Enhancing Cyber Threat Intelligence Sharing through a Privacy-Preserving Federated Learning Approach

Ahmed Sleem¹, Ibrahim Elhenawy²

 ¹Ministry of communication and information technology, Egypt

²Faculty of Computers and Informatics, Zagazig University, Zagazig, Sharqiyah, 44519, Egypt

Emails: Ahmedsleem8000@gmail.com;  ielhenawy@zu.edu.eg

Abstract

This paper proposes a privacy-preserving federated learning approach to enhance cyber threat intelligence sharing. Cyber threats are becoming more sophisticated and are posing serious security risks to organizations. Sharing threat intelligence information can help to detect and mitigate these threats quickly. However, privacy concerns and data protection regulations hinder the sharing of sensitive information. Federated learning is a promising approach that allows multiple parties to collaborate in building a global model while preserving data privacy. We propose a framework that utilizes federated learning to train a global threat intelligence model without compromising the privacy of individual organizations' data. Our approach also includes a differential privacy mechanism to ensure the anonymity of the participating organizations. We demonstrate the effectiveness of our approach through experiments conducted on real-world datasets, showing that it achieves high accuracy while maintaining data privacy. The proposed approach has the potential to facilitate more effective and secure cyber threat intelligence sharing among organizations.

Keywords: Cyber Threat; Privacy-Preserving Federated Learning; Intelligent Systems; Cybersecurity