 Cybersecurity threat intelligence knowledge exchange based on blockchainR. Riesco (),
X. Larriva-Novo () and
V. A. Villagra ()
Telecommunication Systems: Modelling, Analysis, Design and Management, 2020, vol. 73, issue 2, No 9, 259-288 Abstract: Abstract Although cyber threat intelligence (CTI) exchange is a theoretically useful technique for improving security of a society, the potential participants are often reluctant to share their CTI and prefer to consume only, at least in voluntary based approaches. Such behavior destroys the idea of information exchange. On the other hand, governments are forcing specific entities and operators to report them specific incidents depending on their impact, otherwise there could be sanctions to those operators which are not reporting them on time. Obligations and sanctions are usually discouraging participants to share information voluntarily which will just share and report what is strictly required. We propose a paradigm shift of cybersecurity information exchange by introducing a new way to encourage all participants involved, at all levels, to share relevant information dynamically. It will also contribute to the support and deployment of Dynamic Risk Management frameworks to keep risks under an acceptance level along the time. Participants will have new and specific incentives to share, invest and consume threat intelligence and risk intelligence information depending on their different roles (producers, consumers, investors, donors and owner). Our proposal leverages from standards like Structured Threat Information Exchange, as well as W3C semantic web standards to enable a workspace of knowledge related to behavioral threat intelligence patterning to characterize tactics, techniques and procedures. At the same time, we propose an Ethereum Blockchain Smart contract Marketplace to better incentivize the sharing of that knowledge between all parties involved as well as creating a standard CTI token as a digital asset with a promising value in the market. Simulations and an experimentation were performed to demonstrate its benefits and incentives, but also its potential limits with regard to storage and cost of transactions. Keywords: STIX™; SWRL; OWL; Dynamic Risk Management (DRM); Cyber threat intelligence (CTI); Ethereum Blockchain Smart contract (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:spr:telsys:v:73:y:2020:i:2:d:10.1007_s11235-019-00613-4 Ordering information: This journal article can be ordered from DOI: 10.1007/s11235-019-00613-4 Access Statistics for this article Telecommunication Systems: Modelling, Analysis, Design and Management is currently edited by Muhammad Khan More articles in Telecommunication Systems: Modelling, Analysis, Design and Management from Springer |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.