TIPS: Threat Sharing Information Platform for Enhanced Security
- URL: http://arxiv.org/abs/2403.05210v1
- Date: Fri, 8 Mar 2024 10:50:49 GMT
- Title: TIPS: Threat Sharing Information Platform for Enhanced Security
- Authors: Lakshmi Rama Kiran Pasumarthy, Hisham Ali, William J Buchanan, Jawad Ahmad, Audun Josang, Vasileios Mavroeidis, Mouad Lemoudden,
- Abstract summary: This paper presents an abstraction of a trusted information-sharing process which integrates Attribute-Based Encryption (ABE), Homomorphic Encryption (HE) and Zero Knowledge Proof (ZKP)
It then provides a protocol exchange between two threat-sharing agents that share encrypted messages through a trusted channel.
- Score: 0.5384718724090648
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: There is an increasing need to share threat information for the prevention of widespread cyber-attacks. While threat-related information sharing can be conducted through traditional information exchange methods, such as email communications etc., these methods are often weak in terms of their trustworthiness and privacy. Additionally, the absence of a trust infrastructure between different information-sharing domains also poses significant challenges. These challenges include redactment of information, the Right-to-be-forgotten, and access control to the information-sharing elements. These access issues could be related to time bounds, the trusted deletion of data, and the location of accesses. This paper presents an abstraction of a trusted information-sharing process which integrates Attribute-Based Encryption (ABE), Homomorphic Encryption (HE) and Zero Knowledge Proof (ZKP) integrated into a permissioned ledger, specifically Hyperledger Fabric (HLF). It then provides a protocol exchange between two threat-sharing agents that share encrypted messages through a trusted channel. This trusted channel can only be accessed by those trusted in the sharing and could be enabled for each data-sharing element or set up for long-term sharing.
Related papers
- MARTSIA: Safeguarding Data Confidentiality in Blockchain-Driven Process Execution [6.26635837045368]
Multi-Authority Approach to Transaction Systems for Interoperating Applications (MARTSIA)
MARTSIA provides read-access control at the message-part level through user-defined policies and certifier-declared attributes.
MARTSIA resorts to encrypted, Multi-Authority Attribute-Based Encryption and distributed hash-table data-stores.
arXiv Detail & Related papers (2024-07-15T12:59:54Z) - CAKE: Sharing Slices of Confidential Data on Blockchain [1.481195148653669]
Control Access via Key Encryption (CAKE) designed to ensure data confidentiality in scenarios involving public blockchains.
We showcase the application of CAKE in the context of a real-world cyber-security project within the logistics domain.
arXiv Detail & Related papers (2024-05-07T09:44:04Z) - Differentiated Security Architecture for Secure and Efficient Infotainment Data Communication in IoV Networks [55.340315838742015]
Negligence on the security of infotainment data communication in IoV networks can unintentionally open an easy access point for social engineering attacks.
In particular, we first classify data communication in the IoV network, examine the security focus of each data communication, and then develop a differentiated security architecture to provide security protection on a file-to-file basis.
arXiv Detail & Related papers (2024-03-29T12:01:31Z) - Secure Aggregation is Not Private Against Membership Inference Attacks [66.59892736942953]
We investigate the privacy implications of SecAgg in federated learning.
We show that SecAgg offers weak privacy against membership inference attacks even in a single training round.
Our findings underscore the imperative for additional privacy-enhancing mechanisms, such as noise injection.
arXiv Detail & Related papers (2024-03-26T15:07:58Z) - Blockchain-enabled Data Governance for Privacy-Preserved Sharing of Confidential Data [1.6006586061577806]
We propose a blockchain-based data governance system that employs attribute-based encryption to prevent privacy leakage and credential misuse.
First, our ABE encryption system can handle multi-authority use cases while protecting identity privacy and hiding access policy.
Second, applying the Advanced Encryption Standard (AES) for data encryption makes the whole system efficient and responsive to real-world conditions.
arXiv Detail & Related papers (2023-09-08T05:01:59Z) - ByzSecAgg: A Byzantine-Resistant Secure Aggregation Scheme for Federated
Learning Based on Coded Computing and Vector Commitment [90.60126724503662]
ByzSecAgg is an efficient secure aggregation scheme for federated learning.
ByzSecAgg is protected against Byzantine attacks and privacy leakages.
arXiv Detail & Related papers (2023-02-20T11:15:18Z) - Privacy-Preserving Joint Edge Association and Power Optimization for the
Internet of Vehicles via Federated Multi-Agent Reinforcement Learning [74.53077322713548]
We investigate the privacy-preserving joint edge association and power allocation problem.
The proposed solution strikes a compelling trade-off, while preserving a higher privacy level than the state-of-the-art solutions.
arXiv Detail & Related papers (2023-01-26T10:09:23Z) - Orchestrating Collaborative Cybersecurity: A Secure Framework for
Distributed Privacy-Preserving Threat Intelligence Sharing [7.977316321387031]
Cyber Threat Intelligence (CTI) sharing is an important activity to reduce information asymmetries between attackers and defenders.
Current literature assumes access to centralized databases containing all the information, but this is not always feasible.
We propose a novel framework for extracting CTI from distributed data on incidents, vulnerabilities and indicators of compromise.
arXiv Detail & Related papers (2022-09-06T17:44:20Z) - Privacy and Trust Redefined in Federated Machine Learning [5.4475482673944455]
We present a privacy-preserving decentralised workflow that facilitates trusted federated learning among participants.
Only entities in possession of Verifiable Credentials issued from the appropriate authorities are able to establish secure, authenticated communication channels.
arXiv Detail & Related papers (2021-03-29T16:47:01Z) - A System for Automated Open-Source Threat Intelligence Gathering and
Management [53.65687495231605]
SecurityKG is a system for automated OSCTI gathering and management.
It uses a combination of AI and NLP techniques to extract high-fidelity knowledge about threat behaviors.
arXiv Detail & Related papers (2021-01-19T18:31:35Z) - BeeTrace: A Unified Platform for Secure Contact Tracing that Breaks Data
Silos [73.84437456144994]
Contact tracing is an important method to control the spread of an infectious disease such as COVID-19.
Current solutions do not utilize the huge volume of data stored in business databases and individual digital devices.
We propose BeeTrace, a unified platform that breaks data silos and deploys state-of-the-art cryptographic protocols to guarantee privacy goals.
arXiv Detail & Related papers (2020-07-05T10:33:45Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.