TRADE: TRusted Anonymous Data Exchange: Threat Sharing Using Blockchain Technology

Cyber attacks are becoming more frequent and sophisticated, introducing significant challenges for organizations to protect their systems and data from threat actors. Today, threat actors are highly motivated, persistent, and well-founded and operate in a coordinated manner to commit a diversity of attacks using various sophisticated tactics, techniques, and procedures. Given the risks these threats present, it has become clear that organizations need to collaborate and share cyber threat information (CTI) and use it to improve their security posture. In this paper, we present TRADE – TRusted Anonymous Data Exchange – a collaborative, distributed, trusted, and anonymized CTI sharing platform based on blockchain technology. TRADE uses a blockchain-based access control framework designed to provide essential features and requirements to incentivize and encourage organizations to share threat intelligence information. In TRADE, organizations can fully control their data by defining sharing policies enforced by smart contracts used to control and manage CTI sharing in the network. TRADE allows organizations to preserve their anonymity while keeping organizations fully accountable for their action in the network. Finally, TRADE can be easily integrated within existing threat intelligence exchange protocols such as trusted automated exchange of intelligence information (TAXII) and OpenDXL, thereby allowing a fast and smooth technology adaptation.

[1]  Robert M. Lee,et al.  The Evolution of Cyber Threat Intelligence (CTI): 2019 SANS CTI Survey , 2019 .

[2]  Anas Abou El Kalam,et al.  FairAccess: a new Blockchain-based access control framework for the Internet of Things , 2016, Secur. Commun. Networks.

[3]  Helmut Leopold,et al.  Cyber Situational Awareness , 2015, Elektrotech. Informationstechnik.

[4]  Wiem Tounsi,et al.  A survey on technical threat intelligence in the age of sophisticated cyber attacks , 2018, Comput. Secur..

[5]  David W. Chadwick,et al.  A cloud-edge based data security architecture for sharing and analysing cyber threat information , 2020, Future Gener. Comput. Syst..

[6]  Yue Cao,et al.  Blockchain based permission delegation and access control in Internet of Things (BACI) , 2019, Comput. Secur..

[7]  Tim Moses,et al.  EXtensible Access Control Markup Language (XACML) version 1 , 2003 .

[8]  Behrouz Tork Ladani,et al.  Modeling trust and reputation systems in hostile environments , 2019, Future Gener. Comput. Syst..

[9]  Florian Skopik,et al.  Acquiring Cyber Threat Intelligence through Security Information Correlation , 2017, 2017 3rd IEEE International Conference on Cybernetics (CYBCON).

[10]  Marinella Petrocchi,et al.  Legal and Technical Perspectives in Data Sharing Agreements Definition , 2015, APF.

[11]  Ralph Deters,et al.  Blockchain based access control systems: State of the art and challenges , 2019, 2019 IEEE/WIC/ACM International Conference on Web Intelligence (WI).

[12]  Oscar Novo,et al.  Blockchain Meets IoT: An Architecture for Scalable Access Management in IoT , 2018, IEEE Internet of Things Journal.

[13]  Eugene H. Spafford,et al.  The internet worm program: an analysis , 1989, CCRV.

[14]  Elisa Bertino,et al.  Privacy-Preserving Detection of Sensitive Data Exposure , 2015, IEEE Transactions on Information Forensics and Security.

[15]  Kris Bubendorfer,et al.  Reputation systems: A survey and taxonomy , 2015, J. Parallel Distributed Comput..

[16]  Laura Ricci,et al.  A blockchain based approach for the definition of auditable Access Control systems , 2019, Comput. Secur..

[17]  Laura Ricci,et al.  Blockchain Based Access Control Services , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[18]  Philip S. Yu,et al.  Privacy-preserving data publishing: A survey of recent developments , 2010, CSUR.

[19]  Naoto Yanai,et al.  RBAC-SC: Role-Based Access Control Using Smart Contract , 2018, IEEE Access.

[20]  Stephan Merz,et al.  Towards Verification of the Pastry Protocol Using TLA + , 2011, FMOODS/FORTE.

[21]  Rafal Rohozinski,et al.  Stuxnet and the Future of Cyber War , 2011 .

[22]  Kathleen M. Moriarty,et al.  Incident Coordination , 2011, IEEE Security & Privacy.

[23]  J. R. Scotti,et al.  Available From , 1973 .

[24]  Dimitris Gritzalis,et al.  The Big Four - What We Did Wrong in Advanced Persistent Threat Detection? , 2013, 2013 International Conference on Availability, Reliability and Security.

[25]  José M. Fernandez,et al.  Survey of publicly available reports on advanced persistent threat actors , 2018, Comput. Secur..

[26]  Xia Yang,et al.  An Attribute-Based Collaborative Access Control Scheme Using Blockchain for IoT Devices , 2020, Electronics.

[27]  H SpaffordEugene The internet worm program: an analysis , 1989 .

[28]  Karen A. Scarfone,et al.  The Common Vulnerability Scoring System (CVSS) and its Applicability to Federal Agency Systems , 2007 .

[29]  Michele Colajanni,et al.  Authorization Transparency for Accountable Access to IoT Services , 2019, 2019 IEEE International Congress on Internet of Things (ICIOT).

[30]  Jianfeng Ma,et al.  TrustAccess: A Trustworthy Secure Ciphertext-Policy and Attribute Hiding Access Control Scheme Based on Blockchain , 2020, IEEE Transactions on Vehicular Technology.

[31]  David Waltermire,et al.  Guide to Cyber Threat Information Sharing , 2016 .

[32]  Leslie Lamport,et al.  Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers [Book Review] , 2002, Computer.

[33]  Francesco Longo,et al.  Blockchain-Based IoT-Cloud Authorization and Delegation , 2018, 2018 IEEE International Conference on Smart Computing (SMARTCOMP).

[34]  Bryan Ford,et al.  Hidden in Plain Sight: Storing and Managing Secrets on a Public Ledger , 2018, IACR Cryptol. ePrint Arch..