Blockchain technology in Cyber Threat Intelligence: Applications and challenges
Välimaa, Sanni (2025)
2025
Tietojenkäsittelytieteiden kandidaattiohjelma - Bachelor's Programme in Computer Sciences
Informaatioteknologian ja viestinnän tiedekunta - Faculty of Information Technology and Communication Sciences
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Hyväksymispäivämäärä
2025-05-20
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:tuni-202505195786
https://urn.fi/URN:NBN:fi:tuni-202505195786
Tiivistelmä
The cyber threat landscape is becoming increasingly complex, which renders many reactive threat response protocols insufficient. Cyber Threat Intelligence (CTI) introduces a new paradigm to cybersecurity, shifting the focus toward proactive gathering, analyzing, and sharing of threat knowledge and mitigation strategies for emerging threats even before they occur. Even though CTI offers indisputable utility to information security teams, it is not without its flaws. It lacks secure avenues for sharing threat intelligence, automation, and incentive structures to produce high-quality CTI data. However, what CTI is lacking is coincidentally some of the built-in characteristics of another innovative technology: blockchain. Blockchain is a decentralized, distributed database technology that incentivizes secure, transparent, immutable, and automated digital transactions.
This thesis presents a literature review exploring recent propositions for integrating blockchain technology into CTI, as well as the potential challenges arising from such integration. The thesis offers thorough definitions for both CTI and blockchain technology, highlighting their attributes and unresolved challenges. Prospects for using blockchain technology as an avenue for sharing CTI are examined in more detail.
This work identifies a consensus among the scientific literature that blockchain offers a promising channel for CTI dissemination. Even highly sensitive CTI data can be exchanged via an access-controlled private or permissioned blockchain network. Furthermore, the production of quality CTI can be rewarded with tokens or other blockchain-enabled incentive structures, while smart contracts enable automatic functions on the network. However, despite the perceived benefits, blockchain cannot offer a comprehensive solution for optimizing every aspect of CTI. Along with issues directly related to blockchain, such as performance and regulatory concerns, the need for interoperability with legacy systems, as well as a lack of skilled personnel, present great barriers for widespread adoption of blockchain technology in the field of Cyber Threat Intelligence.
This thesis presents a literature review exploring recent propositions for integrating blockchain technology into CTI, as well as the potential challenges arising from such integration. The thesis offers thorough definitions for both CTI and blockchain technology, highlighting their attributes and unresolved challenges. Prospects for using blockchain technology as an avenue for sharing CTI are examined in more detail.
This work identifies a consensus among the scientific literature that blockchain offers a promising channel for CTI dissemination. Even highly sensitive CTI data can be exchanged via an access-controlled private or permissioned blockchain network. Furthermore, the production of quality CTI can be rewarded with tokens or other blockchain-enabled incentive structures, while smart contracts enable automatic functions on the network. However, despite the perceived benefits, blockchain cannot offer a comprehensive solution for optimizing every aspect of CTI. Along with issues directly related to blockchain, such as performance and regulatory concerns, the need for interoperability with legacy systems, as well as a lack of skilled personnel, present great barriers for widespread adoption of blockchain technology in the field of Cyber Threat Intelligence.
Kokoelmat
- Kandidaatintutkielmat [10016]