Abstract
Computer security would arguably benefit from more information on the characteristics of the particular human attacker behind a security incident. Nevertheless, technical security mechanisms have always focused on the at-tack's characteristics rather than the attacker's. The latter is a challenging prob-lem, as relevant data cannot easily be found. We argue that the cyber traces left by a human attacker during an intrusion attempt can help towards building a profile of the particular person. To illustrate this concept, we have developed an approach using case-based reasoning that indirectly measures an attacker’s characteristics for given attack scenarios. Our results reveal that case-based rea-soning has the potential of being used to assist security and forensic investiga-tors in profiling human attackers.
Original language | English |
---|---|
Title of host publication | 19th UK Workshop on Case-Based Reasoning |
Place of Publication | Cambridge |
Pages | 39-48 |
Number of pages | 10 |
Publication status | Published - 1 Jan 2014 |
Event | 19th UK Workshop on Case-Based Reasoning - Cambridge, UK, 9 Dec 2014 Duration: 1 Jan 2014 → … |
Workshop
Workshop | 19th UK Workshop on Case-Based Reasoning |
---|---|
Period | 1/01/14 → … |
Keywords
- Case-based reasoning
- Cyber Security
- Intrusion Detection
- Artificial Intelligence