A Cognitive Deception Model for Generating Fake Documents to Curb Data Exfiltration in Networks During Cyber-Attacks

Olayiwola Tokunbo Taofeek; Moatsum Alawida; Abdulatif Alabdulatif; Abiodun Esther Omolara; Oludare Isaac Abiodun

doi:10.1109/ACCESS.2022.3166628

IEEE Access (Jan 2022)

A Cognitive Deception Model for Generating Fake Documents to Curb Data Exfiltration in Networks During Cyber-Attacks

Olayiwola Tokunbo Taofeek,
Moatsum Alawida,
Abdulatif Alabdulatif,
Abiodun Esther Omolara,
Oludare Isaac Abiodun

Affiliations

Olayiwola Tokunbo Taofeek: Department of Computer and Mathematics, Universiti Teknologi MARA (UiTM), Shah Alam, Malaysia
Moatsum Alawida: ORCiD; Department of Computer Science, Abu Dhabi University, Abu Dhabi, United Arab Emirates
Abdulatif Alabdulatif: ORCiD; Department of Computer Science, College of Computer, Qassim University, Buraydah, Saudi Arabia
Abiodun Esther Omolara: Department of Computer Science, University of Abuja, Gwagwalada, Nigeria
Oludare Isaac Abiodun: ORCiD; Department of Computer Science, University of Abuja, Gwagwalada, Nigeria

DOI: https://doi.org/10.1109/ACCESS.2022.3166628
Journal volume & issue: Vol. 10
pp. 41457 – 41476

Abstract

Read online

The exponential increase in the compromise of sensitive and intellectual properties alludes to the huge price the global community must pay for the digital revolution we are currently experiencing. This irrefutable reality is a major reason why cybersecurity defences continue to be a pressing and timely area of research. Traditional countermeasures of cyber defence using boundary controllers and filters such as intrusion detection, access controls, firewalls and so on, have proven ineffective. Such measures fail to account for the attacker’s inherent advantage of being increasingly techno-savvy, as well as their persistence in attempting to compromise the security of not only high-value targets, but also the vast pool of oblivious users of technology. The use of decoys and deception is one of the emerging solutions for cyber defence. Leveraging decoys and deception for security pre-date the advent of the digital revolution as centuries have witnessed the military using human decoys to deceive and successfully defeat their adversaries during wars. However, its benefits for reducing cyberattacks in these digital times have not been thoroughly investigated. One of its use requires that fake text documents are positioned in the repository of critical documents in order to mislead and catch hackers attempting to exfiltrate sensitive documents. Current methods of generating fake text documents involve using symbols, junk documents, randomly generated texts. Such approaches fail to capture the empirical and linguistic properties of language, resulting in messages that do not scale well, are not realistic, fail in the context of syntax and are semantically void. Consequently, failing to convince the attackers to believe they are the original messages. This paper presents a Cognitive Deception Model (CDM) based on a neural model which takes an input message and generates syntactically cohesive and semantically coherent independent looking but plausible and convincing decoy messages to cognitively burden and deceive the adversaries. The experimental results used to validate the models, as well as the comparison with state-of-the-art tools, show that it outperforms existing systems.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords