Next-generation cybersecurity through a blockchain-enabled federated cloud framework

Abstract

Minimizing the breach detection gap (BDG) for cyber-attacks is a big concern for all organizations and governments. Cyber-attacks are discovered daily, many of which have gone undetected for days to years before the victim organizations detect and deploy the cyber defense. Cyber defense solutions are advancing to combat risks and attacks from traditional to next-generation advanced defense protection solutions. However, many individuals, organizations and businesses continue to be hit by new waves of global cyber-attacks. In this paper, we present a blockchain-enabled federated cloud computing framework that uses the Dempster–Shafer theory to reduce BDG by continuously monitoring and analyzing the network traffics against cyber-attacks. We evaluate the proposed approach using numerical results, and the proposed approach outperforms the traditional approaches.

This is a preview of subscription content, log in to check access.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

References

  1. 1.

    Wang Y-M (2009) Security challenges in an increasingly connected world

  2. 2.

    Government Accountability Office (GAO), Center for Science, Technology, and Engineering Report to Congressional Requesters: Internet of Things Status and implications of an increasingly connected world

  3. 3.

    FTC Staff Reporting, “Internet of Things: Privacy and Security in a Connected World”

  4. 4.

    EndGame (2016) Mind the Detection Gap: Three things SOC teams must consider for earliest detection of unknown threats

  5. 5.

    Hutchins EM, Cloppert MJ, Amin RM (2011) Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Lead Iss Inf Warf Secur Res 1:80

    Google Scholar 

  6. 6.

    SANS Institute (2014) Killing advanced threats in their tracks: an intelligent approach to attack prevention

  7. 7.

    Silvey L (2016) Cybersecurity and data breach: impact on business in Illinois

  8. 8.

    Kaspersky Lab. (2017) Damage control: the cost of security breaches IT security risks special report series

  9. 9.

    Germano JH, Goldman ZK (2014) After the breach: cybersecurity liability risk

  10. 10.

    Experis (2014) Security breaches: is anyone safe?

  11. 11.

    Valdetero J, Zetoony D, Cave B (2014) Data security breaches incident preparedness and response

  12. 12.

    Ponemon Institute (2011) Reputation impact of a data breach

  13. 13.

    NTT Com Security (2016) Security Breaches—what’s the real cost to your business? Risk:Value Report

  14. 14.

    Sungard Availability Services, “The consequences of a Cyber Security Breach” Retrieved from https://www.sungardas.com/en/cyber-security-advice/articles/the-consequences-of-a-cyber-security-breach.html

  15. 15.

    Gold S (2011) Advanced evasion techniques

    Article  Google Scholar 

  16. 16.

    Phan B Seven key features to help you stop advanced evasion techniques at the firewall Senior Security Architect, McAfee

  17. 17.

    Matrosov A, Rodionov E (2013) Advanced evasion techniques by Win32/Gapz

  18. 18.

    OECD (2010) The changing consumer and market landscape

  19. 19.

    KPMG (2017) The changing landscape of disruptive technologies

  20. 20.

    Stratton AM, Wong KW (1997) Issues essential to world web market

  21. 21.

    Kehrli J (2016) Blockchain explained

  22. 22.

    Narayanan A, Miller A (2016) Cryptocurrencies, blockchains, and smart contracts; hardware for deep learning

  23. 23.

    Lemieux VL (2018) Trusting records: is blockchain technology the answer?

  24. 24.

    Dinh TT, Wang J, Chen G, Liu R, Ooi BC, Tan K (2017) BLOCKBENCH: a framework for analyzing private blockchain

  25. 25.

    Li W, Fedorov S, Sforzin A, Karame GO Towards scalable and private industrial blockchains

  26. 26.

    Emmadi N, Narumanchi H (2017) Reinforcing immutability of permissioned blockchains with keyless signatures. Infrastructure

  27. 27.

    Stiller B, Bocek T Blockchains and smart contracts—a valuable alternative for distributed data bases

  28. 28.

