Helping Forensic Analysts to Attribute Cyber-Attacks: An Argumentation-Based Reasoner

机译：帮助法医分析师归因于网络攻击：基于论证的推理器

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Discovering who performed a cyber-attack or from where it originated is essential in order to determine an appropriate response and future risk mitigation measures. In this work, we propose a novel argumentation-based reasoner for analyzing and attributing cyber-attacks that combines both technical and social evidence. Our reasoner helps the digital forensics analyst during the analysis of the forensic evidence by providing to the analyst the possible culprits of the attack, new derived evidence, hints about missing evidence, and insights about other paths of investigation. The proposed reasoner is flexible, deals with conflicting and incomplete evidence, and was tested on real cyber-attacks cases.

机译：为了确定适当的应对措施和未来的风险缓解措施，发现谁进行了网络攻击或网络攻击的源头至关重要。在这项工作中，我们提出了一种新颖的基于论证的推理器，用于结合技术和社会证据对网络攻击进行分析和归因。我们的推理机可通过向分析人员提供攻击的可能罪魁祸首，新获得的证据，有关丢失证据的提示以及对其他调查途径的洞察力，从而在分析法证证据期间为数字法证分析师提供帮助。提出的推理程序非常灵活，可以处理矛盾且不完整的证据，并已在实际的网络攻击案件中进行了测试。

著录项

来源
《International conference on principles and practice of multi-agent systems》|2018年|510-518|共9页
会议地点
作者
Erisa Karafili; Linna Wang; Antonis C. Kakas; Emil Lupu;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词

相似文献

外文文献
中文文献
专利

1. An Argumentation-Based Reasoner to Assist Digital Investigation and Attribution of Cyber-Attacks [J] . Karafili Erisa, Wang Linna, Lupu Emil C. Digital investigation . 2020,第Apra期

机译：基于论证的推理，以协助数字调查和归因的网络攻击
2. Technical, legal and ethical dilemmas: distinguishing risks arising from malware and cyber-attack tools in the ‘cloud’—a forensic computing perspective [J] . Vlasti Broucek, Paul Turner Journal in computer virology . 2013,第1期

机译：技术，法律和道德困境：区分“云”中法医计算角度的恶意软件和网络攻击工具所带来的风险
3. Technical, legal and ethical dilemmas: distinguishing risks arising from malware and cyber-attack tools in the ‘cloud’—a forensic computing perspective [J] . Vlasti Broucek, Paul Turner Journal of Computer Virology and Hacking Techniques . 2013,第1期

机译：技术，法律和道德困境：区分“云”中法医计算角度的恶意软件和网络攻击工具所带来的风险
4. Helping Forensic Analysts to Attribute Cyber-Attacks: An Argumentation-Based Reasoner [C] . Erisa Karafili, Linna Wang, Antonis C. Kakas, International Conference on Principles and Practice of Multi-Agent Systems . 2018

机译：帮助取证分析师归因于网络攻击：基于论证的推理
5. “CSI” effect: The impact of “CSI” and other Forensic Television Programs on decisions of jurors, law enforcement, forensic analysts/scientists and the criminals themselves [D] . Bochenek, Lisa M. 2008

机译：“ CSI”效应：“ CSI”和其他法医电视节目对陪审员，执法人员，法医分析师/科学家以及罪犯本身的决定的影响
6. Multidisciplinary approach towards training of the next generation of forensic DNA analysts in Africa; a Kenyan perspective [O] . Eva Aluvaala Nambati, Muturi Njoka, Fred Eyase, 2020

机译：在非洲培训下一代法医DNA分析人员的多学科方法;肯尼亚的观点
7. Helping Forensic Analysts to Attribute Cyber-Attacks: An Argumentation-Based Reasoner [O] . Erisa Karafili, Linna Wang, Antonis C. Kakas, 2018

机译：帮助取证分析师归因于网络攻击：基于论证的推理
8. Cyber Situation Awareness through Instance-Based Learning: Modeling the Security Analyst in a Cyber-Attack Scenario. [R] . Dutt, V., Gonzalez, G. 2012

机译：通过基于实例的学习的网络态势感知：在网络攻击场景中对安全分析师进行建模。

Helping Forensic Analysts to Attribute Cyber-Attacks: An Argumentation-Based Reasoner

摘要

著录项

相似文献

相关主题

期刊订阅