More Web Proxy on the site http://driver.im/

research-article

On the Design of a Cyber Security Data Sharing System

Authors:

Sarah BrownAuthors Info & Claims

WISCS '14: Proceedings of the 2014 ACM Workshop on Information Sharing & Collaborative Security

Pages 61 - 69

https://doi.org/10.1145/2663876.2663882

Published: 03 November 2014 Publication History

Abstract

The need for more fluent information sharing has been recognized for years as a major requirement by the cyber security community. Information sharing at present is mostly a slow, inefficient, and manual process that in many cases uses non-structured data sources. It is true that several cyber security data sharing tools have emerged and are currently available, but they provide only partial solutions and their use is restricted to small communities. Quite frequently, information exchanges originate and continually depend on the willingness and actions of individuals, rather than being the result of management decisions and relying on enterprise-class systems or services. Before further time is spent developing new data sharing tools that do not fully cover the needs of the community, the current difficulties with cyber security data sharing should be analyzed. Based on the results of such an analysis, state-of-the-art solutions enabling the design of systems that address these challenges must be sought. Only then will it be possible to build a cyber security data sharing system that provides fluent data sharing to the community. This paper presents an analysis of four of the major challenges to cyber security information sharing and highlights technical solutions based on the current state-of-the-art that would overcome them. The concepts described in this paper, once implemented, would provide the basic building blocks for developing a highly effective cyber security data sharing system.

References

[1]

Allen, J. and Lehrer, N. 1992. DARPA/Rome Laboratory Planning and Scheduling Initiative Knowledge Representation Specification Language (KRSL), Version 2.0.1 Reference Manual. ISX Corporation.

[2]

Avalanche: 2014. http://avalanche.fsisac.com/. Accessed: 2014-07--25.

[3]

Batini, C. et al. 2009. Methodologies for Data Quality Assessment and Improvement. ACM Computing Surveys. 41, 3 (Jul. 2009), 16:1--16:52.

Digital Library

[4]

Bonifacio, M. et al. 2004. Peer-Mediated Distributed Knowledge Management. Agent-Mediated Knowledge Management. L. van Elst et al., eds. Springer Berlin Heidelberg. 31--47.

[5]

Bonifati, A. et al. 2008. Distributed databases and peer-to-peer databases: past and present. ACM Special Interest Group on Management of Data (SIGMOD) Record. 37, 1 (2008), 5--11.

Digital Library

[6]

Burstein, A.J. 2008. Conducting Cybersecurity Research Legally and Ethically. Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats (Berkeley, CA, USA, 2008), 8:1--8:8.

Digital Library

[7]

Cheng, R. et al. 2005. U-DBMS: A Database System for Managing Constantly-evolving Data. Proceedings of the 31st International Conference on Very Large Data Bases (2005), 1271--1274.

Digital Library

[8]

Clarke, I. et al. 2001. Freenet: A distributed anonymous information storage and retrieval system. Designing Privacy Enhancing Technologies (2001), 46--66.

Digital Library

[9]

Dalvi, N. et al. 2009. Probabilistic Databases: Diamonds in the Dirt. Communications of ACM. 52, 7 (Jul. 2009), 86--94.

Digital Library

[10]

Dandurand, L. and Serrano, O.S. 2013. Towards improved cyber security information sharing. Cyber Conflict (CyCon), 2013 5th International Conference on (Jun. 2013), 1--16.

[11]

Ehrig, M. et al. 2003. SWAP: Ontology-based Knowledge Management with Peer-to-Peer Technology.

[12]

Elmeleegy, H. et al. 2010. Preserving privacy and fairness in peer-to-peer data integration. Proceedings of the ACM Special Interest Group on Management of Data (SIGMOD) International Conference on Management of data (2010), 759--770.

Digital Library

[13]

Fulton, J.A. 1992. Technical report on the semantic unification meta-model. Standards working document ISO TC184/SC4/WG3 N103. IGES/PDES Organization, Dictionary/Methodology Committee.

[14]

Gatterbauer, W. et al. 2009. Believe It or Not: Adding Belief Annotations to Databases. Proceedings of the Very Large Database (VLDB) Endowment. 2, 1 (Aug. 2009), 1--12.

Digital Library

[15]

Gatterbauer, W. and Suciu, D. 2010. Data Conflict Resolution Using Trust Mappings. Proceedings of the ACM Special Interest Group on Management of Data (SIGMOD) International Conference on Management of data (New York, NY, USA, 2010), 219--230.

Digital Library

[16]

Gilman, R. 2013. Better Tools Through Intelligence, Better Intelligence Through Tools. MITRE Cyber Threat Analysis Cell.

[17]

Grobauer, B. et al. 2014. The MANTIS Framework: Cyber Threat Intelligence Management for CERTs. (Boston, US, Jun. 2014).

[18]

Gruber, T.R. 1993. A translation approach to portable ontology specifications. Knowledge acquisition. 5, 2 (1993), 199--220.

Digital Library

[19]

Gruber, T.R. 1995. Toward principles for the design of ontologies used for knowledge sharing? International Journal of Human-Computer Studies. 43, 5--6 (Nov. 1995), 907--928.

