- Balkan Journal of Electrical and Computer Engineering
- Vol: 8 Issue: 3
- Blockchain Based Information Sharing Mechanism for Cyber Threat Intelligence
Blockchain Based Information Sharing Mechanism for Cyber Threat Intelligence
Authors : Ebubekir Büber, Özgür Koray Şahingöz
Pages : 242-253
Doi:10.17694/bajece.644948
View : 14 | Download : 9
Publication Date : 2020-07-30
Article Type : Research
Abstract :In recent years, networked computers are extensively used in every aspect of our daily lives. Besides, the anonymous structure of the Internet results in an increase in the number of attacks not only for individual users but also for local area networks. Current attacks are more sophisticated, and they are developed by experienced intruders with the use of automated malware production methods. These organized intrusions can go over the defense lines of the systems due to the weakness of the detection/prevention mechanisms or carelessness of individual users. After sneaking into the system, these attacks can work until they are detected, and they can access many critical resources of the company. Earlier detection of these attacks is very trivial issue for the security admins. This can be accomplished by acquiring the signature (critical information) of the newest attacks as early as possible. One suggested solution is the use of a Threat Information Sharing system, which is set up between security firms and authorities. This approach enables the distribution of the marks of the recent (zero-day) attacks and the development of some proactive prevention mechanisms for them. The use of both peer to peer and centralized sharing mechanisms have some inherited deficiencies. Therefore, in this paper, a pure decentralized cyber security information sharing system is proposed with the use of blockchain technology. A controlled decision-making mechanism, authorization termination, and rule-sets maintenance are proposed to make distributed decisions within the system. For making a decision, two smart contracts should be used in the blockchain. One holds the positive votes while the other holds the negative ones. Members of the system are able to access cyber threat data by using company-related queries. The system can facilitate the integration of many data sources into cyber security management system. Additionally, it enables to collect in a single repository that can be accessed for implementing real-time cyber security applications.Keywords : blockchain, cyber threat intelligence, information sharing, controlled decision-making mechanism, smart contract