UC Davis

From a cyber-security perspective, attribution is considered to be the ability to determine the originating location for an attack. However, should such an attribution system be developed and deployed, it would provide attribution for all traffic, not just attack traffic. This has several implications for both the senders and receivers of traffic, as well as the intervening organizations, Internet service providers and nation-states. In this paper we examine the requirements for an attribution system, identifying all of the actors, their potential interests, and the resulting policies they might therefore have. We provide a general framework that represents the attribution problem, and outline the technical and policy requirements for a solution. We discuss the inevitable policy conflicts due to the social, legal and cultural issues that would surround such a system.