Fake Document Generation for Cyber Deception by Manipulating Text Comprehensibility

Advanced cyber attackers can penetrate enterprise networks and steal critical documents containing intellectual property despite all access control measures. Cyber deception is one of many solutions to protect critical documents after an attacker penetrates the network. It requires the generation and deployment of decoys such as fake text. The comprehensibility of a fake text document can affect the required time and effort for an attack to succeed. However, existing cybersecurity research has given limited attention to exploring the comprehensibility features of text for fake document generation. This article presents a novel method to generate believable fake text documents by measuring and manipulating the comprehensibility of legit text within a genetic algorithm (GA) framework. For measuring text comprehensibility, we adopt a set of quantitative measures based on qualitative principles of psycholinguistics and reading comprehension: connectivity , dispersion , and sequentiality . Our user-study analysis indicates that the quantitative comprehensibility measures can approximate the degree of human effort required to comprehend a fake text document in contrast to a legit text. For manipulating text comprehensibility, we develop a multiobjective, multimutation GA that modifies a legit document to Pareto-optimally alter its comprehensibility measures and generate hard-to-comprehend, believable fake documents. Our experiments show that the proposed algorithm successfully generates fake documents for a broader class of legit documents with varied text characteristics when compared to baselines from previous research. Hence, the application of our method can help improve cyber deception systems by providing more believable yet hard-to-comprehend fake documents to mislead cyber attackers.