View The Document

Accession Number:

AD1085780

Title:

Stateless Attribution : Toward International Accountability in Cyberspace

Personal Author(s):

Davis,John II S.

Boudreaux,Benjamin

Welburn,Jonathan W

Aguirre,Jair

Ogletree,Cordaye

McGovern,Geoffrey

Chase,Michael S.

Corporate Author:

RAND CORP ARLINGTON VA ARLINGTON United States

Report Date:

2017-01-01

Abstract:

The attribution of a malicious cyber incident consists of identifying the responsible party behind the activity. A cyber attribution finding is a necessary prerequisite for holding actors accountable for malicious activity. Recently, several cyber incidents with geopolitical implications and the attribution findings associated with those incidents have received high-profile press coverage. Many segments of the general public disputed and questioned the credibility of the declared attributions. In this report, we review the state of cyber attribution and we consider alternative mechanisms for producing standardized and transparent attribution that may overcome concerns about credibility. In particular, this exploratory work considers the value of an independent, global organization whose mission consists of investigating and publicly attributing major cyber attacks.

Descriptive Note:

Technical Report

Pages:

0064

Descriptors:

international relations

international law

national security

intergovernmental organizations

international organizations

public policy

cybersecurity

network protocols

cyberattacks

internet

Identifiers:

un(United Nations)

apt(Advanced Persistent Threat)

ICANN(Internet Corporation for Assigned Names andNumbers)

IETF(Internet Engineering Task Force)

IP(Internet Protocol)

Subject Categories:

Computer Systems

Communities Of Interest:

Cyber

Modernization Areas:

Cyber

Distribution Statement:

Approved For Public Release;

File Size:

0.63MB

View The Document