Abstract
A major challenge in cyberthreat analysis is combining information from different sources to find the person or the group responsible for the cyber-attack. In this chapter, we leverage the dataset from the capture-the-flag event held at DEFCON discussed in Chap. 2, and propose DeLP3E model comprised solely of the AM (that is, without probabilistic information) designed to aid an analyst in attributing a cyberattack. We build models from latent variables to reduce the search space of culprits (attackers), and show that this reduction significantly improves the accuracy of the classification-based approaches discussed in Chap. 2 from 37% to 62% in identifying the attacker.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
L. Breiman. Bagging predictors. Machine learning, 24(2):123–140, 1996.
L. Breiman. Random forests. Machine learning, 45(1):5–32, 2001.
E. Nunes, N. Kulkarni, P. Shakarian, A. Ruef, and J. Little. Cyber-deception and attribution in capture-the-flag exercises. In Proceedings of the IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), pages 962–965, 2015.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2018 The Author(s)
About this chapter
Cite this chapter
Nunes, E., Shakarian, P., Simari, G.I., Ruef, A. (2018). Applying Argumentation Models for Cyber Attribution. In: Artificial Intelligence Tools for Cyber Attribution. SpringerBriefs in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-319-73788-1_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-73788-1_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-73787-4
Online ISBN: 978-3-319-73788-1
eBook Packages: Computer ScienceComputer Science (R0)