mathbf{representations})$. 17: $\mathbf{return} \mathbf{span}\_\mathbf{representations}$.

To assign each span to a category, a metric-based approach calculates the similarity between span embeddings and category embeddings. Cosine similarity is adopted as the similarity function, and the predicted probability $p\left(k\right|s_i)$ of a span $s_i$ belonging to category k is given by

$${\widehat{y}}_i^{SC}\left(k\right)=p\left(k\right|s_i)={\displaystyle \frac{exp\left(\mathrm{Sim}(rep{r}_{s_i},c_k)\right)}{{\sum }_{j=1}^{K}exp\left(\mathrm{Sim}(rep{r}_{s_i},c_j)\right)}}$$

(7)

where $\mathrm{Sim}(·,·)$ represents the cosine similarity function.

To focus on true spans while ignoring false spans, a mask ($m_i$) is applied in the classification loss computation. This ensures that only real spans contribute to the loss. The classification loss is defined as

$${\mathcal{L}}_{\mathrm{Classification}}=-{\displaystyle \frac{1}{{\sum }_i{m}_i}}\sum _i{m}_i\sum _{k\in \mathcal{K}}1(y_i^{SC}=k)log{\widehat{y}}_i^{SC}\left(k\right)$$

(8)

where $m_i$ is a mask that filters out false spans; $1(y_i^{SC}=k)$ is an indicator function that equals 1 if the label $y_i^{SC}$ matches the class k, and 0 otherwise.

This loss function enables precise classification by concentrating on true spans and effectively utilizing the metric-based similarity between span and category representations.

4.4. Overall Loss

During the pre-training stage of the span detector, the model is optimized solely based on the span detection loss ${\mathcal{L}}_{\mathrm{Detection}}$. However, in the fine-tuning stage for cybersecurity domain text, we adopt a joint optimization strategy that combines the span detection loss ${\mathcal{L}}_{\mathrm{Detection}}$ and the span classification loss ${\mathcal{L}}_{\mathrm{Classification}}$. The overall loss $\mathcal{L}$ is defined as follows:

$$\mathcal{L}=(1-\lambda )·{\mathcal{L}}_{\mathrm{Detection}}+\lambda ·{\mathcal{L}}_{\mathrm{Classification}}$$

where $\lambda$ is a hyperparameter that balances the contributions of the two losses. It is determined through a grid search within a predefined range, as described in Section 5.2.4.

5. Experiment

In this section, we conduct a comprehensive evaluation of the proposed CyberDualNER model against existing baselines under few-shot and even extremely low-resource settings, demonstrating the superiority of our approach. We then present a comparison of different pre-trained backbone models to highlight the critical impact of backbone selection on overall performance. Finally, we perform hyperparameter analysis and ablation studies to further validate the completeness and rationality of our model design.

5.1. Experimental Settings

5.1.1. Dataset Description

The raw dataset [55] used in this study originates from over 12,000 open-access CTI reports published by several renowned security analysis organizations, including McAfee [56], Symantec [57], and Kaspersky [58]. These reports provide natural language descriptions of the emergence, propagation, attack patterns, and IoC associated with malware. To ensure the quality of the dataset, a data cleaning process was first conducted. Specifically, irrelevant HTML tags, images, and script contents were removed using regular expressions and HTML parsing techniques. Subsequently, manual annotation of the entities and relationships mentioned in the CTI reports was performed using the open-source annotation tool BRAT. Nine types of entities (such as Malware, Application) and seven types of relationships (such as targets, indicates) were identified and labeled. The entities are interconnected through these relationships, providing a comprehensive representation of cyber threats. Part of the ontology on malware is shown in Figure 3. After preprocessing, 5150 annotated sentences remained, which were relevant and complete for the NER task.

To perform span-based entity detection and classification, the dataset was further processed to construct the dataset required for the proposed method. Each sentence was tokenized at the word level, and the start and end positions of the spans corresponding to the entities in the text were annotated. Additionally, the BIO annotation scheme was applied for sequence labeling of the sentences. The final processed dataset contains 5150 sentences, involving 9 different entity types. For model training and performance evaluation, the dataset is divided into training set, validation set, and test set, and the data statistics of each subset are shown in

Table 2. Total dataset statistics.

