Sign In

Communications of the ACM

ACM News

AI Creates False Documents That Fake Out Hackers

View as: Print Mobile App Share:
Fooling the fox even after he enters the henhouse.

Some researchers have proposed using an algorithm to hopelessly confuse hackers once they break in a system, by hiding the real data amid a mountain of convincing fakes.

Credit: Thomas Fuchs

ackers constantly improve at penetrating cyberdefenses to steal valuable documents. So some researchers propose using an artificial-intelligence algorithm to hopelessly confuse them, once they break in, by hiding the real deal amid a mountain of convincing fakes.

The algorithm, called Word Embedding–based Fake Online Repository Generation Engine (WE-FORGE), generates decoys of patents under development. But someday it could "create a lot of fake versions of every document that a company feels it needs to guard," says its developer, Dartmouth College cybersecurity researcher V. S. Subrahmanian.

If hackers were after, say, the formula for a new drug, they would have to find the relevant needle in a haystack of fakes. This could mean checking each formula in detail—and perhaps investing in a few dead-end recipes. "The name of the game here is, 'Make it harder,'" Subrahmanian explains. "'Inflict pain on those stealing from you.'"

Subrahmanian says he tackled this project after reading that companies are unaware of new kinds of cyberattacks for an average of 312 days after they begin. "The bad guy has almost a year to decamp with all our documents, all our intellectual property," he says. "Even if you're a Pfizer, that's enough time to steal almost everything. It's not just the crown jewels—it's the crown jewels, and the jewels of the maid, and the watch of the secretary!"

From Scientific American
View Full Article



No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account