A hybrid personal cyber threat intelligence sharing protocol using steganography and secret sharing

Arman Zand; Eckhard Pfluegel

doi:10.1007/978-981-99-6974-6_5

A hybrid personal cyber threat intelligence sharing protocol using steganography and secret sharing

Arman Zand
, Eckhard Pfluegel

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

2 Downloads (Pure)

Abstract

Cyber Threat Intelligence (CTI) sharing allows organisations, communities and individuals to respond to emerging threats quickly, provided secure and reliable communication can be ensured. However, privacy constraints, restrictive sharing policies, concerns about trust misuse, and the lack of trustworthy tools limit the quality and quantity of information that are exchanged. This paper proposes a novel cryptographic protocol for sharing personal CTI information by private individuals based on hybrid information hiding and sharing techniques. Messages can be sent via an intermediary so that a passive monitoring attacker is misled, interpreting the intermediary as the dealer of a secret sharing scheme. Recipients can reconstruct the information as part of the secret sharing scheme. However, the true nature of the original messages being cover objects and pre-defined shares remain hidden. The protocol has been implemented, and our proof-ofconcept system has been assessed for robustness and performance. Our evaluation shows that the system is efficient, secure and practical. Hence, our approach could be a valuable tool for real-world personal CTI sharing as an effective method to manage confidentiality, trust and risk of CTI owned by private individuals.

Original language	English
Title of host publication	Published in: Onwubiko, Cyril, Rosati, Pierangelo, Rege, Aunshul, Erola, Arnau, Bellekens, Xavier, Hindy, Hanan and Jaatun, Martin Gilje. (eds.) (2024) Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media. Cyber Science 2023; 03-04 July; University of Aalborg, Copenhagen, Denmark. Singapore: Springer Singapore. pp.75-89. (Springer Proceedings in Complexity SPCOM) Series ISSN (print) 2213-8684 Series ISSN (electronic) 2213-8692 ISBN (print HB) 9789819969739 ISBN (print PB) 9789819969760 ISBN (electronic) 9789819969746
DOIs	https://doi.org/10.1007/978-981-99-6974-6_5
Publication status	Published - 4 Jul 2024

Bibliographical note

Note: Published in: Onwubiko, Cyril, Rosati, Pierangelo, Rege, Aunshul, Erola, Arnau, Bellekens, Xavier, Hindy, Hanan and Jaatun, Martin Gilje. (eds.) (2024) Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media. Cyber Science 2023; 03-04 July; University of Aalborg, Copenhagen, Denmark. Singapore: Springer Singapore. pp.75-89. (Springer Proceedings in Complexity SPCOM) Series ISSN (print) 2213-8684 Series ISSN (electronic) 2213-8692 ISBN (print HB) 9789819969739 ISBN (print PB) 9789819969760 ISBN (electronic) 9789819969746

Keywords

Computer science and informatics

Access to Document

10.1007/978-981-99-6974-6_5

Zand-A-54190-AAMAccepted author manuscript, 356 KBLicence: Unspecified

https://doi.org/10.1007/978-981-99-6974-6_5

1 Paper

A hybrid personal cyber threat intelligence sharing protocol using steganography and secret sharing
Zand, A. & Pfluegel, E., 4 Jul 2024.
Research output: Contribution to conference › Paper › peer-review

Open Access
File
4 Downloads (Pure)

Cite this

Zand, A., & Pfluegel, E. (2024). A hybrid personal cyber threat intelligence sharing protocol using steganography and secret sharing. In Published in: Onwubiko, Cyril, Rosati, Pierangelo, Rege, Aunshul, Erola, Arnau, Bellekens, Xavier, Hindy, Hanan and Jaatun, Martin Gilje. (eds.) (2024) Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media. Cyber Science 2023; 03-04 July; University of Aalborg, Copenhagen, Denmark. Singapore: Springer Singapore. pp.75-89. (Springer Proceedings in Complexity SPCOM) Series ISSN (print) 2213-8684 Series ISSN (electronic) 2213-8692 ISBN (print HB) 9789819969739 ISBN (print PB) 9789819969760 ISBN (electronic) 9789819969746 https://doi.org/10.1007/978-981-99-6974-6_5

Zand, Arman ; Pfluegel, Eckhard. / A hybrid personal cyber threat intelligence sharing protocol using steganography and secret sharing. Published in: Onwubiko, Cyril, Rosati, Pierangelo, Rege, Aunshul, Erola, Arnau, Bellekens, Xavier, Hindy, Hanan and Jaatun, Martin Gilje. (eds.) (2024) Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media. Cyber Science 2023; 03-04 July; University of Aalborg, Copenhagen, Denmark. Singapore: Springer Singapore. pp.75-89. (Springer Proceedings in Complexity SPCOM) Series ISSN (print) 2213-8684 Series ISSN (electronic) 2213-8692 ISBN (print HB) 9789819969739 ISBN (print PB) 9789819969760 ISBN (electronic) 9789819969746. 2024.

