Cyber security addresses the protection of information systems in cyberspace. These systems face multiple attacks on a daily basis, with the level of complication getting increasingly challenging. Despite the existence of multiple solutions, attackers are still quite successful at identifying vulnerabilities to exploit. This is why cyber deception is increasingly being used to divert attackers’ attention and, therefore, enhance the security of information systems. To be effective, deception environments need fake data. This is where Natural Language (NLP) Processing comes in. Many cyber security models have used NLP for vulnerability detection in information systems, email classification, fake citation detection, and many others. Although it is used for text generation, existing models seem to be unsuitable for data generation in a deception environment. Our goal is to use text generation in NLP to generate data in the deception context that will be used to build multi-level deception in information systems. Our model consists of three (3) components, including the connection component, the deception component, composed of several states in which an attacker may be, depending on whether he is malicious or not, and the text generation component. The text generation component considers as input the real data of the information system and allows the production of several texts as output, which are usable at different deception levels.
References
[1]
Kouam Kamdem, I.G. and Nkenlifack, M.J.A. (2021) Data Security in Health Systems: Case of Cameroon. In: Arai, K., Ed., Intelligent Computing, Lecture Notes in Networks and Systems, Vol. 285, Springer, Cham, 48-57. https://doi.org/10.1007/978-3-030-80129-8_4
[2]
Mohammed, M.E. (2016) La sécurité dans les systèmes de santé. PhD Thesis, Diss, Université mohamed boudiaf’ des sciences et de la technologie d’oran, Algerie.
[3]
Katt, B. (2014) A Comprehensive Overview of Security Monitoring Solutions for E-Health Systems. 2014 IEEE International Conference on Healthcare Informatics, Verona, 15-17 September 2014, 364. https://doi.org/10.1109/ICHI.2014.59
[4]
Akinyele, J., Pagano, M., Peterson, Z., Lehmann, C. and Aviel, D.R. (2011) Securing Electronic Medical Records Using Attribute-Based Encryption on Mobile Devices Report 2010/565. Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Chicago, 17 October 2011, 75-86. https://doi.org/10.1145/2046614.2046628
[5]
Anwar Ahmed, H., Charles, K. and Nandi, L. (2019) A Game-Theoretic Framework for Dynamic Cyber Deception in Internet of Battlefield Things. Proceedings of the 16th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, 2-14 November 2019, 522-526. https://doi.org/10.1145/3360774.3368204
[6]
Xing, J.C., Yang, M.L., Zhou, H.F., Et Al. (2019) Hiding and Trapping: A Deceptive Approach for Defending against Network Reconnaissance with Software-Defined Network. 2019 IEEE 38th International Performance Computing and Communications Conference (IPCCC), London, 29-31 October 2019, 1-8. https://doi.org/10.1109/IPCCC47392.2019.8958776
[7]
Pawlick, J. and Zhu, Q.Y. (2021) Game Theory for Cyber Deception. Springer International Publishing, Berlin. https://doi.org/10.1007/978-3-030-66065-9
[8]
Chen, Y.L., Wei, Y.J., Yu, Y.F., Xue, W. and Qin, X.Y. (2018) Cyber Security NLP: Machine-Based Text Analytics of National Cybersecurity Strategies. https://github.com/ychen463/cyber
[9]
Egon, K., Stevanovic, M. and Pedersen, J.M. (2018) Detection of Malicious Domains through Lexical Analysis. 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), Glasgow, 11-12 June 2018, 1-5. https://doi.org/10.1109/CyberSecPODS.2018.8560665
[10]
L’Huillier, G., Et Al. (2010) Latent Semantic Analysis and Keyword Extraction for Phishing Classification. 2010 IEEE International Conference on Intelligence and Security Informatics, Vancouver, 23-26 May 2010, 129-131. https://doi.org/10.1109/ISI.2010.5484762
[11]
Mokhov, S.A., Paquet, J. and Debbabi, M. (2014) The Use of NLP Techniques in Static Code Analysis to Detect Weaknesses and Vulnerabilities. Canadian Conference on Artificial Intelligence, Montréal, 6-9 May 2014, 326-332. https://doi.org/10.1007/978-3-319-06483-3_33
[12]
Priyavrat, B. (2014) Context Encryption Using Natural Language Processing. Amdocs.
[13]
Kushwaha, A., Sharma, H.R. and Ambhaikar, A. (2018) Selective Encryption Using Natural Language Processing for Text Data in Mobile Ad Hoc Network. In: Vasant, P., Litvinchev, I. and Marmolejo-Saucedo, J.A., Eds., Modeling, Simulation, and Optimization, Springer, Cham, 15-26. https://doi.org/10.1007/978-3-319-70542-2_2
[14]
Chakraborty, T., Et Al. (2019) A Fake Online Repository Generation Engine for Cyber Deception. IEEE Transactions on Dependable and Secure Computing, 18, 518-533. https://doi.org/10.1109/TDSC.2019.2898661
[15]
Karuna, P., Et Al. (2020) Fake Document Generation for Cyber Deception by Manipulating Text Comprehensibility. IEEE Systems Journal, 15, 835-845. https://doi.org/10.1109/JSYST.2020.2980177
[16]
Egozi, G. and Verma, R. (2018) Phishing Email Detection Using Robust NLP Techniques. 2018 IEEE International Conference on Data Mining Workshops (ICDMW), Singapore, 17-20 November 2018, 7-12. https://doi.org/10.1109/ICDMW.2018.00009
[17]
Siddiqui, S., Et Al. (2019) Ontology Driven Feature Engineering for Opinion Mining. IEEE Access, 7, 67392-67401. https://doi.org/10.1109/ACCESS.2019.2918584
[18]
Mokhov, S.A., Paquet, J. and Debbabi, M. (2014) The Use of NLP Techniques in Static Code Analysis to Detect Weaknesses and Vulnerabilities. Canadian Conference on Artificial Intelligence, Montréal, 6-9 May 2014, 326-332. https://doi.org/10.1007/978-3-319-06483-3_33
[19]
Sarker, I.H., Furhad, M.H. and Nowrozy, R. (2021) Ai-Driven Cybersecurity: An Overview, Security Intelligence Modeling and Research Directions. SN Computer Science, 2, Article No. 173. https://doi.org/10.1007/s42979-021-00557-0
[20]
Cho, K., Van Merrienboer, B., Gulcehre, C., Bahdanau, D., Bougares, F., Schwenk, H. and Bengio, Y. (2014) Learning Phrase Representations Using RNN Encoder-Decoder for Statistical Machine Translation.
[21]
Bahdanau, D., Cho, K. and Bengio, Y. (2014) Neural Machine Translation by Jointly Learning to Align and Translate.
[22]
Tang, J.H., Zhao, T.C., Xiong, C.Y., Liang, X.D., Xing, E.P. and Hu, Z.T. (2019) Target-Guided Open-Domain Conversation. Proceedings of the 57th Annual Meeting of the Association for Computational Linguistics, Florence, July 2019, 5624-5634. https://doi.org/10.18653/v1/P19-1565
[23]
Su, H., Shen, X.Y., Zhao, S.Q., Zhou, X., Hu, P.W., Zhong, R., Niu, C. and Zhou, J. (2020) Diversifying Dialogue Generation with Non-Conversational Text. Proceedings of the 58th Annual Meeting of the Association for Computational Linguistics, July 2020, 7087-7097. https://doi.org/10.18653/v1/2020.acl-main.634
[24]
Shen, L., Zhan, H.L., Shen, X., Song, Y.H. and Zhao, X.F. (2021) Text Is Not Enough: Integrating Visual Impressions into Open-Domain Dialogue Generation. Proceedings of the 29th ACM International Conference on Multimedia, 20-24 October 2021, 4287-4296. https://doi.org/10.1145/3474085.3475568
[25]
Liu, Y. and Lapata, M. (2018) Learning Structured Text Representations. Transactions of the Association for Computational Linguistics, 6, 63-75. https://doi.org/10.1162/tacl_a_00005
[26]
Guo, J.X., Lu, S.D., Cai, H., Zhang, W.N., Yu, Y. and Wang, J. (2018) Long Text Generation via Adversarial Training with Leaked Information. Proceedings of the AAAI Conference on Artificial Intelligence, 32, 5141-5148. https://doi.org/10.1609/aaai.v32i1.11957
[27]
Li, Z., Jiang, X., Shang, L. and Li, H. (2017) Paraphrase Generation with Deep Reinforcement Learning. https://doi.org/10.48550/arXiv.1711.00279
[28]
Noraset, T., Demeter, D. and Downey, D. (2018) Controlling Global Statistics in Recurrent Neural Network Text Generation. Proceedings of the AAAI Conference on Artificial Intelligence, 32, 5333-5341. https://doi.org/10.1609/aaai.v32i1.11993
[29]
Graves, A. (2013) Generating Sequences with Recurrent Neural Networks.
[30]
Le, Q. and Mikolov, T. (2014) Distributed Representations of Sentences and Documents. International Conference on Machine Learning, Beijing, 21-26 June 2014, 1188-1196.
[31]
Li, J.W., Luong, M.-T. and Jurafsky, D. (2015) A Hierarchical Neural Autoencoder for Paragraphs and Documents.
[32]
Agrawal, R., Chakraborty, S., Gollapudi, S., Kannan, A. and Kenthapadi, K. (2012) Empowering Authors to Diagnose Comprehension Burden in Textbooks. Proceedings of the 18th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Beijing, 12-16 August 2012, 967-975. https://doi.org/10.1145/2339530.2339682
[33]
Opsahl, T., Agneessens, F. and Skvoretz, J. (2010) Node Centrality in Weighted Networks: Generalizing Degree and Shortest Paths. The Social Network, 32, 245-251. https://doi.org/10.1016/j.socnet.2010.03.006
[34]
Mihalcea, R., Et Al. (2006) Corpus-Based and Knowledge-Based Measures of Text Semantic Similarity. Proceedings of the 21st National Conference on Artificial Intelligence, 1, 775-780.
[35]
Saviour, M.P.A. and Samiappan, D. (2023) IPFS Based Storage Authentication and Access Control Model with Optimization Enabled Deep Learning for Intrusion Detection. Advances in Engineering Software, 176, Article ID: 103369. https://doi.org/10.1016/j.advengsoft.2022.103369
[36]
Bisaillon, C. (2019) Fake and Real News Dataset. https://www.kaggle.com/datasets/clmentbisaillon/fake-and-real-news-dataset?select=true.csv
[37]
Mamlin, B. (2022) Demo Data. https://wiki.openmrs.org/display/res/demo data