Digital Library

[20]

Higgins, M. et al. 2006. Managing Distributed Collaboration in a Peer-to-Peer Network. On the Move to Meaningful Internet Systems 2006: CoopIS, DOA, GADA, and ODBASE. R. Meersman and Z. Tari, eds. Springer Berlin Heidelberg. 569--586.

Digital Library

[21]

Iovino, G. et al. 2013. Federated Threat Data Sharing with the Collective Intelligence Framework (CIF). (Honululu, US, Jan. 2013).

[22]

Ives, Z.G. et al. 2008. The ORCHESTRA Collaborative Data Sharing System. ACM Special Interest Group on Management of Data (SIGMOD) Record. 37, 3 (Sep. 2008), 26--32.

Digital Library

[23]

Kalfoglou, Y. and Schorlemmer, M. 2003. Ontology Mapping: The State of the Art. The knowledge engineering review. 18, 1 (2003), 1--31.

Digital Library

[24]

Kamran, M. and Farooq, M. 2013. A Formal Usability Constraints Model for Watermarking of Outsourced Datasets. Information Forensics and Security, IEEE Transactions on. 8, 6 (2013), 1061--1072.

Digital Library

[25]

Kim, J. 2007. Phyl-O'Data (POD) from Tree of Life: Integration Challenges from Yellow Slimy Things to Black Crunchy Stuff. Data Integration in the Life Sciences. S. Cohen-Boulakia and V. Tannen, eds. Springer Berlin Heidelberg. 3--5.

Digital Library

[26]

Kot, L. and Koch, C. 2009. Cooperative Update Exchange in the Youtopia System. Proceedings of the Very Large Database (VLDB) Endowment. 2, 1 (Aug. 2009), 193--204.

Digital Library

[27]

Li, F. et al. 2013. Enforcing Secure and Privacy-Preserving Information Brokering in Distributed Information Sharing. Information Forensics and Security, IEEE Transactions on. 8, 6 (Jun. 2013), 888--900.

[28]

Martinelli, F. et al. 2012. A Formal Support for Collaborative Data Sharing. Multidisciplinary Research and Practice for Information Systems. G. Quirchmayr et al., eds. Springer Berlin Heidelberg. 547--561.

[29]

Masud, M.M. et al. 2005. Don't Mind Your Vocabulary: Data Sharing Across Heterogeneous Peers. On the Move to Meaningful Internet Systems 2005: CoopIS, DOA, and ODBASE. R. Meersman and Z. Tari, eds. Springer Berlin Heidelberg. 292--309.

Digital Library

[30]

Ng, W.S. et al. 2003. PeerDB: a P2P-based system for distributed data sharing. Data Engineering, 2003. Proceedings. 19th International Conference on (Mar. 2003), 633--644.

[31]

Pichler, R. et al. 2010. Uncertain Databases in Collaborative Data Management. Proceedings of the Fourth International VLDB workshop on Management of Uncertain Data (MUD) (Sep. 2010), 129--143.

[32]

Purser, S. 2014. Standards for Cyber Security. Best Practices in Computer Network Defense: Incident Detection and Response. 35, (2014), 97--106.

[33]

Rodríguez-Gianolli, P. et al. 2005. Data Sharing in the Hyperion Peer Database System. Proceedings of the 31st International Conference on Very Large Data Bases (2005), 1291--1294.

Digital Library

[34]

Simpson, A. et al. 2010. On the Secure Sharing and Aggregation of Data to Support Systems Biology Research. Data Integration in the Life Sciences. P. Lambrix and G. Kemp, eds. Springer Berlin Heidelberg. 58--73.

Digital Library

[35]

Socha, K. 2013. E_ffective Management and Sharing of Indicators of Compromise. (Warsaw, Poland, Oct. 2013).

[36]

Wang, F. and Vergara-Niedermayr, C. 2009. Collaboratively Sharing Scientific Data. Collaborative Computing: Networking, Applications and Worksharing. E. Bertino and J.D. Joshi, eds. Springer Berlin Heidelberg. 805--823.

Cited By

Jesus VBains BChang V(2024)Sharing Is Caring: Hurdles and Prospects of Open, Crowd-Sourced Cyber Threat IntelligenceIEEE Transactions on Engineering Management10.1109/TEM.2023.3279274(1-20)Online publication date: 2024
https://doi.org/10.1109/TEM.2023.3279274
Chen SHwang RAli ALin YWei YPai T(2024)Improving quality of indicators of compromise using STIX graphsComputers & Security10.1016/j.cose.2024.103972144(103972)Online publication date: Sep-2024
https://doi.org/10.1016/j.cose.2024.103972
Husák MSokol PŽádník MBartoš VHorák M(2023)Lessons Learned from Automated Sharing of Intrusion Detection Alerts: The Case of the SABU PlatformDigital Threats: Research and Practice10.1145/36113914:4(1-11)Online publication date: 20-Oct-2023
https://dl.acm.org/doi/10.1145/3611391
Show More Cited By

