Automating the Generation of Enticing Text Content for High-Interaction Honeyfiles Whitham, Ben 2016-12-29T02:14:33Z 2016-12-29T02:14:33Z 2017-01-04
dc.description.abstract While advanced defenders have successfully used honeyfiles to detect unauthorized intruders and insider threats for more than 30 years, the complexity associated with adaptively devising enticing content has limited their diffusion. This paper presents four new designs for automating the construction of honeyfile content. The new designs select a document from the target directory as a template and employ word transposition and substitution based on parts of speech tagging and n-grams collected from both the target directory and the surrounding file system. These designs were compared to previous methods using a new theory to quantitatively evaluate honeyfile enticement. The new designs were able to successfully mimic the content from the target directory, whilst minimizing the introduction of material from other sources. The designs may also hold potential to match many of the characteristics of nearby documents, whilst minimizing the replication of copyrighted or classified material from documents they are protecting
dc.format.extent 10 pages
dc.identifier.doi 10.24251/HICSS.2017.733
dc.identifier.isbn 978-0-9981331-0-2
dc.language.iso eng
dc.relation.ispartof Proceedings of the 50th Hawaii International Conference on System Sciences
dc.rights Attribution-NonCommercial-NoDerivatives 4.0 International
dc.subject canary files
dc.subject cyber deception
dc.subject honeyfiles
dc.subject decoy files
dc.title Automating the Generation of Enticing Text Content for High-Interaction Honeyfiles
dc.type Conference Paper
dc.type.dcmi Text
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
1.9 MB
Adobe Portable Document Format