Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Security Issues in Cyber Threat Intelligence Exchange: A Review

  • Conference paper
  • First Online:
Intelligent Computing (SAI 2023)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 739))

Included in the following conference series:

  • 864 Accesses

Abstract

The cost and time required by individual organizations to build an effective cyber defence can become overwhelming with the growing number of cyber attacks. Hence, the introduction of platforms that encourage collaborative effort in the fight against cyber attacks is considered advantageous. However, the acceptability and efficiency of the CTI exchange platforms is massively challenged by lack of trust caused by security issues encountered in such communities. This review examines the security and participation cost issues revolving around the willingness of participants to either join or actively participate in CTI exchange communities and proposed solutions to the security issues from the research perspective.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 219.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 279.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Dandurand, L., Serrano, O.S.: Towards improved cyber security information sharing. In: 2013 5th International Conference on Cyber Conflick (CYCON 2013), pp. 1–16. IEEE (2013)

    Google Scholar 

  2. Locasto, M.E., Parekh, J.J., Keromytis, A.D., Stolfo, S.J.: Towards collaborative security and P2P intrusion detection. In: Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, pp. 333–339. IEEE (2005)

    Google Scholar 

  3. Pala, A., Zhuang, J.: Information sharing in cybersecurity: a review. Decis. Anal. 16(3), 172–196 (2019)

    Article  MathSciNet  Google Scholar 

  4. Rutkowski, A., et al.: CYBEX-the cybersecurity information exchange framework (X.1500). ACM SIGCOMM Comput. Commun. Rev. 40(5), 59–64 (2010)

    Article  Google Scholar 

  5. Riesco, R., Larriva-Novo, X., Villagra, V.A.: Cybersecurity threat intelligence knowledge exchange based on blockchain. Telecommun. Syst. 73(2), 259–288 (2020)

    Article  Google Scholar 

  6. Vazquez, D.F., Acosta, O.P., Spirito, C., Brown, S., Reid, E.: Conceptual framework for cyber defense information sharing within trust relationships. In: 2012 4th International Conference on Cyber Conflict (CYCON 2012), pp. 1–17. IEEE (2012)

    Google Scholar 

  7. Rahman, N.H., Kessler, G.C., Choo, K.K.: Implications of emerging technologies to incident handling and digital forensic strategies: a routine activity theory. In: Contemporary Digital Forensic Investigations of Cloud and Mobile Applications, pp. 131–146. Syngress (2017)

    Google Scholar 

  8. Clifton, C., et al.: Privacy-preserving data integration and sharing. In: Proceedings of the 9th ACM SIGMOD Workshop on Research Issues in Data Mining and Knowledge Discovery, pp. 19–26 (2004)

    Google Scholar 

  9. Sauerwein, C., Sillaber, C., Mussmann, A., Breu, R.: Threat intelligence sharing platforms: an exploratory study of software vendors and research perspective (2017)

    Google Scholar 

  10. Abu, M.S., Selamat, S.R., Ariffin, A., Yusof, R.: Cyber threat intelligence - issues and challenges. Indones. J. Electr. Eng. Comput. Sci. 10(1), 371–9 (2018)

    Google Scholar 

  11. Zibak, A., Simpson, A.: Cyber threat information sharing perceived benefits and barriers. In: Proceedings of the 14th International Conference on Availability, Reliability and Security, pp. 1–9 (2019)

    Google Scholar 

  12. Mkuzangwe, N.N., Khan, Z.C.: Cyber-threat information sharing standards: a review of evaluation literature. Afr. J. Inf. Commun. 25, 1–12 (2020)

    Google Scholar 

  13. Cascavilla, G., Tamburri, D.A., Van Den Heuvel, W.J.: Cybercrime threat intelligence: a systematic multi-vocal literature review. Comput. Secur. 105, 102258 (2021)

    Article  Google Scholar 

  14. Saxena, R., Gayathri, E.: Cyber threat intelligence challenges: leveraging blockchain intelligence with possible solution. Mater. Today Proc. 51, 682–689 (2022)

    Article  Google Scholar 

  15. Voutilainen, J., Kari, M.: Strategic cyber threat intelligence: buidling the situational picture with emerging technologies. In: Proceedings of the European Conference on Information Warfare and Security, Academic Conference International (2020)

    Google Scholar 

  16. Traffic Light Protocol (TLP) definitions and usage. https://www.cisa.gov/tlp

  17. van de Kamp, T., Peter, A., Everts, MH., Jonker, W.: Private sharing of IOCs and sightings. In: Proceedings of the 2016 ACM on Workshop on Information Sharing and Collaborative Security, pp. 35–38 (2016)

    Google Scholar 

  18. Preuveneers, D., Joosen, W.: TATIS: trustworthy APIs for threat intelligence sharing with UMA and CP-ABE. In: Benzekri, A., Barbeau, M., Gong, G., Laborde, R., Garcia-Alfaro, J. (eds.) FPS 2019. LNCS, vol. 12056, pp. 172–188. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45371-8_11

    Chapter  Google Scholar 

  19. Vakilinia, I., Tosh, D.K., Sengupta, S.: Attribute based sharing in cybersecurity information exchange framework. In: 2017 International Symposium on Performance Evaluation of Computer and Telecommunication Systems (SPECTS), pp. 1–6. IEEE (2017)

    Google Scholar 

  20. Vakilinia, I., Tosh, D.K., Sengupta, S.: Privacy-preserving cybersecurity information exchange mechanism. In: 2017 International Symposium on Performance Evaluation of Computer and Telecommunication Systems (SPECTS), pp. 1–7 (2017)

    Google Scholar 

  21. Wagner, T.D., Palomar, E., Mahbub, K., Abdallah, A.E.: Towards an anonymity supported platform for shared cyber threat intelligence. In: Cuppens, N., Cuppens, F., Lanet, J.-L., Legay, A., Garcia-Alfaro, J. (eds.) CRiSIS 2017. LNCS, vol. 10694, pp. 175–183. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-76687-4_12

    Chapter  Google Scholar 

  22. Badsha, S., Vakilinia, I., Sengupta, S.: Privacy preserving cyber threat information sharing and learning for cyber defense. In: 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC), pp. 908–714. IEEE (2019)

    Google Scholar 

  23. Rawat, D.B., Njilla, L., Kwiat, K., Kamhoua, C.: iShare: blockchain-based privacy-aware multi-agent information sharing games for cyber security. In: 2018 International Conference on Computing Networking and Communications (ICNC), pp. 425–431. IEEE (2018)

    Google Scholar 

  24. Cha, J., Singh, S.K., Pan, Y., Park, J.H.: Blockchain-based cyber threat intelligence system architecture for sustainable computing. Sustainability 12(16), 6401 (2020)

    Article  Google Scholar 

  25. Gong, S., Lee, C.: Blocis: blockchain-based cyber threat intelligence sharing framework for sybil-resistance. Electronics 9(3), 521 (2020)

    Article  Google Scholar 

  26. He, S., Fu, J., Jiang, W., Cheng, Y., Chen, J., Guo, Z.: Blotisrt: blockchain-based threat intelligence sharing and rating technology. In: Proceedings of the 2020 International Conference on Cyberspace Innovation of Advanced Technologies, pp. 524–534 (2020)

    Google Scholar 

  27. Menges, F., Putz, B., Pemul, G.: DEALER: decentralized incentives for threat intelligence reporting and exchange. Int. J. Inf. Secur. 20(5), 741–761 (2021)

    Article  Google Scholar 

  28. Homan, D., Shiel, I., Thorpe, C.: A new network model for cyber threat intelligence sharing using blockchain technology. In: 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–6. IEEE (2019)

    Google Scholar 

  29. Nguyen, K., Pal, S., Jadidi, Z., Dorri, A., Jurdak, R.: A blockchain enabled incentivised framework for cyber threat intelligence sharing in ICS. arXiv: 2112.00262 (2021)

  30. de Fuentes, J.M., Gonzalez-Manzano, L., Tapiador, J., Peris-Lopez, P.: PRACIS: privacy-preserving and aggregatable cybersecurity information sharing. Comput. Secur. 69, 127–141 (2017)

