Relevant bibliographies by topics / Cyber Attribution / Journal articles
To see the other types of publications on this topic, follow the link: Cyber Attribution.

Journal articles on the topic 'Cyber Attribution'

Author: Grafiati
Published: 7 June 2025
Last updated: 26 June 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Cyber Attribution.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Swate, Clementine, Siphesihle Sithungu, and Khutso Lebea. "An Analysis of Cyberwarfare Attribution Techniques and Challenges." European Conference on Cyber Warfare and Security 23, no. 1 (2024): 552–59. http://dx.doi.org/10.34190/eccws.23.1.2190.

Full text
Abstract:
Identifying the source of cyber-attacks is crucial to ensuring cybersecurity. This study examines different attribution techniques, obstacles, and real-world examples in the context of cyber warfare. It explores challenges such as incorrect attributions, ethical concerns, legal barriers, and complexities in the digital environment. The discussed topic includes modern techniques such as malware analysis, network traffic study, digital forensics, and the implementation of AI/ML. These methods help improve cybersecurity and shape cyber warfare strategies. Case studies on the Standard Bank South Africa ATM fraud and the TransUnion South Africa cyber-attack illustrate the importance of attributing cyber incidents, especially with global cyber criminals. The analysis emphasizes the need for a comprehensive approach that takes into account legal, technical, ethical, and geopolitical considerations relevant to the evolution of computing and cyber warfare. It stresses the need for cybersecurity tools enhancement and global cooperation. The study pairs attribution challenges with techniques to deepen our understanding of threats. It underlines the need for ongoing cybersecurity research and adaptation, sustained innovation, and collaboration to fortify global cyber defenses.
APA, Harvard, Vancouver, ISO, and other styles
2

Eichensehr, Kristen E. "Decentralized Cyberattack Attribution." AJIL Unbound 113 (2019): 213–17. http://dx.doi.org/10.1017/aju.2019.33.

Full text
Abstract:
Attribution of state-sponsored cyberattacks can be difficult, but the significant uptick in attributions in recent years shows that attribution is far from impossible. After several years of only sporadic attributions, Western governments in 2017 began attributing cyberattacks to other governments more frequently and in a more coordinated fashion. But nongovernment actors have more consistently attributed harmful cyber activity to state actors. Although not without risks, these nongovernmental attributions play an important role in the cybersecurity ecosystem. They are often faster and more detailed than governmental attributions, and they fill gaps where governments choose not to attribute. Companies and think tanks have recently proposed centralizing attribution of state-sponsored cyberattacks in a new international entity. Such an institution would require significant start-up time and resources to establish efficacy and credibility. In the meantime, the current system of public-private attributions, decentralized and messy though it is, has some underappreciated virtues—ones that counsel in favor of preserving some multiplicity of attributors even alongside any future attribution entity.
APA, Harvard, Vancouver, ISO, and other styles
3

Keitner, Chimène I. "Attribution by Indictment." AJIL Unbound 113 (2019): 207–12. http://dx.doi.org/10.1017/aju.2019.34.

Full text
Abstract:
The challenges of attributing malicious cyber activity—that is, identifying its authors and provenance with a sufficient degree of certainty—are well documented. This essay focuses on a phenomenon that I call “attribution by indictment.” Since 2014, the United States has issued more than a dozen indictments that implicate four foreign states in malicious cyber activity: China, Iran, Russia, and North Korea. Ten of these indictments were issued in 2018, suggesting that this practice is likely to continue and even intensify in the near term. Attribution by indictment uses domestic criminal law, enforced transnationally, to define and enforce certain norms of state behavior in cyberspace. This essay analyzes the U.S. practice of attribution by indictment as a response to malicious cyber activity.
APA, Harvard, Vancouver, ISO, and other styles
4

Banks, William C. "The Bumpy Road to a Meaningful International Law of Cyber Attribution." AJIL Unbound 113 (2019): 191–96. http://dx.doi.org/10.1017/aju.2019.32.

Full text
Abstract:
Attributing computer network intrusions has grown in importance as cyber penetrations across sovereign borders have become commonplace. Although advances in technology and forensics have made machine attribution easier in recent years, identifying states or others responsible for cyber intrusions remains challenging. This essay provides an overview of the attribution problem and its international legal dimensions and argues that states must develop accountable attribution mechanisms for international law to have practical value in this sphere.
APA, Harvard, Vancouver, ISO, and other styles
5

Kotenko, Igor, and Semyon Khmyrov. "Analysis of Models and Techniques Used for Attribution of Cyber Security Violators in the Implementation of Targeted Attacks." Voprosy kiberbezopasnosti, no. 4(50) (2022): 52–79. http://dx.doi.org/10.21681/2311-3456-2022-4-52-79.

Full text
Abstract:
Purpose of the paper: analysis of models and techniques used for attribution of cybersecurity violators in the interests of building a promising attribution system in the implementation of targeted attacks against critical information infrastructure objects. Research method: system analysis of open sources of data on the attribution of cyber-violators in the implementation of targeted attacks against critical information infrastructure objects over a period mainly over the last 5 years. The result obtained: based on the consideration of open sources, the paper presents an analysis of the models and techniques used to attribute cyber intruders in the implementation of targeted attacks and used both in scientific and practical projects. The paper analyzes new models used for attribution, allowing the collection of data at the tactical-technical and socio-political levels. The main indicators of ongoing cyber attacks and intruders that are essential for the implementation of attribution processes are identified. The procedure for generating data for profiling cybergroups is considered, as well as the possibility of using the considered models and techniques in the interests of building a promising system for attribution of a cyber intruder in the implementation of targeted attacks against critical information infrastructure objects. The analysis was carried out according to sources over a twentyyear period, meanwhile, the main works under consideration were published in the last 5 years. The analysis does not claim to be complete, but an attempt is made to cover the most significant studies. Scientific novelty lies in the fact that the presented paper is one of the first domestic works that provides a detailed analysis of studies published in recent years in the field of attribution of cyber security violators. Models such as «cyber intrusion chain», «unified cyber intrusion chain», Diamond basic and extended intrusion analysis models, ATT&CK model are considered. Examples of attribution methods for argumentation-based reasoning with evidence at the technical and social levels and the use of technical artifacts to identify false flags in attribution are given. Besides, the paper also lists trends in the usage of modern solutions for detecting and attributing attacks based on artificial intelligence and machine learning.
APA, Harvard, Vancouver, ISO, and other styles
6

Vostoupal, Jakub, and Kateřina Uhlířová. "Of Hackers and Privateers: The Possible Evolution of the Problem of Cyber-Attribution." Masaryk University Journal of Law and Technology 18, no. 2 (2024): 169–214. http://dx.doi.org/10.5817/mujlt2024-2-2.

Full text
Abstract:
The escalating severity of the cyber-attribution problem (a problem with attributing cyberattacks to states that ordered them) poses a significant challenge to international law and cyberspace security. However, amidst worsening international relations, a viable solution remains elusive. To address this predicament, the authors turn to a historical echo of the contemporary practice of employing hacker groups – namely, privateering. After an in-depth examination of this analogy’s suitability, they focus mainly on the factors that contributed to the decline of privateering. Their goal is to uncover parallels potentially applicable to mitigating modern challenges posed by state-sponsored cyberattacks and the exploitation of cyber-attribution problem. Among the key identified factors, the most crucial were the emergence of professional cyber-capacities (akin to post-Napoleonic emergence of professional navies) and the disruption of hackers’ safe havens. The paper concludes by introducing three prospective scenarios reflecting potential pathways for the future of the cyber-attribution challenges.
APA, Harvard, Vancouver, ISO, and other styles
7

Kpieleh, Ferdinand. "A Review of Attacker Attribution." Advances in Multidisciplinary and scientific Research Journal Publication 1, no. 1 (2022): 197–202. http://dx.doi.org/10.22624/aims/crp-bk3-p32.

Full text
Abstract:
Rather than focusing on technical solutions, a more appropriate argument would be that, measures to stopping the most serious attacks, multistage multijurisdictional attacks, will necessitate not only technical but also legal/policy answers. There is currently a dearth of understanding of the social, cultural, economic, and political characteristics of the nation-states where cyber threat actors operate. The present focus of national security attribution efforts is on law enforcement concepts aimed at gathering evidence to punish an individual perpetrator. This is frequently determined via technological attribution methods. It is difficult to determine who engages in hostile cyber activity. This paper provides insights and directions on the foregoing Keywords: Attribution; Cyber Attribution; Attack Attribution, Cyber Threat Attribution.
APA, Harvard, Vancouver, ISO, and other styles
8

Davituliani, Salome. "THE NEXUS OF DISINFORMATION, ATTRIBUTION, AND ESCALATION: UNRAVELING THE COMPLEXITIES OF CYBER OPERATIONS AND WARFARE." თავდაცვა და მეცნიერება 3 (December 24, 2024): 57–63. https://doi.org/10.61446/ds.3.2024.8473.

Full text
Abstract:
The nexus between disinformation, attribution, and escalation in cyber operations and warfare is a complex issue that poses unique risks to populations worldwide, especially vulnerable communities. This abstract provides a glimpse into the intricate web of interactions between disinformation, attribution, and escalation in the realm of cyber operations and warfare, with a specific focus on the ongoing Russian-Ukraine conflict. In an era where information is wielded as a potent weapon, understanding the dynamics of how false narratives are propagated, the challenges in accurately attributing cyber attacks, and the implications for the escalation of hostilities is crucial. The paper explores the multifaceted role of disinformation as a strategic tool, employed not only to deceive adversaries but also to manipulate public opinion and sow discord. It delves into the complexities of attribution, highlighting the hurdles in identifying the true originators of cyber operations amidst the use of proxies and sophisticated techniques. Furthermore, the study underscores the pivotal role of accurate attribution in preventing unintended escalation and miscalculations that may arise from misinterpreted actions. By examining the interplay of these elements, especially in the context of hybrid warfare, the abstract emphasizes the global implications of the nexus, extending beyond the immediate conflict zones. The research advocates for comprehensive strategies that integrate technological advancements, international cooperation, and a nuanced understanding of the geopolitical landscape to effectively address and mitigate the challenges posed by disinformation, attribution, and escalation in contemporary cyber warfare. It is crucial to analyze data, provide knowledge, and advocate for regulatory processes to protect vulnerable populations.
APA, Harvard, Vancouver, ISO, and other styles
9

Goel, Sanjay. "How Improved Attribution in Cyber Warfare Can Help De-Escalate Cyber Arms Race." Connections: The Quarterly Journal 19, no. 1 (2020): 87–95. http://dx.doi.org/10.11610/connections.19.1.08.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Dr., Divakar Sharma. "The Evolving Cyber Threats in International Forum." International Journal of Contemporary Research in Multidisciplinary 3, no. 5 (2024): 219–23. https://doi.org/10.5281/zenodo.14007842.

Full text
Abstract:
In a phase defined by extraordinary technological connectivity, the paradigm of cyber threats is in daily flux. This abstract explores the complex interplay between international cyber law and the fast-evolving panorama of cyber threats, navigating the intricate dark zones where legal definitions often meet the elusive nature of contemporary digital offenses. The problems faced by international cyber law are multifaceted, ranging from the various conceptualizations of cyber offenses to the complexities of attribution in borderless cyberspace. Defining the boundaries of what constitutes a cyber threat within the framework of existing legal structures becomes an intricate task, especially considering the rapid evolution of cyber methodologies. Attribution, a linchpin in legal responses to cyber incidents, presents a formidable dilemma. The anonymity and sophistication of cyber actors make the identification of perpetrators a complex and often elusive pursuit. This abstract explores the practical challenges of attributing cyber threats and the subsequent impact on the feasibility of legal actions. The imperative for international cooperation emerges as a central theme in fortifying the foundations of international cyber law. As cyber threats transcend geopolitical borders, collaboration becomes essential for effective prevention, investigation, and prosecution. The abstract emphasizes the need for nations to adapt and enhance their legal frameworks collaboratively, fostering a global approach to counteracting the dynamic and ever-evolving landscape of cyber threats. In conclusion, this abstract encapsulates the essence of the article, highlighting the intricate relationship between international cyber law and the practical realities of countering cyber threats. It underscores the necessity for adaptability, collaboration, and a comprehensive global strategy to navigate the gray zones and ensure the continued efficacy of international cyber law in the face of an increasingly sophisticated digital threat landscape.
APA, Harvard, Vancouver, ISO, and other styles
11

Sabir, Muhammad Imtiaz. "Assessing Attribution and Credible Deterrence in Cyberspace." BTTN Journal 3, no. 1 (2024): 132–47. http://dx.doi.org/10.61732/bj.v3i1.87.

Full text
Abstract:
This study examines the issues that states face in discerning actors within the realm of cyberspace, characterizing these challenges as akin to navigating the unregulated landscape. Lack of an effective attribution mechanism and a credible deterrence framework have significantly contributed to the volatility in cyber domain in contemporary times. This paper argues that states often accuse their adversaries of orchestrating cyber-attacks against them, yet they frequently fail to provide substantial evidence because actors behind attacks in cyberspace leverage the inherent anonymity of cyberspace to evade accountability, complicating the process of attribution even further. In addition, this study also underscores the importance of establishing an effective mechanism of deterrence in cyberspace to dissuade the attacking actors from engaging in malicious cyber activities. In line with this, this paper looks at the cyber space activities through novel perspective of no biasness, without subjectivity and tends to offer the answers of why attribution is problem, is there any possible solution to it in practice. Therefore, this study aims to highlight the ways to attribute the cyber-attacks and highlight the challenges to attribution, especially in the current scenario of states sponsoring indirectly cyber-attacks against many other states by outsourcing their aggressive designs in cyberspace to non-state actors.
APA, Harvard, Vancouver, ISO, and other styles
12

Berghel, Hal. "On the Problem of (Cyber) Attribution." Computer 50, no. 3 (2017): 84–89. http://dx.doi.org/10.1109/mc.2017.74.

Full text
APA, Harvard, Vancouver, ISO, and other styles
13

Dr.Ranjith and Mr.Praveen. "Enhancing IoT-Enabled Cyber-Physical Systems with Cyber-AttackDetection and Attribution." Journal of Engineering Sciences 15, no. 11 (2024): 518–26. https://doi.org/10.36893/jes.2024.v15i11.056.

Full text
Abstract:
Cyber-Physical Systems (CPS) enabled by the Internet of Things (IoT) present unique security challenges as security solutions designed for traditional IT/OT systems may not be sufficient in CPS environments. Therefore, in this study, we introduce a two-stage ensemble framework for attack detection and attribution suitable for CPS, specifically industrial control systems (ICS). To identify attacks in imbalanced ICS environments, decision trees are combined with a unique ensemble model for deep representation learning. In a next step, an ensemble of deep neural networks is used to support attack attribution. Datasets from a gas pipeline and a water treatment system are used to practically test the proposed model. The results show that the proposed model performs better than competing methods with the same computational complexity.
APA, Harvard, Vancouver, ISO, and other styles
14

Xiang, Xiayu, Hao Liu, Liyi Zeng, Huan Zhang, and Zhaoquan Gu. "IPAttributor: Cyber Attacker Attribution with Threat Intelligence-Enriched Intrusion Data." Mathematics 12, no. 9 (2024): 1364. http://dx.doi.org/10.3390/math12091364.

Full text
Abstract:
In the dynamic landscape of cyberspace, organizations face a myriad of coordinated advanced threats that challenge the traditional defense paradigm. Cyber Threat Intelligence (CTI) plays a crucial role, providing in-depth insights into adversary groups and enhancing the detection and neutralization of complex cyber attacks. However, attributing attacks poses significant challenges due to over-reliance on malware samples or network detection data alone, which falls short of comprehensively profiling attackers. This paper proposes an IPv4-based threat attribution model, IPAttributor, that improves attack characterization by merging a real-world network behavior dataset comprising 39,707 intrusion entries with commercial threat intelligence from three distinct sources, offering a more nuanced context. A total of 30 features were utilized from the enriched dataset for each IP to create a feature matrix to assess the similarities and linkage of associated IPs, and a dynamic weighted threat segmentation algorithm was employed to discern attacker communities. The experiments affirm the efficacy of our method in pinpointing attackers sharing a common origin, achieving the highest accuracy of 88.89%. Our study advances the relatively underexplored line of work of cyber attacker attribution, with a specific interest in IP-based attribution strategies, thereby enhancing the overall understanding of the attacker’s group regarding their capabilities and intentions.
APA, Harvard, Vancouver, ISO, and other styles
15

Κόκκινος, Κωνσταντίνος, Ναυσικά Αντωνιάδου та Ιωάννα Βουλγαρίδου. "Ο Μεσολαβητικός Ρόλος της Εχθρικής Απόδοσης Αιτιότητας στη Σχέση της Προσωπικότητας με τον Κυβερνο-Εκφοβισμό". Psychology: the Journal of the Hellenic Psychological Society 24, № 1 (2020): 93. http://dx.doi.org/10.12681/psy_hps.22388.

Full text
Abstract:
The aim of this study was to investigate the association of the Big Five personality traits, Hostile Attribution Bias, and cyber-bullying among 347 Greek students attending the last grade of primary school and Junior High School. In order to explore whether the effect of personality traits on cyber-bullying is better explained through Hostile Attribution Bias, a mediation analysis was run. Results showed that Hostile Attribution Bias mediated the links between high Neuroticism, and low Extraversion on the one hand and cyber-bullying on the other. Overall, findings suggest that individuals low in Emotional Stability and less sociable are more likely to manifest cyber-bullying due to their tendency to attribute hostile intent, which may be exacerbated during computer mediated communication, which frequently provides limited social cues to the user. Findings can contribute towards the prevention and intervention of cyber-bullying through programs which help students interpret ambiguous social interactions.
APA, Harvard, Vancouver, ISO, and other styles
16

Spáčil, Jakub. "Attribution of Cyber Operations: Technical, Legal and Political Perspectives." International and Comparative Law Review 24, no. 2 (2024): 150–68. https://doi.org/10.2478/iclr-2024-0022.

Full text
Abstract:
Summary The article deals with the issue of attribution of cyber operations from the technical, legal and political point of view. The first part is devoted to the possibilities of technical attribution, which have increased significantly in connection with the development of technology and the sharing of information about attackers. The second part discusses the issue of legal attribution for purposes of state responsibility under international law, with attention also given to the burden of proof and standard of proof. The third part briefly summarizes the problem of political attribution and the possibility of establishing an international attribution mechanism.
APA, Harvard, Vancouver, ISO, and other styles
17

Hakimi, Monica. "Introduction to the Symposium on Cyber Attribution." AJIL Unbound 113 (2019): 189–90. http://dx.doi.org/10.1017/aju.2019.30.

Full text
APA, Harvard, Vancouver, ISO, and other styles
18

Finlay, Lorraine, and Christian Payne. "The Attribution Problem and Cyber Armed Attacks." AJIL Unbound 113 (2019): 202–6. http://dx.doi.org/10.1017/aju.2019.35.

Full text
Abstract:
In late 2018, the U.S. Secretary of Homeland Security suggested that “cyber-attacks now exceed the risk of physical attacks.” Yet the law has not kept pace with this reality. In particular, identifying who is responsible for a cyberattack makes it difficult to regulate this conduct. A state often cannot practically respond to a threat unless it knows from where the threat emanates and potentially who is responsible. Attribution of cyber conduct is critical from a legal perspective because the unlawful act must be attributable to another state for state responsibility to be engaged.
APA, Harvard, Vancouver, ISO, and other styles
19

Kumar, Rajesh. "The Problem of Attribution in Cyber Security." International Journal of Computer Applications 131, no. 7 (2015): 34–36. http://dx.doi.org/10.5120/ijca2015907386.

Full text
APA, Harvard, Vancouver, ISO, and other styles
20

Ruohonen, Sami, Alexey Kirichenko, Dmitriy Komashinskiy, and Mariam Pogosova. "Instrumenting OpenCTI with a Capability for Attack Attribution Support." Forensic Sciences 4, no. 1 (2024): 12–23. http://dx.doi.org/10.3390/forensicsci4010002.

Full text
Abstract:
In addition to identifying and prosecuting cyber attackers, attack attribution activities can provide valuable information for guiding defenders’ security procedures and supporting incident response and remediation. However, the technical analysis involved in cyberattack attribution requires skills, experience, access to up-to-date Cyber Threat Intelligence, and significant investigator effort. Attribution results are not always reliable, and skillful attackers often work hard to hide or remove the traces of their operations and to mislead or confuse investigators. In this article, we translate the technical attack attribution problem to the supervised machine learning domain and present a tool designed to support technical attack attribution, implemented as a machine learning model extending the OpenCTI platform. We also discuss the tool’s performance in the investigation of recent cyberattacks, which shows its potential in increasing the effectiveness and efficiency of attribution operations.
APA, Harvard, Vancouver, ISO, and other styles
21

Kim, Kyoungmin, Youngsup Shin, Justin Lee, and Kyungho Lee. "Automatically Attributing Mobile Threat Actors by Vectorized ATT&CK Matrix and Paired Indicator." Sensors 21, no. 19 (2021): 6522. http://dx.doi.org/10.3390/s21196522.

Full text
Abstract:
During the past decade, mobile attacks have been established as an indispensable attack vector adopted by Advanced Persistent Threat (APT) groups. The ubiquitous nature of the smartphone has allowed users to use mobile payments and store private or sensitive data (i.e., login credentials). Consequently, various APT groups have focused on exploiting these vulnerabilities. Past studies have proposed automated classification and detection methods, while few studies have covered the cyber attribution. Our study introduces an automated system that focuses on cyber attribution. Adopting MITRE’s ATT&CK for mobile, we performed our study using the tactic, technique, and procedures (TTPs). By comparing the indicator of compromise (IoC), we were able to help reduce the false flags during our experiment. Moreover, we examined 12 threat actors and 120 malware using the automated method for detecting cyber attribution.
APA, Harvard, Vancouver, ISO, and other styles
22

Hettema, Hinne. "Rationality constraints in cyber defense: Incident handling, attribution and cyber threat intelligence." Computers & Security 109 (October 2021): 102396. http://dx.doi.org/10.1016/j.cose.2021.102396.

Full text
APA, Harvard, Vancouver, ISO, and other styles
23

Balaji, Snikdha, and Vedam Anand Kumar. "Cyber Warfare and Attribution: Exploring the Regulatory Role of International Law." International Journal of Science and Research (IJSR) 12, no. 12 (2023): 372–75. http://dx.doi.org/10.21275/sr231204073934.

Full text
APA, Harvard, Vancouver, ISO, and other styles
24

Mazaraki, Nataliia, and Yulia Goncharova. "CYBER DIMENSION OF HYBRID WARS: ESCAPING A ‘GREY ZONE’ OF INTERNATIONAL LAW TO ADRESS ECONOMIC DAMAGES." Baltic Journal of Economic Studies 8, no. 2 (2022): 115–20. http://dx.doi.org/10.30525/2256-0742/2022-8-2-115-120.

Full text
Abstract:
The subject of the article is the international and national legal aspects of compensation for economic damages caused by cyber attacks. The purpose of the article is to contribute to the ongoing debate on attribution and liability for malicious and destructive cyber activity. Cyber attacks have become a global problem facing the international community, posing enormous risks to the stability of international security, economic and social development, and the safety and well-being of individuals. Cyber attacks have proven to be numerous problems for domestic and international law – international humanitarian law, human rights law, the law of armed conflict – how to counter the actions of hybrid warfare by legal means, what are the remedies for losses due to cyber attacks. This article examines cyber attacks to show how the international community is moving toward responsible behavior by states in cyberspace, protecting civilians and critical infrastructure. The article's methodology is based on doctrinal legal research in this area, as well as international legal instruments, in order to examine how economic damages should be paid to victims of malicious acts in cyberspace. The difficulty of attributing cyber attacks has been analyzed to show that perpetrators evade responsibility, a separate problem for international law. It is concluded that international law, as it currently stands, provides little legal basis for substantive guidance on responsible state behavior in cyberspace, the necessary levels of attribution to establish state or non-state responsibility for cyber attacks. Economic losses from cyber attacks can be covered by insurance schemes, although analysis has shown that they do not work because insurers argue that cyber attacks exclude military risk insurance clauses that exclude coverage, which is reasonable, although it leaves victims of cyber attacks without the ability to recover damages. The paper supplements current research with a comprehensive analysis of legal and economic issues and calls for the development of an appropriate strategic environment, legal and infrastructural framework. The need for a joint international framework is emphasized, as civil liability under national law is hardly possible because cyber attacks are predominantly transnational in nature. A joint structure is also needed to prevent, deter and respond to state-sponsored cyber attacks.
APA, Harvard, Vancouver, ISO, and other styles
25

Blagden, David. "Deterring Cyber Coercion: The Exaggerated Problem of Attribution." Survival 62, no. 1 (2020): 131–48. http://dx.doi.org/10.1080/00396338.2020.1715072.

