Blockchain Based Information Sharing Mechanism for Cyber Threat Intelligence

Year 2020, Volume: 8 Issue: 3, 242 - 253, 30.07.2020

Ebubekir Büber Özgür Koray Şahingöz

https://doi.org/10.17694/bajece.644948

Cited By: 5

Abstract

In recent years, networked computers are
extensively used in every aspect of our daily lives. Besides, the anonymous
structure of the Internet results in an increase in the number of attacks not
only for individual users but also for local area networks. Current attacks are
more sophisticated, and they are developed by experienced intruders with the
use of automated malware production methods. These organized intrusions can go
over the defense lines of the systems due to the weakness of the
detection/prevention mechanisms or carelessness of individual users. After
sneaking into the system, these attacks can work until they are detected, and
they can access many critical resources of the company. Earlier detection of
these attacks is very trivial issue for the security admins. This can be
accomplished by acquiring the signature (critical information) of the newest
attacks as early as possible. One suggested solution is the use of a Threat Information Sharing system, which
is set up between security firms and authorities. This approach enables the
distribution of the marks of the recent (zero-day) attacks and the development
of some proactive prevention mechanisms for them. The use of both peer to peer
and centralized sharing mechanisms have some inherited deficiencies. Therefore,
in this paper, a pure decentralized cyber security information sharing system
is proposed with the use of blockchain technology. A controlled decision-making
mechanism, authorization termination, and rule-sets maintenance are proposed to
make distributed decisions within the system. For making a decision, two smart
contracts should be used in the blockchain. One holds the positive votes while
the other holds the negative ones. Members of the system are able to access
cyber threat data by using company-related queries. The system can facilitate
the integration of many data sources into cyber security management system.
Additionally, it enables to collect in a single repository that can be accessed
for implementing real-time cyber security applications.    

Keywords

blockchain, cyber threat intelligence, information sharing, controlled decision-making mechanism, smart contract

References

• [1] Ninth Annual Cost Of Cybercrime Study, THE COST OF CYBERCRIME, https://www.accenture.com/_acnmedia/pdf-6/accenture-2019-cost-of-cybercrime-study-final.pdf, The Last Access: October 2019
• [2] PhishTank | Join the fight against phishing, https:// www.phishtank.com/ , The Last Access: October 2019
• [3] IBM X-Force Exchange, https://exchange.xforce.ibmcloud .com/, The Last Access: October 2019
• [4] AutoFocus Threat Intelligence, https://www.paloaltonetworks .com/products/secure-the-network/subscriptions/autofocus , The Last Access: October 2019
• [5] LogRhythm Threat Lifecycle Management (TLM) Platform, https://logrhythm.com/products/threat-lifecycle-management-platform/, The Last Access: October 2019
• [6] iSIGHT Intelligence Subscriptions, https://www.fireeye. com/products/isight-cyber-threat-intelligence-subscriptions .html, The Last Access: October 2019
• [7] LookingGlass Cyber Solutions, https://www.lookingglasscyber .com/ , The Last Access: October 2019
• [8] Normshield Free Cyber Threat Intelligence, https://services. normshield.com/honeypotfeed , The Last Access: October 2019
• [9] Z. Zheng, S. Xie, H. N. Dai, H. Wang, “Blockchain challenges and opportunities: A survey. Work Pap”, 2016.
• [10] S. Nakamoto. “Bitcoin: A peer-to-peer electronic cash system.”, 2008.
• [11] G. Foroglou, A. L. Tsilidou, “Further applications of the blockchain.”, 2015.
• [12] A. Kosba, A. Miller, E. Shi, Z. Wen, C. Papamanthou, “Hawk: The blockchain model of cryptography and privacy-preserving smart contracts.”, In Proceedings of IEEE Symposium on Security and Privacy (SP), pages 839–858, San Jose, CA, USA, 2016.
• [13] B. W. Akins, J. L. Chapman, J. M. Gordon, “A whole new world: Income tax considerations of the bitcoin economy.”, 2013.
• [14] Y. Zhang, J. Wen, “An IOT electric business model based on the protocol of bitcoin.”, In Proceedings of 18th International Conference on Intelligence in Next Generation Networks (ICIN), pages 184–191, Paris, France, 2015.
• [15] M. Sharples, J. Domingue, “The blockchain and kudos: A distributed system for educational record, reputation and reward.”, In Proceedings of 11th European Conference on Technology Enhanced Learning (EC-TEL 2015), pages 490–496, Lyon, France, 2015.
• [16] C. Noyes, “Bitav: Fast anti-malware by distributed blockchain consensus and feedforward scanning.”, arXiv preprint arXiv:1601.01405, 2016.
• [17] NRI, “Survey on blockchain technologies and related services. Technical report”, 2015.
• [18] L. Lamport, R. Shostak, M. Pease. “The byzantine generals problem.”, ACM Transactions on Programming Languages and Systems (TOPLAS), 4(3):382–401, 1982.
• [19] N. Szabo. “The idea of smart contracts”, 1997.
• [20] G. Wood. “Ethereum: A secure decentralized generalized transaction ledger.”, Ethereum Project Yellow Paper, 2014.
• [21] FireHOL IP Lists | IP Blacklists | IP Blocklists | IP Reputation, http://iplists.firehol.org/, The Last Access: October 2019
• [22] K. Lee, J. I. James, T. G. Ejeta, H. J. Kim, “Electronic voting service using block-chain.”, The Journal of Digital Forensics, Security and Law: JDFSL, 11(2), 123, 2016
• [23] G. Foroglou, A. L. Tsilidou, “Further applications of the blockchain.”, In 12th Student Conference on Managerial Science and Technology, 2015.
• [24] Z. Zheng, S. Xie, H. N. Dai, H. Wang, “Blockchain challenges and opportunities: A survey.”, International Journal of Web and Grid Services, 14(4), 352-375, 2018