no code implementations • 27 Apr 2014 • Paulo Shakarian, Gerardo I. Simari, Geoffrey Moores, Simon Parsons, Marcelo A. Falappa
Attributing a cyber-operation through the use of multiple pieces of technical evidence (i. e., malware reverse-engineering and source tracking) and conventional intelligence sources (i. e., human or signals intelligence) is a difficult problem not only due to the effort required to obtain evidence, but the ease with which an adversary can plant false evidence.