A comparative analysis of threat models in the context of cyber threat attribution
摘要
The role of cyberspace in geopolitical conflicts, as the experience of recent decades clearly demonstrates, is continually expanding. The activities of state sponsored and other cyber actors are becoming increasingly frequent, complex, and sophisticated. To understand and analyze a potential cyber attack in detail, it is essential to identify and select an appropriate analytical framework. There are currently several frameworks and models for analyzing cyber threats, but these were developed for different purposes and primarily focus on technical analysis. However, when analyzing a complex attack, we must also consider additional non-technical aspects that are not or are only partially covered by the known models. This study evaluates the applicability of individual frameworks during cyber threat attribution based on a uniquely created set of criteria. The purpose of the comparative analysis is to understand the strengths, weaknesses, and shortcomings of individual models in light of the identification of cyber actors behind cyber threats. This study makes several contributions to the field of cyber threat attribution. First, it provides a comparative analysis of widely used threat models and demonstrates that none of them fully and sufficiently support attribution across all required analytical dimensions. Second, the paper introduces the HexAttribution Model, a novel multidimensional attribution framework that integrates technical, behavioral, motivational, and geopolitical factors within a single structure. Third, the study incorporates a structured reliability component that aggregates domain-level evidence through structural strength factors and scenario-specific weighting, making the assumptions behind attribution reasoning more explicit and reviewable. Finally, the paper presents a proof-of-concept demonstration, illustrating how the model can be applied in practice to support transparent and defensible attribution assessments.