Memorias de investigación
Research Publications in journals:
Cybersecurity Threat Intelligence Knowledge Exchange based on blockchain
Year:2019

Research Areas
  • Engineering,
  • Electronic technology and of the communications,
  • Information technology and adata processing,
  • Computer system,
  • Dataprocessing

Information
Abstract
Although cyber threat intelligence (CTI) exchange is a theoretically useful technique for improving security of a society, the potential participants are often reluctant to share their CTI and prefer to consume only, at least in voluntary based approaches. Such behavior destroys the idea of information exchange. On the other hand, governments are forcing specific entities and operators to report them specific incidents depending on their impact, otherwise there could be sanctions to those operators which are not reporting them on time. Obligations and sanctions are usually discouraging participants to share information voluntarily which will just share and report what is strictly required. We propose a paradigm shift of cybersecurity information exchange by introducing a new way to encourage all participants involved, at all levels, to share relevant information dynamically. It will also contribute to the support and deployment of Dynamic Risk Management (DRM) frameworks to keep risks under an acceptance level along the time. Participants will have new and specific incentives to share, invest and consume threat intelligence and risk intelligence information depending on their different roles (producers, consumers, investors, donors and owner). Our proposal leverages from standards like Structured Threat Information Exchange (STIX), as well as W3C semantic web standards to enable a workspace of knowledge related to behavioral threat intelligence patterning to characterize tactics, techniques and procedures (TTP). At the same time, we propose an Ethereum Blockchain Smart contract Marketplace to better incentivize the sharing of that knowledge between all parties involved as well as creating a standard CTI token as a digital asset with a promising value in the market. Simulations and an experimentation were performed to demonstrate its benefits and incentives, but also its potential limits with regard to storage and cost of transactions.
International
Si
JCR
Si
Title
Telecommunication Systems
ISBN
1018-4864
Impact factor JCR
1,527
Impact info
Datos JCR del año 2017
Volume
Journal number
From page
1
To page
30
Month
SIN MES
Ranking
Participants

Research Group, Departaments and Institutes related
  • Creador: Grupo de Investigación: Redes y Servicios de Telecomunicación e Internet
  • Departamento: Ingeniería de Sistemas Telemáticos
  • Centro o Instituto I+D+i: Centro de I+d+i en Procesado de la Información y Telecomunicaciones