Index Terms

On the Design of a Cyber Security Data Sharing System

Recommendations

From Cyber Security Information Sharing to Threat Management
WISCS '15: Proceedings of the 2nd ACM Workshop on Information Sharing and Collaborative Security

Across the world, organizations have teams gathering threat data to protect themselves from incoming cyber attacks and maintain a strong cyber security posture. Teams are also sharing information, because along with the data collected internally, ...
Government regulations in cyber security: Framework, standards and recommendations
Abstract
Cyber security refers to the protection of Internet-connected systems, such as hardware, software as well as data (information) from cyber attacks (adversaries). A cyber security regulation is needed in order to protect information ...
Highlights
- We list and discuss the cyber attacks, security requirements and measures. We then discuss the cyber security incident management framework and its various ...
Privacy Principles for Sharing Cyber Security Data
SPW '15: Proceedings of the 2015 IEEE Security and Privacy Workshops

Sharing cyber security data across organizational boundaries brings both privacy risks in the exposure of personal information and data, and organizational risk in disclosing internal information. These risks occur as information leaks in network ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

WISCS '14: Proceedings of the 2014 ACM Workshop on Information Sharing & Collaborative Security

November 2014

110 pages

ISBN:9781450331517

DOI:10.1145/2663876

General Chair:
Gail-Joon Ahn
Arizona State University, USA
,
Program Chair:
Tomas Sander
HP, USA

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'14

Sponsor:

SIGSAC

CCS'14: 2014 ACM SIGSAC Conference on Computer and Communications Security

November 3, 2014

Arizona, Scottsdale, USA

Acceptance Rates

WISCS '14 Paper Acceptance Rate 9 of 18 submissions, 50%;

Overall Acceptance Rate 23 of 58 submissions, 40%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

35
Total Citations
View Citations
1,424
Total Downloads

Downloads (Last 12 months)52
Downloads (Last 6 weeks)3

Reflects downloads up to 03 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Jesus VBains BChang V(2024)Sharing Is Caring: Hurdles and Prospects of Open, Crowd-Sourced Cyber Threat IntelligenceIEEE Transactions on Engineering Management10.1109/TEM.2023.3279274(1-20)Online publication date: 2024
https://doi.org/10.1109/TEM.2023.3279274
Chen SHwang RAli ALin YWei YPai T(2024)Improving quality of indicators of compromise using STIX graphsComputers & Security10.1016/j.cose.2024.103972144(103972)Online publication date: Sep-2024
https://doi.org/10.1016/j.cose.2024.103972
Husák MSokol PŽádník MBartoš VHorák M(2023)Lessons Learned from Automated Sharing of Intrusion Detection Alerts: The Case of the SABU PlatformDigital Threats: Research and Practice10.1145/36113914:4(1-11)Online publication date: 20-Oct-2023
https://dl.acm.org/doi/10.1145/3611391
Fischer DSauerwein CWerchan MStelzer D(2023)An Exploratory Study on the Use of Threat Intelligence Sharing Platforms in Germany, Austria and SwitzerlandProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3600185(1-7)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3600185
Zibak ASauerwein CSimpson A(2022)Threat Intelligence Quality Dimensions for Research and PracticeDigital Threats: Research and Practice10.1145/34842023:4(1-22)Online publication date: 10-Mar-2022
https://dl.acm.org/doi/10.1145/3484202
He SFicke EPritom MChen HTang QChen QPendleton MNjilla LXu S(2022)Blockchain-Based Automated and Robust Cyber Security ManagementJournal of Parallel and Distributed Computing10.1016/j.jpdc.2022.01.002Online publication date: Feb-2022
https://doi.org/10.1016/j.jpdc.2022.01.002
Stojkovski BLenzini GKoenig VRivas S(2021)What’s in a Cyber Threat Intelligence sharing platform?Proceedings of the 37th Annual Computer Security Applications Conference10.1145/3485832.3488030(385-398)Online publication date: 6-Dec-2021
https://dl.acm.org/doi/10.1145/3485832.3488030
Hautamaki JHamalainen T(2021)A model of Cyber Threat Information Sharing with the Novel Network TopologyProceedings of the 12th International Conference on Advances in Information Technology10.1145/3468784.3468885(1-10)Online publication date: 29-Jun-2021
https://dl.acm.org/doi/10.1145/3468784.3468885
Sauerwein CFischer DRubsamen MRosenberger GStelzer DBreu R(2021)From Threat Data to Actionable Intelligence: An Exploratory Analysis of the Intelligence Cycle Implementation in Cyber Threat Intelligence Sharing PlatformsProceedings of the 16th International Conference on Availability, Reliability and Security10.1145/3465481.3470048(1-9)Online publication date: 17-Aug-2021
https://dl.acm.org/doi/10.1145/3465481.3470048
Rashid ZNoor UAltmann J(2021)Economic model for evaluating the value creation through information sharing within the cybersecurity information sharing ecosystemFuture Generation Computer Systems10.1016/j.future.2021.05.033124:C(436-466)Online publication date: 1-Nov-2021
https://dl.acm.org/doi/10.1016/j.future.2021.05.033
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents