A System Architecture of Cybersecurity Information Exchange with Privacy (CYBEX-P)

Sadique, Farhan; Bakhshaliyev, Khalid; Springer, Jeff; Sengupta, Shamik

doi:10.1109/ccwc.2019.8666600

Cited by 12 publications

(5 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Untuk menjamin kerahasiaan informasi, penelitian dilakukan dengan menerapkan teknik-teknik tertentu seperti pada [13] yang menerapkan kontrol akses untuk membatasi penggunaan informasi dalam kelompok. Penelitian kemudian dikembangkan dengan menambahkan aspek jaminan kerahasiaan dan privasi data [14]. Penelitian lain dilakukan dengan memodifikasi Structured Threat Information Expression (STIX) dengan menambahkan jaminan privasi menggunakan homomorphic encryption [15].…”

Section: Pendahuluanunclassified

Skema Berbagi Informasi Keamanan Siber Menggunakan Model Hub and Spoke untuk Mendapatkan Kepercayaan dalam Public-Private Partnership

Aferudin¹

2022

View full text Add to dashboard Cite

Makalah ini mengusulkan skema berbagi informasi keamanan siber untuk diimplementasikan dalam Public-Private Partnership dengan menggunakan model Hub and Spoke. Model ini memiliki keunggulan dalam validitas informasi yang dibagikan tetapi memiliki tantangan yaitu membutuhkan kepercayaan tinggi dari para anggotanya. Kepercayaan diperlukan karena setiap informasi yang dibagikan akan melalui hub (sektor publik) yang berperan sebagai pusat informasi. Salah satu cara untuk mendapatkan kepercayaan anggota adalah dengan mengembangkan skema yang dapat memberikan jaminan kerahasiaan dan melindungi privasi anggotanya. Untuk mengatasi permasalahan diatas diusulkan sebuah skema yang dapat memberikan jaminan kerahasiaan, integritas, keaslian, non-penyangkalan dan perlindungan privasi dalam sebuah skema terintegrasi. Skema ini dibangun dengan beberapa teknik kriptografi seperti authenticated encryption dan group signature dimana pemilihan algoritma didalamnya tidak spesifik ditentukan melainkan dapat disesuaikan dengan kebutuhan sistem. Untuk membuktikan aspek keamanan dari skema yang diusulkan, dilakukan pengujian dengan melakukan analisis keamanan dan analisis formal. Hasil analisis keamanan membuktikan bahwa skema yang diusulkan memenuhi persyaratan keamanan yang diharapkan dan hasil analisis formal menggunakan Scyther Tools menunjukkan bahwa skema tersebut tahan terhadap berbagai kemungkinan serangan siber.

show abstract

Section: Pendahuluanunclassified

Skema Berbagi Informasi Keamanan Siber Menggunakan Model Hub and Spoke untuk Mendapatkan Kepercayaan dalam Public-Private Partnership

Aferudin¹

2022

View full text Add to dashboard Cite

show abstract

“…CYbersecurity information Exchange (CYBEX) [22,21] is a cybersecurity information sharing (CIS) platform with robust data governance. It automatically analyzes shared data to generate insightful reports and alerts.…”

Section: Cybexmentioning

confidence: 99%

“…In this research, we have developed an automated framework to analyze and fingerprint attacker behavior in any compromised host. Our system uses CYbersecurity information Exchange (CYBEX) [22,21] infrastructure as a service (IaaS). CYBEX is a cloud based platform for organizations to share heterogeneous cyberthreat data.…”

Section: System Architecturementioning

confidence: 99%

Modeling and Analyzing Attacker Behavior in IoT Botnet using Temporal Convolution Network (TCN)

Sadique¹,

Sengupta²

2021

Preprint

Self Cite

View full text Add to dashboard Cite

Traditional reactive approach of blacklisting botnets fails to adapt to the rapidly evolving landscape of cyberattacks. An automated and proactive approach to detect and block botnet hosts will immensely benefit the industry. Behavioral analysis of attackers is shown to be effective against a wide variety of attack types. Previous works, however, focus solely on anomalies in network traffic to detect bots and botnet. In this work we take a more robust approach of analyzing the heterogeneous events including network traffic, file download events, SSH logins and chain of commands input by attackers in a compromised host. We have deployed several honeypots to simulate Linux shells and allowed attackers access to the shells. We have collected a large dataset of heterogeneous threat events from the honeypots. We have then combined and modeled the heterogeneous threat data to analyze attacker behavior. Then we have used a deep learning architecture called a Temporal Convolutional Network (TCN) to do sequential and predictive analysis on the data. A prediction accuracy of 85 − 97% validates our data model as well as our analysis methodology. In this work, we have also developed an automated mechanism to collect and analyze these data. For the automation we have used CYbersecurity information Exchange (CYBEX). Finally, we have compared TCN with Long Short-Term Memory (LSTM) and Gated Recurrent Unit (GRU) and have showed that TCN outperforms LSTM and GRU for the task at hand.

show abstract

“…In the context of formulating its policy and procedures, an organisation may consider adopting a cybersecurity sharing framework for managing cyber threat information, which set provisions for information sharing and exchange. There are several frameworks and programs adopted and supported by governments or the industry, like the US Department of Homeland Security's (DHS) Automated Indicator Sharing (AIS) [10] and Cyber Information Sharing and Collaboration Program (CISCP) [9], which is more focused on critical infrastructure sectors, the standardised Cybersecurity Information Exchange Framework (CYBEX) [19], the Malware Information Sharing Platform (MISP-https://www.misp-project.org/), as well as proposed frameworks, like the Cybersecurity Information Exchange with Privacy (CYBEX-P) which also addresses data privacy and classified data management issues [20].…”

Section: Policies and Procedures For Interoperabilitymentioning

confidence: 99%

Interoperability Challenges in the Cybersecurity Information Sharing Ecosystem

et al. 2020

View full text Add to dashboard Cite

Threat intelligence helps businesses and organisations make the right decisions in their fight against cyber threats, and strategically design their digital defences for an optimised and up-to-date security situation. Combined with advanced security analysis, threat intelligence helps reduce the time between the detection of an attack and its containment. This is achieved by continuously providing information, accompanied by data, on existing and emerging cyber threats and vulnerabilities affecting corporate networks. This paper addresses challenges that organisations are bound to face when they decide to invest in effective and interoperable cybersecurity information sharing and categorises them in a layered model. Based on this, it provides an evaluation of existing sources that share cybersecurity information. The aim of this research is to help organisations improve their cyber threat information exchange capabilities, to enhance their security posture and be more prepared against emerging threats.

show abstract

A System Architecture of Cybersecurity Information Exchange with Privacy (CYBEX-P)

Cited by 12 publications

References 17 publications

Skema Berbagi Informasi Keamanan Siber Menggunakan Model Hub and Spoke untuk Mendapatkan Kepercayaan dalam Public-Private Partnership

Skema Berbagi Informasi Keamanan Siber Menggunakan Model Hub and Spoke untuk Mendapatkan Kepercayaan dalam Public-Private Partnership

Modeling and Analyzing Attacker Behavior in IoT Botnet using Temporal Convolution Network (TCN)

Interoperability Challenges in the Cybersecurity Information Sharing Ecosystem

Contact Info

Product

Resources

About