Discovering who performed a cyber-attack or from where it originated is essential in order to determine an appropriate response and future risk mitigation measures. In this work, we propose a novel argumentation-based reasoner for analyzing and attributing cyber-attacks that combines both technical and social evidence. Our reasoner helps the digital forensics analyst during the analysis of the forensic evidence by providing to the analyst the possible culprits of the attack, new derived evidence, hints about missing evidence, and insights about other paths of investigation. The proposed reasoner is flexible, deals with conflicting and incomplete evidence, and was tested on real cyber-attacks cases.
CITATION STYLE
Karafili, E., Wang, L., Kakas, A. C., & Lupu, E. (2018). Helping forensic analysts to attribute cyber-attacks: An argumentation-based reasoner. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11224 LNAI, pp. 510–518). Springer Verlag. https://doi.org/10.1007/978-3-030-03098-8_36
Mendeley helps you to discover research relevant for your work.