    Article  Google Scholar 

  31. Moubarak, J., Bassil, C., Antoun, J.: On the dissemination of cyber threat intelligence through hyperledger. In: 2021 17th International Conference on the Design of Reliable Communication Networks (DRCN), pp. 1–6 (2021)

    Google Scholar 

  32. Kokkonen, T., Hautamaki, J., Siltanen, J., Hamalainen, T.: Model for sharing the information of cyber security situation awareness between organizations. In: 2016 23rd International Conference on Telecommunications (ICT), pp. 1–5. IEEE (2016)

    Google Scholar 

  33. Pahlevan, M., Voulkidis, A., Velivassaki, T.H.: Secure exchange of cyber threat intelligence using TAXII and distributed ledger technologies-application for electrical power and energy system. In: The 16th International Conference on Availability, Reliability and Security, pp. 1–8 (2021)

    Google Scholar 

  34. Vakilinia, I., Tosh, D.K. Sengupta, S.: 3-way game model for privacy-preserving cybersecurity information exchange framework. In: MILCOM 2017-2017 IEEE Military Communications Conference (MILCOM), pp. 829–834. IEEE (2017)

    Google Scholar 

  35. Tosh, D., Sengupta, S., Kamhoua, C., Kwiat, K., Martin, A.: An evolutionary game theoretic framework for cyber threat information sharing. In: 2015 IEEE International Conference on Communications (ICC), pp. 7341–7346. IEEE (2015)

    Google Scholar 

  36. Tosh, D.K., Sengupta, S., Mukhopadhyay, S., Kamhoua, C.A., Kwiat, K.A.: Game theoretic modeling to enforce security information sharing among firms. In: 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing 2015, pp. 7–12. IEEE (2015)

    Google Scholar 

  37. Vakilinia, I., Sengupta, S.: A coalitional game thoery approach for cybersecurity information sharing. In: MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM), pp. 237–242. IEEE (2017)

    Google Scholar 

  38. Vakilinia, I., Sengupta, S.: Fair and private rewarding in a coalitional game of cybersecurity information sharing. IET Inf. Secur. 13(6), 530–540 (2019)

    Article  Google Scholar 

  39. Xie, W., Yu, X., Zhang, Y., Wang, H.: An improved shapley value benefit distribution mechanism in cooperative game of cyber threat intelligence sharing. In: IEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workships (INFOCOM WKSHPS), pp. 810–815. IEEE (2020)

    Google Scholar 

  40. Thakkar, A., Badsha, S., Sengupta, S.: Game theoretic approach applied in cybersecurity information exchange framework. In: 2020 IEEE 17th Annual Consumer Communication and Networking Conference (CCNC), pp. 1–7. IEEE (2020)

    Google Scholar 

  41. Preuveneers, D., Joosen, W., Bernal Bernabe, J., Skarmeta, A.: Distributed security framework for reliable threat intelligence sharing. Secur. Commun. Netw. (2020)

    Google Scholar 

  42. Keim, Y., Mohapatra, A.K.: Cyber threat intelligence framework using advanced malware forensics. Int. J. Inf. Technol. 1–10 (2019)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Faculty of ICT, Tshwane University of Technology, Pretoria, South Africa

    Moses Olaifa, Joey Jansen van Vuuren & Deon Du Plessis

  2. Department of Computer Science Programme, Faculty of Natural Science, University of Western Cape, Cape Town, South Africa

    Louise Leenen

Authors
  1. Moses Olaifa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Joey Jansen van Vuuren
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Deon Du Plessis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Louise Leenen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Moses Olaifa .

Editor information

Editors and Affiliations

  1. Faculty of Science and Engineering, Saga University, Saga, Japan

    Kohei Arai

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Olaifa, M., van Vuuren, J.J., Du Plessis, D., Leenen, L. (2023). Security Issues in Cyber Threat Intelligence Exchange: A Review. In: Arai, K. (eds) Intelligent Computing. SAI 2023. Lecture Notes in Networks and Systems, vol 739. Springer, Cham. https://doi.org/10.1007/978-3-031-37963-5_89

Download citation

Publish with us

Policies and ethics

Search

Navigation