iShare: Blockchain-Based Privacy-Aware Multi-Agent Information Sharing Games for Cybersecurity

In this paper, we design, develop, and evaluate a novel information sharing (iShare) framework for cybersecurity with the goal of protecting confidential information and networked infrastructures from future cyber-attacks. The proposed iShare framework leverages the Blockchain concept used in Bitcoin systems where multiple organizations/agencies participate for information sharing (without violating their privacy) to secure and monitor their cyberspace. Note that the Bitcoin for financial transactions has already demonstrated that there is a trusted, auditable sharing with peer-to-peer communications accompanied by a public ledger. The main aim of the Blockchain-based iShare framework is to constantly collect high-resolution, cyber-attack information across organizational boundaries of which the organizations have no specific knowledge or control over any other organizations’ data or damage caused by cyber-attacks. In the proposed iShare framework, the decentralized nature of the Blockchain and digitally signed transactions ensure that an adversary cannot pose as a legitimate organization/user or cannot control/hamper the system because of the digital-signatures and cannot learn anything from the public ledger that has just hashed pointers. Moreover, we analyze the security attacks by outsiders (not participating in the iShare) using a Stackelberg game.

[1]  Ittay Eyal,et al.  The Miner's Dilemma , 2014, 2015 IEEE Symposium on Security and Privacy.

[2]  Alex Pentland,et al.  Decentralizing Privacy: Using Blockchain to Protect Personal Data , 2015, 2015 IEEE Security and Privacy Workshops.

[3]  Tim Benson,et al.  Principles of Health Interoperability HL7 and SNOMED , 2009 .

[4]  T. Başar,et al.  A Stackelberg Network Game with a Large Number of Followers , 2002 .

[5]  Manu Sood,et al.  Software defined network — Architectures , 2014, 2014 International Conference on Parallel, Distributed and Grid Computing.

[6]  Vincent Conitzer,et al.  Stackelberg vs. Nash in Security Games: An Extended Investigation of Interchangeability, Equivalence, and Uniqueness , 2011, J. Artif. Intell. Res..

[7]  Danda B. Rawat,et al.  Detection of False Data Injection Attacks in Smart Grid Communication Systems , 2015, IEEE Signal Processing Letters.

[8]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[9]  Danda B. Rawat,et al.  Vehicular Cyber Physical Systems: Adaptive Connectivity and Security , 2016 .

[10]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[11]  George Kesidis,et al.  Denial-of-service attack-detection techniques , 2006, IEEE Internet Computing.

[12]  P Ping Chen,et al.  Secure multiparty computation for privacy preserving data mining , 2012 .

[13]  Andrew P. Martin,et al.  An evolutionary game-theoretic framework for cyber-threat information sharing , 2014, 2015 IEEE International Conference on Communications (ICC).

[14]  H. V. Jagadish,et al.  Information warfare and security , 1998, SGMD.

[15]  Sandia Report,et al.  Complexity Science Challenges in Cybersecurity , 2009 .

[16]  Danda B. Rawat,et al.  Software Defined Networking Architecture, Security and Energy Efficiency: A Survey , 2017, IEEE Communications Surveys & Tutorials.

[17]  Youki Kadobayashi,et al.  CYBEX: the cybersecurity information exchange framework (x.1500) , 2010, CCRV.

[18]  Tsuyoshi Murata,et al.  {m , 1934, ACML.

[19]  Salil S. Kanhere,et al.  Towards an Optimized BlockChain for IoT , 2017, 2017 IEEE/ACM Second International Conference on Internet-of-Things Design and Implementation (IoTDI).

[20]  Lorena González-Manzano,et al.  Shall We Collaborate?: A Model to Analyse the Benefits of Information Sharing , 2016, WISCS@CCS.

[21]  Wei Jiang,et al.  Healthcare Data Gateways: Found Healthcare Intelligence on Blockchain with Novel Privacy Risk Control , 2016, Journal of Medical Systems.

[22]  Shawn Wilkinson MetaDisk A Blockchain-Based Decentralized File Storage Application , 2014 .

[23]  Chris Clifton,et al.  Privacy-preserving data integration and sharing , 2004, DMKD '04.