Privacy-preserving cyber threat intelligence: a framework combining private information retrieval, federated learning, and differential privacy
| dc.authorid | 0009-0003-5878-5621 | |
| dc.authorid | 0000-0003-2865-6370 | |
| dc.contributor.author | Çamalan, Emre | en_US |
| dc.contributor.author | Çeliktaş, Barış | en_US |
| dc.date.accessioned | 2026-03-06T07:52:14Z | |
| dc.date.available | 2026-03-06T07:52:14Z | |
| dc.date.issued | 2025-09-21 | |
| dc.department | Işık Üniversitesi, Lisansüstü Eğitim Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programı | en_US |
| dc.department | Işık University, School of Graduate Studies, Master’s Program in Computer Engineering | en_US |
| dc.department | Işık Üniversitesi, Mühendislik ve Doğa Bilimleri Fakültesi, Bilgisayar Mühendisliği Bölümü | en_US |
| dc.department | Işık University, Faculty of Engineering and Natural Sciences, Department of Computer Engineering | en_US |
| dc.description.abstract | Threat Intelligence Platforms (TIPs) are essential for sharing indicators of compromise (IoCs), but querying them can leak sensitive organizational data. We propose a privacy-preserving framework that combines Private Information Retrieval (PIR), Federated Learning (FL), and Differential Privacy (DP) to mitigate this risk. Our approach addresses both content-level and metadata-level privacy concerns while supporting collaborative learning across organizations. It ensures that sensitive query patterns remain hidden, local threat data never leaves organizational boundaries, and model updates are protected against inference attacks. The framework integrates with existing TIPs such as MISP and OpenCTI, requiring minimal operational changes. We implement a prototype using a simulated Abuse IP dataset and evaluate it on latency, accuracy, and communication overhead. The system supports private queries in under 300 ms and maintains over 95% model accuracy under DP noise. These results indicate that strong privacy can be achieved with minimal performance trade-offs, making the approach viable for real-world CTI environments. | en_US |
| dc.description.version | Publisher's Version | en_US |
| dc.identifier.citation | Çamalan, E. & Çeliktaş, B. (2025). Privacy-preserving cyber threat intelligence: a framework combining private information retrieval, federated learning, and differential privacy. Paper presented at the International Conference on Computer Science and Engineering, UBMK, 2025, 1525-1530. doi:https://doi.org/10.1109/UBMK67458.2025.11206831 | en_US |
| dc.identifier.doi | 10.1109/UBMK67458.2025.11206831 | |
| dc.identifier.endpage | 1530 | |
| dc.identifier.isbn | 9798331599751 | |
| dc.identifier.issn | 2521-1641 | |
| dc.identifier.issue | 2025 | |
| dc.identifier.scopus | 2-s2.0-105030881009 | |
| dc.identifier.scopusquality | N/A | |
| dc.identifier.startpage | 1525 | |
| dc.identifier.uri | https://hdl.handle.net/11729/7103 | |
| dc.identifier.uri | https://doi.org/10.1109/UBMK67458.2025.11206831 | |
| dc.indekslendigikaynak | Scopus | en_US |
| dc.institutionauthor | Çamalan, Emre | en_US |
| dc.institutionauthor | Çeliktaş, Barış | en_US |
| dc.institutionauthorid | 0009-0003-5878-5621 | |
| dc.institutionauthorid | 0000-0003-2865-6370 | |
| dc.language.iso | en | en_US |
| dc.peerreviewed | Yes | en_US |
| dc.publicationstatus | Published | en_US |
| dc.publisher | Institute of Electrical and Electronics Engineers Inc. | en_US |
| dc.relation.ispartof | International Conference on Computer Science and Engineering, UBMK | en_US |
| dc.relation.publicationcategory | Konferans Öğesi - Uluslararası - Öğrenci | en_US |
| dc.relation.publicationcategory | Konferans Öğesi - Uluslararası - Kurum Öğretim Elemanı | en_US |
| dc.rights | info:eu-repo/semantics/closedAccess | en_US |
| dc.subject | Differential privacy | en_US |
| dc.subject | Federated learning | en_US |
| dc.subject | Private information retrieval | en_US |
| dc.subject | Secure data retrieval | en_US |
| dc.subject | Threat intelligence | en_US |
| dc.subject | Distributed computer systems | en_US |
| dc.subject | Information retrieval | en_US |
| dc.subject | Privacy-preserving techniques | en_US |
| dc.subject | Query processing | en_US |
| dc.subject | Sensitive data | en_US |
| dc.subject | Content level | en_US |
| dc.subject | Cyber threats | en_US |
| dc.subject | Data retrieval | en_US |
| dc.subject | Differential privacies | en_US |
| dc.subject | Organisational | en_US |
| dc.subject | Privacy preserving | en_US |
| dc.subject | Secure data | en_US |
| dc.subject | Economic and social effects | en_US |
| dc.title | Privacy-preserving cyber threat intelligence: a framework combining private information retrieval, federated learning, and differential privacy | en_US |
| dc.type | Conference Object | en_US |
| dspace.entity.type | Publication | en_US |
Dosyalar
Orijinal paket
1 - 1 / 1
Küçük Resim Yok
- İsim:
- Privacy_Preserving_Cyber_Threat_Intelligence_A_Framework_Combining_Private_Information_Retrieval_Federated_Learning_and_Differential_Privacy.pdf
- Boyut:
- 1.63 MB
- Biçim:
- Adobe Portable Document Format
Lisans paketi
1 - 1 / 1
Küçük Resim Yok
- İsim:
- license.txt
- Boyut:
- 1.17 KB
- Biçim:
- Item-specific license agreed upon to submission
- Açıklama:
