Minimising paradoxes when employing honeyfiles to combat data theft in military networks

摘要

The application of deception has been instrumental to the success of military operations for thousands of years. Cyber deception offers similar potential to detect, delay and confuse a dedicated and trained digital adversary. Honeyfiles are cyber deception technique utilised by advanced network defenders to combat data theft. In practice, the accessibility and applicability of honeyfiles to military networks has been limited by designs that are over-complicated, require Internet access and/or create protection paradoxes by reproducing the very classified material that they are attempting to protect. This paper presents three new honeyfile designs, based on the transposition and substitution of content from the target environment through parts of speech tagging. The new designs minimise the replication of classified material, yet still remain enticing to malicious software or user driven searches. The main advantage, however, is that their construction can be automated, enabling their employment by personnel without cyber deception qualifications.