What can Blockchain Do For Cybersecurity?

By on

You can tell when a technology has reached its peak hype potential when things just start to get silly.  In the blockchain world, this is evidenced by athletes, artists and other public personalities tweeting, posting, or otherwise endorsing ICOs (Initial Coin Offerings). These have ranged from Prediction Market blockchains, to Cannabis Supply Chain blockchains, to more pedestrian Big Data Marketing blockchains.  My personal favorite, however, is Burger King’s “WhopperCoin”.

How do we cut through the hype?  First let’s ask the question, what are blockchains good at?

  • Adjudicating Trust – in the exchange of value, whatever that value may be, with blockchain the participants don’t need to trust each other. They trust the “math” behind the blockchain platform.
  • Transactions – blockchains are optimized to facilitate transactions between parties, whether it is exchange of value, data, etc.
  • Incentivized Participation – think “Game Theory”. The participants in the blockchain are rewarded as a result of their participation, and the incentives can be specific to the audience.
  • Transparency – the ledger is an open book – anyone can see the transaction history and trace data through the blockchain.
  • Accountability – like transparency, it is easy to account for every transaction on the blockchain and independently verify it.
  • Immutability – Once a transaction has been recorded in the blockchain, it is written in “digital stone.”

All of these things align to similar goals in cybersecurity – so where are the cybersecurity blockchains?  Let’s take a look at an interesting approach to Threat Intelligence leveraging the blockchain and see how it stacks up to the list above.  Swarm (https://swarm.market) (not to be confused with Swarm – the distributed storage and content distribution network) is a decentralized security marketplace that aims to connect end users with security experts.

In the most simple case, anyone can submit a sample through Swarm and ask “Is this malicious?”.  They can also post a “bounty” for the resultant information.  A security expert examines the sample and earns the bounty by submitting an assertion about the data.  Where the blockchain comes into play here is by acting as the arbiter of truth.  Presumably there are many, potentially thousands, of security experts making assertions on the data and contributing to confidence in their assertion.  Get enough experts to agree and you’ve got an answer you can trust.

Next up, the blockchain manages the transaction, distributing the bounty paid by the submitter amongst the “correct” security experts.  This also manages the incentives of both parties to participate in the Swarm marketplace.  As more and more information is transacted on the blockchain, security experts will begin to develop an accuracy reputation due to the transparency of the blockchain – subsequently allowing submitters to target their offers toward experts in specific areas of interest.

Finally, the accountability and immutability of the blockchain builds on that confidence to provide the most accurate results as efficiently as an open market will allow.  While all this sounds a bit slow and hands on, think of the submitter as your client software and the security expert as an automated cloud service that runs the sample through many different malware detection engines.

Will Swarm take off?  I don’t know – there is a bit of a chicken-and-egg problem to solve first.  It is clear, however, that blockchain is here to stay thanks to cloud vendors like Amazon and Microsoft offering “Blockchain as a Service”, making these technologies easier to build, manage, and maintain. I believe we will see security vendors large and small adopting blockchain technology to solve problems blockchains are good at.

As for Swarm, I’m looking forward to seeing this project’s progress and getting my hands on some code to try it out.

For more stories like this, and for updates from MPOWER17, follow us on Twitter at @McAfee.

Categories: Business
Tags: , ,

Leave a Comment

Similar articles

The topics parents need to discuss with kids today can be tough compared to even a few years ago. The digital scams are getting more sophisticated and the social culture poses new, more inherent risks. Weekly, we have to breach very adult conversations with our kids. Significant conversations about sexting, bullying, online scams, identity fraud, ...
Read Blog
There's something ironic about cybercriminals getting "hacked back." BriansClub, one of the largest underground stores for buying stolen credit card data, has itself been hacked. According to researcher Brian Krebs, the data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past ...
Read Blog