Hisham Ali H.Ali@napier.ac.uk
Research Student
Trusted Threat Intelligence Sharing in Practice and Performance Benchmarking through the Hyperledger Fabric Platform
Ali, Hisham; Ahmad, Jawad; Jaroucheh, Zakwan; Papadopoulos, Pavlos; Pitropakis, Nikolaos; Lo, Owen; Abramson, Will; Buchanan, William J.
Authors
Dr Jawad Ahmad J.Ahmad@napier.ac.uk
Lecturer
Dr Zakwan Jaroucheh Z.Jaroucheh@napier.ac.uk
Lecturer
Dr Pavlos Papadopoulos P.Papadopoulos@napier.ac.uk
Lecturer
Dr Nick Pitropakis N.Pitropakis@napier.ac.uk
Associate Professor
Dr Owen Lo O.Lo@napier.ac.uk
Senior Research Fellow
Will Abramson
Prof Bill Buchanan B.Buchanan@napier.ac.uk
Professor
Abstract
Historically, threat information sharing has relied on manual modelling and centralised network systems, which can be inefficient, insecure, and prone to errors. Alternatively, private blockchains are now widely used to address these issues and improve overall organisational security. An organisation’s vulnerabilities to attacks might change over time. It is utterly important to find a balance among a current threat, the potential countermeasures, their consequences and costs, and the estimation of the overall risk that this provides to the organisation. For enhancing organisational security and automation, applying threat intelligence technology is critical for detecting, classifying, analysing, and sharing new cyberattack tactics. Trusted partner organisations can then share newly identified threats to improve their defensive capabilities against unknown attacks. On this basis, organisations can help reduce the risk of a cyberattack by providing access to past and current cybersecurity events through blockchain smart contracts and the Interplanetary File System (IPFS). The suggested combination of technologies can make organisational systems more reliable and secure, improving system automation and data quality. This paper outlines a privacy-preserving mechanism for threat information sharing in a trusted way. It proposes a reliable and secure architecture for data automation, quality, and traceability based on the Hyperledger Fabric private-permissioned distributed ledger technology and the MITRE ATT&CK threat intelligence framework. This methodology can also be applied to combat intellectual property theft and industrial espionage.
Citation
Ali, H., Ahmad, J., Jaroucheh, Z., Papadopoulos, P., Pitropakis, N., Lo, O., …Buchanan, W. J. (2022). Trusted Threat Intelligence Sharing in Practice and Performance Benchmarking through the Hyperledger Fabric Platform. Entropy, 24(10), Article 1379. https://doi.org/10.3390/e24101379
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Sep 21, 2022 |
| Online Publication Date | Sep 28, 2022 |
| Publication Date | 2022 |
| Deposit Date | Oct 1, 2022 |
| Journal | Entropy |
| Publisher | MDPI |
| Peer Reviewed | Peer Reviewed |
| Volume | 24 |
| Issue | 10 |
| Article Number | 1379 |
| DOI | https://doi.org/10.3390/e24101379 |
| Keywords | blockchain; smart contract; Hyperledger Fabric; privacy-preserving; Interplanetary File System (IPFS); threat intelligence sharing; MITRE ATT&CK framework; cyber hunting |
| Public URL | http://researchrepository.napier.ac.uk/Output/2926461 |
| Publisher URL | https://www.mdpi.com/1099-4300/24/10/1379/htm |
You might also like
Privacy-preserving and Trusted Threat Intelligence Sharing using Distributed Ledgers
(2022)
Conference Proceeding
A Proposal of a New Chaotic Map for Application in the Image Encryption Domain
(2022)
Journal Article
Multi-Chaos-Based Lightweight Image Encryption-Compression for Secure Occupancy Monitoring
(2022)
Journal Article
A DNA Based Colour Image Encryption Scheme Using A Convolutional Autoencoder
(2022)
Journal Article