BLOCIS: Blockchain-Based Cyber Threat Intelligence Sharing Framework for Sybil-Resistance

Gong, Seonghyeon; Lee, Chang‐Hoon

doi:10.3390/electronics9030521

Cited by 29 publications

(16 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this case, when a producer shares some intelligence they could be required to pay a deposit, some amount of cryptocurrnecy, to a Smart Contract. Once payed, a consensus algorithm defined within the Smart Contract can be used to verify the integrity of the shared intelligence [14]. Given that this verification process occurs on-chain, the results are immutable and transparent to both the original producer as well as future consumers.…”

Section: Depositsmentioning

confidence: 99%

See 1 more Smart Citation

Challenges and Opportunities of Blockchain for Cyber Threat Intelligence Sharing

Dunnett¹,

Pal²,

Jadidi³

2022

Preprint

View full text Add to dashboard Cite

The emergence of the Internet of Things (IoT) technology has caused a powerful transition in the cyber threat landscape. As a result, organisations have had to find new ways to better manage the risks associated with their infrastructure. In response, a significant amount of research has focused on developing efficient Cyber Threat Intelligence (CTI) sharing platforms. However, most existing solutions are highly centralised and do not provide a way to exchange information in a distributed way. In this chapter, we subsequently seek to evaluate how blockchain technology can be used to address a number of limitations present in existing CTI sharing platforms. To determine the role of blockchain-based sharing moving forward, we present a number of general CTI sharing challenges, and discuss how blockchain can bring opportunities to address these challenges in a secure and efficient manner. Finally, we discuss a list of relevant works and note some unique future research questions.

show abstract

Section: Depositsmentioning

confidence: 99%

“…However, blockchain-based CTI sharing solutions are lacking in the present literature. A few proposals, e.g., [12] [13] [14], integrate blockchain for CTI sharing, but a comprehensive solution which addresses all of the discussed challenges is currently lacking.…”

Section: Introductionmentioning

confidence: 99%

Challenges and Opportunities of Blockchain for Cyber Threat Intelligence Sharing

Dunnett¹,

Pal²,

Jadidi³

2022

Preprint

View full text Add to dashboard Cite

show abstract

“…The paper made it also into the comparative table below, still probably due to the mentioned differences authors did not compare their approach with any of the other major works referenced here-in; it is worth to notice that [14] requires agents to trust that others present honest timestamps: ''(..)The only necessity is that something induces an order on the set of interactions of each agent(..)''. Recently, also there was a very interesting work [16] tackling the problematics of Sybil-proofness, however in an entirely different context (CTI systems). Their work showed how a virtual asset itself could be used to minimize Sybil-incentives within an external system-such as falsified data-uploads to a CTI system, by introducing costs of doing so.…”

Section: Related Workmentioning

confidence: 99%

SPIDE: sybil-proof, incentivized data exchange

Skowroński

Brzeziński

2021

Cluster Comput

View full text Add to dashboard Cite

Decentralized, open-access blockchain systems opened up new, exciting possibilities—all without reliance on trusted third parties. Regardless of the employed consensus protocol, the overall security, decentralization and effectiveness of such systems, largely depend upon properly structured incentives. Indeed, as has been previously spotted by Babaiaff et al. Bitcoin-like systems, oftentimes lack some of these. Specifically, current blockchain-systems fail to incentivize one of their crucial aspects–the underlying data exchange. As we rationalize, proper incentivization of that layer could lead to lower transactions’ confirmation-times, improved finalization guarantees and at the same time to discouragement of malicious behaviours such as block-withholding attacks. Indeed, incentivization of the data-exchange layer allows the system to remain operational when all agents, including routing nodes, are assumed to be rational. In this work, while focusing on the problem of sybil-proof data exchange, we revisit previous approaches, showcasing their shortcomings and lay forward the first information exchange framework; with integrated routing and reward-function mechanics, provably secure in thwarting Sybil-nodes in 1-connected or eclipsed networks. The framework neither requires nor assumes any kind of constraints in regard to the network’s topology (i.e. the network is modelled as a random-connected graph) and rewards information propagators through a system-intrinsic virtual asset maintained by the decentralized state-machine. The proposal, while being storage and transmission efficient is suitable for rewarding not only consensus-related datagrams (both data-blocks and transactions) but consensus-extrinsic information as well, thus facilitating an universal sybil-proof data-exchange apparatus, provably valid under the assumption of existence of a data store whose property of non-malleability emerges as time approaches infinity. Our research was conducted under two scenarios—with round leader known and unknown in advance of each transactional round.

show abstract

“…Further, unlike ours, their solution is implemented in a permissionless network. Similar to [14], proposal [15] sought to incentivise CTI contribution with tokens and implement their solution in a permissionless blockchain network, which is not appropriate for ICS due to confidentiality and privacy concerns.…”

Section: Related Workmentioning

confidence: 99%

A Blockchain-Enabled Incentivised Framework for Cyber Threat Intelligence Sharing in ICS

Nguyen¹,

Pal²,

Jadidi³

et al. 2021

Preprint

View full text Add to dashboard Cite

In recent years Industrial Control Systems (ICS) have been targeted increasingly by sophisticated cyberattacks. Improving ICS security has drawn significant attention in the literature that emphasises the importance of Cyber Threat Intelligence (CTI) sharing in accelerating detection, mitigation, and prevention of cyberattacks. However, organisations are reluctant to exchange CTI due to fear of exposure, reputational damage, and lack of incentives. Furthermore, there has been limited discussion about the factors influencing participation in sharing CTI about ICS. The existing CTI-sharing platforms rely on centralised trusted architectures that suffer from a single point of failure and risk companies' privacy as the central node maintains CTI details. In this paper, we address the needs of organisations involved in the management and protection of ICS and present a novel framework that facilitates secure, private, and incentivised exchange of CTI related to ICS using blockchain. We propose a new blockchain-enabled framework that facilitates the secure dissemination of CTI data among multiple stakeholders in ICS. We provide the framework design, technical development and evaluate the framework's feasibility in a real-world application environment using practical use-case scenarios. Our proposed design shows a more practical and efficient framework for a CTI sharing network for ICS, including the bestowal and acknowledgment of data privacy, trust barriers, and security issues ingrained in this domain.

show abstract

BLOCIS: Blockchain-Based Cyber Threat Intelligence Sharing Framework for Sybil-Resistance

Cited by 29 publications

References 34 publications

Challenges and Opportunities of Blockchain for Cyber Threat Intelligence Sharing

Challenges and Opportunities of Blockchain for Cyber Threat Intelligence Sharing

SPIDE: sybil-proof, incentivized data exchange

A Blockchain-Enabled Incentivised Framework for Cyber Threat Intelligence Sharing in ICS

Contact Info

Product

Resources

About