Abstract

A major challenge in cyberthreat analysis is combining information from different sources to find the person or the group responsible for the cyber-attack. In this chapter, we leverage the dataset from the capture-the-flag event held at DEFCON discussed in Chap. 2, and propose DeLP3E model comprised solely of the AM (that is, without probabilistic information) designed to aid an analyst in attributing a cyberattack. We build models from latent variables to reduce the search space of culprits (attackers), and show that this reduction significantly improves the accuracy of the classification-based approaches discussed in Chap. 2 from 37% to 62% in identifying the attacker.

Original languageEnglish (US)
Title of host publicationSpringerBriefs in Computer Science
PublisherSpringer
Pages75-84
Number of pages10
Edition9783319737874
DOIs
Publication statusPublished - Jan 1 2018

Publication series

NameSpringerBriefs in Computer Science
Number9783319737874
ISSN (Print)2191-5768
ISSN (Electronic)2191-5776

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Nunes, E., Shakarian, P., Simari, G. I., & Ruef, A. (2018). Applying argumentation models for cyber attribution. In SpringerBriefs in Computer Science (9783319737874 ed., pp. 75-84). (SpringerBriefs in Computer Science; No. 9783319737874). Springer. https://doi.org/10.1007/978-3-319-73788-1_5