IEEE Access (Jan 2022)
A Cognitive Deception Model for Generating Fake Documents to Curb Data Exfiltration in Networks During Cyber-Attacks
Abstract
The exponential increase in the compromise of sensitive and intellectual properties alludes to the huge price the global community must pay for the digital revolution we are currently experiencing. This irrefutable reality is a major reason why cybersecurity defences continue to be a pressing and timely area of research. Traditional countermeasures of cyber defence using boundary controllers and filters such as intrusion detection, access controls, firewalls and so on, have proven ineffective. Such measures fail to account for the attacker’s inherent advantage of being increasingly techno-savvy, as well as their persistence in attempting to compromise the security of not only high-value targets, but also the vast pool of oblivious users of technology. The use of decoys and deception is one of the emerging solutions for cyber defence. Leveraging decoys and deception for security pre-date the advent of the digital revolution as centuries have witnessed the military using human decoys to deceive and successfully defeat their adversaries during wars. However, its benefits for reducing cyberattacks in these digital times have not been thoroughly investigated. One of its use requires that fake text documents are positioned in the repository of critical documents in order to mislead and catch hackers attempting to exfiltrate sensitive documents. Current methods of generating fake text documents involve using symbols, junk documents, randomly generated texts. Such approaches fail to capture the empirical and linguistic properties of language, resulting in messages that do not scale well, are not realistic, fail in the context of syntax and are semantically void. Consequently, failing to convince the attackers to believe they are the original messages. This paper presents a Cognitive Deception Model (CDM) based on a neural model which takes an input message and generates syntactically cohesive and semantically coherent independent looking but plausible and convincing decoy messages to cognitively burden and deceive the adversaries. The experimental results used to validate the models, as well as the comparison with state-of-the-art tools, show that it outperforms existing systems.
Keywords