2019 | OriginalPaper | Buchkapitel
Attribution of Cyber Attacks
verfasst von : Klaus-Peter Saalbach
Erschienen in: Information Technology for Peace and Security
Verlag: Springer Fachmedien Wiesbaden
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
We define cyber attribution as the allocation of a cyber attack to a certain attacker or a group of attackers in a first step and the unveiling of the real-world identity of the attacker in a second step. While the methods of attacker allocation have made significant progress in recent years, digital technologies often still do not provide sufficient evidence for the real-world identity of an attacker. The situation is different if attribution is handled as cyber-physical process, i.e. as combination of digital forensics with evidence from the physical world. Bits and bytes are not really virtual, but still bound to a physical infrastructure which opens different ways to detect adversaries. Gaps can also be filled by conventional espionage. The chapter gives an overview of the current methods and practices of cyber attribution with real-world examples.