基于区块链的民航网络安全威胁情报共享方案

中国民航大学学报 ›› 2023, Vol. 41 ›› Issue (4): 16-22.

基于区块链的民航网络安全威胁情报共享方案

吴越¹，亚军^2b，孙现玲³，周景贤^2a，吕宗平^2a

（1.中国民用航空华北地区空中交通管理局网信办，北京100621；2.中国民航大学a.信息安全测评中心；b.计算机科学与技术学院，天津300300；3.邢台市科学技术馆，河北邢台054000）

收稿日期:2021-12-30 修回日期:2022-03-07 出版日期:2023-08-25 发布日期:2023-10-25
基金资助:
民航安全能力建设资金项目（PESA2019074，PESA2021009）；中央高校基本科研业务费专项（3122018C036）

Cybersecurity threat intelligence sharing scheme of civil aviation based on blockchain

WU Yue¹ , YA Jun^2b , SUN Xianling³ , ZHOU Jingxian^2a , LYU Zongping^2a

(1. Network Information Office of North China Air Traffic Management Bureau, CAAC, Beijing 100621, China; 2a. Information Security Evaluation Center; 2b. College of Computer Science and Technology, CAUC, Tianjin 300300, China; 3. Xingtai Science and Technology Museum, Xingtai 054000, Hebei, China)

Received:2021-12-30 Revised:2022-03-07 Online:2023-08-25 Published:2023-10-25

摘要/Abstract

摘要： 为有效应对供应链、勒索病毒等新型网络威胁，构建民航网络安全主动防御体系，本文结合区块链和加密技术提出一种民航网络安全威胁情报（CTI，cybersecuritythreatintelligence）共享方案。该方案以民航网络安全主管部门为情报管理中心，通过智能合约实现链上民航企事业单位的身份认证和情报交易，使用代理重加密方式处理信息来保证情报安全共享；同时为保证威胁情报存储安全，链下采用民航情报存储文件系统（IPFS，interplanetaryfilesystem）来存储加密威胁情报数据，链上只存储文件的哈希值。仿真实验与安全性分析结果表明，该方案能以较低的开销实现民航各单位间情报共享，并比现有方案具备更高的隐私保护强度。

关键词: font-size:15.04px, ">网络安全, 威胁情报共享, 区块链, 智能合约, 代理重加密, 隐私保护

Abstract: In order to effectively respond to new network threats such as supply chain and ransomware virus, as well as build an active defense system for civil aviation network security, this paper proposes a cybersecurity threat intelligence (CTI) sharing scheme of civil aviation based on blockchain and encryption technology. This scheme takes the competent department of civil aviation network security as the intelligence management center, and achieves i鄄 dentity authentication and intelligence transactions of civil aviation enterprises and institutions on the chain through smart contract. And proxy re-encryption is applied to process information to ensure the safe sharing of intelligence. Meanwhile, to ensure the security of threat intelligence storage, the interplanetary file system(IPFS) is used to store the encrypted threat intelligence data off chain, and only the hash value of the file is stored on the chain. Simulation experiments and security analysis results show that the proposed scheme can achieve intelli鄄 gence sharing among various civil aviation units with lower costs, and has higher privacy protection intensity than existing schemes.

Key words: font-size:15.04px, ">cybersecurity, threat intelligence sharing, blockchain, smart contract, proxy re-encryption, privacy protection

中图分类号:

吴越, 亚军, 孙现玲, 周景贤, 吕宗平. 基于区块链的民航网络安全威胁情报共享方案[J]. 中国民航大学学报, 2023, 41(4): 16-22.

WU Yue, YA Junb , SUN Xianling , ZHOU Jingxiana , LYU Zongpinga. Cybersecurity threat intelligence sharing scheme of civil aviation based on blockchain[J]. Journal of Civil Aviation University of China, 2023, 41(4): 16-22.

参考文献 20

[1]	TOUNSI W. What is cyber threat intelligence and how is it evolving[M]//TOUNSI W. Cyber-Vigilance and Digital Trust: Cyber Security in the Era of Cloud Computing and IoT. London, Hoboken: ISTE Ltd., John Wiley & Sons, Inc., 2019.
[2]	VERIZON. 2020 Data breach investigations report[R]. NewYork: VERIZON, 2020.
[3]	李留英.欧盟网络威胁情报共享进展及启示研究[J].情报杂志, 2021,40(5): 8-15.
[4]	JUAN A G, COSTIN R, KURT B. Threat predictions for 2018[R]. Moscow:Kaspersky Security Bulletin, 2018.
[5]	ZHAO W Y, WHITE G. Designing a formal model facilitating collaborative information sharing for community cyber security[C]//2014 47th Hawaii International Conference on System Sciences, January 6-9, 2014,Waikoloa, HI, USA. IEEE, 2014: 1987-1996.
[6]	VAKILINIA I, TOSH D K, SENGUPTA S. Privacy-preserving cybersecurity information exchange mechanism[C]//2017 International Symposium on Performance Evaluation of Computer and Telecommunication Systems(SPECTS), July 9-12, 2017, Seattle, WA, USA. IEEE, 2017:15-21.
[7]	VAKILINIA I, TOSH D K, SENGUPTA S. Attribute based sharing in cybersecurity information exchange framework[C]//2017 International Symposium on Performance Evaluation of Computer and Telecommunication Systems(SPECTS), July 9-12, 2017, Seattle, WA, USA. IEEE,2017: 61-66.
[8]	BADSHA S, VAKILINIA I, SENGUPTA S. Privacy preserving cyber threat information sharing and learning for cyber defense[C]//2019 IEEE 9th Annual Computing and Communication Workshop and Conference,January 7-9, 2019, Las Vegas, NV, USA. IEEE, 2019: 708-714.
[9]	MARTINELLI F, OSLIAK O, SARACINO A. Towards general scheme for data sharing agreements empowering privacy-preserving data analysis of structured CTI[C]//International Workshop on Security and Privacy Requirements Engineering，International Workshop on the Security of Industrial Control Systems and Cyber-Physical System, September 6-17, 2018, Barcelona, Spain. Cham: Springer, 2019: 192-212.
[10]	LIN Y, WANG H, YANG B W, et al. A blackboard sharing mechanism for community cyber threat intelligence based on multi-agent system[C]// International Conference on Machine Learning for Cyber Security, September 19-21, 2019, Xi′an, China. Cham: Springer, 2019: 253-270.
[11]	RAWAT D B, NJILLA L, KWIAT K, et al. iShare: blockchain-based privacy-aware multi-agent information sharing games for cybersecurity[C]//2018 International Conference on Computing, Networking and Communications(ICNC), March 5-8, 2018, Maui, HI, USA. IEEE, 2018:425-431.
[12]	HOMAN D, SHIEL I, THORPE C. A new network model for cyberthreat intelligence sharing using blockchain technology[C]//2019 10th IFIP International Conference on New Technologies, Mobility and Security,June 24-26, 2019, Canary Islands, Spain. IEEE, 2019: 1-6.
[13]	PUROHIT S, CALYAM P, WANG S J, et al. DefenseChain: consortium blockchain for cyber threat intelligence sharing and defense [C]//2020 2nd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS), September 28-30, 2020, Paris, France. IEEE, 2020: 112-119.
[14]	黄克振,连一峰,冯登国, 等. 基于区块链的网络安全威胁情报共享模型[J].计算机研究与发展, 2020, 57(4): 836-846.
[15]	周文刚, 冯贵兰. 基于区块链的通航维护信息系统研究[J]. 电子制作, 2018(11): 46-48.
[16]	罗良翌,雷圆方.基于区块链的民航共享物流平台设计[J]. 电子设计工程, 2020, 28(17): 127-131.
[17]	宋云雪,吕杰.基于区块链的航空器维修任务发布系统[J]. 实验技术与管理, 2020, 37(8): 50-53.
[18]	国家市场监督管理总局, 国家标准化管理委员会. 信息安全技术网络安全威胁信息格式规范: GB/T 36643—2018[S].北京:中国标准出版社, 2018.
[19]	RIVEST R L, SHAMIR A, ADLEMAN L. A method for obtaining digital signatures and public-key cryptosystems[J]. Communications of the ACM, 1978, 21(2): 120-126.
[20]	ZHOU L D, MARSH M A, SCHNEIDER F B, et al. Distributed blinding for distributed ElGamal re-encryption[C]//25th IEEE International Conference on Distributed Computing Systems, June 6-10, 2005, Columbus,OH, USA. IEEE, 2005: 824.