TIIA: A blockchain-enabled Threat Intelligence Integrity Audit scheme for IIoT

Abstract

With the widespread deployment of the Industrial Internet of Things technology (IIoT), the cyber security threats of IIoT systems are increasing. Threat intelligence sharing is an effective way to resist cyber security threats. However, there is a contradiction between information integrity and the requirement of building a complete attack chain in the threat intelligence sharing and utilization. Due to the limited capacity of block storage pattern, it can be found that threat intelligence is prone to fragmentation on blockchain. In this paper, a blockchain-enabled Threat Intelligence Integrity Audit (TIIA) scheme for IIoT is proposed. This scheme can audit the integrity of threat intelligence in ciphertext state to ensure the confidentiality protection requirements of threat intelligence on blockchain. A double chain structure is presented in the TIIA scheme. The storage-chain is used to store threat intelligence ciphertext, while the audit-chain is designed to achieve the integrity audit of the corresponding fragment on the storage-chain. In addition, Paillier homomorphic encryption and searchable encryption are used to realize the confidentiality and ciphertext retrieval of threat intelligence on the storage-chain. A redundant block deletion algorithm is designed to reduce the audit-chain load and improve audit efficiency. The performance analysis shows that the proposed scheme can effectively reduce the computational and communication costs, and has a high audit efficiency.