Full text
APA, Harvard, Vancouver, ISO, and other styles
26

Lee, Min-ho, Chang-wook Park, Wan-ju Kim, and Jae-sung Lim. "CAAM - Model for National-level Cyber Attack Attribution." Journal of KIISE 47, no. 1 (2020): 19–26. http://dx.doi.org/10.5626/jok.2020.47.1.19.

Full text
APA, Harvard, Vancouver, ISO, and other styles
27

Cook, Allan, Andrew Nicholson, Helge Janicke, Leandros Maglaras, and Richard Smith. "Attribution of Cyber Attacks on Industrial Control Systems." EAI Endorsed Transactions on Industrial Networks and Intelligent Systems 3, no. 7 (2016): 151158. http://dx.doi.org/10.4108/eai.21-4-2016.151158.

Full text
APA, Harvard, Vancouver, ISO, and other styles
28

Grotto, Andrew. "Deconstructing Cyber Attribution: A Proposed Framework and Lexicon." IEEE Security & Privacy 18, no. 1 (2020): 12–20. http://dx.doi.org/10.1109/msec.2019.2938134.

Full text
APA, Harvard, Vancouver, ISO, and other styles
29

Schulzke, Marcus. "The Politics of Attributing Blame for Cyberattacks and the Costs of Uncertainty." Perspectives on Politics 16, no. 4 (2018): 954–68. http://dx.doi.org/10.1017/s153759271800110x.

Full text
Abstract:
Attribution is one of the most serious challenges associated with cyberattacks. It is often difficult to determine who launched an attack and why, which hinders efforts to formulate appropriate responses. Although the attribution problem has been discussed extensively in research on cybersecurity, it is generally approached as a technical challenge for security professionals and politicians. I contend that it is vital to take the attribution problem beyond this elite focus by considering how attributional challenges can interfere with the public’s efforts to understand security challenges and evaluate government actions. Faced with uncertainty and the confusion of attempting to understand novel cyber threats, citizens frequently lack the information they need to reliably identify the culprits behind attacks—or sometimes even to know whether an attack has taken place. I show that attributional uncertainty immediately following cyberattacks encourages dependence on a narrow range of elite frames and the assignment of blame to familiar enemies. Over time this promotes conspiratorial thinking and poses a risk to democratic accountability. When seen in light of these broader costs, the attribution problem becomes a vital political concern with implications that reach beyond the scope of elite-focused cybersecurity research.
APA, Harvard, Vancouver, ISO, and other styles
30

Jahromi, Amir Namavar, Hadis Karimipour, Ali Dehghantanha, and Kim-Kwang Raymond Choo. "Toward Detection and Attribution of Cyber-Attacks in IoT-Enabled Cyber–Physical Systems." IEEE Internet of Things Journal 8, no. 17 (2021): 13712–22. http://dx.doi.org/10.1109/jiot.2021.3067667.

Full text
APA, Harvard, Vancouver, ISO, and other styles
31

Poli, Sara, and Emanuele Sommario. "The Rationale and the Perils of Failing to Invoke State Responsibility for Cyber-Attacks: The Case of the EU Cyber Sanctions." German Law Journal 24, no. 3 (2023): 522–36. http://dx.doi.org/10.1017/glj.2023.25.

Full text
Abstract:
AbstractMalicious cyber activities are on the rise. States and other relevant actors need to constantly adapt to the evolving cyber threat landscape, including by setting up effective deterrence mechanisms. This is what the European Union (EU) has done through the adoption of Common Foreign and Security Policy (CFSP) Decision 2019/797, which allows it to impose targeted sanctions to deter and respond to cyberattacks that constitute an external threat to the EU or its member states. However, in contrast to other horizontal regimes of restrictive measures in force within the EU, foreign governments are not included as potential targets of cyber sanctions. Moreover, the recital of the Decision specifies that the adoption of restrictive measures does not involve attribution of international responsibility for cyber-attacks to a third State. This article aims at identifying the rationale behind the inclusion of these distinctive features. It starts by considering the legal uncertainty that surrounds attribution of international responsibility for cyber operations. Next, it explains why the EU is not well placed to invoke third-State responsibility, and the reasons behind its reluctance to do so. It will then illustrate the risks inherent in the lack of a clear legal framework to attribute the responsibility of cyber-attacks to third countries. This may have serious consequences in terms of legal certainty when a cyber-attack amounts to a breach of the prohibition on the use of force in international relations. Then, we explore recent developments in EU legislation in the area of cyber security and the possibility to strenghten the powers of the European Union Agency for Cybersecurity (ENISA). We draw two conclusions: first, the Union might develop the capacity to attribute cyber attacks to specific actors and there is an interest to do so. However, Member States are probably still reticent to take this step. Two, despite the advantages of establishing a reliable attribution mechanisms, it is submitted that the majority of States prefers to take advantage of a regulative gap that allows them to react to cyber incidents as they see fit.
APA, Harvard, Vancouver, ISO, and other styles
32

SS, Latha, K. Mani Sai Goud, P. Muni Sai Chetan Reddy, P. Surendra Reddy, and P. Bharath Arun. "Cyber-Attacks in IoT-enabled Cyber-physical Systems." ITM Web of Conferences 56 (2023): 06003. http://dx.doi.org/10.1051/itmconf/20235606003.

