409
Neural Network and
Blockchain Based Technique
for Cyber Threat Intelligence
and Situational Awareness
Abstract: Protecting Critical Infrastructure (CI) against increasing cyber threats has
become as crucial as it is complicated. To be effective in identifying and defeating cyber
attacks, cyber analysts require novel distributed detection and reaction methodologies
based on information security techniques that can automatically analyse incident
reports and securely share analysis results between Critical Infrastructure stakeholders.
Our goal is to provide solutions in real-time that could replace human input for cyber
incident analysis tasks (triage) to classify cyber incident reports, nd related reports in
a fast and scalable way, eliminate irrelevant information, and automate reporting life-
cycle management. Our effective and fast incident management method is based on
articial intelligence and can support cyber analysts in establishing cyber situational
awareness, and allow them to quickly adopt suitable countermeasures in the case
of an attack. In this paper, we evaluate deep autoencoder neural network supported
by Blockchain technology as a system for incident classication and management,
and assess its accuracy and performance. This approach should reduce the number
of manual operations and save storage space. We used a Blockchain smart contract
technique to provide an automated trusted system for incident management workow
that allows automatic acquisition, classication and enrichment of incident data. We
demonstrate how the presented techniques can be applied to support incident handling
tasks performed by security operation centres.
Keywords: cyber threat intelligence, neural network, blockchain
Roman Graf
Austrian Institute of Technology GmbH
Vienna, Austria
roman.graf@ait.ac.at
Ross King
Austrian Institute of Technology GmbH
Vienna, Austria
ross.king@ait.ac.at
2018 10th International Conference on Cyber Conict
CyCon X: Maximising Eects
T. Minárik, R. Jakschis, L. Lindström (Eds.)
2018 © NATO CCD COE Publications, Tallinn
Permission to make digital or hard copies of this publication for internal
use within NATO and for personal or educational use when for non-prot or
non-commercial purposes is granted providing that copies bear this notice
and a full citation on the rst page. Any other reproduction or transmission
requires prior written permission by NATO CCD COE.
