Skip to main content
Conference Proceedings

Helping forensic analysts to attribute cyber-attacks: An argumentation-based reasoner

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2018) 11224 LNAI 510-518
DOI: 10.1007/978-3-030-03098-8_36
9Citations
Citations of this article
11Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Discovering who performed a cyber-attack or from where it originated is essential in order to determine an appropriate response and future risk mitigation measures. In this work, we propose a novel argumentation-based reasoner for analyzing and attributing cyber-attacks that combines both technical and social evidence. Our reasoner helps the digital forensics analyst during the analysis of the forensic evidence by providing to the analyst the possible culprits of the attack, new derived evidence, hints about missing evidence, and insights about other paths of investigation. The proposed reasoner is flexible, deals with conflicting and incomplete evidence, and was tested on real cyber-attacks cases.

Cite

CITATION STYLE

APA

Karafili, E., Wang, L., Kakas, A. C., & Lupu, E. (2018). Helping forensic analysts to attribute cyber-attacks: An argumentation-based reasoner. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11224 LNAI, pp. 510–518). Springer Verlag. https://doi.org/10.1007/978-3-030-03098-8_36

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free