Skip to main content

An Architecture for Privacy-preserving Sharing of CTI with 3rd party Analysis Services

Giubilo, Fabio, Sajjad, Ali, Shackleton, Mark, Chadwick, David W., Fan, Wenjun, de Lemos, Rogério (2018) An Architecture for Privacy-preserving Sharing of CTI with 3rd party Analysis Services. In: 2017 12th International Conference for Internet Technology and Secured Transactions (ICITST). . IEEE ISBN 978-1-5386-0598-1. E-ISBN 978-1-908320-93-3. (doi:10.23919/ICITST.2017.8356404)

Abstract

Increasing numbers of Small and Medium Enterprises (SME) are outsourcing or hosting their services on different Cloud Service Providers (CSP). They are also using different security services from these CSPs such as firewalls, intrusion detection/prevention systems and anti-malware. Although for the SMEs the main purpose of using these security services is to protect their cyber assets, either physical or virtual, from security threats and compromises, a very useful and valuable by-product of these security services is the wealth of Cyber Threat Information (CTI) that is collected over time. However, a common problem faced by SMEs is that they lack the resources and expertise for monitoring, analysing and reacting to any security notifications, alerts or events generated by the security services they have subscribed to. An obvious solution to this problem is that the SMEs outsource this problem to a cloud based service as well, by sharing their CTI with this service and allowing it to analyse the information and generate actionable reports or patches. The more CTI obtained from different SMEs, the better the analysis result. In this paper, we try to address some of the privacy and confidentiality issues that arise as a result of different SMEs sharing their CTI with such a third party analysis service for the aggregate analysis scenario we just described. We present the design and architecture of our solution that aims to allow SMEs to perform policy-based sharing of CTI, while also offering them flexible privacy and confidentiality controls.

Item Type: Conference or workshop item (Paper)
DOI/Identification number: 10.23919/ICITST.2017.8356404
Uncontrolled keywords: data privacy and confidentiality, cyber threat information, analysis services, infrastructure architecture, policy based sharing
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming, > QA76.9.C58 Computational grids
Divisions: Faculties > Sciences > School of Computing
Depositing User: Rogerio de Lemos
Date Deposited: 30 Jan 2018 14:41 UTC
Last Modified: 29 May 2019 20:12 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/65817 (The current URI for this page, for reference purposes)
de Lemos, Rogério: https://orcid.org/0000-0002-0281-6308
  • Depositors only (login required):

Downloads

Downloads per month over past year