Poster: An Analysis of Targeted Password Guessing Using Neural Networks
نویسندگان
چکیده
Text-based passwords, dominant mechanism of authentication nowadays, are vulnerable to malicious attackers. Even though not recommended, users tend to use personal information (PI) when create passwords. Only a few studies have researched targeted password guessing, in which attackers guess passwords by utilizing users’ PI. We propose TPGXNN, a framework that uses neural networks (NN) in targeted password guessing. The recent success applying NN to sequential data issues makes them a viable candidate on the task of password generation. Our experiments on 8 abundant real-world password sets initially demonstrate the important role of PI in password construction and the effectiveness of TPGXNN. Keywords—Targeted password guessing; Personal information; Neural networks.
منابع مشابه
Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks
Human-chosen text passwords, today’s dominant form of authentication, are vulnerable to guessing attacks. Unfortunately, existing approaches for evaluating password strength by modeling adversarial password guessing are either inaccurate or orders of magnitude too large and too slow for real-time, client-side password checking. We propose using artificial neural networks to model text passwords...
متن کاملBetter passwords through science (and neural networks)∗
We discuss how we use neural networks to accurately measure password strength, and how we use this capability to build effective password meters. First, we show how neural networks can be used to guess passwords and how we leveraged this method to build a password guesser to better model guessing attacks. We report our measurements of the effectiveness of neural networks at guessing passwords, ...
متن کاملModeling Password Guessing with Neural Networks
Passwords still dominate the authentication space, but they are vulnerable to many different attacks; in recent years, guessing attacks in particular have notably caused a few high-profile information leaks. Password strength checkers, which attempt to guard against guessing attacks by enforcing heuristics like length and character variety, only model resistance to these brute-force attacks by ...
متن کاملBreaking CAPTCHAs with Convolutional Neural Networks
This paper studies reverse Turing tests to distinguish humans and computers, called CAPTCHA. Contrary to classical Turing tests, in this case the judge is not a human but a computer. The main purpose of such tests is securing user logins against the dictionary or brute force password guessing, avoiding automated usage of various services, preventing bots from spamming on forums and many others....
متن کاملA New Improved Secure Password Authentication Protocol to Resist Guessing Attack in Wireless Networks
Wireless communication is widely used today. It transmits information through an open network such that it always suffers by a variety of attacks. In 2006, Yoon et al. proposed a secure password authentication protocol for wireless networks to fix the drawback of Ma et al.’s protocol. In this article, we will show that the Yoon et al.’s protocol is vulnerable to both off-line password guessing ...
متن کامل