信息网络安全 ›› 2022, Vol. 22 ›› Issue (5): 21-29.doi: 10.3969/j.issn.1671-1122.2022.05.003

• 技术研究 • 上一篇    下一篇

基于跨链交互的网络安全威胁情报共享方案

冯景瑜(), 张琪, 黄文华, 韩刚   

  1. 西安邮电大学无线网络安全技术国家工程实验室,西安 710121
  • 收稿日期:2021-11-04 出版日期:2022-05-10 发布日期:2022-06-02
  • 通讯作者: 冯景瑜 E-mail:fengjy@xupt.edu.cn
  • 作者简介:冯景瑜(1984—),男,甘肃,副教授,博士,主要研究方向为物联网安全、区块链、网络攻防|张琪(1997—),男,甘肃,硕士研究生,主要研究方向为物联网安全、区块链|黄文华(1980—),女,江苏,副教授,博士,主要研究方向为隐私保护、网络安全风险评估|韩刚(1990—),男,陕西,讲师,博士,主要研究方向为公钥密码学、属性基加密
  • 基金资助:
    国家自然科学基金(62102312);陕西省高校科协青年人才托举计划(20210119)

A Cyber Threat Intelligence Sharing Scheme Based on Cross-Chain Interaction

FENG Jingyu(), ZHANG Qi, HUANG Wenhua, HAN Gang   

  1. National Engineering Laboratory for Wireless Security, Xi'an University of Posts and Telecommunications, Xi'an 710121, China
  • Received:2021-11-04 Online:2022-05-10 Published:2022-06-02
  • Contact: FENG Jingyu E-mail:fengjy@xupt.edu.cn

摘要:

随着数字化转型逐步深入各行业,网络边界正逐渐淡化,网络安全威胁情报共享成为保护信息化基础设施安全的必要手段之一。针对单链威胁情报共享存在的查询和交易性能瓶颈问题,文章在多链模式基础上提出跨区块链交互的威胁情报共享方案。通过设计情报链、监管链和积分链的多链模型,防止内部成员恶意利用情报,有效提升参与方共享意愿及情报共享效率。为保障跨链交互的一致性,采用哈希锁定的跨链机制构建智能合约,确保多链间信息互换安全。考虑到威胁信息具有海量、多元、异构的特性,文章设计了一种情报处理机制,对威胁信息进行统一描述转换。最后在国产开源跨链平台WeCross上进行实验,证明了该方案的有效性。

关键词: 区块链, 威胁情报共享, 跨链交互, 智能合约

Abstract:

With the deepening of digital transformation in various industries, the network boundary is gradually fading, and cyber threat intelligence sharing has become a necessary means to protect the security of information infrastructure. Aiming at the query and transaction performance bottleneck of single chain threat intelligence sharing, this paper proposed a threat intelligence sharing scheme based on cross-chain interaction. By designing a multi-chain model involving intelligence chain, supervision chain and integral chain, the scheme could prevent malicious utilization of information by internal members, and effectively improve the sharing willingness and efficiency of information sharing by participants. In order to ensure the consistency of cross-chain interaction, a cross-chain mechanism based on Hash locking was adopted to construct smart contract to protect the security of information exchange among multiple chains. Considering that threat information had the characteristics of mass data, pluralism and heterogeneity, an intelligence processing mechanism was designed to unify the description and transformation of threat information. The experimental analysis is performed on WeCross, a domestic open source cross-chain platform, to demonstrate the effectiveness of the proposed scheme.

Key words: blockchain, cyber threat intelligence sharing, cross-chain interaction, smart contract

中图分类号: