教師資料查詢 | 類別: 期刊論文 | 教師: 李鴻璋 Lee Hung-chang (瀏覽個人網頁)

標題:Password Cracking Based on Learned Patterns From Disclosed Passwords
學年101
學期2
出版(發表)日期2013/02/01
作品名稱Password Cracking Based on Learned Patterns From Disclosed Passwords
作品名稱(其他語言)
著者Chou, Hsien-Cheng; Lee, Hung-Chang; Yu, Hwan-Jeu; Lai, Fei-Pei; Huang, Kuo-Hsuan; Hsueh, Chih-Wen
單位淡江大學資訊管理學系
出版者Kumamoto: ICIC International
著錄名稱、卷期、頁數International Journal of Innovative Computing, Information and Control 9(2), pp.821-839
摘要Password-based authentication systems are still the most commonly used mechanism for protecting sensitive information despite being vulnerable to dictionary based attacks. To guard against such attacks, many organizations enforce complicated password-creation rules and require that passwords include numeric and special characters. This study demonstrates that as long as passwords are not difficult to remember, they remain vulnerable to “smart dictionary” attacks. In this study, a password analysis platform is developed to formally analyze commonly used passwords and identify frequently used password patterns and their associated probabilities. Based upon these patterns, we establish a model consisting of a Training set, a Dictionary set and a Testing set (TDT model) to generate probabilistic passwords sorted in decreasing order. The model can be used to dramatically reduce the size of the password space to be searched. Simulation results show that the number of passwords cracked using the TDT model is 1.43 and 2.5 times higher compared with the John-the-Ripper attack and Brute-force attack, respectively. We also design a hybrid password cracking system combining different attacks to verify the effectiveness of the proposed method. After applying the TDT model, the number of passwords cracked increased by up to 273%.
關鍵字Password cracking; Dictionary attack; Brute-force attack; TDT model
語言英文
ISSN1349-4198
期刊性質國外
收錄於EI
產學合作
通訊作者Chou, Hsien-Cheng
審稿制度
國別日本
公開徵稿
出版型式紙本
相關連結
Google+ 推薦功能,讓全世界都能看到您的推薦!