Top

Peer-to-Peer Networking and Applications

Published in:

14-04-2020

CSNN: Password guessing method based on Chinese syllables and neural network

Authors: Yi Zhang, Hequn Xian, Aimin Yu

Published in: Peer-to-Peer Networking and Applications | Issue 6/2020

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Password guessing attack is the most direct way to gain access to information systems. Using appropriate methods to generate password dictionary can effectively improve the hit rate of password guessing attacks. A Chinese syllables and Neural Network-based password generation method CSNN is proposed for Chinese password sets. This method treats Chinese Syllables as integral elements and uses them to parse and process passwords. The processed passwords are trained in Long Short-Term Memory Neural Network, and the trained model is used to generate password dictionaries (guessing sets). Long Short-Term Memory Neural Network is a kind of Recurrent Neural Network. In order to evaluate the effectiveness of CSNN, the hit rates of guessing sets generated by CSNN on target password sets (test sets) are compared with Probability Context-Free Grammar (PCFG) and 5th-order Markov Chain Model. In hit rate experiment, guessing sets of different scales were selected; the results show that the comprehensive performance of guessing sets generated by CSNN is better than PCFG and 5th-order Markov Chain Model. Compared with PCFG, different scales of CSNN guessing sets can improve up to 9% in hit rate on some test sets; compared with 5th-order Markov Chain Model, the best performance range of CSNN guessing sets is 10⁵ to 10⁶ guesses, and their hit rate increases range from 2.6% to 12.03%.

previous article Security and privacy of machine learning assisted P2P networks

next article Achieving reliable timestamp in the bitcoin platform

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Jiang W, Li H, Xu G et al (2019) PTAS: Privacy-Preserving thin-client authentication scheme in blockchain-based PKI. Fut Gen Comput Syst 96:185–195CrossRef

Li H, Yang Y, Dai Y et al (2017) Achieving secure and efficient dynamic searchable symmetric encryption over medical cloud data. IEEE Trans Cloud Comput 99:1–1CrossRef

Xu G, Li H, Dai Y et al (2019) Enabling efficient and geometric range query with access control over encrypted spatial data. IEEE Trans Inf Forensic Secur 14(4):870–885CrossRef

Li H, Liu D, Dai Y et al (2018) Personalized search over encrypted data with efficient and secure updates in mobile clouds. IEEE Trans Emerg Top Comput 6(1):97–109CrossRef

Xu G, Li H, Liu S et al (2019) Efficient and Privacy-preserving Truth Discovery in Mobile Crowd Sensing Systems. IEEE Trans Veh Technol 68(4):3854–3865CrossRef

Ren H, Li H, Dai Y et al (2018) Querying in internet of things with privacy preserving: challenges, Solutions and Opportunities. IEEE Netw 32(6):144–151CrossRef

Wang P, Wang D, Huang XY (2016) Advances in password security. J Comput Res Dev 53(10):2173–2188

Narayanan A, Shmatikov V (2005) Fast dictionary attacks on passwords using time-space tradeoff. Proceedings of ACM CCS 2005, pp 364–372

Weir M, Aggarwal S, Medeiros B D, Glodek B (2009) Password cracking using probabilistic context-free grammars, 2009 30th IEEE Symposium on Security and Privacy, pp 391–405

10.

Veras R, Collins C, Thorpe J (2014) On Semantic Patterns of Passwords and their Security Impact. Proceedings of NDSS, pp 1–16

11.

Luo M, Zhnag Y (2017) A password cracking method based on name initials shorthand structure. Comput Eng 43(1):188–195

12.

Wang D, Zhang ZJ, Wang P, Yan J, Huang XY (2016) Targeted online password guessing: an underestimated threat. Proceedings of ACM CCS 2016, pp 1–13

13.

Yang WN, Li NH, Chowdhury O, Xiong AP, Proctor RW (2016) An empirical study of mnemonic sentence-based password generation strategies. Proceedings of ACM CCS 2016, pp 1216–1229

14.

Xu G, Li H, Ren H et al (2019) Data Security Issues in Deep Learning: Attacks, Countermeasures and Opportunities. IEEE Commun Mag 57(11):116–122CrossRef

15.

Melicher W, Ur B, Segreti S M et al (2016) Fast, lean, and accurate: Modeling password guessability using neural networks. Proceedings of USENIX Security 2016, pp 175–191

16.

Hochreiter S, Schmidhuber J (1997) Long short-term memory. Neural Comput 9(8):1735–1780CrossRef

17.

Levy O, Lee K, FitzGerald N, Zettlemoyer L (2018) Long short-term memory as a dynamically computed element-wise weighted sum, arXiv:1805.03716

18.

Hitaj B, Gasti P, Ateniese G, Perez-Cruz F (2017) PassGAN: A deep learning approach for password guessing, arXiv:1709.00440

19.

Liu YY, Xia ZY, Yi P et al (2018) GENPAss: A general deep learning model for password guessing with PCFG rules and adversarial generation. IEEE ICC 2018, pp 1–6

20.

Klein DV (1990) Foiling the cracker: a survey of, and improvements to, password security. Proceedings of the 2nd USENIX Security Workshop, pp 5–14

21.

Ma J, Yang WN, Luo M, Li NH (2014) A study of probabilistic password models. 2014 IEEE Symposium on Security and Privacy, pp 689–704

22.

Dell’Amico M, Michiardi P, Roudier Y (2010) Password strength: an empirical analysis. Proceedings of IEEE INFOCOM 2010, pp 1–9

23.

Xu G, Li H, Liu S et al (2020) VerifyNet: Secure and Verifiable Federated Learning. IEEE Trans Inf Forensic Secur 15(1):911–926CrossRef

24.

Hao M, Li H, Luo X et al (2019) Efficient and Privacy-enhanced Federated Learning for Industrial Artificial Intelligence. IEEE Transactions on Industrial Informatics, pp 1–1

Title: CSNN: Password guessing method based on Chinese syllables and neural network
Authors: Yi Zhang
Hequn Xian
Aimin Yu
Publication date: 14-04-2020
Publisher: Springer US
Published in: Peer-to-Peer Networking and Applications / Issue 6/2020
Print ISSN: 1936-6442
Electronic ISSN: 1936-6450
DOI: https://doi.org/10.1007/s12083-020-00893-7

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 6/2020

Adaptive privacy-preserving federated learning

A novel heuristic based energy efficient routing strategy in wireless sensor network

Fuzzy logic hybridized artificial intelligence for computing and networking on internet of things platform

Correction to: Reliable data dissemination for the internet of things using Harris hawks optimization

An intelligent approach for energy efficient trajectory design for mobile sink based IoT supported wireless sensor networks

Cognitive radio technology with reduced PAPR and complexity for IoT-based OFDM networks

Premium Partner