Papers
Topics
Authors
Recent
Detailed Answer
Quick Answer
Concise responses based on abstracts only
Detailed Answer
Well-researched responses based on abstracts and relevant paper content.
Custom Instructions Pro
Preferences or requirements that you'd like Emergent Mind to consider when generating responses
Gemini 2.5 Flash
Gemini 2.5 Flash 52 tok/s
Gemini 2.5 Pro 47 tok/s Pro
GPT-5 Medium 18 tok/s Pro
GPT-5 High 13 tok/s Pro
GPT-4o 100 tok/s Pro
Kimi K2 192 tok/s Pro
GPT OSS 120B 454 tok/s Pro
Claude Sonnet 4 37 tok/s Pro
2000 character limit reached

TIPS: Threat Sharing Information Platform for Enhanced Security (2403.05210v1)

Published 8 Mar 2024 in cs.CR

Abstract: There is an increasing need to share threat information for the prevention of widespread cyber-attacks. While threat-related information sharing can be conducted through traditional information exchange methods, such as email communications etc., these methods are often weak in terms of their trustworthiness and privacy. Additionally, the absence of a trust infrastructure between different information-sharing domains also poses significant challenges. These challenges include redactment of information, the Right-to-be-forgotten, and access control to the information-sharing elements. These access issues could be related to time bounds, the trusted deletion of data, and the location of accesses. This paper presents an abstraction of a trusted information-sharing process which integrates Attribute-Based Encryption (ABE), Homomorphic Encryption (HE) and Zero Knowledge Proof (ZKP) integrated into a permissioned ledger, specifically Hyperledger Fabric (HLF). It then provides a protocol exchange between two threat-sharing agents that share encrypted messages through a trusted channel. This trusted channel can only be accessed by those trusted in the sharing and could be enabled for each data-sharing element or set up for long-term sharing.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (20)
  1. C. Baraniuk, “Ghosts in the machines,” New Scientist, vol. 227, no. 3028, pp. 38–41, 2015.
  2. M. Guarascio, N. Cassavia, F. S. Pisani, and G. Manco, “Boosting cyber-threat intelligence via collaborative intrusion detection,” Future Generation Computer Systems, vol. 135, pp. 30–43, 2022.
  3. J. Polge, J. Robert, and Y. Le Traon, “Permissioned blockchain frameworks in the industry: A comparison,” ICT Express, vol. 7, no. 2, pp. 229–233, 2021. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S2405959520301909
  4. E. Elrom and E. Elrom, “Hyperledger,” The Blockchain Developer: A Practical Guide for Designing, Implementing, Publishing, Testing, and Securing Distributed Blockchain-based Projects, pp. 299–348, 2019.
  5. A.-A. C. services, “Blockchain technologies,” 2022.
  6. C. Grundstrom, K. Väyrynen, N. Iivari, and M. Isomursu, “Making sense of the general data protection regulation—four categories of personal data access challenges,” 2019.
  7. A. Havelange, M. Dumontier, B. Wouters, J. Linde, D. Townend, A. Riedl, and V. Urovi, “Luce: A blockchain solution for monitoring data license accountability and compliance,” arXiv preprint arXiv:1908.02287, 2019.
  8. H. Ali, J. Ahmad, Z. Jaroucheh, P. Papadopoulos, N. Pitropakis, O. Lo, W. Abramson, and W. J. Buchanan, “Trusted threat intelligence sharing in practice and performance benchmarking through the hyperledger fabric platform,” Entropy, vol. 24, no. 10, p. 1379, 2022.
  9. L. Sgaglione, L. Coppolino, S. D’Antonio, G. Mazzeo, L. Romano, D. Cotroneo, and A. Scognamiglio, “Privacy preserving intrusion detection via homomorphic encryption,” pp. 321–326, 2019.
  10. J. M. de Fuentes, L. González-Manzano, J. Tapiador, and P. Peris-Lopez, “Pracis: Privacy-preserving and aggregatable cybersecurity information sharing,” Computers & Security, vol. 69, pp. 127–141, 2017, security Data Science and Cyber Threat Management. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0167404816301821
  11. D. W. Chadwick, W. Fan, G. Costantino, R. de Lemos, F. Di Cerbo, I. Herwono, M. Manea, P. Mori, A. Sajjad, and X.-S. Wang, “A cloud-edge based data security architecture for sharing and analysing cyber threat information,” Future Generation Computer Systems, vol. 102, pp. 710–722, 2020. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0167739X19300895
  12. “Ec c3isp project,” 2022. [Online]. Available: https://c3isp.eu
  13. K. Rantos, A. Spyros, A. Papanikolaou, A. Kritsas, C. Ilioudis, and V. Katos, “Interoperability challenges in the cybersecurity information sharing ecosystem,” Computers, vol. 9, no. 1, p. 18, 2020.
  14. J. Connolly, M. Davidson, and C. Schmidt, “The trusted automated exchange of indicator information (taxii),” The MITRE Corporation, pp. 1–20, 2014.
  15. E. W. Burger, M. D. Goodman, P. Kampanakis, and K. A. Zhu, “Taxonomy model for cyber threat intelligence information exchange technologies,” pp. 51–60, 2014.
  16. T. D. Wagner, E. Palomar, K. Mahbub, and A. E. Abdallah, “A novel trust taxonomy for shared cyber threat intelligence,” Security and Communication Networks, vol. 2018, 2018.
  17. V. Mavroeidis and S. Bromander, “Cyber threat intelligence model: an evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence,” pp. 91–98, 2017.
  18. H. Ali, P. Papadopoulos, J. Ahmad, N. Pitropakis, Z. Jaroucheh, and W. J. Buchanan, “Privacy-preserving and trusted threat intelligence sharing using distributed ledgers,” in 2021 14th International Conference on Security of Information and Networks (SIN), vol. 1.   IEEE, 2021, pp. 1–6.
  19. H. Ali, M. Abubakar, J. Ahmad, W. J. Buchanan, and Z. Jaroucheh, “Passion: Permissioned access control for segmented devices and identity for iot networks,” arXiv preprint arXiv:2310.05032, 2023.
  20. S. Jarecki, H. Krawczyk, and J. Xu, “Opaque: an asymmetric pake protocol secure against pre-computation attacks,” in Advances in Cryptology–EUROCRYPT 2018: 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tel Aviv, Israel, April 29-May 3, 2018 Proceedings, Part III 37.   Springer, 2018, pp. 456–486.
List To Do Tasks Checklist Streamline Icon: https://streamlinehq.com

Collections

Sign up for free to add this paper to one or more collections.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
Dice Question Streamline Icon: https://streamlinehq.com

Follow-Up Questions

We haven't generated follow-up questions for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets

Don't miss out on important new AI/ML research

See which papers are being discussed right now on X, Reddit, and more:

Explore Trending Papers

“Emergent Mind helps me see which AI papers have caught fire online.”

Philip

Philip

Creator, AI Explained on YouTube