Skip to main content
Springer Nature Link
Log in

Automated Honey Document Generation Using Genetic Algorithm

  • Conference paper
  • First Online:
Wireless Algorithms, Systems, and Applications (WASA 2021)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12939))

Abstract

Sensitive data exfiltration attack is one of predominant threats to cybersecurity. The honey document is a type of cyber deception technology to address this issue. Most existing works focus on the honey document deployment or bait design, ignoring the importance of the document contents. Believable and enticing honey contents are the foundation for achieving attacker deception, attack discovery, and sensitive data protection. This paper presents a method for automating the generation of honey document contents by measuring believability and enticement. We use real documents as materials, replace sensitive information with insensitive parts of other documents to generate honey contents. A genetic algorithm (GA) is deployed to achieve automatic multiobjective optimization of the generation process. Our method allows generating a set of diverse honey documents from one origin. The attackers have to wade through plenty of documents with the same topics and similar contents in detail to distinguish them, thus hindering the exfiltration attack. We conducted numerical and manual experiments with both Chinese and English documents, where the results validate the effectiveness.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
eBook
USD 84.99
Price excludes VAT (USA)
Softcover Book
USD 109.99
Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Ben Salem, M., Stolfo, S.J.: Decoy document deployment for effective masquerade attack detection. In: Holz, T., Bos, H. (eds.) DIMVA 2011. LNCS, vol. 6739, pp. 35–54. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22424-9_3

    Chapter  Google Scholar 

  2. Yuill, J., Zappe, M., Denning, D., Feer, F.: Honeyfiles: deceptive files for intrusion detection. In: 2004 Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, pp. 116–122. IEEE (2004)

    Google Scholar 

  3. Whitham, B.: Automating the generation of fake documents to detect network intruders. Int. J. Cyber-Secur. Digit. Forensics (IJCSDF) 2(1), 103–118 (2013)

    Google Scholar 

  4. Bowen, B.M., Hershkop, S., Keromytis, A.D., Stolfo, S.J.: Baiting inside attackers using decoy documents. In: Chen, Y., Dimitriou, T.D., Zhou, J. (eds.) SecureComm 2009. LNICST, vol. 19, pp. 51–70. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-05284-2_4

    Chapter  Google Scholar 

  5. Wang, L., Li, C., Tan, Q.F., Wang, X.B.: Generation and distribution of decoy document system. In: Yuan, Y., Wu, X., Lu, Y. (eds.) ISCTCS 2013. CCIS, vol. 426, pp. 123–129. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43908-1_16

    Chapter  Google Scholar 

  6. Whitham, B.: Automating the generation of enticing text content for high-interaction honeyfiles. In: Proceedings of the 50th Hawaii International Conference on System Sciences (2017)

    Google Scholar 

  7. Chakraborty, T., Jajodia, S., Katz, J., Picariello, A., Sperli, G., Subrahmanian, V.: A fake online repository generation engine for cyber deception. IEEE Trans. Dependable Secure Comput. 18, 518–533 (2019)

    Google Scholar 

  8. Karuna, P., Purohit, H., Ganesan, R., Jajodia, S.: Generating hard to comprehend fake documents for defensive cyber deception. IEEE Intell. Syst. 33(5), 16–25 (2018)

    Article  Google Scholar 

  9. Karuna, P., Purohit, H., Jajodia, S., Ganesan, R., Uzuner, O.: Fake document generation for cyber deception by manipulating text comprehensibility. IEEE Syst. J. 15, 835–845 (2020)

    Article  Google Scholar 

  10. Voris, J., Boggs, N., Stolfo, S.J.: Lost in translation: improving decoy documents via automated translation. In: 2012 IEEE Symposium on Security and Privacy Workshops, pp. 129–133. IEEE (2012)

    Google Scholar 

  11. Holland, J.H., et al.: Adaptation in natural and artificial systems: an introductory analysis with applications to biology, control, and artificial intelligence. MIT Press, Cambridge (1992)

    Book  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Yun Feng, Baoxu Liu, Yue Zhang, Jinli Zhang, Chaoge Liu & Qixu Liu

  2. School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China

    Yun Feng, Baoxu Liu, Yue Zhang, Jinli Zhang, Chaoge Liu & Qixu Liu

Authors
  1. Yun Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Baoxu Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yue Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jinli Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Chaoge Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Qixu Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yue Zhang .

Editor information

Editors and Affiliations

  1. Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Zhe Liu

  2. Shanghai Jiao Tong University, Shanghai, China

    Fan Wu

  3. Missouri University of Science and Technology, Rolla, MO, USA

    Sajal K. Das

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Feng, Y., Liu, B., Zhang, Y., Zhang, J., Liu, C., Liu, Q. (2021). Automated Honey Document Generation Using Genetic Algorithm. In: Liu, Z., Wu, F., Das, S.K. (eds) Wireless Algorithms, Systems, and Applications. WASA 2021. Lecture Notes in Computer Science(), vol 12939. Springer, Cham. https://doi.org/10.1007/978-3-030-86137-7_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-86137-7_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-86136-0

  • Online ISBN: 978-3-030-86137-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation