Dincy R. Arikkat , Mert Cihangiroglu , Mauro Conti , Rafidha Rehiman K.A. , Serena Nicolazzo , Antonino Nocera , Vinod P.
{"title":"SeCTIS:安全 CTI 共享框架","authors":"Dincy R. Arikkat , Mert Cihangiroglu , Mauro Conti , Rafidha Rehiman K.A. , Serena Nicolazzo , Antonino Nocera , Vinod P.","doi":"10.1016/j.future.2024.107562","DOIUrl":null,"url":null,"abstract":"<div><div>The rise of IT-dependent operations in modern organizations has heightened their vulnerability to cyberattacks. Organizations are inadvertently enlarging their vulnerability to cyber threats by integrating more interconnected devices into their operations, which makes these threats both more sophisticated and more common. Consequently, organizations have been compelled to seek innovative approaches to mitigate the menaces inherent in their infrastructure. In response, considerable research efforts have been directed towards creating effective solutions for sharing Cyber Threat Intelligence (CTI). Current information-sharing methods lack privacy safeguards, leaving organizations vulnerable to proprietary and confidential data leaks. To tackle this problem, we designed a novel framework called SeCTIS (Secure Cyber Threat Intelligence Sharing), integrating Swarm Learning and Blockchain technologies to enable businesses to collaborate, preserving the privacy of their CTI data. Moreover, our approach provides a way to assess the data and model quality and the trustworthiness of all the participants leveraging some <em>validators</em> through Zero Knowledge Proofs. Extensive experimentation has confirmed the accuracy and performance of our framework. Furthermore, our detailed attack model analyzes its resistance to attacks that could impact data and model quality.</div></div>","PeriodicalId":55132,"journal":{"name":"Future Generation Computer Systems-The International Journal of Escience","volume":"164 ","pages":"Article 107562"},"PeriodicalIF":6.2000,"publicationDate":"2024-10-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"SeCTIS: A framework to Secure CTI Sharing\",\"authors\":\"Dincy R. Arikkat , Mert Cihangiroglu , Mauro Conti , Rafidha Rehiman K.A. , Serena Nicolazzo , Antonino Nocera , Vinod P.\",\"doi\":\"10.1016/j.future.2024.107562\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The rise of IT-dependent operations in modern organizations has heightened their vulnerability to cyberattacks. Organizations are inadvertently enlarging their vulnerability to cyber threats by integrating more interconnected devices into their operations, which makes these threats both more sophisticated and more common. Consequently, organizations have been compelled to seek innovative approaches to mitigate the menaces inherent in their infrastructure. In response, considerable research efforts have been directed towards creating effective solutions for sharing Cyber Threat Intelligence (CTI). Current information-sharing methods lack privacy safeguards, leaving organizations vulnerable to proprietary and confidential data leaks. To tackle this problem, we designed a novel framework called SeCTIS (Secure Cyber Threat Intelligence Sharing), integrating Swarm Learning and Blockchain technologies to enable businesses to collaborate, preserving the privacy of their CTI data. Moreover, our approach provides a way to assess the data and model quality and the trustworthiness of all the participants leveraging some <em>validators</em> through Zero Knowledge Proofs. Extensive experimentation has confirmed the accuracy and performance of our framework. Furthermore, our detailed attack model analyzes its resistance to attacks that could impact data and model quality.</div></div>\",\"PeriodicalId\":55132,\"journal\":{\"name\":\"Future Generation Computer Systems-The International Journal of Escience\",\"volume\":\"164 \",\"pages\":\"Article 107562\"},\"PeriodicalIF\":6.2000,\"publicationDate\":\"2024-10-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Future Generation Computer Systems-The International Journal of Escience\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167739X24005260\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Future Generation Computer Systems-The International Journal of Escience","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167739X24005260","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
The rise of IT-dependent operations in modern organizations has heightened their vulnerability to cyberattacks. Organizations are inadvertently enlarging their vulnerability to cyber threats by integrating more interconnected devices into their operations, which makes these threats both more sophisticated and more common. Consequently, organizations have been compelled to seek innovative approaches to mitigate the menaces inherent in their infrastructure. In response, considerable research efforts have been directed towards creating effective solutions for sharing Cyber Threat Intelligence (CTI). Current information-sharing methods lack privacy safeguards, leaving organizations vulnerable to proprietary and confidential data leaks. To tackle this problem, we designed a novel framework called SeCTIS (Secure Cyber Threat Intelligence Sharing), integrating Swarm Learning and Blockchain technologies to enable businesses to collaborate, preserving the privacy of their CTI data. Moreover, our approach provides a way to assess the data and model quality and the trustworthiness of all the participants leveraging some validators through Zero Knowledge Proofs. Extensive experimentation has confirmed the accuracy and performance of our framework. Furthermore, our detailed attack model analyzes its resistance to attacks that could impact data and model quality.
期刊介绍:
Computing infrastructures and systems are constantly evolving, resulting in increasingly complex and collaborative scientific applications. To cope with these advancements, there is a growing need for collaborative tools that can effectively map, control, and execute these applications.
Furthermore, with the explosion of Big Data, there is a requirement for innovative methods and infrastructures to collect, analyze, and derive meaningful insights from the vast amount of data generated. This necessitates the integration of computational and storage capabilities, databases, sensors, and human collaboration.
Future Generation Computer Systems aims to pioneer advancements in distributed systems, collaborative environments, high-performance computing, and Big Data analytics. It strives to stay at the forefront of developments in grids, clouds, and the Internet of Things (IoT) to effectively address the challenges posed by these wide-area, fully distributed sensing and computing systems.