A cloud-edge based data security architecture for sharing and analysing cyber threat information

Chadwick, David; Fan, Wenjun; Costantino, Gianpiero; Lemos, Rogério de; Cerbo, Francesco Di; Herwono, Ian; Manea, Mirko; Mori, Paolo; Sajjad, Ali; Wang, Xiao-Si

doi:10.1016/j.future.2019.06.026

Cited by 71 publications

(51 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Both studies address the studies conducted towards this aim in the EU project of Collaborative and Confidential Information Sharing and Analysis for Cyber Protection (C3ISP). Based on the C3ISP framework, where four pilot projects offered a wide range of use cases to test security and trust requirements prior to CTI sharing, [13] proposed a five-level trust model for a cloud-edge based data sharing infrastructure. The results, although slightly premature, showed that both data analytics and data sanitisation can be performed while testing several deployment models.…”

Section: Related Workmentioning

confidence: 99%

Data Sanitisation and Redaction for Cyber Threat Intelligence Sharing Platforms

Yücel

Chalkias

Mallis

et al. 2021

2021 IEEE International Conference on Cyber Security and Resilience (CSR)

View full text Add to dashboard Cite

The recent technological advances and the recent changes in the daily human activities increased the production and sharing of data. In the ecosystem of interconnected systems, data can be circulated among systems for various reasons. This could lead to exchange of private or sensitive information between entities. Data Sanitisation involves processes and practices that remove sensitive and private information from documents before sharing them with entities that should not be exposed to the removed information. This paper presents the design and development of a data sanitisation and redaction solution for a Cyber Threat Intelligence sharing platform. The Data Sanitisation and Redaction Plugin has been designed with the purpose of operating as a plugin for the ECHO Project's Early Warning System platform and enhancing its operative capabilities during information sharing. This plugin aims to provide automated security and privacy-based controls to the concept of CTI sharing over a ticketing system. The plugin has been successfully tested and the results are presented in this paper.

show abstract

Section: Related Workmentioning

confidence: 99%

Data Sanitisation and Redaction for Cyber Threat Intelligence Sharing Platforms

Yücel

Chalkias

Mallis

et al. 2021

2021 IEEE International Conference on Cyber Security and Resilience (CSR)

View full text Add to dashboard Cite

show abstract

“…Regarding another limitation, in Reference [8], the difficulty related to the lack of confidence from organizations in sharing sensitive CTI data is addressed. Chadwick, et al [8] introduces a trust model among organizations combined with a data sharing and analysis framework allowing a confidential exchange of data. Irrespective of some limitations, the results presented show the achievement of expected results.…”

Section: Related Work and Definitionsmentioning

confidence: 99%

“…Considering the presented scenario, the idea of Cyber Threat Intelligence (CTI) has been rapidly popularizing and is often posed as a new solution for applying effective security to enterprise [7]. Any valuable information that can be used to identify, characterize or assist in the response to cyber threats is commonly referred to as cyber threat information and the analysis of this type of information can produce intelligence to inform the user about threats to their system [8]. Within the limitations of the CTI approach, there is the heterogeneity of the data involved [9,10], and the massive amount of data for collection [11].…”

Section: Introductionmentioning

confidence: 99%

A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence

et al. 2020

View full text Add to dashboard Cite

The cyber security landscape is fundamentally changing over the past years. While technology is evolving and new sophisticated applications are being developed, a new threat scenario is emerging in alarming proportions. Sophisticated threats with multi-vectored, multi-staged and polymorphic characteristics are performing complex attacks, making the processes of detection and mitigation far more complicated. Thus, organizations were encouraged to change their traditional defense models and to use and to develop new systems with a proactive approach. Such changes are necessary because the old approaches are not effective anymore to detect advanced attacks. Also, the organizations are encouraged to develop the ability to respond to incidents in real-time using complex threat intelligence platforms. However, since the field is growing rapidly, today Cyber Threat Intelligence concept lacks a consistent definition and a heterogeneous market has emerged, including diverse systems and tools, with different capabilities and goals. This work aims to provide a comprehensive evaluation methodology of threat intelligence standards and cyber threat intelligence platforms. The proposed methodology is based on the selection of the most relevant candidates to establish the evaluation criteria. In addition, this work studies the Cyber Threat Intelligence ecosystem and Threat Intelligence standards and platforms existing in state-of-the-art.

show abstract

“…Some of the major cloud security breaches include security at the physical level, virtual level, and, more importantly, web-based in tier level virtualized cloud data centers [13,14]. Furthermore, there are security gaps that exist between end-user and vendor assessments of cloud security, privacy, and transparency [15]. Similarly, the majority of enterprises with sensitive data such as banks, financial institutions, insurance companies, etc., are also very reluctant to choose cloud computing services and platforms as their primary concern rotate around the integrity, privacy, secrecy, and confidentiality of their data being stored and accessed from the cloud platform [16].…”

Section: Introductionmentioning

confidence: 99%

Next-generation Blockchain-Enabled Virtualized Cloud Security Solutions: Review and Open Challenges

Uddin¹,

Khalique²,

Jumani³

2020

Preprint

View full text Add to dashboard Cite

This paper reviews, discusses, and highlights some of the standard cloud computing vulnerabilities primarily related to virtualization platforms and their implementations while outsourcing services and resources to different end-users and business enterprises. Furthermore, we provide Blockchain-enabled solutions for virtualized cloud computing platform involving both the end-users as well as cloud service providers (CSP) to address and solve different security and privacy-related vulnerabilities using blockchain-enabled solutions to improve their cloud services and resource provisioning facilities.

show abstract

A cloud-edge based data security architecture for sharing and analysing cyber threat information

Cited by 71 publications

References 14 publications

Data Sanitisation and Redaction for Cyber Threat Intelligence Sharing Platforms

Data Sanitisation and Redaction for Cyber Threat Intelligence Sharing Platforms

A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence

Next-generation Blockchain-Enabled Virtualized Cloud Security Solutions: Review and Open Challenges

Contact Info

Product

Resources

About