A Review on Cryptographic and Federated Approaches for Privacy-preserving Cyber Threat Intelligence Sharing
Keywords:
Cyber threat intelligence, Decentralized intelligence sharing, Federated learning, Functional encryption, Homomorphic encryption, Privacy-preserving cybersecurity, Secure aggregationAbstract
Cyber threat intelligence (CTI) sharing is now a vital part of modern cybersecurity. It helps organizations detect and reduce new threats more effectively. However, effective cooperation often faces challenges related to data privacy, confidentiality, and trust. This is especially true when sensitive organizational information is involved. This review looks at how CTI sharing can connect with cryptographic techniques and federated learning, highlighting their potential to support secure and privacy-focused collaboration in distributed environments. The study examines current methods, such as open-source intelligence gathering, standardized CTI frameworks, and privacy-focused machine learning models. It points out their shortcomings in promoting secure data sharing between organizations. To tackle these issues, the study proposes a federated threat intelligence sharing (FTIS) framework. This framework combines decentralized federated learning with functional encryption to allow organizations to work together on global threat detection models without revealing raw data. Although the proposed method provides solid privacy protections and enhanced collaboration, challenges like computational demands, varying data quality, and adversarial threats still pose significant obstacles. Yet, the merging of cryptographic strategies and federated systems offers a promising path for creating scalable, secure, and trust-based CTI sharing systems. This work highlights the need to improve privacy-protecting technologies to foster a more coordinated and proactive approach to global cybersecurity.
References
Groš, Stjepan. Research directions in cyber threat intelligence. Faculty of Electrical and Computing Engineering, University of Zagreb, Zagreb, Croatia. 2020.
Al-Taleb, Najla, Saqib, N. Abbas, Atta-ur-Rahman, and S. Dash, “Cyber threat intelligence for secure smart city. Cryptography and Security, 2020.
B. Bhusal, et al. Privacy preserving in-context-learning framework for large language models. Machine Learning, 2025.
V. Mavroeidis and S. Bromander, “Cyber threat intelligence model: An evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence,” in 2017 European Intelligence and Security Informatics Conference (EISIC), Athens, Greece, 2017, pp. 91–98.
B.-D. Le, G. Wang, M. Nasim, and M. A. Babar, “Gathering cyber threat intelligence from Twitter using novelty classification,” in 2019 International Conference on Cyberworlds (CW), Kyoto, Japan, 2019, pp. 316–323.
Y. Wang, Y. Ren, H. Qin, et al., “A dataset for cyber threat intelligence modeling of connected autonomous vehicles,” Sci. Data, vol. 12, p. 366, 2025.
Y. Lu, “SRFed: Mitigating poisoning attacks in privacy-preserving federated learning with heterogeneous data,” Comput. Res. Repository, Feb. 2026.
X. Meng and J. Feigenbaum, “Privacy-preserving XGBoost inference,” in Proc. 34th Conf. Neural Information Processing Systems (NeurIPS), Vancouver, Canada, 2020.
A. O. Abdulkareem, J. O. Akande, O. Babalola, A. Samson, and S. Folorunso, “Privacy-preserving AI for cybersecurity: Homomorphic encryption in threat intelligence sharing,” J. Front. Multidiscip. Res., vol. 4, no. 2, pp. 202–212, 2023.
S. Pandey, H. Azath, R. U. Rahman, and H. Lamkuche, “Privacy-preserving model for cyber threat intelligence sharing across multi-organizational platforms,” in 2025 IEEE 14th International Conference on Communication Systems and Network Technologies (CSNT), Bhopal, India, 2025, pp. 437–442.
M. Mrabet, “TrustFed-CTI: A trust-aware federated learning framework for privacy-preserving cyber threat intelligence sharing across distributed organizations,” Future Internet, vol. 17, no. 11, p. 512, Nov. 2025.
P. S. N., D. K. J. B. Saini, N. Shelke, A. Pimpalkar, S. D, and G. H. Kumar, “AI-driven cyber threat intelligence with blockchain: A federated and privacy-preserving approach (FPPA) for secure defense,” in Proc. 2025 9th Int. Conf. Inventive Systems and Control (ICISC), Coimbatore, India, 2025, pp. 1528–1535.
N. N. Sakhare, R. Kulkarni, N. Rizvi, and D. Raich, “A decentralized approach to threat intelligence using federated learning in privacy-preserving cyber security,” J. Electr. Syst., vol. 19, no. 3, pp. 106–125, Dec. 2023.
S. K. Balakrishnan, “Federated threat intelligence exchange protocol (F-TIXP): Privacy-preserving collaborative cyber defense framework,” Acta Sci., vol. 26, no. 1, pp. 247–252, 2025.