	#Sentence	Avg. Tokens	#Entities
train	3666	27.25	5747
dev	748	26.23	1394
test	736	28.36	1305

.

The distribution of entity types in the training, validation, and test sets is shown in Figure 4. Since malware is the primary focus of the dataset, it occupies the largest proportion. Entity types such as Application, Organization, OS, and MalwareType, which are related to the types or attack targets of malware, also have relatively high proportions. In contrast, Time, Location, Person, and Threat Actor have lower proportions, likely because CTI reports focus more on attack targets and methods than on the sources and general attributes of the attacks. Figure 5a illustrates the distribution of entity span lengths in the training, validation, and test sets. The majority of entities in the dataset have a span length of 1, indicating that the entities are represented by specific words. Furthermore, Figure 5b shows the distribution of the number of entities per sentence in the training, validation, and test sets. Most sentences contain fewer than four entities, and some sentences with excessively high entity counts are due to multiple repeated mentions of the same entity.

5.1.2. Baseline Method

To evaluate the performance of our proposed method under the few-shot NER setting, we compare it against three widely used fully supervised models (BERT, BERT-CRF, and BERT-BiLSTM-CRF), two classical few-shot approaches (NNShot [37] and StructShot [37]), and a representative prompt-based method (PromptNER [19]). By comparing against these baselines, we aim to demonstrate the effectiveness of our method in addressing the challenges posed by limited training data and domain-specific requirements, particularly in the cybersecurity context. Below, we provide a brief overview of each baseline model.

• BERT: a transformer-based pre-trained language model that encodes contextualized word representations, enabling effective sequence labeling directly for NER tasks.
• BERT-CRF: extends BERT by incorporating a CRF layer on top, improving sequence-level prediction by capturing dependencies between output labels.
• BERT-BiLSTM-CRF: combines BERT’s contextualized embeddings with a BiLSTM layer for sequential modeling, followed by a CRF layer for structured prediction, providing enhanced performance for complex NER tasks.
• NNShot: a classical metric-based few-shot NER method that performs token classification via nearest neighbor search in the embedding space.
• StructShot: extends NNShot by incorporating a CRF-based structure-aware decoder to better model label dependencies.
• PromptNER: a representative prompt-based few-shot NER method that reformulates NER as a masked language modeling task, using manually designed prompts to guide the model in predicting entity types within a few-shot setting.

5.1.3. Parameter Setting and Evaluation Metrics

To simulate few-shot scenarios, we followed the approach proposed by Cui et al. [18], constructing two scenarios based on the dataset. The dataset was downsampled by limiting the number of entity instances per category (m = 1, 2, 5, 10, 20, 50), ensuring the conditions of a few-shot environment. Given that a single sample in NER tasks may contain multiple entity categories, we adopted a two-stage sampling strategy:

1. Initial Sampling: selected samples to ensure the number of entities in each category did not exceed the few-shot threshold.

2. Greedy Sampling: applied a random greedy sampling strategy, including samples as long as at least one entity category had not yet reached the threshold.

This strategy achieved high coverage with minimal sample size, balancing diversity and few-shot constraints effectively. The sampling results are shown in

Table 3. Few-shot sampling dataset statistics.

m	#Sentence	Avg. Tokens	#Entities
1	7	23.28	9
2	12	29.25	18
5	31	24.96	45
10	59	24.89	90
20	107	24.98	187
50	242	26.85	486

, which counts the number of sentences, the average number of tokens, and the number of entities under different settings.

For model configurations, we standardized the embedding and fusion dimensions to $d=768$. Each experiment was conducted three times, and we reported the average precision, recall, and $F_1$-score to evaluate performance.

