SPM-SeCTIS: Severity Pattern Matching for Secure Computable Threat Information Sharing in Intelligent Additive Manufacturing

IF 6 3区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS
Mahender Kumar, Gregory Epiphaniou, Carsten Maple
{"title":"SPM-SeCTIS: Severity Pattern Matching for Secure Computable Threat Information Sharing in Intelligent Additive Manufacturing","authors":"Mahender Kumar,&nbsp;Gregory Epiphaniou,&nbsp;Carsten Maple","doi":"10.1016/j.iot.2024.101334","DOIUrl":null,"url":null,"abstract":"<div><p>Sharing Cyber Threat Intelligence (CTI) enables organisations to work together to defend against cyberattacks. However, current methods often fail to adequately protect sensitive information, leading to security risks, especially in Intelligent Additive Manufacturing (IAM) systems. In these systems, the security and privacy of incident data collected by IoT devices are essential, as revealing threat information, such as types, impacts, and organisational interests, could be harmful. To address these challenges, we propose the Severity Pattern Matching for a Secure Computable Threat Information Sharing System (SPM-SeCTIS). This system is designed to maintain privacy by allowing intermediaries to pass along threat information without accessing sensitive details, such as the type or severity of the threats. SPM-SeCTIS ensures that attackers cannot determine which incidents organisations are interested in or what specific threats they monitor. The system employs Homomorphic Encryption (HE) to conduct threat pattern matching on encrypted data, keeping sensitive information confidential even during analysis. Our performance tests indicate that SPM-SeCTIS operates efficiently, requiring minimal time for encryption and decryption processes. Additionally, the system scales effectively, handling a large number of subscribers and incidents with ease. Compared to existing methods, SPM-SeCTIS provides improved security measures and better overall performance, making it a robust solution for protecting sensitive threat information.</p></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"28 ","pages":"Article 101334"},"PeriodicalIF":6.0000,"publicationDate":"2024-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2542660524002750/pdfft?md5=de14d9cf242bc80bc1d64e608fdfcd74&pid=1-s2.0-S2542660524002750-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Internet of Things","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2542660524002750","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Sharing Cyber Threat Intelligence (CTI) enables organisations to work together to defend against cyberattacks. However, current methods often fail to adequately protect sensitive information, leading to security risks, especially in Intelligent Additive Manufacturing (IAM) systems. In these systems, the security and privacy of incident data collected by IoT devices are essential, as revealing threat information, such as types, impacts, and organisational interests, could be harmful. To address these challenges, we propose the Severity Pattern Matching for a Secure Computable Threat Information Sharing System (SPM-SeCTIS). This system is designed to maintain privacy by allowing intermediaries to pass along threat information without accessing sensitive details, such as the type or severity of the threats. SPM-SeCTIS ensures that attackers cannot determine which incidents organisations are interested in or what specific threats they monitor. The system employs Homomorphic Encryption (HE) to conduct threat pattern matching on encrypted data, keeping sensitive information confidential even during analysis. Our performance tests indicate that SPM-SeCTIS operates efficiently, requiring minimal time for encryption and decryption processes. Additionally, the system scales effectively, handling a large number of subscribers and incidents with ease. Compared to existing methods, SPM-SeCTIS provides improved security measures and better overall performance, making it a robust solution for protecting sensitive threat information.

SPM-SeCTIS:用于智能增材制造中可计算威胁信息安全共享的严重性模式匹配
共享网络威胁情报 (CTI) 使各组织能够共同抵御网络攻击。然而,目前的方法往往无法充分保护敏感信息,从而导致安全风险,尤其是在智能增材制造(IAM)系统中。在这些系统中,物联网设备收集的事件数据的安全性和隐私性至关重要,因为泄露威胁信息(如类型、影响和组织利益)可能会造成危害。为了应对这些挑战,我们提出了安全可计算威胁信息共享系统(SPM-SeCTIS)的严重性模式匹配。该系统旨在维护隐私,允许中间人传递威胁信息,而不会获取敏感细节,如威胁的类型或严重程度。SPM-SeCTIS 可确保攻击者无法确定组织对哪些事件感兴趣,也无法确定组织监控的具体威胁。该系统采用同态加密(HE)技术对加密数据进行威胁模式匹配,即使在分析过程中也能保持敏感信息的机密性。我们的性能测试表明,SPM-SeCTIS 运行高效,加密和解密过程所需的时间极短。此外,该系统还能有效扩展,轻松处理大量用户和事件。与现有方法相比,SPM-SeCTIS 改进了安全措施,提高了整体性能,是保护敏感威胁信息的强大解决方案。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Internet of Things
Internet of Things Multiple-
CiteScore
3.60
自引率
5.10%
发文量
115
审稿时长
37 days
期刊介绍: Internet of Things; Engineering Cyber Physical Human Systems is a comprehensive journal encouraging cross collaboration between researchers, engineers and practitioners in the field of IoT & Cyber Physical Human Systems. The journal offers a unique platform to exchange scientific information on the entire breadth of technology, science, and societal applications of the IoT. The journal will place a high priority on timely publication, and provide a home for high quality. Furthermore, IOT is interested in publishing topical Special Issues on any aspect of IOT.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信