A Honey-imprint enabled Approach for Resisting Social Engineering Attacks

Zhaoxi Zhong; Wenjun Fan

A Honey-imprint enabled Approach for Resisting Social Engineering Attacks

Zhaoxi Zhong, Wenjun Fan^*

^*Corresponding author for this work

Xi'an Jiaotong-Liverpool University

Research output: Chapter in Book or Report/Conference proceeding › Conference Proceeding › peer-review

Abstract

bstract In the Reconnaissance step of the Cyber Kill Chain (CKC) model, social engineering (SE) techniques are often used to obtain sensitive/private data. This paper proposes a “honey-imprint” enabled approach which takes advantage of Natural Language Processing (NLP) for detecting SE attacks, Generative Adversarial Networks (GAN) for generating decoys from original sensitive information, and steganography for imprinting the honey watermark. The purpose of honey-imprint is to protect the sensitive information in the original file while leaving a covert imprint on the honey file to identify the malicious user. With this, we can further capture malicious interactions (using honey-imprinted data) by the honeypot system. We implement a prototype to verify the design, and the experimental results show that the method is valid and effective.

Original language	English
Title of host publication	APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium
Subtitle of host publication	Intelligent Management for Enabling the Digital Transformation
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	302-305
Number of pages	4
ISBN (Electronic)	9788995004395
Publication status	Published - 2023
Event	24th Asia-Pacific Network Operations and Management Symposium, APNOMS 2023 - Sejong, Korea, Republic of Duration: 6 Sept 2023 → 8 Sept 2023

Publication series

Name	APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium: Intelligent Management for Enabling the Digital Transformation

Conference

Conference	24th Asia-Pacific Network Operations and Management Symposium, APNOMS 2023
Country/Territory	Korea, Republic of
City	Sejong
Period	6/09/23 → 8/09/23

Keywords

Deceptive Defense
GAN
Honeypot
NLP
Social Engineering
Steganography

Cite this

Zhong, Z., & Fan, W. (2023). A Honey-imprint enabled Approach for Resisting Social Engineering Attacks. In APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium: Intelligent Management for Enabling the Digital Transformation (pp. 302-305). (APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium: Intelligent Management for Enabling the Digital Transformation). Institute of Electrical and Electronics Engineers Inc..

Zhong, Zhaoxi ; Fan, Wenjun. / A Honey-imprint enabled Approach for Resisting Social Engineering Attacks. APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium: Intelligent Management for Enabling the Digital Transformation. Institute of Electrical and Electronics Engineers Inc., 2023. pp. 302-305 (APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium: Intelligent Management for Enabling the Digital Transformation).

@inproceedings{d620f60611724fe0831d1ea8817071b2,

title = "A Honey-imprint enabled Approach for Resisting Social Engineering Attacks",

abstract = "bstract In the Reconnaissance step of the Cyber Kill Chain (CKC) model, social engineering (SE) techniques are often used to obtain sensitive/private data. This paper proposes a “honey-imprint” enabled approach which takes advantage of Natural Language Processing (NLP) for detecting SE attacks, Generative Adversarial Networks (GAN) for generating decoys from original sensitive information, and steganography for imprinting the honey watermark. The purpose of honey-imprint is to protect the sensitive information in the original file while leaving a covert imprint on the honey file to identify the malicious user. With this, we can further capture malicious interactions (using honey-imprinted data) by the honeypot system. We implement a prototype to verify the design, and the experimental results show that the method is valid and effective.",

keywords = "Deceptive Defense, GAN, Honeypot, NLP, Social Engineering, Steganography",

author = "Zhaoxi Zhong and Wenjun Fan",

year = "2023",

language = "English",

series = "APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium: Intelligent Management for Enabling the Digital Transformation",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "302--305",

booktitle = "APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium",

}

Zhong, Z & Fan, W 2023, A Honey-imprint enabled Approach for Resisting Social Engineering Attacks. in APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium: Intelligent Management for Enabling the Digital Transformation. APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium: Intelligent Management for Enabling the Digital Transformation, Institute of Electrical and Electronics Engineers Inc., pp. 302-305, 24th Asia-Pacific Network Operations and Management Symposium, APNOMS 2023, Sejong, Korea, Republic of, 6/09/23.

A Honey-imprint enabled Approach for Resisting Social Engineering Attacks. / Zhong, Zhaoxi; Fan, Wenjun.
APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium: Intelligent Management for Enabling the Digital Transformation. Institute of Electrical and Electronics Engineers Inc., 2023. p. 302-305 (APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium: Intelligent Management for Enabling the Digital Transformation).

Research output: Chapter in Book or Report/Conference proceeding › Conference Proceeding › peer-review

TY - GEN

T1 - A Honey-imprint enabled Approach for Resisting Social Engineering Attacks

AU - Zhong, Zhaoxi

AU - Fan, Wenjun

PY - 2023

Y1 - 2023

N2 - bstract In the Reconnaissance step of the Cyber Kill Chain (CKC) model, social engineering (SE) techniques are often used to obtain sensitive/private data. This paper proposes a “honey-imprint” enabled approach which takes advantage of Natural Language Processing (NLP) for detecting SE attacks, Generative Adversarial Networks (GAN) for generating decoys from original sensitive information, and steganography for imprinting the honey watermark. The purpose of honey-imprint is to protect the sensitive information in the original file while leaving a covert imprint on the honey file to identify the malicious user. With this, we can further capture malicious interactions (using honey-imprinted data) by the honeypot system. We implement a prototype to verify the design, and the experimental results show that the method is valid and effective.

AB - bstract In the Reconnaissance step of the Cyber Kill Chain (CKC) model, social engineering (SE) techniques are often used to obtain sensitive/private data. This paper proposes a “honey-imprint” enabled approach which takes advantage of Natural Language Processing (NLP) for detecting SE attacks, Generative Adversarial Networks (GAN) for generating decoys from original sensitive information, and steganography for imprinting the honey watermark. The purpose of honey-imprint is to protect the sensitive information in the original file while leaving a covert imprint on the honey file to identify the malicious user. With this, we can further capture malicious interactions (using honey-imprinted data) by the honeypot system. We implement a prototype to verify the design, and the experimental results show that the method is valid and effective.

KW - Deceptive Defense

KW - GAN

KW - Honeypot

KW - NLP

KW - Social Engineering

KW - Steganography

UR - http://www.scopus.com/inward/record.url?scp=85174815198&partnerID=8YFLogxK

M3 - Conference Proceeding

AN - SCOPUS:85174815198

T3 - APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium: Intelligent Management for Enabling the Digital Transformation

SP - 302

EP - 305

BT - APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 24th Asia-Pacific Network Operations and Management Symposium, APNOMS 2023

Y2 - 6 September 2023 through 8 September 2023

ER -

Zhong Z, Fan W. A Honey-imprint enabled Approach for Resisting Social Engineering Attacks. In APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium: Intelligent Management for Enabling the Digital Transformation. Institute of Electrical and Electronics Engineers Inc. 2023. p. 302-305. (APNOMS 2023 - 24th Asia-Pacific Network Operations and Management Symposium: Intelligent Management for Enabling the Digital Transformation).

A Honey-imprint enabled Approach for Resisting Social Engineering Attacks

Abstract

Publication series

Conference

Keywords

Other files and links

Fingerprint

Cite this