In the multi-class setting, the metrics were computed for each class and averaged across all classes to obtain the macro average:

1. Precision, Recall, and $F_1$-Score for Class i:

$$P_i={\displaystyle \frac{{\mathrm{TP}}_i}{{\mathrm{TP}}_i+{\mathrm{FP}}_i}},R_i={\displaystyle \frac{{\mathrm{TP}}_i}{{\mathrm{TP}}_i+{\mathrm{FN}}_i}},F_{1_i}={\displaystyle \frac{2·P_i·R_i}{P_i+R_i}}$$

(9)

2. Macro-Averaged Metrics:

$$P_{\mathrm{macro}}={\displaystyle \frac{1}{C}}\sum _{i=1}^C{P}_i,R_{\mathrm{macro}}={\displaystyle \frac{1}{C}}\sum _{i=1}^C{R}_i,F_{1-\mathrm{macro}}={\displaystyle \frac{1}{C}}\sum _{i=1}^C{F}_{1_i}$$

(10)

Here, C is the total number of entity types.

The model was optimized using the AdamW optimizer. During fine-tuning, the learning rate for the BERT encoder was set to $3\times {10}^{-5}$, while all other layers in both pre-training and fine-tuning stages used a learning rate of $1.5\times {10}^{-4}$. A cosine annealing warm-up strategy was employed, starting with a small learning rate and gradually adjusting it throughout training to approach a global minimum. To prevent overfitting, early stopping was applied based on validation loss, with a maximum training limit of 10 epochs. Gradient clipping was used to avoid gradient explosion by scaling the L2 norm of the parameter vector if it exceeded a predefined threshold. Considering the inherently small dataset size in the few-shot setting, the batch size was fixed at 1 across all experiments.

5.2. Results and Discussion

5.2.1. Few-Shot NER Performance Comparison

We compared our CyberDualNER model with baseline methods across different few-shot settings (m = 50, 20, 10), with the results presented in

Table 4. Experiment results when m = 50, 20, 10.

Model	m = 50			m = 20			m = 10
	P (%)	R (%)	F1 (%)	P (%)	R (%)	F1 (%)	P (%)	R (%)	F1 (%)
BERT	52.52	59.26	53.54	47.65	46.61	42.69	35.13	31.27	25.88
BERT-CRF	52.19	59.12	53.74	45.58	47.85	43.59	41.77	37.76	32.56
BERT-BiLSTM-CRF	52.66	55.37	51.69	8.15	5.60	4.28	4.44	1.78	2.31
NNShot	43.48	48.45	45.83	37.79	44.00	40.66	59.72	20.73	30.78
SturctShot	66.56	16.12	25.96	64.29	21.46	32.16	31.11	36.3	33.5
PromptNER	59.56	51.3	55.12	46.36	46.23	44.49	44.07	35.02	37.89
CyberDualNER	57.83	60.14	56.30	49.19	50.13	44.65	43.83	46.97	41.69

The best performance is indicated in black bold, and the second best is underlined.

.

BERT-CRF: With more data, the CRF layer begins to demonstrate its ability to model label dependencies effectively. It outperforms standalone BERT, highlighting the CRF’s role in sequence labeling tasks while also emphasizing its dependence on sufficient training data.

BERT-BiLSTM-CRF: As a representative fully supervised baseline, this model exhibits overall performance improvements with larger sample sizes. However, it still lags behind simpler models in few-shot scenarios, reflecting its limitations in adapting to limited data.

NNShot & StructShot: Both are classical metric-based few-shot NER approaches. NNShot exhibits gradually improved performance as the number of support samples increases. In contrast, while StructShot’s precision steadily increases, its recall consistently declines, resulting in a drop in overall F1 score. This can be attributed to two main factors: (1) the varying quality of few-shot samples in the specialized cybersecurity domain, and (2) the limited robustness of CRF-based decoding under significant domain shifts, which undermines its generalizability in few-shot scenarios.

PromptNER: As a representative prompt-based few-shot NER method, PromptNER consistently achieves the second-best performance, slightly below our proposed approach across all settings. Compared to traditional baselines, this demonstrates the overall strength of prompt-based strategies. However, PromptNER’s reliance solely on masked token classification limits its ability to capture the holistic semantic structure of different entity types, which metric-based models can leverage more effectively through representation learning.

