Attribution in cyberspace: techniques and legal implications

Jawwad A. Shamsi; Sherali Zeadally; Fareha Sheikh; Angelyn Flowers

doi:10.1002/sec.1485

Attribution in cyberspace: techniques and legal implications

Jawwad A. Shamsi
, Sherali Zeadally
, Fareha Sheikh
, Angelyn Flowers

School of Information Science

Producción científica: Article › revisión exhaustiva

15 Citas (Scopus)

Resumen

Attribution of cybercrimes is significant in limiting the rate of crime as well as in preparing the required level of response. Motivated by this significance, we introduce a level-based approach for achieving attribution. In our proposed approach, attribution consists of three steps: (1) identification of the cyberweapon used; (2) determination of the origin of the attack; and (3) identification of the actual attacker. We conduct an in-depth analysis of recently proposed attribution techniques. Our analysis reveals that indirect methods of attribution are particularly effective when attributing cybercrimes; many of them remain unattributed. We also discuss some of the legal issues pertaining to attribution, and we argue that well-defined international laws for cyberspace along with strong cooperation among governments are needed to track down and punish cybercriminals.

Idioma original	English
Páginas (desde-hasta)	2886-2900
Número de páginas	15
Publicación	Security and Communication Networks
Volumen	9
N.º	15
DOI	https://doi.org/10.1002/sec.1485
Estado	Published - oct 1 2016

Nota bibliográfica

Publisher Copyright:
Copyright © 2016 John Wiley & Sons, Ltd.

ODS de las Naciones Unidas

Este resultado contribuye a los siguientes Objetivos de Desarrollo Sostenible

Peace justice and strong institutions

ASJC Scopus subject areas

Information Systems
Computer Networks and Communications

Acceder al documento

10.1002/sec.1485

Otros archivos y enlaces

Citar esto

@article{fbc8902524ed4bdaa411f16c41349972,

title = "Attribution in cyberspace: techniques and legal implications",

abstract = "Attribution of cybercrimes is significant in limiting the rate of crime as well as in preparing the required level of response. Motivated by this significance, we introduce a level-based approach for achieving attribution. In our proposed approach, attribution consists of three steps: (1) identification of the cyberweapon used; (2) determination of the origin of the attack; and (3) identification of the actual attacker. We conduct an in-depth analysis of recently proposed attribution techniques. Our analysis reveals that indirect methods of attribution are particularly effective when attributing cybercrimes; many of them remain unattributed. We also discuss some of the legal issues pertaining to attribution, and we argue that well-defined international laws for cyberspace along with strong cooperation among governments are needed to track down and punish cybercriminals.",

keywords = "attribution, cyberattacks, cybercrime, cyberlaws, denial of service, malware",

author = "Shamsi, \{Jawwad A.\} and Sherali Zeadally and Fareha Sheikh and Angelyn Flowers",

note = "Publisher Copyright: Copyright {\textcopyright} 2016 John Wiley \& Sons, Ltd.",

year = "2016",

month = oct,

day = "1",

doi = "10.1002/sec.1485",

language = "English",

volume = "9",

pages = "2886--2900",

number = "15",

}

TY - JOUR

T1 - Attribution in cyberspace

T2 - techniques and legal implications

AU - Shamsi, Jawwad A.

AU - Zeadally, Sherali

AU - Sheikh, Fareha

AU - Flowers, Angelyn

PY - 2016/10/1

Y1 - 2016/10/1

N2 - Attribution of cybercrimes is significant in limiting the rate of crime as well as in preparing the required level of response. Motivated by this significance, we introduce a level-based approach for achieving attribution. In our proposed approach, attribution consists of three steps: (1) identification of the cyberweapon used; (2) determination of the origin of the attack; and (3) identification of the actual attacker. We conduct an in-depth analysis of recently proposed attribution techniques. Our analysis reveals that indirect methods of attribution are particularly effective when attributing cybercrimes; many of them remain unattributed. We also discuss some of the legal issues pertaining to attribution, and we argue that well-defined international laws for cyberspace along with strong cooperation among governments are needed to track down and punish cybercriminals.

AB - Attribution of cybercrimes is significant in limiting the rate of crime as well as in preparing the required level of response. Motivated by this significance, we introduce a level-based approach for achieving attribution. In our proposed approach, attribution consists of three steps: (1) identification of the cyberweapon used; (2) determination of the origin of the attack; and (3) identification of the actual attacker. We conduct an in-depth analysis of recently proposed attribution techniques. Our analysis reveals that indirect methods of attribution are particularly effective when attributing cybercrimes; many of them remain unattributed. We also discuss some of the legal issues pertaining to attribution, and we argue that well-defined international laws for cyberspace along with strong cooperation among governments are needed to track down and punish cybercriminals.

KW - attribution

KW - cyberattacks

KW - cybercrime

KW - cyberlaws

KW - denial of service

KW - malware

UR - https://www.scopus.com/pages/publications/84964680447

UR - https://www.scopus.com/pages/publications/84964680447#tab=citedBy

U2 - 10.1002/sec.1485

DO - 10.1002/sec.1485

M3 - Article

AN - SCOPUS:84964680447

SN - 1939-0114

VL - 9

SP - 2886

EP - 2900

JO - Security and Communication Networks

JF - Security and Communication Networks

IS - 15

ER -

Attribution in cyberspace: techniques and legal implications

Resumen

Nota bibliográfica

ODS de las Naciones Unidas

ASJC Scopus subject areas

Acceder al documento

Otros archivos y enlaces

Huella

Citar esto