Threat Attribution

Cyber threat attribution aims to identify the perpetrators of cyberattacks, enabling effective countermeasures and legal action. Current research focuses on automating this process, moving beyond manual analysis by employing machine learning models, including graph neural networks and those leveraging natural language processing techniques like named entity recognition, often incorporating modular architectures to improve accuracy and interpretability. This work is crucial for enhancing cybersecurity defenses by improving the speed and accuracy of identifying attackers, ultimately leading to more effective mitigation strategies and deterrence.