Attribution in cyberspace: techniques and legal implications

Jawwad A. Shamsi; Sherali Zeadally; Fareha Sheikh; Angelyn Flowers

doi:10.1002/sec.1485

Attribution in cyberspace: techniques and legal implications

Jawwad A. Shamsi
, Sherali Zeadally
, Fareha Sheikh
, Angelyn Flowers

School of Information Science

Research output: Contribution to journal › Article › peer-review

15 Scopus citations

Abstract

Attribution of cybercrimes is significant in limiting the rate of crime as well as in preparing the required level of response. Motivated by this significance, we introduce a level-based approach for achieving attribution. In our proposed approach, attribution consists of three steps: (1) identification of the cyberweapon used; (2) determination of the origin of the attack; and (3) identification of the actual attacker. We conduct an in-depth analysis of recently proposed attribution techniques. Our analysis reveals that indirect methods of attribution are particularly effective when attributing cybercrimes; many of them remain unattributed. We also discuss some of the legal issues pertaining to attribution, and we argue that well-defined international laws for cyberspace along with strong cooperation among governments are needed to track down and punish cybercriminals.

Original language	English
Pages (from-to)	2886-2900
Number of pages	15
Journal	Security and Communication Networks
Volume	9
Issue number	15
DOIs	https://doi.org/10.1002/sec.1485
State	Published - Oct 1 2016

Bibliographical note

Publisher Copyright:
Copyright © 2016 John Wiley & Sons, Ltd.

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

SDG 16 Peace, Justice and Strong Institutions

Keywords

attribution
cyberattacks
cybercrime
cyberlaws
denial of service
malware

ASJC Scopus subject areas

Information Systems
Computer Networks and Communications

Access to Document

10.1002/sec.1485

Cite this

@article{fbc8902524ed4bdaa411f16c41349972,

title = "Attribution in cyberspace: techniques and legal implications",

abstract = "Attribution of cybercrimes is significant in limiting the rate of crime as well as in preparing the required level of response. Motivated by this significance, we introduce a level-based approach for achieving attribution. In our proposed approach, attribution consists of three steps: (1) identification of the cyberweapon used; (2) determination of the origin of the attack; and (3) identification of the actual attacker. We conduct an in-depth analysis of recently proposed attribution techniques. Our analysis reveals that indirect methods of attribution are particularly effective when attributing cybercrimes; many of them remain unattributed. We also discuss some of the legal issues pertaining to attribution, and we argue that well-defined international laws for cyberspace along with strong cooperation among governments are needed to track down and punish cybercriminals.",

keywords = "attribution, cyberattacks, cybercrime, cyberlaws, denial of service, malware",

author = "Shamsi, \{Jawwad A.\} and Sherali Zeadally and Fareha Sheikh and Angelyn Flowers",

note = "Publisher Copyright: Copyright {\textcopyright} 2016 John Wiley \& Sons, Ltd.",

year = "2016",

month = oct,

day = "1",

doi = "10.1002/sec.1485",

language = "English",

volume = "9",

pages = "2886--2900",

number = "15",

}

TY - JOUR

T1 - Attribution in cyberspace

T2 - techniques and legal implications

AU - Shamsi, Jawwad A.

AU - Zeadally, Sherali

AU - Sheikh, Fareha

AU - Flowers, Angelyn

PY - 2016/10/1

Y1 - 2016/10/1

N2 - Attribution of cybercrimes is significant in limiting the rate of crime as well as in preparing the required level of response. Motivated by this significance, we introduce a level-based approach for achieving attribution. In our proposed approach, attribution consists of three steps: (1) identification of the cyberweapon used; (2) determination of the origin of the attack; and (3) identification of the actual attacker. We conduct an in-depth analysis of recently proposed attribution techniques. Our analysis reveals that indirect methods of attribution are particularly effective when attributing cybercrimes; many of them remain unattributed. We also discuss some of the legal issues pertaining to attribution, and we argue that well-defined international laws for cyberspace along with strong cooperation among governments are needed to track down and punish cybercriminals.

AB - Attribution of cybercrimes is significant in limiting the rate of crime as well as in preparing the required level of response. Motivated by this significance, we introduce a level-based approach for achieving attribution. In our proposed approach, attribution consists of three steps: (1) identification of the cyberweapon used; (2) determination of the origin of the attack; and (3) identification of the actual attacker. We conduct an in-depth analysis of recently proposed attribution techniques. Our analysis reveals that indirect methods of attribution are particularly effective when attributing cybercrimes; many of them remain unattributed. We also discuss some of the legal issues pertaining to attribution, and we argue that well-defined international laws for cyberspace along with strong cooperation among governments are needed to track down and punish cybercriminals.

KW - attribution

KW - cyberattacks

KW - cybercrime

KW - cyberlaws

KW - denial of service

KW - malware

UR - https://www.scopus.com/pages/publications/84964680447

UR - https://www.scopus.com/pages/publications/84964680447#tab=citedBy

U2 - 10.1002/sec.1485

DO - 10.1002/sec.1485

M3 - Article

AN - SCOPUS:84964680447

SN - 1939-0114

VL - 9

SP - 2886

EP - 2900

JO - Security and Communication Networks

JF - Security and Communication Networks

IS - 15

ER -

Attribution in cyberspace: techniques and legal implications

Abstract

Bibliographical note

UN SDGs

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this