Observatorio de I+D+i UPM

Memorias de investigación
Artículos en revistas:
Cybersecurity Threat Intelligence Knowledge Exchange based on blockchain
Año:2019
Áreas de investigación
  • Ingenierías,
  • Tecnología electrónica y de las comunicaciones,
  • Ciencias de la computación y tecnología informática,
  • Sistema informático,
  • Tratamiento de datos
Datos
Descripción
Although cyber threat intelligence (CTI) exchange is a theoretically useful technique for improving security of a society, the potential participants are often reluctant to share their CTI and prefer to consume only, at least in voluntary based approaches. Such behavior destroys the idea of information exchange. On the other hand, governments are forcing specific entities and operators to report them specific incidents depending on their impact, otherwise there could be sanctions to those operators which are not reporting them on time. Obligations and sanctions are usually discouraging participants to share information voluntarily which will just share and report what is strictly required. We propose a paradigm shift of cybersecurity information exchange by introducing a new way to encourage all participants involved, at all levels, to share relevant information dynamically. It will also contribute to the support and deployment of Dynamic Risk Management (DRM) frameworks to keep risks under an acceptance level along the time. Participants will have new and specific incentives to share, invest and consume threat intelligence and risk intelligence information depending on their different roles (producers, consumers, investors, donors and owner). Our proposal leverages from standards like Structured Threat Information Exchange (STIX), as well as W3C semantic web standards to enable a workspace of knowledge related to behavioral threat intelligence patterning to characterize tactics, techniques and procedures (TTP). At the same time, we propose an Ethereum Blockchain Smart contract Marketplace to better incentivize the sharing of that knowledge between all parties involved as well as creating a standard CTI token as a digital asset with a promising value in the market. Simulations and an experimentation were performed to demonstrate its benefits and incentives, but also its potential limits with regard to storage and cost of transactions.
Internacional
Si
JCR del ISI
Si
Título de la revista
Telecommunication Systems
ISSN
1018-4864
Factor de impacto JCR
1,527
Información de impacto
Datos JCR del año 2017
Volumen
DOI
Número de revista
Desde la página
1
Hasta la página
30
Mes
SIN MES
Ranking
Esta actividad pertenece a memorias de investigación
Participantes
  • Autor: Raul Riesco Granadino (UPM)
  • Autor: Xavier Andres Larriva Novo (UPM)
  • Autor: Victor Abraham Villagra Gonzalez (UPM)
Grupos de investigación, Departamentos, Centros e Institutos de I+D+i relacionados
  • Creador: Grupo de Investigación: Redes y Servicios de Telecomunicación e Internet
  • Departamento: Ingeniería de Sistemas Telemáticos
  • Centro o Instituto I+D+i: Centro de I+d+i en Procesado de la Información y Telecomunicaciones
S2i 2023 Observatorio de investigación @ UPM con la colaboración del Consejo Social UPM
Cofinanciación del MINECO en el marco del Programa INNCIDE 2011 (OTR-2011-0236)
Cofinanciación del MINECO en el marco del Programa INNPACTO (IPT-020000-2010-22)