SPM-SeCTIS: Severity Pattern Matching for Secure Computable Threat Information Sharing in Intelligent Additive Manufacturing

Abstract

Sharing Cyber Threat Intelligence (CTI) enables organisations to work together to defend against cyberattacks. However, current methods often fail to adequately protect sensitive information, leading to security risks, especially in Intelligent Additive Manufacturing (IAM) systems. In these systems, the security and privacy of incident data collected by IoT devices are essential, as revealing threat information, such as types, impacts, and organisational interests, could be harmful. To address these challenges, we propose the Severity Pattern Matching for a Secure Computable Threat Information Sharing System (SPM-SeCTIS). This system is designed to maintain privacy by allowing intermediaries to pass along threat information without accessing sensitive details, such as the type or severity of the threats. SPM-SeCTIS ensures that attackers cannot determine which incidents organisations are interested in or what specific threats they monitor. The system employs Homomorphic Encryption (HE) to conduct threat pattern matching on encrypted data, keeping sensitive information confidential even during analysis. Our performance tests indicate that SPM-SeCTIS operates efficiently, requiring minimal time for encryption and decryption processes. Additionally, the system scales effectively, handling a large number of subscribers and incidents with ease. Compared to existing methods, SPM-SeCTIS provides improved security measures and better overall performance, making it a robust solution for protecting sensitive threat information.