Attribution Across Cyber Attack Types: Network Intrusions and Information Operations

摘要: The objective of this paper is to articulate the problem attribution in cyber warfare incidents, including, surveillance, data theft, espionage, and misinformation campaigns. As stakes increase, concerted efforts are being made by intelligence law enforcement agencies identify perpetrators with much painstaking effort. Attribution tools techniques for malicious activities on Internet still nascent, relying mainly technical measurements, provenance code, non-technical assessments attack attacker characteristics link individuals or groups. attacks typically done through a burdensome manual process that relies both analysis ground intelligence. result, cumbersome laborious primarily reserved most egregious cases those conducted against well resourced organizations. Over time, our abilities have improved, however, improvement two-edged sword: as capabilities improve, privacy increasingly diluted. This discusses two vastly different types central conflict today: network intrusions social bot-led state art regarding across attack, provides recommendations improved attribution, lays out future research directions.