Blockchain Based Information Sharing Mechanism for Cyber Threat Intelligence
Öz
In recent years, networked computers are
extensively used in every aspect of our daily lives. Besides, the anonymous
structure of the Internet results in an increase in the number of attacks not
only for individual users but also for local area networks. Current attacks are
more sophisticated, and they are developed by experienced intruders with the
use of automated malware production methods. These organized intrusions can go
over the defense lines of the systems due to the weakness of the
detection/prevention mechanisms or carelessness of individual users. After
sneaking into the system, these attacks can work until they are detected, and
they can access many critical resources of the company. Earlier detection of
these attacks is very trivial issue for the security admins. This can be
accomplished by acquiring the signature (critical information) of the newest
attacks as early as possible. One suggested solution is the use of a Threat Information Sharing system, which
is set up between security firms and authorities. This approach enables the
distribution of the marks of the recent (zero-day) attacks and the development
of some proactive prevention mechanisms for them. The use of both peer to peer
and centralized sharing mechanisms have some inherited deficiencies. Therefore,
in this paper, a pure decentralized cyber security information sharing system
is proposed with the use of blockchain technology. A controlled decision-making
mechanism, authorization termination, and rule-sets maintenance are proposed to
make distributed decisions within the system. For making a decision, two smart
contracts should be used in the blockchain. One holds the positive votes while
the other holds the negative ones. Members of the system are able to access
cyber threat data by using company-related queries. The system can facilitate
the integration of many data sources into cyber security management system.
Additionally, it enables to collect in a single repository that can be accessed
for implementing real-time cyber security applications.
Anahtar Kelimeler
Kaynakça
- [1] Ninth Annual Cost Of Cybercrime Study, THE COST OF CYBERCRIME, https://www.accenture.com/_acnmedia/pdf-6/accenture-2019-cost-of-cybercrime-study-final.pdf, The Last Access: October 2019
- [2] PhishTank | Join the fight against phishing, https:// www.phishtank.com/ , The Last Access: October 2019
- [3] IBM X-Force Exchange, https://exchange.xforce.ibmcloud .com/, The Last Access: October 2019
- [4] AutoFocus Threat Intelligence, https://www.paloaltonetworks .com/products/secure-the-network/subscriptions/autofocus , The Last Access: October 2019
- [5] LogRhythm Threat Lifecycle Management (TLM) Platform, https://logrhythm.com/products/threat-lifecycle-management-platform/, The Last Access: October 2019
- [6] iSIGHT Intelligence Subscriptions, https://www.fireeye. com/products/isight-cyber-threat-intelligence-subscriptions .html, The Last Access: October 2019
- [7] LookingGlass Cyber Solutions, https://www.lookingglasscyber .com/ , The Last Access: October 2019
- [8] Normshield Free Cyber Threat Intelligence, https://services. normshield.com/honeypotfeed , The Last Access: October 2019
Ayrıntılar
Birincil Dil
İngilizce
Konular
Yazılım Testi, Doğrulama ve Validasyon
Bölüm
Araştırma Makalesi
Yazarlar
Ebubekir Büber
*
0000-0002-0586-7514
Türkiye
Yayımlanma Tarihi
30 Temmuz 2020
Gönderilme Tarihi
10 Kasım 2019
Kabul Tarihi
10 Haziran 2020
Yayımlandığı Sayı
Yıl 2020 Cilt: 8 Sayı: 3
Cited By
Decentralized Actionable Cyber Threat Intelligence for Networks and the Internet of Things
IoT
https://doi.org/10.3390/iot2010001Secure and Efficient Exchange of Threat Information Using Blockchain Technology
Information
https://doi.org/10.3390/info13100463BFLS: Blockchain and Federated Learning for sharing threat detection models as Cyber Threat Intelligence
Computer Networks
https://doi.org/10.1016/j.comnet.2023.109604Blockchain-based multi-organizational cyber risk management framework for collaborative environments
International Journal of Information Security
https://doi.org/10.1007/s10207-023-00788-7Cyber Threat Intelligence on Blockchain: A Systematic Literature Review
Computers
https://doi.org/10.3390/computers13030060