Research on Security Sharing Mechanism of Cyber Threat Intelligence Based on Consortium Blockchain

Research on Security Sharing Mechanism of Cyber Threat Intelligence Based on Consortium Blockchain

연구 분야: Safety

학회: International Artificial Intelligence Conference

In view of this, this paper adopts the consortium blockchain as the underlying framework, and proposes a network threat intelligence security sharing mechanism based on the consortium blockchain, which can avoid the security problems of the centralized sharing mechanism. This mechanism includes two sub-mechanisms: consensus mechanism improvement and sensitive intelligence sharing strategy, which respectively solve the data security problem during sharing and the privacy protection problem during sensitive intelligence sharing, and further improve the security of network threat intelligence sharing in the alliance blockchain. The main work of this paper is as follows: Sort out the overall design of the sharing mechanism, including the underlying basic architecture, the composition of nodes in the network, the threat intelligence sharing process, data security and privacy protection. In terms of data security and privacy protection, while using PKI technology and digital certificates, the consensus mechanism is improved and a sensitive intelligence sharing strategy is proposed to ensure the data security and privacy protection of the system from the two levels of data storage and system access. In view of the problem that the traditional alliance chain consensus algorithm PBFT needs to be in a trusted environment to ensure consensus security, node reliability is introduced to reflect the behavior of nodes in the consensus, and the node selection mechanism of the PBFT algorithm is improved. Selecting appropriate nodes to participate in the consensus makes PBFT have certain fault tolerance performance in a trustless environment and improves data security. A multi-channel-based sensitive intelligence sharing strategy is proposed. This strategy designs intelligence sharing methods in four scenarios based on the Traffic Light Protocol (TLP), which can be implemented through the channel function in the Hyperledger Fabric framework. Data is isolated, and users can choose different channels to share sensitive data according to the type of sensitive data, thus protecting the privacy of users in the network.