DBIS

Data spaces are designed to foster business data exchanges in data ecosystems by creating a trusted, secure, interoperable, and sovereign standard for interorganizational collaboration. While data spaces have been applied in many use cases, they have not been explored in the context of cyber threat intelligence (CTI) sharing. This thesis aims to evaluate the effectiveness of data space concepts and architectures (e.g., International Data Spaces (IDS)) in the context of CTI sharing. The study will involve a comprehensive literature review, requirement analysis, conceptual design, implementation, and scenario-based evaluation to create a CTI sharing framework based on a data space.

Main Tasks:

Literature Review: Understand the state of the art, challenges, and technologies in CTI sharing and data spaces.

Requirement Analysis: Identify functional and non-functional requirements to address CTI sharing challenges.

Conceptual Design:
– Define the functional components and associated architecture.
– Develop a CTI sharing framework based on a data space architecture (e.g., IDS).
– Identify the actors and their interactions.

– Implementation: Analyze and compare existing tools to develop a data space prototype with connectors and usage policies for CTI sharing.

Evaluation: Provide real-world scenarios to verify the applicability of the prototype in incident handling. Analyze the designed architecture and measure the extent to which CTI sharing challenges are addressed. Also, include resource-based performance metrics for the evaluation of the developed data space connectors.