Do you want to publish a course? Click here

TRADE: TRusted Anonymous Data Exchange: Threat Sharing Using Blockchain Technology

250   0   0.0 ( 0 )
 Added by Asaf Shabtai
 Publication date 2021
and research's language is English




Ask ChatGPT about the research

Cyber attacks are becoming more frequent and sophisticated, introducing significant challenges for organizations to protect their systems and data from threat actors. Today, threat actors are highly motivated, persistent, and well-founded and operate in a coordinated manner to commit a diversity of attacks using various sophisticated tactics, techniques, and procedures. Given the risks these threats present, it has become clear that organizations need to collaborate and share cyber threat information (CTI) and use it to improve their security posture. In this paper, we present TRADE -- TRusted Anonymous Data Exchange -- a collaborative, distributed, trusted, and anonymized CTI sharing platform based on blockchain technology. TRADE uses a blockchain-based access control framework designed to provide essential features and requirements to incentivize and encourage organizations to share threat intelligence information. In TRADE, organizations can fully control their data by defining sharing policies enforced by smart contracts used to control and manage CTI sharing in the network. TRADE allows organizations to preserve their anonymity while keeping organizations fully accountable for their action in the network. Finally, TRADE can be easily integrated within existing threat intelligence exchange protocols - such as trusted automated exchange of intelligence information (TAXII) and OpenDXL, thereby allowing a fast and smooth technology adaptation.



rate research

Read More

With the large-scale deployment of industrial internet of things (IIoT) devices, the number of vulnerabilities that threaten IIoT security is also growing dramatically, including a mass of undisclosed IIoT vulnerabilities that lack mitigation measures. Coordination Vulnerabilities Disclosure (CVD) is one of the most popular vulnerabilities sharing solutions, in which some security workers (SWs) can develop undisclosed vulnerabilities patches together. However, CVD assumes that sharing participants (SWs) are all honest, and thus offering chances for dishonest SWs to leak undisclosed IIoT vulnerabilities. To combat such threats, we propose an Undisclosed IIoT Vulnerabilities Trusted Sharing Protection (UIV-TSP) scheme with dynamic token. In this article, a dynamic token is an implicit access credential for an SW to acquire an undisclosed vulnerability information, which is only held by the system and constantly updated as the SW access. Meanwhile, the latest updated token can be stealthily sneaked into the acquired information as the traceability token. Once the undisclosed vulnerability information leaves the SW host, the embedded self-destruct program will be automatically triggered to prevent leaks since the destination MAC address in the traceability token has changed. To quickly distinguish dishonest SWs, trust mechanism is adopted to evaluate the trust value of SWs. Moreover, we design a blockchain-assisted continuous logs storage method to achieve the tamper-proofing of dynamic token and the transparency of undisclosed IIoT vulnerabilities sharing. The simulation results indicate that our proposed scheme is resilient to suppress dishonest SWs and protect the IoT undisclosed vulnerabilities effectively.
Blockchain brings various advantages to online transactions. However, the total transparency of these transactions may leakage users sensitive information. Requirements on both cooperation and anonymity for companies/organizations become necessary. In this paper, we propose a Multi-center Anonymous Blockchain-based (MAB) system, with joint management for the consortium and privacy protection for the participants. To achieve that, we formalize the syntax used by the MAB system and present a general construction based on a modular design. By applying cryptographic primitives to each module, we instantiate our scheme with anonymity and decentralization. Furthermore, we carry out a comprehensive formal analysis of the proposed solution. The results demonstrate our constructed scheme is secure and efficient.
Recently, coordinated attack campaigns started to become more widespread on the Internet. In May 2017, WannaCry infected more than 300,000 machines in 150 countries in a few days and had a large impact on critical infrastructure. Existing threat sharing platforms cannot easily adapt to emerging attack patterns. At the same time, enterprises started to adopt machine learning-based threat detection tools in their local networks. In this paper, we pose the question: emph{What information can defenders share across multiple networks to help machine learning-based threat detection adapt to new coordinated attacks?} We propose three information sharing methods across two networks, and show how the shared information can be used in a machine-learning network-traffic model to significantly improve its ability of detecting evasive self-propagating malware.
319 - Hung Dang , Ee-Chien Chang 2019
Data privacy is unarguably of extreme importance. Nonetheless, there exist various daunting challenges to safe-guarding data privacy. These challenges stem from the fact that data owners have little control over their data once it has transgressed their local storage and been managed by third parties whose trustworthiness is questionable at times. Our work seeks to enhance data privacy by constructing a self-expiring data capsule. Sensitive data is encapsulated into a capsule which is associated with an access policy an expiring condition. The former indicates eligibility of functions that can access the data, and the latter dictates when the data should become inaccessible to anyone, including the previously eligible functions. Access to the data capsule, as well as its dismantling once the expiring condition is met, are governed by a committee of independent and mutually distrusting nodes. The pivotal contribution of our work is an integration of hardware primitive, state machine replication and threshold secret sharing in the design of the self-expiring data encapsulation framework. We implement the proposed framework in a system called TEEKAP. Our empirical experiments conducted on a realistic deployment setting with the access control committee spanning across four geographical regions reveal that TEEKAP can process access requests at scale with sub-second latency.
Permissioned blockchain such as Hyperledger fabric enables a secure supply chain model in Industrial Internet of Things (IIoT) through multichannel and private data collection mechanisms. Sharing of Industrial data including private data exchange at every stage between supply chain partners helps to improve product quality, enable future forecast, and enhance management activities. However, the existing data sharing and querying mechanism in Hyperledger fabric is not suitable for supply chain environment in IIoT because the queries are evaluated on actual data stored on ledger which consists of sensitive information such as business secrets, and special discounts offered to retailers and individuals. To solve this problem, we propose a differential privacy-based permissioned blockchain using Hyperledger fabric to enable private data sharing in supply chain in IIoT (DH-IIoT). We integrate differential privacy into the chaindcode (smart contract) of Hyperledger fabric to achieve privacy preservation. As a result, the query response consists of perturbed data which protects the sensitive information in the ledger. The proposed work (DH-IIoT) is evaluated by simulating a permissioned blockchain using Hyperledger fabric. We compare our differential privacy integrated chaincode of Hyperledger fabric with the default chaincode setting of Hyperledger fabric for supply chain scenario. The results confirm that the proposed work maintains 96.15% of accuracy in the shared data while guarantees the protection of sensitive ledgers data.
comments
Fetching comments Fetching comments
mircosoft-partner

هل ترغب بارسال اشعارات عن اخر التحديثات في شمرا-اكاديميا