| Title | A System Architecture of Cybersecurity Information Exchange with Privacy (CYBEX-P) |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Sadique, Farhan, Bakhshaliyev, Khalid, Springer, Jeff, Sengupta, Shamik |
| Conference Name | 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC) |
| Keywords | computer security, cyber defense, cyber threats, cyber-information exchange, cybersecurity, cybersecurity information exchange, cybersecurity information exchange with privacy, cybersecurity information sharing platform, cybersecurity techniques, CYBEX-P, data privacy, Databases, Human Behavior, information exchange, information exchange platform, Information management, information sharing, Organizations, privacy, Privacy Policies, privacy preservation, privacy-preserving mechanisms, pubcrawl, Scalability, security of data, Servers, shared data, shared threat data, STIX, versatile information exchange platform |
| Abstract | Rapid evolution of cyber threats and recent trends in the increasing number of cyber-attacks call for adopting robust and agile cybersecurity techniques. Cybersecurity information sharing is expected to play an effective role in detecting and defending against new attacks. However, reservations and or-ganizational policies centering the privacy of shared data have become major setbacks in large-scale collaboration in cyber defense. The situation is worsened by the fact that the benefits of cyber-information exchange are not realized unless many actors participate. In this paper, we argue that privacy preservation of shared threat data will motivate entities to share threat data. Accordingly, we propose a framework called CYBersecurity information EXchange with Privacy (CYBEX-P) to achieve this. CYBEX-P is a structured information sharing platform with integrating privacy-preserving mechanisms. We propose a complete system architecture for CYBEX-P that guarantees maximum security and privacy of data. CYBEX-P outlines the details of a cybersecurity information sharing platform. The adoption of blind processing, privacy preservation, and trusted computing paradigms make CYBEX-P a versatile and secure information exchange platform. |
| DOI | 10.1109/CCWC.2019.8666600 |
| Citation Key | sadique_system_2019 |
A System Architecture of Cybersecurity Information Exchange with Privacy (CYBEX-P)