出版社
IEEE
DOI: 10.1109/ICBC56567.2023.10174885
关键词
Cyber Threat Intelligence; Information Sharing; Privacy; Trust; Delegation; Data Injection; Blockchain
This paper proposes a blockchain-based CTI sharing framework that utilizes trustless delegates for dynamic trust-based decision-making and decentralized trust evaluation. Unlike existing approaches, delegates within our framework facilitate direct sharing of CTI with consumers, enabling scalable CTI sharing.
CTI sharing is increasingly used by organisations to strengthen security. The sensitivity of CTI has led to research on trust-based sharing, yet most existing CTI sharing approaches only support static trust-based decisions or centralised trust evaluation, limiting their scalability and lead to centralised risk. This paper proposes a blockchain-based CTI sharing framework that relies on trustless delegates for dynamic trust-based decision-making and decentralised trust evaluation. To facilitate trustless delegation, our proposal allows CTI producers to intentionally inject false data on a periodic basis into the system to audit the behaviour of delegates. Moreover, unlike existing approaches, delegates within our framework facilitate sharing of CTI directly with consumers such that scalable CTI sharing occurs. The results of a qualitative evaluation of the proposed framework's security show that it is resilient to common privacy and trust concerns. Moreover, a quantitative evaluation of a proof-of-concept prototype using Ethereum show that the proposed framework is scalable and cost-effective.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据