查看文章

Attribution of cybercrimes is significant in limiting the rate of crime as well as in preparing the required level of response. Motivated by this significance, we introduce a level‐based approach for achieving attribution. In our proposed approach, attribution consists of three steps: (1) identification of the cyberweapon used; (2) determination of the origin of the attack; and (3) identification of the actual attacker. We conduct an in‐depth analysis of recently proposed attribution techniques. Our analysis reveals that indirect methods of attribution are particularly effective when attributing cybercrimes; many of them remain unattributed. We also discuss some of the legal issues pertaining to attribution, and we argue that well‐defined international laws for cyberspace along with strong cooperation among governments are needed to track down and punish cybercriminals. Copyright © 2016 John Wiley & Sons, Ltd.