• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>International Journal of Innovative Computing Information and Control >PASSWORD CRACKING BASED ON LEARNED PATTERNS FROM DISCLOSED PASSWORDS
【24h】

PASSWORD CRACKING BASED ON LEARNED PATTERNS FROM DISCLOSED PASSWORDS

机译:基于已公开密码的学习模式进行密码破解

获取原文
获取原文并翻译 | 示例
       
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Password-based authentication systems are still the most commonly used mechanism for protecting sensitive information despite being vulnerable to dictionary based attacks. To guard against such attacks, many organizations enforce complicated password-creation rules and require that passwords include numeric and special characters. This study demonstrates that as long as passwords are not difficult to remember, they remain vulnerable to "smart dictionary" attacks. In this study, a password analysis platform is developed to formally analyze commonly used passwords and identify frequently used password patterns and their associated probabilities. Based upon these patterns, we establish a model consisting of a Training set, a Dictionary set and a Testing set (TDT model) to generate probabilistic passwords sorted in decreasing order. The model can be used to dramatically reduce the size of the password space to be searched. Simulation results show that the number of passwords cracked using the TDT model is 1.43 and 2.5 times higher compared with the John-the-Ripper attack and Brute-force attack, respectively. We also design a hybrid password cracking system combining different attacks to verify the effectiveness of the proposed method. After applying the TDT model, the number of passwords cracked increased by up to 273%.
机译:尽管容易受到基于字典的攻击,但是基于密码的身份验证系统仍然是保护敏感信息的最常用机制。为了防止此类攻击,许多组织强制执行复杂的密码创建规则,并要求密码包含数字和特殊字符。这项研究表明,只要不难记住密码,它们仍然容易受到“智能字典”攻击。在本研究中,开发了密码分析平台以正式分析常用密码并识别常用密码模式及其相关概率。基于这些模式,我们建立了一个由训练集,字典集和测试集(TDT模型)组成的模型,以生成按降序排列的概率密码。该模型可用于显着减小要搜索的密码空间的大小。仿真结果表明,与John-the-Ripper攻击和Brute-force攻击相比,使用TDT模型破解的密码数量分别高1.43和2.5倍。我们还设计了一种混合密码破解系统,该系统结合了不同的攻击,以验证该方法的有效性。应用TDT模型后,破解的密码数量最多增加了273%。

著录项

  • 来源
  • 作者

    Hsien-Cheng Chou; Hung-Chang Lee; Hwan-Jeu Yu; Fei-Pei Lai; Kuo-Hsuan Huang; Chih-Wen Hsueh;

  • 作者单位

    Department of Computer Science and Information Engineering National Taiwan University No. 1, Section 4, Roosevelt Road, Taipei 10617, Taiwan;

    Department of Information Management Tamkang University No. 151, Yingzhuan Road, Tamsui District, New Taipei City 25137, Taiwan;

    Department of Computer Science and Information Engineering National Taiwan University No. 1, Section 4, Roosevelt Road, Taipei 10617, Taiwan;

    Department of Computer Science and Information Engineering National Taiwan University No. 1, Section 4, Roosevelt Road, Taipei 10617, Taiwan,Graduate Institute of Biomedical Electronics and Bioinformatics National Taiwan University No. 1, Section 4, Roosevelt Road, Taipei 10617, Taiwan;

    Department of Computer Science and Engineering Tatung University No. 40, Zhongshan North Road, 3rd Section, Taipei 104, Taiwan;

    Department of Computer Science and Information Engineering National Taiwan University No. 1, Section 4, Roosevelt Road, Taipei 10617, Taiwan;

  • 收录信息
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    password cracking; dictionary attack; brute-force attack; TDT model;

    机译:密码破解;字典攻击;蛮力攻击;TDT模型;

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号