The paper proposes a STIX-based data representation for privacy-preserving data analysis, to report format and semantics of specific data types, and to represent sticky policies in the format of embedded human-readable DSAs. More specifically, we exploit and extend the STIX standard, to represent in a structured way analysis-ready pieces of data and the attached privacy policies. The whole scheme is designed to be completely compatible with the STIX 2.0 standard for CTI representation. The proposed scheme will be implemented in this work by defining the complete scheme for representing an email, which is more expressive than the standard one defined for STIX, designed specifically for spam email analysis. Moreover, the paper provides a new scheme for general Data-Sharing Agreement representation that has been practically applied for the process of encoding specific attributes in different Cyber-Threat Intelligence reports. Due to the chosen approach, the research results may have limitations. Specifically, current practice for entity recognition has the limitation that was discovered during the research. However, its effect on process time was minimized. This paper has covered the existing gap including the lack of generality in DSA representation for privacy-preserving analysis of structured CTI. Therefore, the new model for DSA representation was introduced as well as its practical implementation.
A scheme for the sticky policy representation supporting secure Cyber-Threat Intelligence analysis and sharing
The work described in this website has been conducted within the project NeCS. This project has received funding from the European Union’s Horizon 2020 (H2020) research and innovation programme under the Grant Agreement no 675320. This website and the content displayed in it do not represent the opinion of the European Union, and the European Union is not responsible for any use that might be made of its content.