Opendata, web and dolomites


Logic-based Attribution and Forensics in Cyber Security

Total Cost €


EC-Contrib. €






Project "AF-Cyber" data sheet

The following table provides information about the project.


Organization address
city: LONDON
postcode: SW7 2AZ

contact info
title: n.a.
name: n.a.
surname: n.a.
function: n.a.
email: n.a.
telephone: n.a.
fax: n.a.

 Coordinator Country United Kingdom [UK]
 Total cost 183˙454 €
 EC max contribution 183˙454 € (100%)
 Programme 1. H2020-EU.1.3.2. (Nurturing excellence by means of cross-border and cross-sector mobility)
 Code Call H2020-MSCA-IF-2016
 Funding Scheme MSCA-IF-EF-ST
 Starting year 2018
 Duration (year-month-day) from 2018-02-01   to  2020-01-31


Take a look of project's partnership.

# participants  country  role  EC contrib. [€] 


 Project objective

'Recent studies states that 'Devices will continue to grow in volume and variety, and the forecast for connected devices by 2020 is 200 billion and climbing'. The increase of connectivity brings a drastic impact on the increase of cyber attacks. Protecting measurements are not enough, while finding who did the attack is a crucial for preventing the escalation of cyber attacks. AF-Cyber will relieve part of the cyberattacks problem, by supporting forensics investigation and attribution with logical-based frameworks representation, reasoning and supporting tools. AF-Cyber main core will be a logic-based framework for performing attribution of cyber attacks, based on forensics evidence and an intelligent methodology for dynamic evidence collection. It will analyse and valuate analytically Cyber Forensics applications. Different forensics reasoning rules and techniques will be extracted and a categorization of forensics evidence will be constructed. A new logical formalism will be introduced for representing the analytical and non-monotonic reasoning needed for solving the attribution problem. A tool, based on the logical framework for the attribution reasoning, will be developed. The tool will be tested with different real examples. The tool given the different evidence gives as result a quantitative/probabilistic answer of where the attack came from. A second version of the tool will be developed which will guide the forensics analyst during his work on collecting the evidence, and reasoning about them. A dynamic forensics evidence collection will be designed based on the different reasoning rules, and the involvement of data mining/machine learning algorithms. Cyber security concerns are part of ICT security and Digital Security call. AF-Cyber is in-line with the latest EU Commissions measures for addressing cyber threats, the Connected Digital Single Market: Digital Security call and ENISA’s calls for threat landscapes & cyber security exercises.'


year authors and title journal last update
List of publications.
2020 Erisa Karafili; Fulvio Valenza; Yichen Chen; Emil Lupu
Towards a Framework for Automatic Firewalls Configuration via Argumentation Reasoning
published pages: , ISSN: , DOI: 10.5281/zenodo.3674747
DISSECT Workshop, NOMS 2020-2020 IEEE/IFIP Network Operations and Management Symposium 1 2020-02-28
2020 João Rasga, Cristina Sernandes, Erisa Karafili, Luca Viganò
Time-Stamped Claim Logic
published pages: , ISSN: 1367-0751, DOI:
Logic Journal of IGPL 2020-02-06
2020 Karafili, Erisa; Wang, Linna; Lupu, Emil
An Argumentation-Based Reasoner to Assist Digital Investigation and Attribution of Cyber-Attacks
published pages: , ISSN: 2666-2817, DOI: 10.5281/zenodo.3625913
Forensic Science International: Digital Investigation 2020-02-05
2019 Spanaki, Konstantina; Karafili, Erisa; Despoudi, Stella
Data Sharing in Agriculture 4.0: Applications of AI for Access Control Decisions
published pages: , ISSN: , DOI: 10.5281/zenodo.3625962
EurOMA 2019, abstract 1 2020-02-04
2018 Konstantina, Spanaki; Karafili, Erisa; Lupu, Emil
Sharing Agreements and Quality attributes in Data Manufacturing
published pages: , ISSN: , DOI: 10.5281/zenodo.3625927
EurOMA 2018, abstract 1 2020-02-04

Are you the coordinator (or a participant) of this project? Plaese send me more information about the "AF-CYBER" project.

For instance: the website url (it has not provided by EU-opendata yet), the logo, a more detailed description of the project (in plain text as a rtf file or a word file), some pictures (as picture files, not embedded into any word file), twitter account, linkedin page, etc.

Send me an  email ( and I put them in your project's page as son as possible.

Thanks. And then put a link of this page into your project's website.

The information about "AF-CYBER" are provided by the European Opendata Portal: CORDIS opendata.

More projects from the same programme (H2020-EU.1.3.2.)

NeoPur (2019)

New treatments and novel diagnostic tests for neonatal seizures based on purinergic signaling.

Read More  

InProSMod (2021)

Cholinergic and NMDAR-dependent recruitment of Layer 1 Interneuron shapes cortical motor Processing through network States Modulation

Read More  

GenEl (2020)

General readout electronics for cross-sectoral application in European research infrastructure

Read More