부산대학교 도서관

The current practice of informal cyber threat intelligence (CTI) sharing among organizations is characterized with the use of emails and social media exchanges among individuals. This model is highly subjective and dependent on a specific individual’s social networks. Financial institutions have CTI at their disposal that could protect each other from computer hacks and fraud. The effective sharing of this intelligence among financial institutions could reduce the high income leakages that is brought about by cyber-attacks. The challenge is how to share this intelligence confidentially and anonymously since the financial institutions are competitors, have a huge reputation to protect and thrive on business secrecy. This research proposes a new way of sharing cyber threat intelligence by using Ethereum smart contract blockchain technology. This will be accomplished by hashing the device identity and replacing the hashed device identity by an on-chain verifiable random function to protect the identity of the participating nodes or the financial institutions in the blockchain network when passing information.