Please use this identifier to cite or link to this item:

TSM: Measuring the Enticement of Honeyfiles with Natural Language Processing

File Size Format  
0223.pdf 647.36 kB Adobe PDF View/Open

Item Summary

Title:TSM: Measuring the Enticement of Honeyfiles with Natural Language Processing
Authors:Timmer, Roelien
Liebowitz, David
Nepal, Surya
Kanhere, Salil
Keywords:Cyber Deception and Cyberpsychology for Defense
cyber deception
enticement score
natural language processing (nlp)
show 1 moresemantic similarity
show less
Date Issued:04 Jan 2022
Abstract:Honeyfile deployment is a useful breach detection method in cyber deception that can also inform defenders about the intent and interests of intruders and malicious insiders. A key property of a honeyfile, enticement, is the extent to which the file can attract an intruder to interact with it. We introduce a novel metric, Topic Semantic Matching (TSM), which uses topic modelling to represent files in the repository and semantic matching in an embedding vector space to compare honeyfile text and topic words robustly. We also present a honeyfile corpus created with different Natural Language Processing (NLP) methods. Experiments show that TSM is effective in inter-corpus comparisons and is a promising tool to measure the enticement of honeyfiles. TSM is the first measure to use NLP techniques to quantify the enticement of honeyfile content that compares the essential topical content of local contexts to honeyfiles and is robust to paraphrasing.
Pages/Duration:10 pages
Rights:Attribution-NonCommercial-NoDerivatives 4.0 International
Appears in Collections: Cyber Deception and Cyberpsychology for Defense

Please email if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons