Skip to main content

Research Repository

Advanced Search

Trusted Threat Sharing and Privacy Preserving using LLMs

People Involved

Project Description

Organisations are facing an increasing number of cyber threats, which makes it evident that relying solely on security tools and technologies may fail to detect malware, indicators of compromise, and emerging threats. As a result, organisations must remain vigilant in the face of ever-evolving cybercrime threats. Threat intelligence sharing is considered as one of the proactive defensive approaches for improving system detectability and incident response times and enhancing trusted partner security posture. However, threat sharing stakeholders have faced several challenges; the most prominent ones are a lack of trust and privacy concerns. In this context, we provide a solution that aims to address the issues of sharing sensitive data among multiple users through a secure and trusted infrastructure, employing a unified threat language. Our solution integrates cutting-edge technologies of AI, such as LLMs (privateGPT), automating threat sharing, and protecting data privacy, thereby enabling organisations to enhance their security posture, speed up attack detection, and reduce response times. The proposed work entails implementing trusted sharing through Hyperledger Fabric, a digital signature (Wallet), and STIX 2.1 (CACAO security playbooks). Threat sharing in cybersecurity can often contain sensitive information, which might be: covered by privacy regulations; time-sensitive; should only be seen by certain people; and need to contain redacted information. For this, we use smart contracts and CP-ABE (ciphertext-policy attribute-based encryption) for fine-grained control over sensitive data. This invention allows for a cryptographic method of interlocking each element of the information passed between a source of threat information and a consumer of it and enabling key information passing attributes such as time-bombing, time revealing, location-locking, and message redaction. Through this approach, organisations can establish a collaborative and secure platform to share threat intelligence, enhance their situational awareness, and proactively address emerging cyber threats.

Type of Project P05 - Government Research Grants
Status Project Complete
Funder(s) Innovate UK
Value £12,620.00
Project Dates Apr 1, 2024 - May 31, 2024

You might also like

Project Quaisten Jun 1, 2014 - Aug 1, 2015
To develop a question generator API to pull information from the web, based on defined questions types, confirming correct answers and implementing a process of question difficulty based on metrics about the individual question type and possible answ... Read More about Project Quaisten.

Fragment Finder Mar 27, 2015 - Jan 18, 2016
Fragment Finder (FF) enables a new, high-speed approach to digital forensics. It is unique in that it will build a more efficient technical architecture for the creation, storage and use of hash signatures in digital forensics. The key focus of FF is... Read More about Fragment Finder.

Onyu_Secure Apr 1, 2015 - Jul 31, 2015
The project undertaken by Onyu and ENU will concentrate around the mobile application that is under development by the team at Onyu.

Working with ENU our key objectives are:
1.Validation of our zero-knowledge encryption solution
2.Creation of a... Read More about Onyu_Secure.