Study level

Master of Philosophy

Honours

Vacation research experience scheme

Faculty/School

Faculty of Science

School of Computer Science

Topic status

We're looking for students to study this topic.

Supervisors

Dr Ali Dorri
Position
Research Fellow
Division / Faculty
Faculty of Science
Dr Zahra Jadidi
Position
Research Fellow in Cybersecurity
Division / Faculty
Faculty of Science

Overview

Cyber threat intelligence (CTI) is the knowledge about a threat, and it includes threat indicators such as Tactics, Techniques, and Procedures (TTPs), IPs, etc. CTI can help organisations to learn about existing threats. Cyber threat intelligence can be received from external open-source threat intelligence or it can be extracted from adversarial activities in organisations’ networks. The CTI generated will be used to build intelligence about threats against a given target.

In cyber threat intelligence, indicators of compromises (IoCs) are generated. These IoCs of the detected adversary can be processed and distributed by CTI sharing techniques like blockchain. This technique is utilised to share IoCs of attacks and vulnerability information, and it allows security analysts to use CTI information from other companies and share back their IoCs with other trusted partners. These shared IoCs can be used to update detection rules and blacklists in security devices like firewalls.

This project will investigate how threat intelligence IoCs can be created and shared for new emerging attack TTPs using blockchain. In addition, this project aims to design and implement a blockchain-based CTI sharing solution.

Research activities

  • Review existing blockchain-based designs for CTI sharing and identify gaps in the current solutions.
  • Design a blockchain-based CTI sharing solution to address the identified gaps.
  • Implement the proposed solution.

Outcomes

  • Review existing blockchain-based designs for CTI sharing and identify gaps in the current solutions
  • Design a blockchain-based CTI sharing solution to address the identified gaps.
  • Implement the proposed solution.

Skills and experience

Knowledge of computer networks and blockchain.

Keywords

Contact

Contact the supervisor for more information.