Blockchain-based Architecture for Interdomain Cybersecurity Research

Abstract

We designed and developed a novel application that applies blockchain technology in cybersecurity. This architecture allows different companies to come together to promptly exchange cyberattack information in a secure way to detect coordinated or distributed attacks. In addition to this, the architecture allows the public node to connect to the blockchain network and retrieve the stored attack information in real-time. The processes involved in exchanging the attack information are: (i) extraction of the attack information, (ii) preparing and submitting it as transactions to a blockchain network, (iii) verification of the submitted information, (iv) validation and chaining the transaction to blockchain and (v) distribution to other blockchain nodes. The novelty in the proposed work is that the architecture facilitates scalable and secured attack features exchange and ensures the integrity and consistency of the shared features. Furthermore, it detects and prevents malicious activities on the stored data from both outsider and insider threats, it presents the features in a standard format which encourages heterogeneous IDS nodes participation, and finally, it is robust to public IDS nodes joining and leaving the blockchain network.US-Japan binational research community Workshop on Programmable Networking, November 16-18, 2020 (US dates), onlin