Decoy Shield: Leveraging AI and Decoy Strategies for Enhanced Protection Against Data Exfiltration and Automated Cyberattacks
- Version
- Download 3
- File Size 550.60 KB
- File Count 1
- Create Date 7 June 2025
- Last Updated 7 June 2025
Decoy Shield: Leveraging AI and Decoy Strategies for Enhanced Protection Against Data Exfiltration and Automated Cyberattacks
Authors:
1st Mr. V. Udhayakumar, 2ndG.Susidaran
1Professor, Department of Computer Applications, Sri Manakula Vinayagar Engineering College (Autonomous),
Puducherry 605008, India udhayakumar.mca@smvec.ac.in
2Post Graduate student, Department of computer Applications, Sri Manakula Vinayagar Engineering College (Autonomous), Puducherry 605008, India
Abstract: Intellectual Property (IP) is a critical asset for organizations, containing valuable innovations and proprietary knowledge that must be protected to maintain a competitive edge. Cyberattacks on IP have become more prevalent, with adversaries using automated systems to exfiltration and classify large volumes of documents to extract sensitive information like trade secrets. However, traditional IP protection methods, such as encryption and firewalls, are often ineffective against these advanced, automated threats. This project introduces the DARD (Decoy Approaches for Robust Protection against IP Theft) system, designed to disrupt automated classification methods by employing misleading techniques. To detect adversarial behavior, the system uses a Variational Autoencoder (VAE) to identify anomalous patterns in access and activity logs.
This project introduces the DARD (Decoy Approaches for Robust Protection against IP Theft) system, a novel defense framework designed to proactively disrupt automated IP theft mechanisms by embedding deceptive and misleading information.
DARD focuses on confusing machine learning-based document classifiers and topic modeling algorithms, thereby reducing the efficacy of adversarial reconnaissance and data mining.Once adversaries are detected, the DARD system generates a modified document repository that manipulates document clustering and topic modeling outcomes, making it difficult for adversaries to identify topics of interest.
The system uses four manipulation operations—Basic Shuffle, Shuffle Increment, Shuffle Reduction, and Change Topic—which replace original keywords with decoy ones, creating misleading clusters.
The proposed approach incorporates techniques such as text preprocessing using Natural Language Processing (NLP), feature extraction with Term FrequencyInverse Document Frequency (TF-IDF), document clustering with K-Means, and topic modeling using Latent Dirichlet Allocation (LDA). These methods ensure that even when adversaries attempt to analyze the documents, the results will be deceptive. This system effectively protects against the initial phase of IP theft and provides secure access for legitimate users through a secure enclave-based architecture.
Objectives:
- To detect adversarial behavior using Variational Autoencoder (VAE) for anomaly detection in access and activity logs.
- To identify suspicious document access patterns and unauthorized high-volume data extraction
- To disrupt automated document clustering and topic modeling used by adversaries for IP theft.
- To implement decoy-based techniques such as Basic Shuffle, Shuffle Increment, Shuffle Reduction, and Change Topic to mislead
- To ensure legitimate users retain seamless access to original documents through a secure enclave- based architecture.
Keywords: Insurance IP Repository, End User, Adversary Model, Adversary Detection, Document Manipulation, Document Repository Modification, Alert Generator, Notification
Download