Privacy-preserving and Trusted Threat Intelligence Sharing using Distributed Ledgers

TL;DR

This paper proposes a decentralized, privacy-preserving threat intelligence sharing system using distributed ledger technology and smart contracts to enhance security, trust, and traceability in sharing sensitive cybersecurity information.

Contribution

It introduces a novel threat sharing framework leveraging distributed ledgers and smart contracts to ensure security, privacy, and trustworthiness in threat information exchange.

Findings

Ensures secure, decentralized threat data sharing.

Maintains privacy and trust through blockchain and smart contracts.

Supports the MITRE ATT&CK framework effectively.

Abstract

Threat information sharing is considered as one of the proactive defensive approaches for enhancing the overall security of trusted partners. Trusted partner organizations can provide access to past and current cybersecurity threats for reducing the risk of a potential cyberattack - the requirements for threat information sharing range from simplistic sharing of documents to threat intelligence sharing. Therefore, the storage and sharing of highly sensitive threat information raises considerable concerns regarding constructing a secure, trusted threat information exchange infrastructure. Establishing a trusted ecosystem for threat sharing will promote the validity, security, anonymity, scalability, latency efficiency, and traceability of the stored information that protects it from unauthorized disclosure. This paper proposes a system that ensures the security principles mentioned above by utilizing a distributed ledger technology that provides secure decentralized operations through smart contracts and provides a privacy-preserving ecosystem for threat information storage and sharing regarding the MITRE ATT\&CK framework.