TY - UNPB
T1 - TRADE
T2 - TRusted Anonymous Data Exchange: Threat Sharing Using Blockchain Technology
AU - Allouche, Yair
AU - Tapas, Nachiket
AU - Longo, Francesco
AU - Shabtai, Asaf
AU - Wolfsthal, Yaron
PY - 2021/3/24
Y1 - 2021/3/24
N2 - Cyber attacks are becoming more frequent and sophisticated, introducing
significant challenges for organizations to protect their systems and
data from threat actors. Today, threat actors are highly motivated,
persistent, and well-founded and operate in a coordinated manner to
commit a diversity of attacks using various sophisticated tactics,
techniques, and procedures. Given the risks these threats present, it
has become clear that organizations need to collaborate and share cyber
threat information (CTI) and use it to improve their security posture.
In this paper, we present TRADE -- TRusted Anonymous Data Exchange -- a
collaborative, distributed, trusted, and anonymized CTI sharing platform
based on blockchain technology. TRADE uses a blockchain-based access
control framework designed to provide essential features and
requirements to incentivize and encourage organizations to share threat
intelligence information. In TRADE, organizations can fully control
their data by defining sharing policies enforced by smart contracts used
to control and manage CTI sharing in the network. TRADE allows
organizations to preserve their anonymity while keeping organizations
fully accountable for their action in the network. Finally, TRADE can be
easily integrated within existing threat intelligence exchange protocols
- such as trusted automated exchange of intelligence information (TAXII)
and OpenDXL, thereby allowing a fast and smooth technology adaptation.
AB - Cyber attacks are becoming more frequent and sophisticated, introducing
significant challenges for organizations to protect their systems and
data from threat actors. Today, threat actors are highly motivated,
persistent, and well-founded and operate in a coordinated manner to
commit a diversity of attacks using various sophisticated tactics,
techniques, and procedures. Given the risks these threats present, it
has become clear that organizations need to collaborate and share cyber
threat information (CTI) and use it to improve their security posture.
In this paper, we present TRADE -- TRusted Anonymous Data Exchange -- a
collaborative, distributed, trusted, and anonymized CTI sharing platform
based on blockchain technology. TRADE uses a blockchain-based access
control framework designed to provide essential features and
requirements to incentivize and encourage organizations to share threat
intelligence information. In TRADE, organizations can fully control
their data by defining sharing policies enforced by smart contracts used
to control and manage CTI sharing in the network. TRADE allows
organizations to preserve their anonymity while keeping organizations
fully accountable for their action in the network. Finally, TRADE can be
easily integrated within existing threat intelligence exchange protocols
- such as trusted automated exchange of intelligence information (TAXII)
and OpenDXL, thereby allowing a fast and smooth technology adaptation.
KW - Computer Science - Cryptography and Security
U2 - 10.48550/arXiv.2103.13158
DO - 10.48550/arXiv.2103.13158
M3 - Preprint
BT - TRADE
ER -