A Reputation-based Approach using Consortium Blockchain for Cyber Threat Intelligence Sharing. (arXiv:2107.06662v1 [cs.CR])

The CTI (Cyber Threat Intelligence) sharing and exchange is an effective
method to improve the responsiveness of the protection party. Blockchain
technology enables sharing collaboration consortium to conduct a trusted CTI
sharing and exchange without a trusted centralized institution. However, the
distributed connectivity of the blockchain-based CTI sharing model proposed
before exposes the systems into byzantine attacks, the compromised members of
partner organizations will further decrease the accuracy and trust level of CTI
by generating false reporting. To address the unbalance issues of performance
in speed, scalability and security, this paper proposes a new blockchain-based
CTI model, which combines consortium blockchain and distributed reputation
management systems to achieve automated analysis and response of tactical
threat intelligence. In addition, the novel consensus algorithm of consortium
blockchain that is fit for CTI sharing and exchange introduced in this paper.
The new consensus algorithm is called ‘Proof-of Reputation’ (PoR) consensus,
which meets the requirements of transaction rate and makes the consensus in a
creditable network environment through constructing a reputation model.
Finally, the effectiveness and security performance of the proposed model and
consensus algorithm is verified by experiments.