Skip to main content
SpringerLink
Log in

Study on a security intelligence trading platform based on blockchain and IPFS

  • Original Paper
  • Published:
Journal of Computer Virology and Hacking Techniques Aims and scope Submit manuscript

Abstract

Security response centre (SRC) is an important solution for enterprises to ensuring their network security. The existing security response centres can be mainly divided into two types, the third-party vulnerability reporting platforms and xSRCs of each enterprise. Normally, hackers find and submit valuable information to a vulnerability reporting platform or xSRC. However, the hackers who submit vulnerabilities probably disagree with the assessment results of vulnerability level by enterprises or the third-party platform experts entrusted by enterprises, which may lead to some dangerous situations that can threat the enterprise’s network security. This paper proposes a security intelligence trading platform based on blockchain and IPFS (Inter Planetary File System), and applies it to a specific example. Due to the decentralization and immutability of blockchain technology and IPFS, it can make the vulnerability level assessment fair and just, which will protect the interests and privacy of both hackers and enterprises. The example proves that the proposed method is simple and feasible, and has theoretical and practical value to the exploration of security information transaction mechanism.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. You, L., Lin, Z., Yue, L., et al.: Design and implementation of security emergency response center platform. Softw. Eng. 01, 24–27 (2018). (in Chinese)

    Google Scholar 

  2. Zhou, M.: SRCMS: enterprise emergency response and defect management system (2017). https://github.com/martinzhou2015/SRCMS

  3. Bai, G.: How does the security emergency response center (SRC) work? China Inf Secur 07, 61–62 (2016). (in Chinese)

    Google Scholar 

  4. Anderson, R.: Why information security is hard-an economic perspective. In: Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual. IEEE, pp. 358–365 (2001)

  5. Anderson, R., Moore, T.: The economics of information security. Science 314(5799), 610–613 (2006)

    Article  Google Scholar 

  6. Schneier: Economics and Information Security (2006/6/29)[2009/8/1]. http://www.schneier.com/blog/archives/2006/06/economics_and_i_1.html

  7. Camp, L.J., Wolfram, C.: Pricing security. In: Economics of Information Security, pp. 17–34 (2004)

  8. Ozment, A.: Bug auctions: vulnerability markets reconsidered. In: Third Workshop on the Economics of Information Security (2004)

  9. Bohme, R.: A comparison of market approaches to software vulnerability disclosure. Lect. Notes Comput. Sci. 3995, 298–311 (2006)

    Article  Google Scholar 

  10. Zhu, L.: Design and Implementation of Distributed Network Emergency Response Management System CHAIRS. Southeast University, Nanjing (2015). (in Chinese)

    Google Scholar 

  11. Yuan, C., Zhou, Y., Ji, Y., et al.: Construction of snational cyber security emergency response organization against virus threat. Inf. Netw. Secur. 09, 7–10 (2009). (in Chinese)

    Google Scholar 

  12. Huang, C.: Developing China’s cyber security emergency response system. Inf. Netw. Secur. 03, 27–28 (2005). (in Chinese)

    Google Scholar 

  13. Martin: How to build safe emergency response centre from scratch? (2018). https://www.zhihu.com/question/40673882/answer/137885278

  14. Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. Consulted (2009)

  15. https://whichblockchain.com/blockchain-characteristics

  16. https://www.yzmg.com/blockchain/215678.html

  17. Jan: Ethereum: next generation smart contract and decentralized application platform (2015). https://ethfans.org/posts/ethereum-whitepaper

  18. Hetao: Why Ethereum is the representative of blockchain 2.0? (2018). https://www.jianshu.com/p/ea82669974de

  19. Xiong, T.: Fully understand Ethereum smart contract (2018). https://learnblockchain.cn/2018/01/04/understanding-smart-contracts

  20. Liang: Brief introduction of IPFs development and practical operation (2018). https://www.jianshu.com/p/48a2739bade2

  21. https://www.blockchain-council.org/blockchain/how-is-blockchain-verifiable-by-public-and-yet-anonymous/

  22. https://www.expresscomputer.in/features/how-blockchain-can-enable-advanced-anonymous-voting-in-digital-india/19844/

Download references

Author information

Authors and Affiliations

  1. Shanghai FengQun network technology Ltd., Shanghai, China

    Hejun Xu

  2. State Grid Shanghai Electric Power Company, Shanghai, China

    Binkai Jiang

Authors
  1. Hejun Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Binkai Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Binkai Jiang.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Xu, H., Jiang, B. Study on a security intelligence trading platform based on blockchain and IPFS. J Comput Virol Hack Tech 17, 131–137 (2021). https://doi.org/10.1007/s11416-020-00375-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11416-020-00375-7

Keywords

Search

Navigation