ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development ›› 2020, Vol. 57 ›› Issue (4): 836-846.doi: 10.7544/issn1000-1239.2020.20190404

Previous Articles     Next Articles

Cyber Security Threat Intelligence Sharing Model Based on Blockchain

Huang Kezhen1,2, Lian Yifeng1, Feng Dengguo1, Zhang Haixia1, Liu Yuling1,2, Ma Xiangliang1,2   

  1. 1(Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing 100190);2(University of Chinese Academy of Sciences, Beijing 100049)
  • Online:2020-04-01
  • Supported by: 
    This work was supported by the National Natural Science Foundation of China (U1836211) and the Ministry of Public Security Technology Research Projects (2018JSYJA08).

Abstract: In the process of increasing cyber security attack and defense confrontation, there is a natural asymmetry between the offensive and defensive sides. The CTI (cyber security threat intelligence) sharing is an effective method to improve the responsiveness and effectiveness of the protection party. However, there is a contradiction between the privacy protection requirements of CTI sharing and the need to build a complete attack chain. Aiming at the above contradiction, this paper proposes a blockchain-based CTI sharing model, which uses the account anonymity of the blockchain technology to protect the privacy of CTI sharing party, and at the same time utilizes the tamper-free and accounting of the blockchain technology to prevent the “free-riding” behavior in CTI sharing and guarantee the benefit of CTI sharing party. The one-way encryption function is used to protect the private information in CTI, then the model uses the encrypted CTI to build a complete attack chain, and uses the traceability of the blockchain technology to complete the decryption of the attack source in the attack chain. The smart contract mechanism of the blockchain technology is used to implement an automated early warning and response against cyber security threats. Finally, the feasibility and effectiveness of the proposed model are verified by simulation experiments.

Key words: cyber security, cyber security threat intelligence, attack chain, privacy protection, blockchain

CLC Number: