基于区块链的网络安全威胁情报共享模型

黄克振; 连一峰; 冯登国; 张海霞; 刘玉岭; 马向亮

doi:10.7544/issn1000-1239.2020.20190404

基于区块链的网络安全威胁情报共享模型

¹(中国科学院软件研究所可信计算与信息保障实验室北京 100190)
²(中国科学院大学北京 100049) (huangkezhen@tca.iscas.ac.cn)

基金项目: 国家自然科学基金项目(U1836211);公安部技术研究计划项目(2018JSYJA08)

详细信息

中图分类号: TP391
计量
- 文章访问数: 2642
- HTML全文浏览量: 13
- PDF下载量: 1221
出版历程
- 发布日期: 2020-03-31

Cyber Security Threat Intelligence Sharing Model Based on Blockchain

¹(Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing 100190)
²(University of Chinese Academy of Sciences, Beijing 100049)

Funds: This work was supported by the National Natural Science Foundation of China (U1836211) and the Ministry of Public Security Technology Research Projects (2018JSYJA08).

摘要

摘要: 在不断加剧的网络安全攻防对抗过程中，攻防双方存在着天然的不对称性，网络安全威胁情报共享利用是一种有效提高防护方响应能力和效果的手段.然而威胁情报共享利用中的隐私保护需求与构建完整攻击链的需求之间存在矛盾.针对上述矛盾点，提出一种基于区块链的网络安全威胁情报共享模型，利用了区块链技术的账户匿名性和不可篡改性，使用单向加密函数保护情报中的隐私信息，基于加密后的情报构建完整攻击链，借助区块链的回溯能力完成攻击链中攻击源的解密.最后，通过实验验证了该模型的可行性和有效性.
- 网络安全 /
- 网络安全威胁情报 /
- 攻击链 /
- 隐私保护 /
- 区块链
Abstract: In the process of increasing cyber security attack and defense confrontation, there is a natural asymmetry between the offensive and defensive sides. The CTI (cyber security threat intelligence) sharing is an effective method to improve the responsiveness and effectiveness of the protection party. However, there is a contradiction between the privacy protection requirements of CTI sharing and the need to build a complete attack chain. Aiming at the above contradiction, this paper proposes a blockchain-based CTI sharing model, which uses the account anonymity of the blockchain technology to protect the privacy of CTI sharing party, and at the same time utilizes the tamper-free and accounting of the blockchain technology to prevent the “free-riding” behavior in CTI sharing and guarantee the benefit of CTI sharing party. The one-way encryption function is used to protect the private information in CTI, then the model uses the encrypted CTI to build a complete attack chain, and uses the traceability of the blockchain technology to complete the decryption of the attack source in the attack chain. The smart contract mechanism of the blockchain technology is used to implement an automated early warning and response against cyber security threats. Finally, the feasibility and effectiveness of the proposed model are verified by simulation experiments.
- cyber security /
- cyber security threat intelligence /
- attack chain /
- privacy protection /
- blockchain

HTML全文

参考文献(0)

施引文献(6)

期刊类型引用(3)

1.	孙颖，丁卫平，黄嘉爽，鞠恒荣，李铭，耿宇. RCAR-UNet：基于粗糙通道注意力机制的视网膜血管分割网络. 计算机研究与发展. 2023(04): 947-961 . 本站查看
2.	张创邦，王青海. 直觉模糊知识粒的分解与合成研究. 计算机与数字工程. 2022(02): 270-275+299 . 百度学术
3.	朱国成. 基于概率语言术语集中考虑专家权重的决策方法研究. 曲阜师范大学学报(自然科学版). 2021(04): 72-80 . 百度学术