CyberDualNER consistently achieves the best performance across all settings. At m = 50, the $F_1$-score reaches 56.30%. This improvement is largely attributable to the model’s prompt-based approach, which leverages pre-trained embeddings to generate high-quality class representations without introducing additional parameters. The use of domain-specific prior knowledge further alleviates the challenges of learning class representations in few-shot settings.

5.2.2. Performance in Extremely Few-Shot Settings

We compared our CyberDualNER model with baseline methods across different extremely few-shot settings (m = 5, 2, 1), with the results presented in

Table 5. Experiment results when m = 5, 2, 1.

Model	m = 5			m = 2			m = 1
	P (%)	R (%)	F1 (%)	P (%)	R (%)	F1 (%)	P (%)	R (%)	F1 (%)
BERT	11.37	12.64	10.62	4.92	4.23	3.57	1.26	1.23	0.85
BERT-CRF	11.44	11.05	9.69	0.06	0.07	0.06	-	-	-
NNShot	37.76	39.08	38.41	28.85	34.23	31.31	26.54	26.77	26.65
SturctShot	26.54	26.77	26.65	33.56	23.35	27.54	52.22	15.89	24.36
PromptNER	32.42	27.71	27.92	14.95	16.00	13.62	14.79	12.62	12.25
CyberDualNER	31.59	35.33	29.01	8.33	12.42	9.13	9.35	14.02	7.69

The best performance is indicated in black bold, and the second best is underlined.

.

BERT-BiLSTM-CRF: This model fails to achieve meaningful performance due to the small sample size. The large number of parameters in the BiLSTM component makes optimization challenging, driving the need for simpler models with fewer learnable parameters in few-shot settings.

BERT: Compared to BERT-CRF, standalone BERT adapts more quickly to novel data. At m = 2, it achieves an $F_1$-score of 3.57%, whereas BERT-CRF is still ineffective in this setting.

NNShot & StructShot: These classical metric-based few-shot methods overall outperform both full-supervised and prompt-based baselines, highlighting the effectiveness of metric-based strategies under few-shot scenarios. NNShot consistently ranks among the top performers across all settings, benefiting from its simple yet effective nearest neighbor classification mechanism, which becomes increasingly reliable as support examples grow. StructShot, while showing a strong advantage under extremely limited data (e.g., m = 1), sees diminishing gains as m increases. By m = 5, its performance is surpassed by our method. This suggests that the CRF-based decoder in StructShot may struggle to generalize well under domain shifts and noisy support samples, which are common in the cybersecurity context.

PromptNER: When the sample size is extremely small, it achieves the best performance among prompt-based approaches. This can be attributed to the prior knowledge encoded in pre-trained language models and the use of hand-crafted prompts aligned with the NER task. Its performance improves as m increases, but is ultimately outperformed by our method at m = 5, indicating limitations in relying solely on masked token prediction without structural learning.

CyberDualNER demonstrates superior performance compared to full-supervised baselines across all settings, even when m = 1. This is primarily due to the use of a pre-trained general-purpose span detector, which effectively narrows down entity candidates with minimal supervision. While slightly behind NNShot and PromptNER at extremely low-shot settings, our model steadily improves as m increases, achieving the second-best performance at m = 5. This trend highlights the model’s strong generalization capability and potential under realistic few-shot conditions.

5.2.3. Backbone Selection Comparison

To validate the rationale behind the selection of the pre-trained backbone model, we compared the fully-supervised performance of BERT, RoBERTa (https://huggingface.co/FacebookAI/roberta-base (accessed on 15 April 2025)), ALBERT (https://huggingface.co/albert/albert-base-v2 (accessed on 15 April 2025)), and DeBERTa (https://huggingface.co/microsoft/deberta-v3-base (accessed on 15 April 2025)) at m = 50. RoBERTa is an optimized version of BERT that improves performance by training with larger datasets and longer sequences. ALBERT [59] is a lightweight variant of BERT, designed to reduce model size while maintaining performance through parameter sharing and factorized embeddings. DeBERTa [60,61] enhances BERT’s architecture by introducing disentangled attention mechanisms and an improved position encoding method. The specific experimental results are shown in

Table 6. The comparison of backbone performance under full supervision (m = 50).