Full text
Abstract:
Cyber physical systems (CPS) that are Internet of Things (IoT) enabled might be difficult to secure since security measures designed for general data / value through the development (IT / OT) systems may not work as well in a CPS environment. Consequently, this research provides a two-level ensemble attack detection and attribution framework created for CPS, and more particularly in an industrial control system (ICS). For identifying assaults in unbalanced ICS environments, a decision tree integrated to an unique ensemble deep representation learning model is created at the first extent. An ensemble deep neural network is created for assault features at the second level. Applying actual data collections from the gas pipeline and water treatment system, Findings show that the suggested type is more effective than other competing methods with a similar level of computational complexity.
APA, Harvard, Vancouver, ISO, and other styles
33

Shaffer, Alan, Dwain Hembree, and Gurminder Singh. "Obfuscation, Stealth, and Non-Attribution in Automated Red Team Tools." International Conference on Cyber Warfare and Security 20, no. 1 (2025): 132–41. https://doi.org/10.34190/iccws.20.1.3290.

Full text
Abstract:
In the rapidly evolving landscape of cybersecurity, large military and government organizations face ever increasing persistent and sophisticated threats against their enterprise networks. The challenge of defending these networks is compounded by the increasing complexity and stealth of cyber-attacks, which can evade traditional security systems and measures, and remain undetected for extended periods. As a result, the need for advanced defensive strategies and tools that can keep pace with these evolving threats has never been more critical, however, current automated red teaming tools are limited in their ability to emulate advanced persistent threat (APT) behaviors. Supporting such behaviors in automated security assessments and tools can be helpful for improving organizations’ cyber defense preparedness. This research demonstrates how obfuscation, stealth, and non-attribution techniques can be effectively automated into red teaming tools. We have enhanced our Cyber Automated Red Team Tool (CARTT) by integrating advanced evasion techniques to better simulate sophisticated cyber threats. By incorporating Metasploit Framework evasion modules and new custom Internet Control Message Protocol (ICMP) and Domain Name System (DNS) evasion capabilities into CARTT, its ability to evade detection by common security controls is significantly improved. In doing this, the research demonstrates how obfuscation, stealth, and non-attribution techniques can be effectively automated into red teaming tools. The enhanced CARTT has been tested in a virtualized operational environment, demonstrating its effectiveness in identifying vulnerabilities and assessing the robustness of security measures on a simulated enterprise network. The research results showed successful evasion of antivirus detection systems and covert data exfiltration using the newly implemented evasion techniques. The enhanced CARTT enables network managers as well as cybersecurity professionals to conduct more thorough evaluations of defense mechanisms against sophisticated threats, ultimately strengthening overall cybersecurity postures. The integration of sophisticated evasion techniques into CARTT represents a critical step in realizing the objectives of the DoD Cyber Strategy.
APA, Harvard, Vancouver, ISO, and other styles
34

Pipyros, Kosmas, Lilian Mitrou, Dimitris Gritzalis, and Theodoros Apostolopoulos. "Cyberoperations and international humanitarian law." Information & Computer Security 24, no. 1 (2016): 38–52. http://dx.doi.org/10.1108/ics-12-2014-0081.

Full text
Abstract:
Purpose – The increasing number of cyber attacks has transformed the “cyberspace” into a “battlefield”, bringing out “cyber warfare” as the “fifth dimension of war” and emphasizing the States’ need to effectively protect themselves against these attacks. The existing legal framework seem inadequate to deal effectively with cyber operations and, from a strictly legal standpoint, it indicates that addressing cyber attacks does not fall within the jurisdiction of just one legal branch. This is mainly because of the fact that the concept of cyber warfare itself is open to many different interpretations, ranging from cyber operations performed by the States within the context of armed conflict, under International Humanitarian Law, to illicit activities of all kinds performed by non-State actors including cybercriminals and terrorist groups. The paper initially presents major cyber-attack incidents and their impact on the States. On this basis, it examines the existing legal framework at the European and international levels. Furthermore, it approaches “cyber warfare” from the perspective of international law and focuses on two major issues relating to cyber operations, i.e. “jurisdiction” and “attribution”. The multi-layered process of attribution in combination with a variety of jurisdictional bases in international law makes the successful tackling of cyber attacks difficult. The paper aims to identify technical, legal and, last but not least, political difficulties and emphasize the complexity in applying international law rules in cyber operations. Design/methodology/approach – The paper focuses on the globalization of the “cyber warfare phenomenon” by observing its evolutionary process from the early stages of its appearance until today. It examines the scope, duration and intensity of major cyber-attacks throughout the years in relation to the reactions of the States that were the victims. Having this as the base of discussion, it expands further by exemplifying “cyber warfare” from the perspective of the existing European and International legal framework. The main aim of this part is to identify and analyze major obstacles that arise, for instance in terms of “jurisdiction” and “attribution” in applying international law rules to “cyber warfare”. Findings – The absence of a widely accepted legal framework to regulate jurisdictional issues of cyber warfare and the technical difficulties in identifying, with absolute certainty, the perpetrators of an attack, make the successful tackling of cyber attacks difficult. Originality/value – The paper fulfills the need to identify difficulties in applying international law rules in cyber warfare and constitutes the basis for the creation of a method that will attempt to categorize and rank cyber operations in terms of their intensity and seriousness.
APA, Harvard, Vancouver, ISO, and other styles
35

Edwards, Benjamin, Alexander Furnas, Stephanie Forrest, and Robert Axelrod. "Strategic aspects of cyberattack, attribution, and blame." Proceedings of the National Academy of Sciences 114, no. 11 (2017): 2825–30. http://dx.doi.org/10.1073/pnas.1700442114.

Full text
Abstract:
Cyber conflict is now a common and potentially dangerous occurrence. The target typically faces a strategic choice based on its ability to attribute the attack to a specific perpetrator and whether it has a viable punishment at its disposal. We present a game-theoretic model, in which the best strategic choice for the victim depends on the vulnerability of the attacker, the knowledge level of the victim, payoffs for different outcomes, and the beliefs of each player about their opponent. The resulting blame game allows analysis of four policy-relevant questions: the conditions under which peace (i.e., no attacks) is stable, when attacks should be tolerated, the consequences of asymmetric technical attribution capabilities, and when a mischievous third party or an accident can undermine peace. Numerous historical examples illustrate how the theory applies to cases of cyber or kinetic conflict involving the United States, Russia, China, Japan, North Korea, Estonia, Israel, Iran, and Syria.
APA, Harvard, Vancouver, ISO, and other styles
36

Boutin, Berenice. "Shared Responsibility for Cyber Operations." AJIL Unbound 113 (2019): 197–201. http://dx.doi.org/10.1017/aju.2019.31.

