Abstract
Sensitive data exfiltration attack is one of predominant threats to cybersecurity. The honey document is a type of cyber deception technology to address this issue. Most existing works focus on the honey document deployment or bait design, ignoring the importance of the document contents. Believable and enticing honey contents are the foundation for achieving attacker deception, attack discovery, and sensitive data protection. This paper presents a method for automating the generation of honey document contents by measuring believability and enticement. We use real documents as materials, replace sensitive information with insensitive parts of other documents to generate honey contents. A genetic algorithm (GA) is deployed to achieve automatic multiobjective optimization of the generation process. Our method allows generating a set of diverse honey documents from one origin. The attackers have to wade through plenty of documents with the same topics and similar contents in detail to distinguish them, thus hindering the exfiltration attack. We conducted numerical and manual experiments with both Chinese and English documents, where the results validate the effectiveness.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Ben Salem, M., Stolfo, S.J.: Decoy document deployment for effective masquerade attack detection. In: Holz, T., Bos, H. (eds.) DIMVA 2011. LNCS, vol. 6739, pp. 35–54. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22424-9_3
Yuill, J., Zappe, M., Denning, D., Feer, F.: Honeyfiles: deceptive files for intrusion detection. In: 2004 Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, pp. 116–122. IEEE (2004)
Whitham, B.: Automating the generation of fake documents to detect network intruders. Int. J. Cyber-Secur. Digit. Forensics (IJCSDF) 2(1), 103–118 (2013)
Bowen, B.M., Hershkop, S., Keromytis, A.D., Stolfo, S.J.: Baiting inside attackers using decoy documents. In: Chen, Y., Dimitriou, T.D., Zhou, J. (eds.) SecureComm 2009. LNICST, vol. 19, pp. 51–70. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-05284-2_4
Wang, L., Li, C., Tan, Q.F., Wang, X.B.: Generation and distribution of decoy document system. In: Yuan, Y., Wu, X., Lu, Y. (eds.) ISCTCS 2013. CCIS, vol. 426, pp. 123–129. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43908-1_16
Whitham, B.: Automating the generation of enticing text content for high-interaction honeyfiles. In: Proceedings of the 50th Hawaii International Conference on System Sciences (2017)
Chakraborty, T., Jajodia, S., Katz, J., Picariello, A., Sperli, G., Subrahmanian, V.: A fake online repository generation engine for cyber deception. IEEE Trans. Dependable Secure Comput. 18, 518–533 (2019)
Karuna, P., Purohit, H., Ganesan, R., Jajodia, S.: Generating hard to comprehend fake documents for defensive cyber deception. IEEE Intell. Syst. 33(5), 16–25 (2018)
Karuna, P., Purohit, H., Jajodia, S., Ganesan, R., Uzuner, O.: Fake document generation for cyber deception by manipulating text comprehensibility. IEEE Syst. J. 15, 835–845 (2020)
Voris, J., Boggs, N., Stolfo, S.J.: Lost in translation: improving decoy documents via automated translation. In: 2012 IEEE Symposium on Security and Privacy Workshops, pp. 129–133. IEEE (2012)
Holland, J.H., et al.: Adaptation in natural and artificial systems: an introductory analysis with applications to biology, control, and artificial intelligence. MIT Press, Cambridge (1992)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Feng, Y., Liu, B., Zhang, Y., Zhang, J., Liu, C., Liu, Q. (2021). Automated Honey Document Generation Using Genetic Algorithm. In: Liu, Z., Wu, F., Das, S.K. (eds) Wireless Algorithms, Systems, and Applications. WASA 2021. Lecture Notes in Computer Science(), vol 12939. Springer, Cham. https://doi.org/10.1007/978-3-030-86137-7_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-86137-7_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-86136-0
Online ISBN: 978-3-030-86137-7
eBook Packages: Computer ScienceComputer Science (R0)