부산대학교 도서관

Cloud-hosted applications are prone to targeted attacks such as DDoS, advanced persistent threats, Cryptojacking which threaten service availability. Recently, methods for threat information sharing and defense require cooperation and trust between multiple domains/entities. There is a need for mechanisms that establish distributed trust to allow for such a collective defense. In this paper, we present a novel threat intelligence sharing and defense system, namely “DefenseChain,” to allow organizations to have incentive-based and trustworthy cooperation to mitigate the impact of cyber attacks. Our solution approach features a consortium Blockchain platform and an economic model to obtain threat data and select suitable peers to help with attack detection and mitigation. We apply DefenseChain in the financial technology industry for an insurance claim processing use case to demonstrate the effectiveness of DefenseChain in a real-world application setting. Our evaluation experiments with DefenseChain implementation are performed on an Open Cloud testbed with Hyperledger Composer and in a simulation environment. Our results show that the DefenseChain system overall performs better than state-of-the-art decision making schemes in choosing the most appropriate detector and mitigator peers. Lastly, we validate how DefenseChain helps mitigate the threat risk of incidents relating to potential fraudulent insurance claims or cyber attacks.