Imperial College London
Portrait Picture

Professor Emil Lupu

Faculty of EngineeringDepartment of Computing

Professor of Computer Systems
 
 
 
//

Contact

 

e.c.lupu Website

 
 
//

Location

 

564Huxley BuildingSouth Kensington Campus

//

Summary

 

Publications

Citation

BibTex format

@inproceedings{Karafili:2020:10.1016/j.fsidi.2020.300925,
author = {Karafili, E and Wang, L and Lupu, E},
doi = {10.1016/j.fsidi.2020.300925},
pages = {1--9},
publisher = {Elsevier},
title = {An argumentation-based reasoner to assist digital investigation and attribution of cyber-attacks},
url = {http://dx.doi.org/10.1016/j.fsidi.2020.300925},
year = {2020}
}
Download

RIS format (EndNote, RefMan)

TY  - CPAPER
AB  - We expect an increase in the frequency and severity of cyber-attacks that comes along with the need for efficient security coun- termeasures. The process of attributing a cyber-attack helps to construct efficient and targeted mitigating and preventive security measures. In this work, we propose an argumentation-based reasoner (ABR) as a proof-of-concept tool that can help a forensics analyst during the analysis of forensic evidence and the attribution process. Given the evidence collected from a cyber-attack, our reasoner can assist the analyst during the investigation process, by helping him/her to analyze the evidence and identify who per- formed the attack. Furthermore, it suggests to the analyst where to focus further analyses by giving hints of the missing evidence or new investigation paths to follow. ABR is the first automatic reasoner that can combine both technical and social evidence in the analysis of a cyber-attack, and that can also cope with incomplete and conflicting information. To illustrate how ABR can assist in the analysis and attribution of cyber-attacks we have used examples of cyber-attacks and their analyses as reported in publicly available reports and online literature. We do not mean to either agree or disagree with the analyses presented therein or reach attribution conclusions.
AU  - Karafili,E
AU  - Wang,L
AU  - Lupu,E
DO  - 10.1016/j.fsidi.2020.300925
EP  - 9
PB  - Elsevier
PY  - 2020///
SN  - 2666-2817
SP  - 1
TI  - An argumentation-based reasoner to assist digital investigation and attribution of cyber-attacks
UR  - http://dx.doi.org/10.1016/j.fsidi.2020.300925
UR  - https://www.sciencedirect.com/science/article/pii/S2666281720300202
UR  - http://hdl.handle.net/10044/1/76269
ER  -
Download