基于区块链的网络安全威胁情报共享模型

黄克振; 连一峰; 冯登国; 张海霞; 刘玉岭; 马向亮

doi:10.7544/issn1000-1239.2020.20190404

基于区块链的网络安全威胁情报共享模型

¹(中国科学院软件研究所可信计算与信息保障实验室北京 100190)
²(中国科学院大学北京 100049) (huangkezhen@tca.iscas.ac.cn)

基金项目: 国家自然科学基金项目(U1836211);公安部技术研究计划项目(2018JSYJA08)

详细信息

中图分类号: TP391
计量
- 文章访问数: 2649
- HTML全文浏览量: 13
- PDF下载量: 1221
出版历程
- 发布日期: 2020-03-31

Cyber Security Threat Intelligence Sharing Model Based on Blockchain

¹(Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing 100190)
²(University of Chinese Academy of Sciences, Beijing 100049)

Funds: This work was supported by the National Natural Science Foundation of China (U1836211) and the Ministry of Public Security Technology Research Projects (2018JSYJA08).

摘要

摘要: 在不断加剧的网络安全攻防对抗过程中，攻防双方存在着天然的不对称性，网络安全威胁情报共享利用是一种有效提高防护方响应能力和效果的手段.然而威胁情报共享利用中的隐私保护需求与构建完整攻击链的需求之间存在矛盾.针对上述矛盾点，提出一种基于区块链的网络安全威胁情报共享模型，利用了区块链技术的账户匿名性和不可篡改性，使用单向加密函数保护情报中的隐私信息，基于加密后的情报构建完整攻击链，借助区块链的回溯能力完成攻击链中攻击源的解密.最后，通过实验验证了该模型的可行性和有效性.
- 网络安全 /
- 网络安全威胁情报 /
- 攻击链 /
- 隐私保护 /
- 区块链
Abstract: In the process of increasing cyber security attack and defense confrontation, there is a natural asymmetry between the offensive and defensive sides. The CTI (cyber security threat intelligence) sharing is an effective method to improve the responsiveness and effectiveness of the protection party. However, there is a contradiction between the privacy protection requirements of CTI sharing and the need to build a complete attack chain. Aiming at the above contradiction, this paper proposes a blockchain-based CTI sharing model, which uses the account anonymity of the blockchain technology to protect the privacy of CTI sharing party, and at the same time utilizes the tamper-free and accounting of the blockchain technology to prevent the “free-riding” behavior in CTI sharing and guarantee the benefit of CTI sharing party. The one-way encryption function is used to protect the private information in CTI, then the model uses the encrypted CTI to build a complete attack chain, and uses the traceability of the blockchain technology to complete the decryption of the attack source in the attack chain. The smart contract mechanism of the blockchain technology is used to implement an automated early warning and response against cyber security threats. Finally, the feasibility and effectiveness of the proposed model are verified by simulation experiments.
- cyber security /
- cyber security threat intelligence /
- attack chain /
- privacy protection /
- blockchain

HTML全文

参考文献(0)

施引文献(11)

期刊类型引用(5)

1.	汤梦晨，吴国文，张红，沈士根，曹奇英. 基于微分博弈的异质无线传感器网络恶意程序传播研究与分析. 计算机应用与软件. 2024(07): 100-105 . 百度学术
2.	蔡翔，丁全，汪玉. 基于博弈论的网络安全实战攻防策略研究. 微型电脑应用. 2024(10): 164-168 . 百度学术
3.	韩峰. 基于云计算的数据驱动网络安全防御技术. 数据通信. 2022(02): 37-40 . 百度学术
4.	魏学勇. 基于Markov模型的智慧校园网络安全攻防策略. 电子设计工程. 2021(15): 72-76 . 百度学术
5.	徐茂淑. 计算机网络防御策略求精关键技术分析. 信息与电脑(理论版). 2020(20): 203-205 . 百度学术