A Blockchain-Based Framework for Scalable and Trustless Delegation of Cyber Threat Intelligence

CTI sharing is increasingly used by organisations to strengthen security. The sensitivity of CTI has led to research on trust-based sharing, yet most existing CTI sharing approaches only support static trust-based decisions or centralised trust evaluation, limiting their scalability and lead to centralised risk. This paper proposes a blockchain-based CTI sharing framework that relies on trustless delegates for dynamic trust-based decision-making and decentralised trust evaluation. To facilitate trustless delegation, our proposal allows CTI producers to intentionally inject false data on a periodic basis into the system to audit the behaviour of delegates. Moreover, unlike existing approaches, delegates within our framework facilitate sharing of CTI directly with consumers such that scalable CTI sharing occurs. The results of a qualitative evaluation of the proposed framework's security show that it is resilient to common privacy and trust concerns. Moreover, a quantitative evaluation of a proof-of-concept prototype using Ethereum show that the proposed framework is scalable and cost-effective.