TY - JOUR
T1 - Blockchain-based automated and robust cyber security management
AU - He, Songlin
AU - Ficke, Eric
AU - Pritom, Mir Mehedi Ahsan
AU - Chen, Huashan
AU - Tang, Qiang
AU - Chen, Qian
AU - Pendleton, Marcus
AU - Njilla, Laurent
AU - Xu, Shouhuai
N1 - Funding Information:
We thank the anonymous reviewers for their constructive comments. This work was supported in part by AFRL Grant # FA8750-19-1-0019 , ARO Grant # W911NF-17-1-0566 , and NSF Grant # 1814825 . Approved for Public Release; Distribution Unlimited. Case Number AFRL-2022-0399. Dated 28 Jan 2022.
Funding Information:
Shouhuai Xu is the Gallogly Chair Professor in the Department of Computer Science, University of Colorado Colorado Springs (UCCS). He is the founding Director of the Laboratory for Cybersecurity Dynamics, which is driven by the systematic approach of Cybersecurity Dynamics to modeling and quantifying cybersecurity from a holistic perspective. This approach has three orthogonal research thrusts: metrics (for quantifying security, agility, resilience, risk and trustworthiness), cybersecurity data analytics, and cybersecurity first-principle modeling (for seeking cybersecurity laws). His research has been funded by AFOSR, AFRL, ARL, ARO, DOE, NSA, NSF and ONR. He co-initiated the International Conference on Science of Cyber Security (SciSec) and is serving as its Steering Committee Chair. He is/was an Associate Editor of IEEE Transactions on Dependable and Secure Computing (IEEE TDSC), IEEE Transactions on Information Forensics and Security (IEEE T-IFS), and IEEE Transactions on Network Science and Engineering (IEEE TNSE). He received a PhD in Computer Science from Fudan University in 2000. More information about his research can be found at https://xu-lab.org .
Funding Information:
We thank the anonymous reviewers for their constructive comments. This work was supported in part by AFRL Grant #FA8750-19-1-0019, ARO Grant #W911NF-17-1-0566, and NSF Grant #1814825. Approved for Public Release; Distribution Unlimited. Case Number AFRL-2022-0399. Dated 28 Jan 2022.
Publisher Copyright:
© 2022 Elsevier Inc.
PY - 2022/5
Y1 - 2022/5
N2 - We initiate the study on the problem of automated and robust Cyber Security Management (CSM). We exemplify the problem by investigating how CSM should respond to the discovery of cyber intelligence that identifies new attackers, victims, or defense capabilities. Given the complexity of CSM, we divide it into three classes, referred to as Network-centric (N-CSM), Tools-centric (T-CSM) and Application-centric (A-CSM). These lead to a range of functions for examining whether, and to what extent, a network has been compromised. Moreover, we propose to incorporate blockchain (via Hyperledger Fabric) to build a decentralized CSM system, dubbed B2CSM, that ensures the retrieval of valid invocation results for CSM purposes. We also integrate B2CSM with a decentralized storage network (DSN), instantiated by InterPlanetary File System (IPFS), to reduce on-chain storage costs without hindering its robustness. We present the design and implementation of the prototype B2CSM system. Experiments with real-world datasets show that the CSM solutions and system are effective and efficient.
AB - We initiate the study on the problem of automated and robust Cyber Security Management (CSM). We exemplify the problem by investigating how CSM should respond to the discovery of cyber intelligence that identifies new attackers, victims, or defense capabilities. Given the complexity of CSM, we divide it into three classes, referred to as Network-centric (N-CSM), Tools-centric (T-CSM) and Application-centric (A-CSM). These lead to a range of functions for examining whether, and to what extent, a network has been compromised. Moreover, we propose to incorporate blockchain (via Hyperledger Fabric) to build a decentralized CSM system, dubbed B2CSM, that ensures the retrieval of valid invocation results for CSM purposes. We also integrate B2CSM with a decentralized storage network (DSN), instantiated by InterPlanetary File System (IPFS), to reduce on-chain storage costs without hindering its robustness. We present the design and implementation of the prototype B2CSM system. Experiments with real-world datasets show that the CSM solutions and system are effective and efficient.
KW - Blockchain
KW - Cyber security management
KW - Hyperledger fabric
KW - IPFS
UR - http://www.scopus.com/inward/record.url?scp=85124186957&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85124186957&partnerID=8YFLogxK
U2 - 10.1016/j.jpdc.2022.01.002
DO - 10.1016/j.jpdc.2022.01.002
M3 - Article
AN - SCOPUS:85124186957
SN - 0743-7315
VL - 163
SP - 62
EP - 82
JO - Journal of Parallel and Distributed Computing
JF - Journal of Parallel and Distributed Computing
ER -