Hackers continue to improve their penetration network defenses to steal valuable files. Therefore, some researchers recommend using artificial intelligence algorithms to completely confuse them by hiding real transactions in a large number of convincing fakes after they break in.
This algorithm is called the Word Embedding-based Fake Online Repository Generation Engine (WE-FORGE), which can generate patent bait under development. But one day, it may “create a large number of fake versions of every file that the company believes needs protection,” said its developer and Dartmouth College cybersecurity researcher VS Subrahmanian.
If hackers are looking for a new medicine formula, they will have to find the relevant needles among a pile of fake medicines. This may mean checking every formula in detail-and possibly investing in some dead ends. “The name of the game here is,’Make it harder’,” Subrahmanian explained. “‘To make those who steal your things suffer.'”
Subrahmanian said that after working on this project Read that The company did not realize it for an average of 312 days after the start of a new type of cyber attack. “The bad guys have nearly a year to process all our documents, all our intellectual property rights,” he said. “Even if you are Pfizer, this is enough to steal almost everything. This is not just the jewels of the crown-it is the jewels of the crown, as well as the maid’s jewels, and the secretary’s watch!
Rachel Tobac, CEO of SocialProof Security, a network security consulting firm, said that forged documents produced by WE-FORGE may also act as hidden “tripwires.” For example, a tempting file might remind you of security when you visit it. Companies usually use artificially manufactured fakes to implement this strategy. “But now, if this AI can do this for us, then we can create many new documents that are credible to attackers — without having to do more work,” said Tobac, who was not involved in the project.
The system generates convincing bait by searching for keywords in documents. For each one it finds, it calculates a list of related concepts and replaces the original term with a randomly selected one. This process can generate dozens of documents that do not contain proprietary information but still appear to be credible. Subrahmanian and his team asked computer science and chemistry graduate students to evaluate the true and false patents in their respective fields. Humans found that the documents generated by WE-FORGE were very credible.The result appeared In the Computer Society Management information system transactions.
WE-FORGE may eventually expand its scope, but Subrahmanian pointed out that, for example, the document recommending the course of action will be much more complicated than the technical formula. Nevertheless, both he and Tobac believe that this research will attract commercial interest. “I can definitely see an organization using this type of product,” Tobuck said. “If this… creates credible bait without releasing sensitive details in these baits, then I think you have achieved a huge victory there.”