基于区块链和神经网络的威胁情报评估  被引量：3

作　　者：史慧洋 刘鹏 王鹤 Shi Huiyang;Liu Peng;Wang He(School of Computer Science and Technology,University of Chinese Academy of Sciences,Beijing 101408,China;School of Cyber Engineering,Xidian University,Xi’an 710071,China)

机构地区：[1]中国科学院大学计算机科学与技术学院,北京101408 [2]西安电子科技大学网络与信息安全学院,西安710071

出　　处：《天津大学学报（自然科学与工程技术版）》2022年第5期527-534,共8页Journal of Tianjin University：Science and Technology

基　　金：国家重点研发计划资助项目(2018YFB0804701)。

摘　　要：共享威胁情报便于组织高效的应对威胁和部署防御计划.针对威胁情报在收集过程中出现的质量参差不齐、价值不高、容易过期等问题,通过评估情报厂商和共享平台提供的数据,基于制定的评估原则,提出了4个一级指标和11个二级指标,建立了威胁情报评估体系.所选的评估指标能够实现可计算化,其中一级指标包括信誉、时效性、贡献度和质量,研究的主要贡献在于,采用以太坊架构和智能合约设计了一级指标中的信誉系统,通过评分的更新实现了信誉评分的动态调整;区块链技术中的匿名和隐私方案保护了用户的隐私性,同时对于恶意用户也制定了相应的惩罚措施,具体过程是向区块链节点发起评分撤销请求,节点采用共识算法通过请求后给予不同程度的限制,改善了评估模型的公正合理性.此外,本研究构建了相关数据集,通过层次分析法(AHP)选取了4个权重较大的二级指标,并利用神经网络算法方法验证了评估模型的有效性和可操作性,精度达到92.59%,与实际值的相关系数达到0.9以上.最后将评估方法效果从实用性、代表性、动态性和可验证4个方面对比,指出所提出的评价方法在实用性和动态性上有明显优势,评估结果为高.The sharing of threat intelligence facilitates organizations to respond to threats and deploy defense plans efficiently.Aiming at problems such as uneven quality,low value,and easy to expire information in the process of threat intelligence collection,this paper proposed 4 first-level indicators and 11 second-level indicators,according to principles and data provided by intelligence vendors and threat intelligence sharing platforms.In addition,we establish a threat intelligence evaluation system.The selected evaluation indicators can be easily calculated.Among them,the first-level indicators include reputation,timeliness,contribution,and quality.The main contribution of the research is the design of a reputation system using Ethereum architecture and a smart contract and the achievement of dynamic adjustments of the reputation score through score updates;the anonymity and privacy scheme in blockchain technology protects the privacy of users;the specific process is to initiate a score cancellation request to the node in the blockchain.The node used the consensus algorithm to cancel the score after passing the request,then gave different restriction strategies.In addition,the corresponding punishment measures are formulated to make the evaluation model more just and reasonable.The specific process is to initiate a score cancellation request to the node in the blockchain.The node used the consensus algorithm to cancel the score,then gave different restriction strategies and improved the fairness and rationality of the evaluation model.In addition,this study constructed related data sets,selected the second-level indicators with higher weight by the analytic hierarchy process(AHP),and verified the effectiveness and operability of the evaluation model by neural network algorithms.The accuracy is 92.59%,and the correlation coefficient with the actual value is above 0.9.Finally,the effectiveness of the evaluation method is compared from four aspects:practicality,representativeness,dynamicity,and verifiability,and it is

关 键 词：威胁情报 评估 信誉 区块链 智能合约 神经网络 

分 类 号：TP302.7[自动化与计算机技术—计算机系统结构]