TY - JOUR
T1 - SeCTIS
T2 - A framework to Secure CTI Sharing
AU - Arikkat, Dincy R.
AU - Cihangiroglu, Mert
AU - Conti, Mauro
AU - Rafidha, Rafidha Rehiman
AU - Nicolazzo, Serena
AU - Nocera, Antonino
AU - P., Vinod
N1 - Publisher Copyright:
© 2024 The Authors
PY - 2025/3
Y1 - 2025/3
N2 - The rise of IT-dependent operations in modern organizations has heightened their vulnerability to cyberattacks. Organizations are inadvertently enlarging their vulnerability to cyber threats by integrating more interconnected devices into their operations, which makes these threats both more sophisticated and more common. Consequently, organizations have been compelled to seek innovative approaches to mitigate the menaces inherent in their infrastructure. In response, considerable research efforts have been directed towards creating effective solutions for sharing Cyber Threat Intelligence (CTI). Current information-sharing methods lack privacy safeguards, leaving organizations vulnerable to proprietary and confidential data leaks. To tackle this problem, we designed a novel framework called SeCTIS (Secure Cyber Threat Intelligence Sharing), integrating Swarm Learning and Blockchain technologies to enable businesses to collaborate, preserving the privacy of their CTI data. Moreover, our approach provides a way to assess the data and model quality and the trustworthiness of all the participants leveraging some validators through Zero Knowledge Proofs. Extensive experimentation has confirmed the accuracy and performance of our framework. Furthermore, our detailed attack model analyzes its resistance to attacks that could impact data and model quality.
AB - The rise of IT-dependent operations in modern organizations has heightened their vulnerability to cyberattacks. Organizations are inadvertently enlarging their vulnerability to cyber threats by integrating more interconnected devices into their operations, which makes these threats both more sophisticated and more common. Consequently, organizations have been compelled to seek innovative approaches to mitigate the menaces inherent in their infrastructure. In response, considerable research efforts have been directed towards creating effective solutions for sharing Cyber Threat Intelligence (CTI). Current information-sharing methods lack privacy safeguards, leaving organizations vulnerable to proprietary and confidential data leaks. To tackle this problem, we designed a novel framework called SeCTIS (Secure Cyber Threat Intelligence Sharing), integrating Swarm Learning and Blockchain technologies to enable businesses to collaborate, preserving the privacy of their CTI data. Moreover, our approach provides a way to assess the data and model quality and the trustworthiness of all the participants leveraging some validators through Zero Knowledge Proofs. Extensive experimentation has confirmed the accuracy and performance of our framework. Furthermore, our detailed attack model analyzes its resistance to attacks that could impact data and model quality.
KW - Blockchain
KW - CTI sharing
KW - Cyber threat intelligence
KW - Federated learning
KW - Internet of Things (IoT)
KW - Swarm learning
KW - Zero knowledge proof
UR - https://www.scopus.com/pages/publications/85207959374
U2 - 10.1016/j.future.2024.107562
DO - 10.1016/j.future.2024.107562
M3 - Article
SN - 0167-739X
VL - 164
JO - Future Generation Computer Systems
JF - Future Generation Computer Systems
M1 - 107562
ER -