论文信息 - Applying Argumentation Models for Cyber Attribution

Applying Argumentation Models for Cyber Attribution

A major challenge in cyberthreat analysis is combining information from different sources to find the person or the group responsible for the cyber-attack. In this chapter, we leverage the dataset from the capture-the-flag event held at DEFCON discussed in Chap. 2, and propose DeLP3E model comprised solely of the AM (that is, without probabilistic information) designed to aid an analyst in attributing a cyberattack. We build models from latent variables to reduce the search space of culprits (attackers), and show that this reduction significantly improves the accuracy of the classification-based approaches discussed in Chap. 2 from 37% to 62% in identifying the attacker.

Paulo Shakarian | Andrew Ruef | Gerardo I. Simari | Eric Nunes

[1] Paulo Shakarian,et al. Cyber-deception and attribution in capture-the-flag exercises , 2015, 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM).

[2] Leo Breiman,et al. Random Forests , 2001, Machine Learning.

[3] Leo Breiman,et al. Bagging Predictors , 1996, Machine Learning.