• This paper Proposes BDTISR, a Blockchain-based DDoS Threat Intelligence Sharing and Rating mechanism for secure and trustworthy collaboration across inter-domain autonomous systems to enhance large-scale DDoS mitigation. • Designs and validates a credibility-aware intelligence evaluation mechanism by integrating a multi-dimensional Q–A–V (Quality, Activity, Validation feedback) rating model with a credibility-weighted PBFT consensus • Furthermore, it employs a hybrid consensus mechanism combining Practical Byzantine Fault Tolerance (PBFT) and credibility-weighted voting to ensure fast, tamper-proof validation of shared DDoS intelligence. Distributed Denial-of-Service (DDoS) attacks pose serious threats to the security and stability of inter-domain Autonomous Systems (ASes), making collaborative threat intelligence sharing and credible validation of shared information essential. However, existing centralized and loosely coordinated threat sharing mechanisms suffer from trust deficiencies, susceptibility to tampering, and limited accountability. This paper presents BDTISR, a blockchain-based DDoS threat intelligence sharing and rating framework designed to enable secure and trustworthy collaboration across inter-domain ASes. The framework leverages blockchain transparency, immutability, and decentralized consensus to ensure integrity and auditability of shared threat intelligence. BDTISR integrates a multi-dimensional rating and scoring mechanism based on Quality of intelligence (Q), Activity level (A), and Validation feedback (V), and employs a credibility-weighted PBFT consensus mechanism to reduce the influence of unreliable or malicious participants during validation. Experimental evaluation on a permissioned blockchain testbed demonstrates that BDTISR achieves a consensus latency of 12.5 ms with 10 AS nodes and sustains a throughput of 385 transactions per second for 2 KB threat intelligence blocks. The proposed mechanism rejects 92.3% of malicious or low-quality threat intelligence, representing an improvement of approximately 18% over conventional PBFT-based validation. Component-wise analysis further shows that the full Q–A–V configuration improves malicious AS identification accuracy by 21% over Quality-only scoring and by 13% over Quality–Activity scoring, with a block size overhead of only 14.2%. These results confirm that BDTISR significantly enhances the speed, reliability, and trustworthiness of inter-domain DDoS threat intelligence sharing.
Garg et al. (Sun,) studied this question.