Visible to the public Biblio

Filters: Author is Di Cerbo, Francesco  [Clear All Filters]
2019
Fan, Wenjun, Ziembicka, Joanna, de Lemos, Rogério, Chadwick, David, Di Cerbo, Francesco, Sajjad, Ali, Wang, Xiao-Si, Herwono, Ian.  2019.  Enabling Privacy-Preserving Sharing of Cyber Threat Information in the Cloud. 2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/ 2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom). :74–80.
Network threats often come from multiple sources and affect a variety of domains. Collaborative sharing and analysis of Cyber Threat Information (CTI) can greatly improve the prediction and prevention of cyber-attacks. However, CTI data containing sensitive and confidential information can cause privacy exposure and disclose security risks, which will deter organisations from sharing their CTI data. To address these concerns, the consortium of the EU H2020 project entitled Collaborative and Confidential Information Sharing and Analysis for Cyber Protection (C3ISP) has designed and implemented a framework (i.e. C3ISP Framework) as a service for cyber threat management. This paper focuses on the design and development of an API Gateway, which provides a bridge between end-users and their data sources, and the C3ISP Framework. It facilitates end-users to retrieve their CTI data, regulate data sharing agreements in order to sanitise the data, share the data with privacy-preserving means, and invoke collaborative analysis for attack prediction and prevention. In this paper, we report on the implementation of the API Gateway and experiments performed. The results of these experiments show the efficiency of our gateway design, and the benefits for the end-users who use it to access the C3ISP Framework.