Balkan Journal of Electrical and Computer Engineering

2147-284X 2147-284X

MUSA YILMAZ

10.17694/bajece.644948

Software Testing, Verification and Validation

Yazılım Testi, Doğrulama ve Validasyon

Blockchain Based Information Sharing Mechanism for Cyber Threat Intelligence

https://orcid.org/0000-0002-0586-7514

Büber

Ebubekir

YILDIZ TEKNİK ÜNİVERSİTESİ

https://orcid.org/0000-0002-1588-8220

Şahingöz

Özgür Koray

İSTANBUL KÜLTÜR ÜNİVERSİTESİ

07 30 2020

8 3 242 253 11 10 2019 06 10 2020

2013

Balkan Journal of Electrical and Computer Engineering

In recent years, networked computers areextensively used in every aspect of our daily lives. Besides, the anonymousstructure of the Internet results in an increase in the number of attacks notonly for individual users but also for local area networks. Current attacks aremore sophisticated, and they are developed by experienced intruders with theuse of automated malware production methods. These organized intrusions can goover the defense lines of the systems due to the weakness of thedetection/prevention mechanisms or carelessness of individual users. Aftersneaking into the system, these attacks can work until they are detected, andthey can access many critical resources of the company. Earlier detection ofthese attacks is very trivial issue for the security admins. This can beaccomplished by acquiring the signature (critical information) of the newestattacks as early as possible. One suggested solution is the use of a Threat Information Sharing system, whichis set up between security firms and authorities. This approach enables thedistribution of the marks of the recent (zero-day) attacks and the developmentof some proactive prevention mechanisms for them. The use of both peer to peerand centralized sharing mechanisms have some inherited deficiencies. Therefore,in this paper, a pure decentralized cyber security information sharing systemis proposed with the use of blockchain technology. A controlled decision-makingmechanism, authorization termination, and rule-sets maintenance are proposed tomake distributed decisions within the system. For making a decision, two smartcontracts should be used in the blockchain. One holds the positive votes whilethe other holds the negative ones. Members of the system are able to accesscyber threat data by using company-related queries. The system can facilitatethe integration of many data sources into cyber security management system.Additionally, it enables to collect in a single repository that can be accessedfor implementing real-time cyber security applications.

blockchain cyber threat intelligence information sharing controlled decision-making mechanism smart contract

[1] Ninth Annual Cost Of Cybercrime Study, THE COST OF CYBERCRIME, https://www.accenture.com/_acnmedia/pdf-6/accenture-2019-cost-of-cybercrime-study-final.pdf, The Last Access: October 2019

[2] PhishTank | Join the fight against phishing, https:// www.phishtank.com/ , The Last Access: October 2019

[3] IBM X-Force Exchange, https://exchange.xforce.ibmcloud .com/, The Last Access: October 2019

[4] AutoFocus Threat Intelligence, https://www.paloaltonetworks .com/products/secure-the-network/subscriptions/autofocus , The Last Access: October 2019

[5] LogRhythm Threat Lifecycle Management (TLM) Platform, https://logrhythm.com/products/threat-lifecycle-management-platform/, The Last Access: October 2019

[6] iSIGHT Intelligence Subscriptions, https://www.fireeye. com/products/isight-cyber-threat-intelligence-subscriptions .html, The Last Access: October 2019

[7] LookingGlass Cyber Solutions, https://www.lookingglasscyber .com/ , The Last Access: October 2019

[8] Normshield Free Cyber Threat Intelligence, https://services. normshield.com/honeypotfeed , The Last Access: October 2019

[9] Z. Zheng, S. Xie, H. N. Dai, H. Wang, “Blockchain challenges and opportunities: A survey. Work Pap”, 2016.

[10] S. Nakamoto. “Bitcoin: A peer-to-peer electronic cash system.”, 2008.

[11] G. Foroglou, A. L. Tsilidou, “Further applications of the blockchain.”, 2015.

[12] A. Kosba, A. Miller, E. Shi, Z. Wen, C. Papamanthou, “Hawk: The blockchain model of cryptography and privacy-preserving smart contracts.”, In Proceedings of IEEE Symposium on Security and Privacy (SP), pages 839–858, San Jose, CA, USA, 2016.

[13] B. W. Akins, J. L. Chapman, J. M. Gordon, “A whole new world: Income tax considerations of the bitcoin economy.”, 2013.

[14] Y. Zhang, J. Wen, “An IOT electric business model based on the protocol of bitcoin.”, In Proceedings of 18th International Conference on Intelligence in Next Generation Networks (ICIN), pages 184–191, Paris, France, 2015.

[15] M. Sharples, J. Domingue, “The blockchain and kudos: A distributed system for educational record, reputation and reward.”, In Proceedings of 11th European Conference on Technology Enhanced Learning (EC-TEL 2015), pages 490–496, Lyon, France, 2015.

[16] C. Noyes, “Bitav: Fast anti-malware by distributed blockchain consensus and feedforward scanning.”, arXiv preprint arXiv:1601.01405, 2016.

[17] NRI, “Survey on blockchain technologies and related services. Technical report”, 2015.

[18] L. Lamport, R. Shostak, M. Pease. “The byzantine generals problem.”, ACM Transactions on Programming Languages and Systems (TOPLAS), 4(3):382–401, 1982.

[19] N. Szabo. “The idea of smart contracts”, 1997.

[20] G. Wood. “Ethereum: A secure decentralized generalized transaction ledger.”, Ethereum Project Yellow Paper, 2014.

[21] FireHOL IP Lists | IP Blacklists | IP Blocklists | IP Reputation, http://iplists.firehol.org/, The Last Access: October 2019

[22] K. Lee, J. I. James, T. G. Ejeta, H. J. Kim, “Electronic voting service using block-chain.”, The Journal of Digital Forensics, Security and Law: JDFSL, 11(2), 123, 2016

[23] G. Foroglou, A. L. Tsilidou, “Further applications of the blockchain.”, In 12th Student Conference on Managerial Science and Technology, 2015.

[24] Z. Zheng, S. Xie, H. N. Dai, H. Wang, “Blockchain challenges and opportunities: A survey.”, International Journal of Web and Grid Services, 14(4), 352-375, 2018