RAG-H: A RAG-Hardened SOC Framework for Trustworthy Threat Intelligence and AI Defence

Abstract

Retrieval-Augmented Generation (RAG) is now the dominant approach for enhancing Large Language Models in Cyber Threat Intelligence (CTI), yet it introduces a new attack surface: knowledge base poisoning and prompt injection. Existing defences address isolated stages of the RAG pipeline, offer no end-to-end integrity guarantees, and are evaluated on answer accuracy rather than Security Operations Center (SOC) mission impact. This paper introduces RAG-H, a multi-layer defence framework that secures the full RAG pipeline for SOC use. Ingestion enforces provenance checks and source-reputation scoring so that only trustworthy intelligence enters the knowledge base, retrieval combines semantic relevance with corpus-level credibility and analyst feedback to filter poisoned content, generation applies context sanitisation and self-verification to surface low-confidence outputs for analyst review. We evaluate RAG-H on a CTI corpus of 300 documents, 90 of which are poisoned, and measure which pipeline stages are most vulnerable, which layered controls most reduce the Poison Impact Rate without unacceptable latency, and how the defences affect incident response. Results show that layered trust, consistency, and governance controls significantly mitigate poisoning effects. The framework establishes a reproducible methodology for securing RAG systems in SOCs and introduces evaluation metrics that connect technical robustness to operational impact. An open-source proof-of-concept accompanies the work as a baseline for future research.