Honeyfile Camouflage: Hiding Fake Files in Plain Sight

arXiv:2405.04758v1 Announce Type: new
Abstract: Honeyfiles are a particularly useful type of honeypot: fake files deployed to detect and infer information from malicious behaviour. This paper considers the challenge of naming honeyfiles so they are camouflaged when placed amongst real files in a file system. Based on cosine distances in semantic vector spaces, we develop two metrics for filename camouflage: one based on simple averaging and one on clustering with mixture fitting. We evaluate and compare the metrics, showing that …

arxiv challenge cs.ai cs.cl cs.cr detect fake file files file system honeypot information malicious real semantic system