Cargando…
On the Performance of Secure Sharing of Classified Threat Intelligence between Multiple Entities
The sharing of cyberthreat information within a community or group of entities is possible due to solutions such as the Malware Information Sharing Platform (MISP). However, the MISP was considered limited if its information was deemed as classified or shared only for a given period of time. A solut...
| Autores principales: | , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2023
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9866390/ https://www.ncbi.nlm.nih.gov/pubmed/36679712 http://dx.doi.org/10.3390/s23020914 |
| _version_ | 1784876079713878016 |
|---|---|
| author | Fernandes, Ricardo Bugla, Sylwia Pinto, Pedro Pinto, António |
| author_facet | Fernandes, Ricardo Bugla, Sylwia Pinto, Pedro Pinto, António |
| author_sort | Fernandes, Ricardo |
| collection | PubMed |
| description | The sharing of cyberthreat information within a community or group of entities is possible due to solutions such as the Malware Information Sharing Platform (MISP). However, the MISP was considered limited if its information was deemed as classified or shared only for a given period of time. A solution using searchable encryption techniques that better control the sharing of information was previously proposed by the same authors. This paper describes a prototype implementation for two key functionalities of the previous solution, considering multiple entities sharing information with each other: the symmetric key generation of a sharing group and the functionality to update a shared index. Moreover, these functionalities are evaluated regarding their performance, and enhancements are proposed to improve the performance of the implementation regarding its execution time. As the main result, the duration of the update process was shortened from around 2922 s to around 302 s, when considering a shared index with 100,000 elements. From the security analysis performed, the implementation can be considered secure, thus confirming the secrecy of the exchanged nonces. The limitations of the current implementation are depicted, and future work is pointed out. |
| format | Online Article Text |
| id | pubmed-9866390 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2023 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-98663902023-01-22 On the Performance of Secure Sharing of Classified Threat Intelligence between Multiple Entities Fernandes, Ricardo Bugla, Sylwia Pinto, Pedro Pinto, António Sensors (Basel) Article The sharing of cyberthreat information within a community or group of entities is possible due to solutions such as the Malware Information Sharing Platform (MISP). However, the MISP was considered limited if its information was deemed as classified or shared only for a given period of time. A solution using searchable encryption techniques that better control the sharing of information was previously proposed by the same authors. This paper describes a prototype implementation for two key functionalities of the previous solution, considering multiple entities sharing information with each other: the symmetric key generation of a sharing group and the functionality to update a shared index. Moreover, these functionalities are evaluated regarding their performance, and enhancements are proposed to improve the performance of the implementation regarding its execution time. As the main result, the duration of the update process was shortened from around 2922 s to around 302 s, when considering a shared index with 100,000 elements. From the security analysis performed, the implementation can be considered secure, thus confirming the secrecy of the exchanged nonces. The limitations of the current implementation are depicted, and future work is pointed out. MDPI 2023-01-12 /pmc/articles/PMC9866390/ /pubmed/36679712 http://dx.doi.org/10.3390/s23020914 Text en © 2023 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Fernandes, Ricardo Bugla, Sylwia Pinto, Pedro Pinto, António On the Performance of Secure Sharing of Classified Threat Intelligence between Multiple Entities |
| title | On the Performance of Secure Sharing of Classified Threat Intelligence between Multiple Entities |
| title_full | On the Performance of Secure Sharing of Classified Threat Intelligence between Multiple Entities |
| title_fullStr | On the Performance of Secure Sharing of Classified Threat Intelligence between Multiple Entities |
| title_full_unstemmed | On the Performance of Secure Sharing of Classified Threat Intelligence between Multiple Entities |
| title_short | On the Performance of Secure Sharing of Classified Threat Intelligence between Multiple Entities |
| title_sort | on the performance of secure sharing of classified threat intelligence between multiple entities |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9866390/ https://www.ncbi.nlm.nih.gov/pubmed/36679712 http://dx.doi.org/10.3390/s23020914 |
| work_keys_str_mv | AT fernandesricardo ontheperformanceofsecuresharingofclassifiedthreatintelligencebetweenmultipleentities AT buglasylwia ontheperformanceofsecuresharingofclassifiedthreatintelligencebetweenmultipleentities AT pintopedro ontheperformanceofsecuresharingofclassifiedthreatintelligencebetweenmultipleentities AT pintoantonio ontheperformanceofsecuresharingofclassifiedthreatintelligencebetweenmultipleentities |