@inproceedings{e0450efefe2042cbba764c4d29b917b5,

title = "A hybrid personal cyber threat intelligence sharing protocol using steganography and secret sharing",

abstract = "Cyber Threat Intelligence (CTI) sharing allows organisations, communities and individuals to respond to emerging threats quickly, provided secure and reliable communication can be ensured. However, privacy constraints, restrictive sharing policies, concerns about trust misuse, and the lack of trustworthy tools limit the quality and quantity of information that are exchanged. This paper proposes a novel cryptographic protocol for sharing personal CTI information by private individuals based on hybrid information hiding and sharing techniques. Messages can be sent via an intermediary so that a passive monitoring attacker is misled, interpreting the intermediary as the dealer of a secret sharing scheme. Recipients can reconstruct the information as part of the secret sharing scheme. However, the true nature of the original messages being cover objects and pre-defined shares remain hidden. The protocol has been implemented, and our proof-ofconcept system has been assessed for robustness and performance. Our evaluation shows that the system is efficient, secure and practical. Hence, our approach could be a valuable tool for real-world personal CTI sharing as an effective method to manage confidentiality, trust and risk of CTI owned by private individuals.",

keywords = "Computer science and informatics",

author = "Arman Zand and Eckhard Pfluegel",

note = "Note: Published in: Onwubiko, Cyril, Rosati, Pierangelo, Rege, Aunshul, Erola, Arnau, Bellekens, Xavier, Hindy, Hanan and Jaatun, Martin Gilje. (eds.) (2024) Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media. Cyber Science 2023; 03-04 July; University of Aalborg, Copenhagen, Denmark. Singapore: Springer Singapore. pp.75-89. (Springer Proceedings in Complexity SPCOM) Series ISSN (print) 2213-8684 Series ISSN (electronic) 2213-8692 ISBN (print HB) 9789819969739 ISBN (print PB) 9789819969760 ISBN (electronic) 9789819969746",

year = "2024",

month = jul,

day = "4",

doi = "10.1007/978-981-99-6974-6\_5",

language = "English",

booktitle = "Published in: Onwubiko, Cyril, Rosati, Pierangelo, Rege, Aunshul, Erola, Arnau, Bellekens, Xavier, Hindy, Hanan and Jaatun, Martin Gilje. (eds.) (2024) Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media. Cyber Science 2023; 03-04 July; University of Aalborg, Copenhagen, Denmark. Singapore: Springer Singapore. pp.75-89. (Springer Proceedings in Complexity SPCOM) Series ISSN (print) 2213-8684 Series ISSN (electronic) 2213-8692 ISBN (print HB) 9789819969739 ISBN (print PB) 9789819969760 ISBN (electronic) 9789819969746",

}

Zand, A & Pfluegel, E 2024, A hybrid personal cyber threat intelligence sharing protocol using steganography and secret sharing. in Published in: Onwubiko, Cyril, Rosati, Pierangelo, Rege, Aunshul, Erola, Arnau, Bellekens, Xavier, Hindy, Hanan and Jaatun, Martin Gilje. (eds.) (2024) Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media. Cyber Science 2023; 03-04 July; University of Aalborg, Copenhagen, Denmark. Singapore: Springer Singapore. pp.75-89. (Springer Proceedings in Complexity SPCOM) Series ISSN (print) 2213-8684 Series ISSN (electronic) 2213-8692 ISBN (print HB) 9789819969739 ISBN (print PB) 9789819969760 ISBN (electronic) 9789819969746. https://doi.org/10.1007/978-981-99-6974-6_5

A hybrid personal cyber threat intelligence sharing protocol using steganography and secret sharing. / Zand, Arman; Pfluegel, Eckhard.
Published in: Onwubiko, Cyril, Rosati, Pierangelo, Rege, Aunshul, Erola, Arnau, Bellekens, Xavier, Hindy, Hanan and Jaatun, Martin Gilje. (eds.) (2024) Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media. Cyber Science 2023; 03-04 July; University of Aalborg, Copenhagen, Denmark. Singapore: Springer Singapore. pp.75-89. (Springer Proceedings in Complexity SPCOM) Series ISSN (print) 2213-8684 Series ISSN (electronic) 2213-8692 ISBN (print HB) 9789819969739 ISBN (print PB) 9789819969760 ISBN (electronic) 9789819969746. 2024.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A hybrid personal cyber threat intelligence sharing protocol using steganography and secret sharing

