Skip to main content

Research Repository

Advanced Search

Trusted Threat Intelligence Sharing in Practice and Performance Benchmarking through the Hyperledger Fabric Platform

Ali, Hisham; Ahmad, Jawad; Jaroucheh, Zakwan; Papadopoulos, Pavlos; Pitropakis, Nikolaos; Lo, Owen; Abramson, Will; Buchanan, William J.

Authors

Will Abramson



Abstract

Historically, threat information sharing has relied on manual modelling and centralised network systems, which can be inefficient, insecure, and prone to errors. Alternatively, private blockchains are now widely used to address these issues and improve overall organisational security. An organisation’s vulnerabilities to attacks might change over time. It is utterly important to find a balance among a current threat, the potential countermeasures, their consequences and costs, and the estimation of the overall risk that this provides to the organisation. For enhancing organisational security and automation, applying threat intelligence technology is critical for detecting, classifying, analysing, and sharing new cyberattack tactics. Trusted partner organisations can then share newly identified threats to improve their defensive capabilities against unknown attacks. On this basis, organisations can help reduce the risk of a cyberattack by providing access to past and current cybersecurity events through blockchain smart contracts and the Interplanetary File System (IPFS). The suggested combination of technologies can make organisational systems more reliable and secure, improving system automation and data quality. This paper outlines a privacy-preserving mechanism for threat information sharing in a trusted way. It proposes a reliable and secure architecture for data automation, quality, and traceability based on the Hyperledger Fabric private-permissioned distributed ledger technology and the MITRE ATT&CK threat intelligence framework. This methodology can also be applied to combat intellectual property theft and industrial espionage.

Journal Article Type Article
Acceptance Date Sep 21, 2022
Online Publication Date Sep 28, 2022
Publication Date 2022
Deposit Date Oct 1, 2022
Publicly Available Date Jun 26, 2023
Journal Entropy
Publisher MDPI
Peer Reviewed Peer Reviewed
Volume 24
Issue 10
Article Number 1379
DOI https://doi.org/10.3390/e24101379
Keywords blockchain; smart contract; Hyperledger Fabric; privacy-preserving; Interplanetary File System (IPFS); threat intelligence sharing; MITRE ATT&CK framework; cyber hunting
Public URL http://researchrepository.napier.ac.uk/Output/2926461
Publisher URL https://www.mdpi.com/1099-4300/24/10/1379/htm

Files







You might also like



Downloadable Citations