The rise of IT-dependent operations in modern organizations has heightened their vulnerability to cyberattacks. Organizations are inadvertently enlarging their vulnerability to cyber threats by integrating more interconnected devices into their operations, which makes these threats both more sophisticated and more common. Consequently, organizations have been compelled to seek innovative approaches to mitigate the menaces inherent in their infrastructure. In response, considerable research efforts have been directed towards creating effective solutions for sharing Cyber Threat Intelligence (CTI). Current information-sharing methods lack privacy safeguards, leaving organizations vulnerable to proprietary and confidential data leaks. To tackle this problem, we designed a novel framework called SeCTIS (Secure Cyber Threat Intelligence Sharing), integrating Swarm Learning and Blockchain technologies to enable businesses to collaborate, preserving the privacy of their CTI data. Moreover, our approach provides a way to assess the data and model quality and the trustworthiness of all the participants leveraging some validators through Zero Knowledge Proofs. Extensive experimentation has confirmed the accuracy and performance of our framework. Furthermore, our detailed attack model analyzes its resistance to attacks that could impact data and model quality.

SeCTIS: A framework to Secure CTI Sharing / D.R. Arikkat, M. Cihangiroglu, M. Conti, R.R. K. A., S. Nicolazzo, A. Nocera, V. P.. - In: FUTURE GENERATION COMPUTER SYSTEMS. - ISSN 0167-739X. - 164:(2025 Mar), pp. 107562.1-107562.23. [10.1016/j.future.2024.107562]

SeCTIS: A framework to Secure CTI Sharing

S. Nicolazzo;
2025

Abstract

The rise of IT-dependent operations in modern organizations has heightened their vulnerability to cyberattacks. Organizations are inadvertently enlarging their vulnerability to cyber threats by integrating more interconnected devices into their operations, which makes these threats both more sophisticated and more common. Consequently, organizations have been compelled to seek innovative approaches to mitigate the menaces inherent in their infrastructure. In response, considerable research efforts have been directed towards creating effective solutions for sharing Cyber Threat Intelligence (CTI). Current information-sharing methods lack privacy safeguards, leaving organizations vulnerable to proprietary and confidential data leaks. To tackle this problem, we designed a novel framework called SeCTIS (Secure Cyber Threat Intelligence Sharing), integrating Swarm Learning and Blockchain technologies to enable businesses to collaborate, preserving the privacy of their CTI data. Moreover, our approach provides a way to assess the data and model quality and the trustworthiness of all the participants leveraging some validators through Zero Knowledge Proofs. Extensive experimentation has confirmed the accuracy and performance of our framework. Furthermore, our detailed attack model analyzes its resistance to attacks that could impact data and model quality.
Blockchain; CTI sharing; Cyber threat intelligence; Federated learning; Internet of Things (IoT); Swarm learning; Zero knowledge proof;
Settore INFO-01/A - Informatica
Settore IINF-05/A - Sistemi di elaborazione delle informazioni
   Organization sPecific Threat Intelligence Mining and sharing
   OPTIMA
   European Commission
   Horizon Europe Framework Programme
   101063107

   SEcurity and RIghts in the CyberSpace (SERICS)
   SERICS
   MINISTERO DELL'UNIVERSITA' E DELLA RICERCA
   codice identificativo PE00000014
mar-2025
19-ott-2024
Article (author)
File in questo prodotto:
File Dimensione Formato  
fcgs2024.pdf

accesso aperto

Tipologia: Publisher's version/PDF
Dimensione 4.34 MB
Formato Adobe PDF
4.34 MB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/1118819
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact