A deployment-oriented privacy-preserving CTI framework: integrating PIR, federated learning, differential privacy, and practical hardenings

Threat Intelligence Platforms (TIPs) enable organizations to share indicators of compromise (IoCs), yet the operational CTI lifecycle exposes multiple, largely independent privacy surfaces: query content and access-pattern leakage during IoC lookup, gradient and membership inference risks during collaborative model training, and residual metadata side-channels in network traffic. Existing work addresses these surfaces in isolation; no prior framework orchestrates their joint mitigation within a single, deploymentoriented CTI pipeline under explicit guarantee boundaries. We present a prototype workflow-level privacy orchestration for cyber threat intelligence that coordinates four mechanisms across the query-learn-update lifecycle: (i) Private Information Retrieval (PIR) to hide queried IoC indices, (ii) cross-silo federated learning (FL) to keep raw CTI data local, (iii) a formal client-level Differential Privacy (DP) mechanism for federated model training to protect against inversion and membership inference attacks, and (iv) practical privacy hardenings, namely fixed-shape PIR batching (a traffic-shaping mechanism, not a cryptographic PIR guarantee) and secure aggregation simulated under an honest-but-curious coordinator assumption, to mitigate residual side-channel leakage. The contribution is therefore one of CTI-specific workflow orchestration and systematic evaluation, not of new cryptographic primitives: formal (ε, δ) guarantees apply exclusively to the differentially private federated learning component, while the remaining mechanisms serve as deployment-oriented hardenings under stated assumptions. We implement a working prototype over a two-million-row AbuseIPDB-style IoC dataset. Under a two-server non-colluding assumption, PIR queries complete in approximately 40 seconds with 16MB transfer per fixed batch. Local Random Forest and Logistic Regression baselines reach 89.0% and 77.00% accuracy, respectively, while federated variants with DP-FedAvg (gradient clipping and RDP-based privacy accounting) demonstrate a quantified privacy–utility trade-off across multiple noise levels. A corrected canonical single-round (T=1) baseline establishes the reconciled reference operating point; reviewer-driven multi-round experiments (T ∈ {1, 10, 20}) and an auxiliary clip-norm sensitivity analysis (C ∈ {0.5, 1.0, 2.0}) further characterize how privacy budgets, model utility, and training stability evolve beyond the single-round setting, with all (ε, δ) values computed via RDP composition for the corresponding configuration. The framework aligns with recent advances in secure aggregation and privacy-preserving CTI analytics, and is designed to be compatible with GDPR, CCPA, ISO/IEC 27701, and NIST 800-53 privacy principles, demonstrating prototype-level feasibility for regulation-aware CTI collaboration across organizations.