Full text
Abstract:
When the responsibility of more than one state is engaged in relation to a wrongful cyber operation, the relevant states share responsibility for it. Shared responsibility can arise, for instance, when multiple states jointly conduct a cyber operation or when one state is involved in the cyber operation of another state (e.g., by providing assistance or exercising control). In view of the persistent difficulties associated with attribution of cyber conduct, shared responsibility can be a useful analytical framework to broaden the net of possible responsible states in relation to a cyber operation.
APA, Harvard, Vancouver, ISO, and other styles
37

M Salem Abu Alead, Rafeak, and ALI AMHMED AB ALTALIBE. "Attribution Challenges in the Era of Cyber Warfare: Unraveling the Identity of Cyber-Attackers." مجلة المعهد العالي للدراسات النوعية 3, no. 16 (2023): 5287–309. http://dx.doi.org/10.21608/hiss.2023.337323.

Full text
APA, Harvard, Vancouver, ISO, and other styles
38

Sharma, Munish. "Modeling Attribution of Cyber Attacks Using Bayesian Belief Networks." Strategic Analysis 45, no. 1 (2021): 18–37. http://dx.doi.org/10.1080/09700161.2020.1870268.

Full text
APA, Harvard, Vancouver, ISO, and other styles
39

Vostoupal, Jakub. "Stuxnet vs WannaCry and Albania: Cyber-attribution on trial." Computer Law & Security Review 54 (September 2024): 106008. http://dx.doi.org/10.1016/j.clsr.2024.106008.

Full text
APA, Harvard, Vancouver, ISO, and other styles
40

Tsagourias, N. "Cyber attacks, self-defence and the problem of attribution." Journal of Conflict and Security Law 17, no. 2 (2012): 229–44. http://dx.doi.org/10.1093/jcsl/krs019.

Full text
APA, Harvard, Vancouver, ISO, and other styles
41

Devanny, Joe, Luiz Goldoni, and Breno Medeiros. "Strategy in an Uncertain Domain: Threat and Response in Cyberspace." Journal of Strategic Security 15, no. 2 (2022): 34–47. http://dx.doi.org/10.5038/1944-0472.15.2.1954.

Full text
Abstract:
Over the last decade, "cyber power" has become an increasingly prominent concept and instrument of national strategy. This article explores the nature of contemporary cyber power, focusing on how states should respond to "cyber uncertainty." Cases of cyber operations against Estonia, Georgia, and Ukraine, as well as cyber operations conducted (and suffered) by the United States, highlight the evolving role of cyber operations as an instrument of statecraft. Given the complexity of cyber forensics and the polluted information environment of the global public sphere, the public diplomacy of coordinated attribution statements cannot be expected to cut through conclusively or uniformly. States must therefore organise themselves effectively to produce and implement coherent cyber strategy, improving their relational cyber power. This should focus on cyber security and resilience, but also including effective cyber diplomacy, and assessment of what sovereign offensive capabilities are desirable and feasible.
APA, Harvard, Vancouver, ISO, and other styles
42

Shahid, Nida, and Ahmad Khan. "ADDRESSING CYBER VULNERABILITIES THROUGH DETERRENCE." Journal of Contemporary Studies 11, no. 1 (2022): 50–68. http://dx.doi.org/10.54690/jcs.v11i1.212.

Full text
Abstract:
The study analyses the possible responses to cyber-attacks through cyberspace deterrence. The inundated cyber-attacks have prompted major powers to establish cyber deterrence. However, in the absence of a model of punishment, as it is empirically found in the nuclear domain, the efficacy of cyber deterrence is limited. The model of punishment against cyber-attacks is based on the traditional nuclear deterrence model, which is either deterrence by denial or deterrence by punishment. Cyber deterrence may not be a replica of traditional deterrence and give similar response measures in a cyber-attack. The assured retaliation in cyber requires an explanation of response measures that do not cause collateral damage. The paper concludes that cyber aggressors escaped retaliation due to the lack of attribution and not being punished due to limited retaliatory measures.
APA, Harvard, Vancouver, ISO, and other styles
43

Гоэль, Санджай. "Как улучшенная атрибуция в кибер войне может способствовать деэскалации гонки кибер вооружений". Connections: The Quarterly Journal 19, № 1 (2020): 101–11. http://dx.doi.org/10.11610/connections.rus.19.1.08.

Full text
APA, Harvard, Vancouver, ISO, and other styles
44

Mikanagi, Tomohiro, and Kubo Mačák. "Attribution of cyber operations: an international law perspective on the Park Jin Hyok case." Cambridge International Law Journal 9, no. 1 (2020): 51–75. http://dx.doi.org/10.4337/cilj.2020.01.03.

Full text
Abstract:
States are increasingly willing to publicly attribute hostile cyber operations to other States. Sooner or later, such claims will be tested before an international tribunal against the applicable international law. When that happens, clear guidance will be needed on the methodological, procedural and substantive aspects of attribution of cyber operations from the perspective of international law. This article examines a recent high-profile case brought by the United States authorities against Mr Park Jin Hyok, an alleged North Korean hacker, to provide such analysis. The article begins by introducing the case against Mr Park and the key aspects of the evidence adduced against him. It then considers whether the publicly available evidence, assuming its accuracy, would in principle suffice to attribute the alleged conduct to North Korea. In the next step, this evidence is analysed from the perspective of the international jurisprudence on the standard of proof and on the probative value of indirect or circumstantial evidence. This analysis reveals the need for objective impartial assessment of the available evidence and the article thus continues by considering possible international attribution mechanisms. Before concluding, the article considers whether the principle of due diligence may provide an alternative pathway to international responsibility, thus mitigating the deficiencies of the existing attribution law. The final section then highlights the overarching lessons learned from the Park case for the attribution of cyber operations under international law, focusing particularly on States' potential to make cyberspace a more stable and secure domain through the interpretation and development of the law in this area.
APA, Harvard, Vancouver, ISO, and other styles
45

Devica, Gracella Shenie, Jesselena Arinda Putri, Maria Jessica Kunardi, Regyta Starlameivia Tanujaya, and M. M. Tri Warmiyati Dwi W. "ANALISIS ASPEK VICTIM ATTRIBUTION PADA REINFORCER BYSTANDER DALAM CYBER BULLYING KALANGAN GENERASI Z." MANASA 13, no. 2 (2024): 114–33. https://doi.org/10.25170/manasa.v13i2.6090.

