A Fake Online Repository Generation Engine for Cyber Deception

Today, major corporations and government organizations must face the reality that they will be hacked by malicious actors. In this paper, we consider the case of defending enterprises that have been successfully hacked by imposing additional a posteriori costs on the attacker. Our idea is simple: fo...

Full description

Saved in:
Bibliographic Details
Published inIEEE transactions on dependable and secure computing Vol. 18; no. 2; pp. 518 - 533
Main Authors Chakraborty, Tanmoy, Jajodia, Sushil, Katz, Jonathan, Picariello, Antonio, Sperli, Giancarlo, Subrahmanian, V. S.
Format Journal Article
LanguageEnglish
Published Washington IEEE 01.03.2021
IEEE Computer Society
Subjects
cyber deception
Data breach
Fake documents
Graphs
Industries
Innovations
Intellectual property
Multilayers
online repository
Ontologies
Optimization
Organizations
Technical information
Online AccessGet full text

Cover

More Information
Summary:Today, major corporations and government organizations must face the reality that they will be hacked by malicious actors. In this paper, we consider the case of defending enterprises that have been successfully hacked by imposing additional a posteriori costs on the attacker. Our idea is simple: for every real document <inline-formula><tex-math notation="LaTeX">d</tex-math> <mml:math><mml:mi>d</mml:mi></mml:math><inline-graphic xlink:href="jajodia-ieq1-2898661.gif"/> </inline-formula>, we develop methods to automatically generate a set <inline-formula><tex-math notation="LaTeX">Fake(d)</tex-math> <mml:math><mml:mrow><mml:mi>F</mml:mi><mml:mi>a</mml:mi><mml:mi>k</mml:mi><mml:mi>e</mml:mi><mml:mo>(</mml:mo><mml:mi>d</mml:mi><mml:mo>)</mml:mo></mml:mrow></mml:math><inline-graphic xlink:href="jajodia-ieq2-2898661.gif"/> </inline-formula> of fake documents that are very similar to <inline-formula><tex-math notation="LaTeX">d</tex-math> <mml:math><mml:mi>d</mml:mi></mml:math><inline-graphic xlink:href="jajodia-ieq3-2898661.gif"/> </inline-formula>. The attacker who steals documents must wade through a large number of documents in detail in order to separate the real one from the fakes. Our <inline-formula><tex-math notation="LaTeX">\mathsf {FORGE}</tex-math> <mml:math><mml:mi mathvariant="sans-serif">FORGE</mml:mi></mml:math><inline-graphic xlink:href="jajodia-ieq4-2898661.gif"/> </inline-formula> system focuses on technical documents (e.g., engineering/design documents) and involves three major innovations. First, we represent the semantic content of documents via multi-layer graphs (MLGs). Second, we propose a novel concept of "meta-centrality" for multi-layer graphs. A meta-centrality (MC) measure takes a classical centrality measure (for ordinary graphs, not MLGs) as input, and generalizes it to MLGs. The idea is to generate fake documents by replacing concepts on the basis of meta-centrality with related concepts according to an ontology. Our third innovation is to show that the problem of generating the set <inline-formula><tex-math notation="LaTeX">Fake(d)</tex-math> <mml:math><mml:mrow><mml:mi>F</mml:mi><mml:mi>a</mml:mi><mml:mi>k</mml:mi><mml:mi>e</mml:mi><mml:mo>(</mml:mo><mml:mi>d</mml:mi><mml:mo>)</mml:mo></mml:mrow></mml:math><inline-graphic xlink:href="jajodia-ieq5-2898661.gif"/> </inline-formula> of fakes can be viewed as an optimization problem. We prove that this problem is NP-complete and then develop efficient heuristics to solve it in practice. We ran detailed experiments on two datasets: one a panel of 20 human subjects, another with a panel of 10. Our results show that <inline-formula><tex-math notation="LaTeX">\mathsf {FORGE}</tex-math> <mml:math><mml:mi mathvariant="sans-serif">FORGE</mml:mi></mml:math><inline-graphic xlink:href="jajodia-ieq6-2898661.gif"/> </inline-formula> generates highly believable fakes.
ISSN:1545-5971
1941-0018
DOI:10.1109/TDSC.2019.2898661