| dc.contributor.author | Clark, David D. | |
| dc.contributor.author | Landau, Susan | |
| dc.date.accessioned | 2022-04-06T16:01:05Z | |
| dc.date.available | 2022-04-06T16:01:05Z | |
| dc.date.issued | 2010-11-30 | |
| dc.identifier.uri | https://doi.org/10.1145/1921233.1921247 | |
| dc.identifier.uri | https://hdl.handle.net/1721.1/141711 | |
| dc.description.abstract | As a result of increasing spam, DDoS attacks, cybercrime, and data exfiltration from corporate and government sites, there have been multiple calls for an Internet architecture that enables better network attribution at the packet layer. The intent is for a mechanism that links a packet to some packet level personally identifiable information (PLPII). But cyberattacks and cyberexploitations are more different than they are the same. One result of these distinctions is that packet-level attribution is neither as useful nor as necessary as it would appear.
In this paper we discuss why network-level personal attribution is of limited forensic value. We analyze the different types of Internet-based attacks, and observe the role that currently available alternatives to attribution already play in deterrence and prosecution. We focus on the particular character of multi-stage network attacks, in which machine A penetrates and “takes over” machine B, which then does the same to machine C, etc. We consider how these types of attacks might be traced, and observe that any technical contribution can only be contemplated in the larger regulatory context of various legal jurisdictions. Finally we examine the costs of PLPII mechanisms. | en_US |
| dc.description.sponsorship | This material is based on work supported by the U.S. Office of Naval Research, Grant No. N00014-09-1-0597. Any opinions, findings, conclusions or recommendations therein are those of the author(s) and do not necessarily reflect the views of the Office of Naval Research. | en_US |
| dc.language.iso | en_US | en_US |
| dc.publisher | © Association for Computing Machinery, New York, NY, USA | en_US |
| dc.rights | Attribution-NonCommercial-NoDerivs 3.0 United States | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/3.0/us/ | * |
| dc.title | The problem isn't attribution: It's multi-stage attacks | en_US |
| dc.type | Article | en_US |
| dc.identifier.citation | Clark, D. D., & Landau, S. (2010). The problem isn't attribution: It's multi-stage attacks. Proceedings of the Re-Architecting the Internet Workshop (ReARCH '10), Article 11, 1–6. | en_US |
| dc.eprint.version | Final published version. | en_US |
