4 research outputs found
Blockchain-assisted Undisclosed IIoT Vulnerabilities Trusted Sharing Protection with Dynamic Token
With the large-scale deployment of industrial internet of things (IIoT)
devices, the number of vulnerabilities that threaten IIoT security is also
growing dramatically, including a mass of undisclosed IIoT vulnerabilities that
lack mitigation measures. Coordination Vulnerabilities Disclosure (CVD) is one
of the most popular vulnerabilities sharing solutions, in which some security
workers (SWs) can develop undisclosed vulnerabilities patches together.
However, CVD assumes that sharing participants (SWs) are all honest, and thus
offering chances for dishonest SWs to leak undisclosed IIoT vulnerabilities. To
combat such threats, we propose an Undisclosed IIoT Vulnerabilities Trusted
Sharing Protection (UIV-TSP) scheme with dynamic token. In this article, a
dynamic token is an implicit access credential for an SW to acquire an
undisclosed vulnerability information, which is only held by the system and
constantly updated as the SW access. Meanwhile, the latest updated token can be
stealthily sneaked into the acquired information as the traceability token.
Once the undisclosed vulnerability information leaves the SW host, the embedded
self-destruct program will be automatically triggered to prevent leaks since
the destination MAC address in the traceability token has changed. To quickly
distinguish dishonest SWs, trust mechanism is adopted to evaluate the trust
value of SWs. Moreover, we design a blockchain-assisted continuous logs storage
method to achieve the tamper-proofing of dynamic token and the transparency of
undisclosed IIoT vulnerabilities sharing. The simulation results indicate that
our proposed scheme is resilient to suppress dishonest SWs and protect the IoT
undisclosed vulnerabilities effectively.Comment: 10 pages,12 figure
Applications of Cyber Threat Intelligence (CTI) in Financial Institutions and Challenges in Its Adoption
The critical nature of financial infrastructures makes them prime targets for cybercriminal activities, underscoring the need for robust security measures. This research delves into the role of Cyber Threat Intelligence (CTI) in bolstering the security framework of financial entities and identifies key challenges that could hinder its effective implementation. CTI brings a host of advantages to the financial sector, including real-time threat awareness, which enables institutions to proactively counteract cyber-attacks. It significantly aids in the efficiency of incident response teams by providing contextual data about attacks. Moreover, CTI is instrumental in strategic planning by providing insights into emerging threats and can assist institutions in maintaining compliance with regulatory frameworks such as GDPR and CCPA. Additional applications include enhancing fraud detection capabilities through data correlation, assessing and managing vendor risks, and allocating resources to confront the most pressing cyber threats. The adoption of CTI technologies is fraught with challenges. One major issue is data overload, as the vast quantity of information generated can overwhelm institutions and lead to alert fatigue. The issue of interoperability presents another significant challenge; disparate systems within the financial sector often use different data formats, complicating seamless CTI integration. Cost constraints may also inhibit the adoption of advanced CTI tools, particularly for smaller institutions. A lack of specialized skills necessary to interpret CTI data exacerbates the problem. The effectiveness of CTI is contingent on its accuracy, and false positives and negatives can have detrimental impacts. The rapidly evolving nature of cyber threats necessitates real-time updates, another hurdle for effective CTI implementation. Furthermore, the sharing of threat intelligence among entities, often competitors, is hampered by mistrust and regulatory complications. This research aims to provide a nuanced understanding of the applicability and limitations of CTI within the financial sector, urging institutions to approach its adoption with a thorough understanding of the associated challenges
Π ΠΎΠ·ΡΠΎΠ±ΠΊΠ° ΡΡΡΡΠΊΡΡΡΠΈ Π±Π»ΠΎΠΊΡΠ΅ΠΉΠ½-ΡΡ ΠΎΠ²ΠΈΡΠ° Π΄Π»Ρ ΡΠ½Π΄ΠΈΠΊΠ°ΡΠΎΡΡΠ² ΠΊΠΎΠΌΠΏΡΠΎΠΌΠ΅ΡΠ°ΡΡΡ Π² ΡΠΎΠ·ΠΏΠΎΠ΄ΡΠ»Π΅Π½ΡΠΉ ΡΠΈΡΡΠ΅ΠΌΡ ΠΎΠ±ΠΌΡΠ½Ρ Π·Π°Π³ΡΠΎΠ·Π°ΠΌΠΈ
ΠΠ°Π²Π΄Π°Π½Π½ΡΠΌ ΡΠΎΠ±ΠΎΡΠΈ Ρ ΡΠΎΠ·ΡΠΎΠ±ΠΊΠ° Π°ΡΡ
ΡΡΠ΅ΠΊΡΡΡΠΈ ΡΠΎΠ·ΠΏΠΎΠ΄ΡΠ»Π΅Π½ΠΎΡ ΡΠΈΡΡΠ΅ΠΌΠΈ ΠΎΠ±ΠΌΡΠ½Ρ IoC
ΡΠ° ΡΡΠ²ΠΎΡΠ΅Π½Π½Ρ ΠΏΠΎΡΡΠ²Π½ΡΠ»ΡΠ½ΠΈΡ
Ρ
Π°ΡΠ°ΠΊΡΠ΅ΡΠΈΡΡΠΈΠΊ ΡΠ΅Ρ
Π½ΠΎΠ»ΠΎΠ³ΡΠΉ Π΄Π»Ρ ΡΠ΅Π°Π»ΡΠ·Π°ΡΡΡ
Π°ΡΡ
ΡΡΠ΅ΠΊΡΡΡΠ½ΠΈΡ
Π΅Π»Π΅ΠΌΠ΅Π½ΡΡΠ².
ΠΠ΅ΡΠ° ΡΡΡΡ Π΄ΠΈΠΏΠ»ΠΎΠΌΠ½ΠΎΡ ΡΠΎΠ±ΠΎΡΠΈ ΠΏΠΎΠ»ΡΠ³Π°Ρ Ρ ΡΡΠ²ΠΎΡΠ΅Π½Π½Ρ ΡΠΈΡΡΠ΅ΠΌΠΈ Π΄Π»Ρ Π΅ΡΠ΅ΠΊΡΠΈΠ²Π½ΠΎΠ³ΠΎ
Π·Π±Π΅ΡΡΠ³Π°Π½Π½Ρ ΡΠ° ΠΎΠ±ΠΌΡΠ½Ρ ΡΠ½Π΄ΠΈΠΊΠ°ΡΠΎΡΠ°ΠΌΠΈ ΠΊΠΎΠΌΠΏΡΠΎΠΌΠ΅ΡΠ°ΡΡΡ.
ΠΠ±βΡΠΊΡΠΎΠΌ Π΄ΠΎΡΠ»ΡΠ΄ΠΆΠ΅Π½Π½Ρ Ρ Π°ΡΡ
ΡΡΠ΅ΠΊΡΡΡΠ° ΡΠΎΠ·ΠΏΠΎΠ΄ΡΠ»Π΅Π½ΠΎΡ ΡΠΈΡΡΠ΅ΠΌΠΈ ΠΎΠ±ΠΌΡΠ½Ρ
ΡΠ½Π΄ΠΈΠΊΠ°ΡΠΎΡΠ°ΠΌΠΈ ΠΊΠΎΠΌΠΏΡΠΎΠΌΠ΅ΡΠ°ΡΡΡ Π· Π±Π»ΠΎΠΊΡΠ΅ΠΉΠ½ ΡΡ
ΠΎΠ²ΠΈΡΠ΅ΠΌ Π΄Π»Ρ IoC.
ΠΡΠ΅Π΄ΠΌΠ΅ΡΠΎΠΌ Π΄ΠΎΡΠ»ΡΠ΄ΠΆΠ΅Π½Π½Ρ Ρ ΠΌΠΎΠΆΠ»ΠΈΠ²ΡΡΡΡ Π΅ΡΠ΅ΠΊΡΠΈΠ²Π½ΠΎΠ³ΠΎ Π·Π±Π΅ΡΠ΅ΠΆΠ΅Π½Π½Ρ ΡΠ° ΠΎΠ±ΠΌΡΠ½Ρ
ΡΡΡΠ»ΠΈΠ²ΠΈΠΌΠΈ Π΄Π°Π½ΠΈΠΌΠΈ, ΡΠ°ΠΊΠΈΠΌ ΡΠΊ IoC.The task of the work is to develop the architecture of a distributed IoC exchange
system and create comparative characteristics of the technology for the implementation
of architectural elements, such as databases or blockchains.
The purpose of this graduate work is to create a system for effective storage and
exchange of indicators of compromise.
The object of research is the architecture of a distributed system of exchange of
compromise indicators with blockchain storage for IoC.
The subject of the study is the ability to efficiently store and exchange sensitive
data such as IoC
A new network model for cyber threat intelligence sharing using blockchain technology
The aim of this research is to propose a new blockchain network model that facilitates the secure dissemination of Cyber Threat Intelligence (CTI) data. The primary motivations for this study are based around the recent changes to information security legislation in the European Union and the challenges that Computer Security and Incident Response Teams (CSIRT) face when trying to share actionable and highly sensitive data within systems where participants do not always share the same interests or motivations. We discuss the common problems within the domain of CTI sharing and we propose a new model, that leverages the security properties of blockchain. Our model provides a more effective and efficient framework for a CTI sharing network that has the potential to overcome the trust barriers and data privacy issues inherent in this domain. We implemented a testbed using Hyperledger Fabric and the STIX 2.0 protocol and validated the efficacy of the segmentation, implemented using smart contracts and Fabric channels