Towards an Anonymity Supported Platform for Shared Cyber Threat Intelligence

Over the last few years, cyber defense strategies in large organizations have gradually shifted from being reactive to being increasingly pro-active. In the latter mode threats are anticipated and corresponding mitigations are actionable. An essential component of this strategy is the ability to share threat intelligence from multiple sources ranging from crowd sourcing to closed circles of trusted stakeholders and their supply chains. This paper presents a collaborative platform that supports sharing of cyber threat intelligence in which anonymity is a key component. The component has been compared to existing threat intelligence sharing solutions. The design of the component is examined and a prototype of the supporting tool has been implemented.

[1]  Murtuza Jadliwala,et al.  Measuring Anonymity of Pseudonymized Data After Probabilistic Background Attacks , 2017, IEEE Transactions on Information Forensics and Security.

[2]  Aziz Mohaisen,et al.  Rethinking information sharing for threat intelligence , 2017, HotWeb.

[3]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[4]  Johan Sigholm,et al.  Towards Offensive Cyber Counterintelligence: Adopting a Target-Centric View on Advanced Persistent Threats , 2013, 2013 European Intelligence and Security Informatics Conference.

[5]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[6]  Aziz Mohaisen,et al.  Rethinking Information Sharing for Actionable Threat Intelligence , 2017, ArXiv.

[7]  Juan E. Tapiador,et al.  PRACIS: Privacy-preserving and aggregatable cybersecurity information sharing , 2017, Comput. Secur..

[8]  Frank Fransen,et al.  Cyber security information exchange to gain insight into the effects of cyber threats and incidents , 2015, Elektrotech. Informationstechnik.

[9]  Cynthia Wagner,et al.  MISP: The Design and Implementation of a Collaborative Threat Intelligence Sharing Platform , 2016, WISCS@CCS.

[10]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[11]  Panos Kampanakis,et al.  Security Automation and Threat Information-Sharing Options , 2014, IEEE Security & Privacy.

[12]  Eric W. Burger,et al.  Taxonomy Model for Cyber Threat Intelligence Information Exchange Technologies , 2014, WISCS '14.

[13]  Lorena González-Manzano,et al.  Shall We Collaborate?: A Model to Analyse the Benefits of Information Sharing , 2016, WISCS@CCS.