LLM honeypotting: an experimental deception-based defense against AI crawlers
digiday.com

LLM honeypotting: an experimental deception-based defense against AI crawlers

Tech News
2 min read

Published by AINave Editorial • Reviewed by Ramit

TL;DRLLM honeypotting is an experimental deception-based defense that raises scraping costs for AI crawlers using content mazes and data poisoning.

LLM honeypotting is an early, experimental approach that uses deception-based defenses to raise the cost of scraping by AI crawlers, aiming to deter free-riding rather than simply block access. Publishers and e-commerce brands are testing tactics like proof-of-work challenges, infinite content mazes, and data poisoning to degrade model quality for unauthorized data collectors.

What happened

As OpenAI, Google, Meta, and third-party scrapers have increased crawling of publisher and brand sites, a parallel industry of defensive tools has formed. One such tool is LLM honeypotting, a subset of deception techniques. Simon Wistow, co-founder of CDN vendor Fastly, explains that deception has long been used in security to "change the economics of attacking" rather than just blocking traffic. Applied to LLMs, that means treating certain visitors as attackers and forcing them to do extra work.

Techniques include proof-of-work challenges that make botnets face real compute bills, infinite content mazes that waste time and compute budgets, and data poisoning that feeds LLMs statistically coherent nonsense to degrade answer quality. Wistow notes this is not about disinformation but about making free-riding uneconomic.

Some large e-commerce brands and news publishers are trialing these honeypots, though Wistow would not name specific customers. The main objective is to change the economics for a long tail of scrapers that currently crawl at near-zero marginal cost.

Why AI builders should care

For AI builders who rely on open web data for training or retrieval, LLM honeypotting introduces a new risk: data quality degradation. If publishers deploy data poisoning, models that scrape without permission may

Sources

Latest Tech News