Backbone	P (%)	R (%)	F1 (%)
RoBERTa	28.68	28.64	26.84
ALBERT	20.18	21.46	19.20
DeBERTa	32.43	31.75	30.69
BERT	52.19	59.12	53.74

The best performance is indicated in black bold, and the second best is underlined.

. BERT achieves the best performance overall, benefiting from its robust architecture and extensive pre-training, making it well-suited for complex NER tasks. RoBERTa follows closely, with slightly lower results, while DeBERTa shows a solid performance, especially in precision and recall. ALBERT, despite its smaller model size, lags behind the other models, indicating that its reduced parameters may limit its ability to capture complex patterns in the data.

5.2.4. Parameter Analysis

In this section, we conduct a grid search over the hyperparameter $\lambda$, which balances span detection and classification in the loss function, exploring its impact on model performance under different settings. The search range is $[0.1, 1.0]$ with a step size of 0.1. The results are illustrated in Figure 6, where the vertical axis represents the $F_1$-score, and the horizontal axis denotes the $\lambda$ values.

Overall, for a fixed value of $\lambda$, the performance improves as the sample size m increases, highlighting that the sample size remains a decisive factor in determining performance. Conversely, with a fixed sample size, the performance initially rises and then declines as $\lambda$ increases. Notably, the smaller the sample size, the higher the $\lambda$ value at which performance peaks. This trend aligns with the relationship between span detection and classification loss and the sample size: when the sample size is smaller, the model tends to rely more on the pre-trained span detection module for its stability and generalization ability. This minimizes the negative impact of a limited and potentially biased dataset on the overall performance of the classifier.

5.2.5. Ablation Study

To further analyze the contributions of various components in CyberDualNER, we conducted ablation studies under few-shot settings (m = 5 and m = 50). All compared models adopt a dual-stage span-based framework, with variations in classifier types and span detection strategies.

Table 7. Ablation study when m = 50, 5.

Classifier	Pretrain	m = 50			m = 5
		P (%)	R (%)	F1 (%)	P (%)	R (%)	F1 (%)
MLP-based	✗	47.99	56.24	48.76	2.99	9.31	4.53
	✔	56.77	52.14	50.23	29.40	30.95	19.56
Metric-based	✗	45.96	51.91	41.56	3.71	7.07	4.56
	✔	51.96	56.64	48.96	26.49	31.94	23.78
CyberDualNER	✔	57.83	60.14	56.30	31.59	35.33	29.01

The best performance is indicated in black bold, and the second best is underlined. ✔ refers to pre-training the span detector on general domain data before fine-tuning on few-shot cybersecurity datasets, while ✗; refers to no pre-training and directly training the span detector and span classifier together on few-shot cybersecurity datasets.

summarizes the performance comparison. The following observations were made:

1. Classifier choice: Metric-based classifier performs better in extremely few-shot settings (m = 5) by leveraging similarity between entity spans, allowing quick adaptation to limited data. MLP-based classifier outperforms the metric-based classifier when m = 50, as the increased sample size allows the MLP to benefit from data accumulation. However, the metric-based approach struggles to generalize due to biases introduced by sampling or annotation, as evidenced by its lower precision at m = 50.

2. Pre-training strategy: Span detection pre-training consistently improves performance across all settings and classifier choices. For m = 5, the average $F_1$-score improvement is 17.13%, highlighting the syntactic and semantic commonalities in span detection between general and cybersecurity domains. This emphasizes the benefit of separating span detection and classification, allowing the classification module to focus more on domain-specific knowledge.

3. Overall performance: Our model achieves superior results across all metrics. At m = 50, it surpasses the MLP-based classifier by 6.07%, and at m = 5, it exceeds the metric-based classifier by 5.63%. Unlike other models that initialize class representations randomly, our approach leverages domain knowledge through prompt-based design, incorporating prior knowledge into class representations. This effectively mitigates potential biases from training data discrepancies, leading to significant overall performance gains.

