PERTANIKA JOURNAL OF SCIENCE AND TECHNOLOGY

In view of the fundamental limitations of standard machine learning methods, which primarily depend on actual and labelled attack data, the identification of novel and zero-day cyber-attacks continues to be an essential and continuing difficulty in cybersecurity. Techniques become vulnerable to emerging attack vectors, considering these models often do not apply beyond identified threat classes. To overcome this limitation, present ZTFER (Zero-Shot Threat Identification through Foundation model-aided Embedding and Reasoning), a Zero-Shot threat identification model which utilises the basis model semantic embedding to detect threats which had not been observed before without needing retraining. Through combining natural language threat characterisations and real-time system activity into a common semantic space, ZTFER implements zero-shot learning and makes it achievable to classify unnoticed threats by considering contextual similarities. Furthermore, present A-SENT, a real-time responsive inference method which dynamically evaluates and addresses threat conduct through integrating Large Language Model (LLM) reasoning in real-time threat analysis updates. The proposed ZTFER model obtained a zero-day detection score of 58.9% and an accuracy of classifying 91.3%, outperforming the traditional and few-shot baselines. The experimental results demonstrate that ZTFER can be more effective and have better generalisation capability for detecting known and unknown cyber-attacks. The proposed framework does away with the requirement for continuing retraining and enables quick response to emerging threats. Creating powerful, scalable, and smart defence mechanisms able to recognise and understand new security threats in real time becomes achievable in a significant way by this research.