    Digitalogy (2017) All you need to know about blockchain!

  29. 29.

    Tapscott D, Tapscott A (2017) How blockchain will change organization

  30. 30.

    Ding CH, Nutanong S, Buyya R Peer-to-peer networks for content sharing

  31. 31.

    De Gruyter (2017) Blockchain revolution

  32. 32.

    Norta A (2015) Creation of smart-contracting collaborations for decentralized autonomous organization

    Google Scholar 

  33. 33.

    Monax (2017) Explainer–blockchain. Retrieve from https://monax.io/explainers/Blockchains

  34. 34.

    Liang X, Shetty S, Tosh D, Kamhoua C, Kwiat K, Njilla L (2017) ProvChain: a blockchain-based data provenance architecture in cloud environment with enhanced privacy and availability

  35. 35.

    Pilkington M (2015) Blockchain technology: principles and applications

  36. 36.

    Hull R (2017) Blockchain: distributed event-based processing in a data-centric world

  37. 37.

    Gervais A, Karame GO, Wust K (2016) On the security and performance of proof of work blockchains

  38. 38.

    Larimer D (2013) Transactions as proof-of-stake

  39. 39.

    Milutinovic M, Wu H, He H, Kanwal M (2016) Proof of luck: an efficient blockchain consensus protocol

  40. 40.

    Cachin C (2016) Architecture of the hyperledger blockchain fabric

  41. 41.

    Mazieres D (2016) The stellar consensus protocol: a federated model for internet-level consensus

  42. 42.

    Baliga A (2017) Understanding blockchain consensus models

  43. 43.

    ComputerWeekly. Nearly a third of malware attacks are zero-day exploits. Retrieved from http://www.computerweekly.com/news/450415866/Nearly-a-third-of-malware-attacks-are-zero-day-exploits

  44. 44.

    Digital-Guardian (2017) 91% Of cyber attacks start with a phishing email: here’s how to protect against phishing. Retrieved from https://digitalguardian.com/blog/91-percent-cyber-attacks-start-phishing-email-heres-how-protect-against-phishing

  45. 45.

    Sentz K, Ferson S (2002) Combination of Evidence in Dempster–Shafer theory, April 2002

  46. 46.

    Horneman A, Dell N (2014) Smart collection and storage method for network traffic data

  47. 47.

    He J (2015) Dempster–Shafer theory of evidence

  48. 48.

    Rawat DB, Njilla L, Kwiat K, Kamhoua CA (2018) iShare: Blockchain Based Privacy-aware Multi-Agent Information Sharing Games for Cybersecurity. In: Proceedings of the 2018 International Conference on Computing, Networking and Communications (ICNC): Communications and Information Security Symposium. Maui, Hawaii, USA, March 5–8, 2018

  49. 49.

    Rawat DB, Alshaikhi A (2018) “Leveraging Distributed Blockchain-based Scheme for Wireless Network Virtualization with Security and QoS Constraints.” In: Proceedings of the 2018 International Conference on Computing, Networking and Communications (ICNC): Communications and Information Security Symposium, Maui, Hawaii, USA, March 5–8, 2018

Download references

Acknowledgements

This work was supported in part by the U.S. National Science Foundation (NSF) under Grants CNS-1658972 and CNS-1650831, and by the U.S. Department of Homeland Security (DHS) under Grant award number, 2017‐ST‐062‐000003. However, any opinion, finding, and conclusions or recommendations expressed in this document are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of the funding agencies. All co-authors have contributed in this paper.

Author information

Affiliations

Authors

Corresponding author

Correspondence to Danda B. Rawat.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Malomo, O.O., Rawat, D.B. & Garuba, M. Next-generation cybersecurity through a blockchain-enabled federated cloud framework. J Supercomput 74, 5099–5126 (2018). https://doi.org/10.1007/s11227-018-2385-7

Download citation

Keywords

  • Federated cloud
  • Blockchain
  • Breach detection gap
  • Federated blockchain cloud computing
  • Dempster–Shafer theory