6. Discussion

To address the scarcity of annotated data in cybersecurity-related CTI texts, this paper proposes the CyberDualNER framework by integrating insights from general-domain few-shot NER research. Experimental results confirm the effectiveness of our approach, with key findings summarized as follows:

• Two-stage paradigm adaptation: Decomposing NER into span detection and entity classification proves to be equally effective in the cybersecurity domain. Our approach leverages pre-training in the general domain followed by fine-tuning in the target domain, which alleviates the challenge of limited annotated samples in cybersecurity settings.
• Hybrid classification strategy: Metric-based methods are effective in extremely few-shot scenarios by quickly identifying similar entity types. Prompt-based methods, benefiting from accumulated general-domain knowledge in PLMs, can be activated with just a few samples. By incorporating class descriptions as prompts and using metric-based classification, our method combines the strengths of both strategies and demonstrates superior performance when the sample size exceeds 10.
• Importance of backbone model selection: The choice of pre-trained language model backbone significantly impacts performance. Different models exhibit varying base capabilities, suggesting that selecting an appropriate foundation model for a given domain can yield substantial benefits.

Despite the improvements achieved in mitigating the performance degradation of fully supervised methods under data scarcity, several limitations remain that must be considered in real-world applications:

• Zero-shot challenges: While our framework is tailored to few-shot learning, the cybersecurity domain is highly dynamic, with new threats such as zero-day vulnerabilities and novel malware constantly emerging. This underscores the need for robust zero-shot extraction capabilities.
• Prompt design sensitivity: Although prompt-based approaches enhance performance, they introduce new challenges in template design. Model robustness can be compromised by variations in prompt templates, highlighting the need for more adaptive and stable prompt engineering.
• Handling long CTI documents: CTI texts are often lengthy and sourced from webpages, threat reports, and blogs. Our current framework focuses on extracting entities from short texts, requiring additional preprocessing steps to bridge raw documents and model inputs, which complicates end-to-end deployment.

To further advance this line of research, we plan to focus on the following directions:

• Robust prompt construction and interactive design: We aim to develop adaptive prompt generation paradigms to reduce reliance on manual templates. Future work will explore more guided and context-aware prompting mechanisms to enable effective interaction between input texts and prompt representations, enhancing model robustness.
• Zero-shot entity extraction: Given the unique and evolving nature of cybersecurity threats, zero-shot extraction remains a pressing need. We will investigate how to incorporate sample-independent prior knowledge or design better transfer learning strategies to support zero-shot generalization.
• Generalized entity extraction framework: Sequence labeling approaches often struggle with complex entity structures such as discontinuous or nested entities. Innovating beyond conventional paradigms to support these richer patterns in few-shot settings will be an important research direction.
• End-to-end entity extraction for real-world deployment: With LLMs demonstrating strong capabilities across diverse tasks and the rise of multi-agent frameworks, we envision a fully automated pipeline for CTI processing. This includes data collection, cleaning, extraction, organization, and visualization—culminating in a practical, end-to-end solution for cybersecurity applications.

7. Conclusions

In this study, we proposed CyberDualNER, a dual-stage span framework tailored for cybersecurity NER tasks, addressing the challenges of entity detection and classification in few-shot settings. By decoupling span detection and classification, the model achieves greater flexibility and robustness, especially when combined with a hint-based category representation that incorporates domain-specific prior knowledge. Extensive experiments demonstrate that CyberDualNER consistently outperforms baseline models in different few-shot settings, achieving superior performance even with minimal training data. Notably, pre-training of the span detector on general-domain data proves to be highly effective, significantly enhancing the model’s adaptability to domain-specific text. Overall, CyberDualNER provides a promising solution for cybersecurity NER tasks, especially in data-scarce settings, paving the way for more robust and general models in specialized domains.

In the future, we will further explore the CTI extraction task in few-shot and even zero-shot scenarios, leveraging the prompt learning paradigm to conduct experimental tests on a broader range of data. Meanwhile, LLMs have demonstrated great potential in the CTI extraction task [27]. Therefore, we will also attempt to utilize LLMS for CTI extraction. Additionally, in alignment with practical cybersecurity applications, we will integrate tasks such as relation extraction and knowledge graph construction into our research, refining the extraction framework to support subsequent key downstream tasks such as proactive threat hunting.