Full text
Abstract:
In cyber bullying cases, there are three categories of parties involved, such as perpetrators, victims, and bystanders. This study analyzed the overview of victim attribution in reinforcer bystanders involved in cyberbullying incidents among Generation Z. This study uses qualitative methods with a semi-structured interview. The study shows that individuals’ perspectives on tolerating cyberbullying events vary. The four participants who were bystanders in the cyberbullying showed both victim attribution aspects, which are dehumanization and attribution of blame. Participants tend to blame the victim when they think that the victim is at fault. Therefore, in certain cases of cyberbullying, participants tend to normalize or consider it appropriate for cyberbullying to occur.
APA, Harvard, Vancouver, ISO, and other styles
46

Surilova, O. O. "PUBLIC ATTRIBUTION OF CYBERATACS BY EU MEMBER STATES AND THE APPLICATION OF CYBERSANCTIONS BY THE UNION TO CYBERATTACKS THREATENING THE UNION OR ITS MEMBER STATES." Constitutional State, no. 43 (October 26, 2021): 209–16. http://dx.doi.org/10.18524/2411-2054.2021.43.241005.

Full text
Abstract:
The article examines the issue of public attribution of cyberattacks threatening the European Union or its Member States, and effectiveness of the adopted «cyber diplomacy toolbox» within the Framework for a joint EU diplomatic response to malicious cyber activities. Since public attribution of cyberattacks is a sovereign political decision, which differs from legal attribution for the purpose of invoking state responsibility under Articles on State Responsibility for Internationally Wrongful Acts, author defines the rationale behind decisions to attribute or not to attribute cyberattacks to a particular state by examples of the Netherlands and France. While the Netherlands insist on deterrent effect of public attribution, France believes in the effectiveness of attribution provided to the allege wrongdoer by diplomatic channels. In the article, the effectiveness of cybersanctions implemented at Union level against a limited range of cyberattacks threatening the Union or its Member States was also under assessment. Article concludes that imposition of targeted sanctions in conjunction with sectoral sanctions will increase sanctions` purposes to coerce, constrain, and to signal. However, nowadays only targeted sanctions against individuals and legal entities are foreseen by the EU`s decision. At the same time, this fact does not exclude the possible application of sectoral sanctions against the most serious cyberattacks against EU` or its member states` infrastructure. Finally, the article justifies the possibility of using attribution reports prepared by the private sector to include individuals in the sanctions list if the attribution of Member States is based on intelligence that they do not wish to disclose. Moreover, malicious cyberoperations affect not only states`, but also private sector`s, interests. Private IT and cybersecurity companies thus have a chance to prove their ability to produce detailed and reliable reports on attribution of cyberoperations. Author is convinced both centralized (governmental) and decentralized (private) attribution of cyberattacks is necessary for correctness of findings.
APA, Harvard, Vancouver, ISO, and other styles
47

Goel, Sanjay, and Brian Nussbaum. "Attribution Across Cyber Attack Types: Network Intrusions and Information Operations." IEEE Open Journal of the Communications Society 2 (2021): 1082–93. http://dx.doi.org/10.1109/ojcoms.2021.3074591.

Full text
APA, Harvard, Vancouver, ISO, and other styles
48

Maglaras, Leandros, Mohamed Ferrag, Abdelouahid Derhab, Mithun Mukherjee, Helge Janicke, and Stylianos Rallis. "Threats, Countermeasures and Attribution of Cyber Attacks on Critical Infrastructures." ICST Transactions on Security and Safety 5, no. 16 (2018): 155856. http://dx.doi.org/10.4108/eai.15-10-2018.155856.

Full text
APA, Harvard, Vancouver, ISO, and other styles
49

Neely, Jr., Phillip R., and Michelle T. Allen. "Policing Cyber Terrorism." Journal of Cybersecurity Research (JCR) 3, no. 1 (2018): 13–18. http://dx.doi.org/10.19030/jcr.v3i1.10227.

Full text
Abstract:
In order to police a crime there must be an act that is considered a crime and punishable under the law. There also must exist the capability to investigate for potential suspects and obtain physical or circumstantial evidence of the crime to be used in criminal proceedings. The act of gaining unauthorized access to a network system is a criminal act under federal law. Several key factors are presented during the course of this discussion and then built upon. Two methods of attack planning are presented. The attack planning cycle for traditional terrorist and then cyber terrorists planning used to penetrate a network system. Supervisory Control and Data Acquisition System (SCADA) are defined and presented as an important critical target within the nation’s infrastructure. Examples of successful attacks are presented. A brief overview is used to present malicious software and the effects of its use against SCADA systems. The path for which data takes through a network is explained. The importance of the data path is vital in understanding the five methods of attribution which serve as methods of investigating cyber terrorism. 
APA, Harvard, Vancouver, ISO, and other styles
50

Kreps, Sarah, and Debak Das. "Warring from the virtual to the real: Assessing the public’s threshold for war over cyber security." Research & Politics 4, no. 2 (2017): 205316801771593. http://dx.doi.org/10.1177/2053168017715930.

Full text
Abstract:
Accusations of Russian hacking in the 2016 US presidential election has raised the salience of cyber security among the American public. However, there are still a number of unanswered questions about the circumstances under which particular policy responses are warranted in response to a cyber-attack and the public’s attitudes about the conditions that justify this range of responses. This research investigates the attributes of a cyber-attack that affect public support for retaliation. It finds that cyber-attacks that produce American casualties dramatically increase support for retaliatory airstrikes compared to attacks with economic consequences. Assessments of attribution that have bipartisan support increase support to a lesser extent but for a broader range of retaliatory measures. The findings have important implications for ongoing debates about cyber security policy.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the bibliographies on the topic 'Cyber Attribution' for other source types:
Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography