Learn about the Morphosis AI

Research Project

Morphosis AI is a BMFTR-funded StartUpSecure project at DFKI Kaiserslautern, running since November 2025. We research and develop new strategies for autonomous, dynamic cyber deception — using generative AI to produce high-quality honeypots, fabricated documents, credentials, and network artefacts at scale. The project lays the groundwork for a DFKI spin-off bringing deception-based security to SMEs and public institutions.

Lizard

Overview

Cyber threats are more pervasive than ever. Private and public organisations must fear becoming targets of Advanced Persistent Threats (APTs) or state-sponsored campaigns. In practice, successful attacks are discovered only after the fact — when only reactive measures remain.

Cyber deception through honeypots and honeytokens offers a proactive approach: early detection of attacks, and the deliberate misleading of adversaries using psychological countermeasures — spreading fear, uncertainty, and doubt.

morphosis.ai researches and develops an autonomous, dynamic cyber deception platform leveraging advances in generative AI. The central question is whether a dynamic honeypot platform with low operational cost and high attacker engagement is technically feasible — and how to bring it to market through a spin-off.

Project Goals

  • An architecture whitepaper describing the honeytoken ML pipeline with continuous learning
  • Empirical LLM fine-tuning experiments for honeytoken generation, optimising for attacker engagement and generation cost
  • Publication of results in an open-access journal in the field of ML for network security
  • A detailed commercialisation plan for a spin-off and a clear path to StartUpSecure Phase 2

Introduction of our

Key Research Areas

Concept 01

Active Defense

Traditional cybersecurity is passive: firewalls block, intrusion detection systems alert, and forensics reconstruct what happened after the breach. Active defense turns this model on its head — instead of waiting to be hit, the defender deliberately shapes the attacker's experience.

The core idea is to exploit the one constant in every attack: the attacker's intent. Regardless of how sophisticated the tools are, an attacker pursuing credentials will always pursue credentials. Active defense plants fake ones in their path.

This creates an asymmetric advantage for defenders. A single well-placed decoy covers an unlimited range of attack techniques — including zero-days and novel methods that no signature-based system could detect.

Deception

Planting false information, fake credentials, or decoy systems that attract and mislead attackers pursuing real targets.

Disruption

Wasting attacker time and resources by steering them into dead ends — every hour spent on a honeynet is an hour not spent on real infrastructure.

Detection

Any interaction with a decoy is a high-fidelity indicator of compromise. No legitimate user touches a honeytoken — only attackers do.

Data Poisoning

Mixing generated fake data with real data so that stolen datasets lose value. The adversary cannot reliably distinguish authentic from fabricated.

Concept 02

Honeypots & Honeynets

A honeypot is a deliberately exposed system designed to look like a legitimate target. It has no production value — anyone interacting with it is, by definition, unauthorized. This makes honeypots uniquely low in false positives: every alert is real.

A honeynet scales this concept into a full simulated network — multiple interconnected honeypots that mimic an organisation's real infrastructure, complete with believable traffic, services, and data. The attacker enters what appears to be a real environment and reveals their tools, techniques, and objectives.

Honeytokens take the concept further: instead of full systems, they are individual pieces of data — a fake API key in a config file, a decoy SSH private key, a planted database credential — that trigger an alert the moment they are used.

Honeytoken Types

Credentials Fake SSH keys, API tokens, database passwords, browser-saved logins
Documents Fabricated contracts, internal memos, financial records, HR files
Network Services Simulated FTP, SSH, HTTP, RDP endpoints with logging
Database Entries Decoy rows in real databases — customer records, admin accounts
Configuration Files Fake .env files, server configs, cloud provider credentials
Emails & Chat Logs Planted messages referencing fictitious high-value assets

Concept 03

Cyber Ranges

A cyber range is a controlled, isolated environment that faithfully simulates real network infrastructure — used for training, testing, and empirical research. Unlike production systems, a cyber range can be deliberately attacked, broken, and reset.

For morphosis.ai, cyber ranges serve two critical functions. First, they provide a safe deployment target for testing the honeynet platform: new honeypot configurations can be validated against simulated attacker behaviour before touching real infrastructure. Second, they enable empirical effectiveness studies — bringing in professional penetration testers to interact with our deception systems under controlled conditions.

The team has direct experience building cyber ranges: Marvin Sinnwell led the development of a campus network simulation cyber range for the CANRIN-5G project, providing the foundation for morphosis.ai's experimental setup.

Isolated Simulation

Network topology, services, and traffic patterns replicate a real organisation. Attackers cannot distinguish the range from the genuine target.

Repeatable Experiments

The same attack scenario can be run multiple times with different honeypot configurations, enabling statistical comparison of deception strategies.

Safe Red-Teaming

Professional penetration testers can conduct live-hacking sessions without risk to real assets — revealing which decoys attract attention and which are overlooked.

Attacker Psychology Data

Detailed interaction logs allow analysis of attacker decision-making: which fake assets are prioritised, how long decoys hold attention, and what triggers detection.

Concept 04

Inference Goals & the LLM Pipeline

The central technical challenge of morphosis.ai is automated generation of believable deceptive content. A honeypot that looks obviously fake attracts no one. A honeytoken that fails to match the target organisation's writing style or technical conventions will be ignored.

Large language models make high-quality generation tractable — but deploying a full-scale LLM per honeypot is prohibitively expensive. Our inference goals therefore have two dimensions: quality (the generated content must pass scrutiny) and efficiency (the model must run at deployment scale within constrained compute budgets).

Configuration Generator

Trained once and reused across deployments. Given a description of the target infrastructure, it produces a structured configuration file specifying what honeypots to deploy, what services to simulate, and what honeytoken types to generate.

Infrastructure / Content Model

Partially retrained per deployment target. Generates the actual honeytoken content — documents, credentials, chat logs, database entries — tuned to match the organisation's voice, tooling, and data formats.

Optimisation Techniques

Fine-tuning

Supervised adaptation of a base model on domain-specific examples — generating passwords that match real leaked distributions, or documents that match target-org writing style.

Knowledge Distillation

A large teacher model supervises training of a compact student model. The student inherits generation quality at a fraction of the inference cost.

Pruning

Removing redundant weights from an already fine-tuned model. Combined with quantisation, this enables deployment on embedded hardware without GPU.

RAG (Retrieval-Augmented Generation)

A retrieval system feeds the model live context from the deployment environment — recently observed files, simulated user activity, inter-honeypot communication — enabling continuous in-deployment adaptation without retraining.

Open Questions

Research Questions

RQ1

What new deception strategies and honeytoken types does LLM advancement make possible, given a formal threat and attacker attention model?

RQ2.1

Can LLMs be fine-tuned, pruned, and distilled for deception without measurable quality degradation relative to the threat model?

RQ2.2

How must models be dimensioned to produce high-quality results under heavily constrained compute resources?

RQ3

Can honeypot models communicate via RAG and co-evolve in a bio-inspired manner, producing increasingly convincing environments?

RQ4

To what degree can LLM-generated honeypot deployment be automated, and where in the pipeline is human oversight required?

RQ5.1

What metrics can measure the cognitive and psychological impact of deception on a human attacker?

RQ5.2

How effective are generated decoys against targeted attacks in a controlled empirical study?