Abstract
As in the real world's criminal investigation, cyber criminal profiling is important to attribute cyber attacks. Every cyber crime committed by the same hacker or hacking group has unique characteristics such as attack purpose, attack methods, and target's profile. Therefore, a complete analysis of the hacker's activities can give investigators hard evidence to attribute attacks and unveil criminals. In this paper, we implemented WHAP, a profiling system that uses Case-Based Reasoning (CBR). We verified WHAP's usefulness by analyzing large scale of web defacement cases including North Korean hacker's attacks against South Korea, and unveiling a relationship between those attacks and another set of attacks against Sony Pictures Entertainment.
| Original language | English |
|---|---|
| Title of host publication | 2016 IEEE Conference on Communications and Network Security, CNS 2016 |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| Pages | 344-345 |
| Number of pages | 2 |
| ISBN (Electronic) | 9781509030651 |
| DOIs | |
| Publication status | Published - 2017 Feb 21 |
| Event | 2016 IEEE Conference on Communications and Network Security, CNS 2016 - Philadelphia, United States Duration: 2016 Oct 17 → 2016 Oct 19 |
Other
| Other | 2016 IEEE Conference on Communications and Network Security, CNS 2016 |
|---|---|
| Country/Territory | United States |
| City | Philadelphia |
| Period | 16/10/17 → 16/10/19 |
ASJC Scopus subject areas
- Computer Networks and Communications
- Safety, Risk, Reliability and Quality