AU - Zand, Arman

AU - Pfluegel, Eckhard

N1 - Note: Published in: Onwubiko, Cyril, Rosati, Pierangelo, Rege, Aunshul, Erola, Arnau, Bellekens, Xavier, Hindy, Hanan and Jaatun, Martin Gilje. (eds.) (2024) Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media. Cyber Science 2023; 03-04 July; University of Aalborg, Copenhagen, Denmark. Singapore: Springer Singapore. pp.75-89. (Springer Proceedings in Complexity SPCOM) Series ISSN (print) 2213-8684 Series ISSN (electronic) 2213-8692 ISBN (print HB) 9789819969739 ISBN (print PB) 9789819969760 ISBN (electronic) 9789819969746

PY - 2024/7/4

Y1 - 2024/7/4

N2 - Cyber Threat Intelligence (CTI) sharing allows organisations, communities and individuals to respond to emerging threats quickly, provided secure and reliable communication can be ensured. However, privacy constraints, restrictive sharing policies, concerns about trust misuse, and the lack of trustworthy tools limit the quality and quantity of information that are exchanged. This paper proposes a novel cryptographic protocol for sharing personal CTI information by private individuals based on hybrid information hiding and sharing techniques. Messages can be sent via an intermediary so that a passive monitoring attacker is misled, interpreting the intermediary as the dealer of a secret sharing scheme. Recipients can reconstruct the information as part of the secret sharing scheme. However, the true nature of the original messages being cover objects and pre-defined shares remain hidden. The protocol has been implemented, and our proof-ofconcept system has been assessed for robustness and performance. Our evaluation shows that the system is efficient, secure and practical. Hence, our approach could be a valuable tool for real-world personal CTI sharing as an effective method to manage confidentiality, trust and risk of CTI owned by private individuals.

AB - Cyber Threat Intelligence (CTI) sharing allows organisations, communities and individuals to respond to emerging threats quickly, provided secure and reliable communication can be ensured. However, privacy constraints, restrictive sharing policies, concerns about trust misuse, and the lack of trustworthy tools limit the quality and quantity of information that are exchanged. This paper proposes a novel cryptographic protocol for sharing personal CTI information by private individuals based on hybrid information hiding and sharing techniques. Messages can be sent via an intermediary so that a passive monitoring attacker is misled, interpreting the intermediary as the dealer of a secret sharing scheme. Recipients can reconstruct the information as part of the secret sharing scheme. However, the true nature of the original messages being cover objects and pre-defined shares remain hidden. The protocol has been implemented, and our proof-ofconcept system has been assessed for robustness and performance. Our evaluation shows that the system is efficient, secure and practical. Hence, our approach could be a valuable tool for real-world personal CTI sharing as an effective method to manage confidentiality, trust and risk of CTI owned by private individuals.

KW - Computer science and informatics

U2 - 10.1007/978-981-99-6974-6_5

DO - 10.1007/978-981-99-6974-6_5

M3 - Conference contribution

BT - Published in: Onwubiko, Cyril, Rosati, Pierangelo, Rege, Aunshul, Erola, Arnau, Bellekens, Xavier, Hindy, Hanan and Jaatun, Martin Gilje. (eds.) (2024) Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media. Cyber Science 2023; 03-04 July; University of Aalborg, Copenhagen, Denmark. Singapore: Springer Singapore. pp.75-89. (Springer Proceedings in Complexity SPCOM) Series ISSN (print) 2213-8684 Series ISSN (electronic) 2213-8692 ISBN (print HB) 9789819969739 ISBN (print PB) 9789819969760 ISBN (electronic) 9789819969746

ER -

Zand A, Pfluegel E. A hybrid personal cyber threat intelligence sharing protocol using steganography and secret sharing. In Published in: Onwubiko, Cyril, Rosati, Pierangelo, Rege, Aunshul, Erola, Arnau, Bellekens, Xavier, Hindy, Hanan and Jaatun, Martin Gilje. (eds.) (2024) Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media. Cyber Science 2023; 03-04 July; University of Aalborg, Copenhagen, Denmark. Singapore: Springer Singapore. pp.75-89. (Springer Proceedings in Complexity SPCOM) Series ISSN (print) 2213-8684 Series ISSN (electronic) 2213-8692 ISBN (print HB) 9789819969739 ISBN (print PB) 9789819969760 ISBN (electronic) 9789819969746. 2024 Epub 2024 Feb 18. doi: 10.1007/978-981-99-6974-6_5

A hybrid personal cyber threat intelligence sharing protocol using steganography and secret sharing

Abstract

Bibliographical note

Keywords

Access to Document

Fingerprint

Research output

A hybrid personal cyber threat intelligence sharing protocol using steganography and secret sharing

Cite this