CN107707553A - Weak passwurd scan method, device and computer-readable storage medium - Google Patents

Weak passwurd scan method, device and computer-readable storage medium Download PDF

Info

Publication number
CN107707553A
CN107707553A CN201710971541.2A CN201710971541A CN107707553A CN 107707553 A CN107707553 A CN 107707553A CN 201710971541 A CN201710971541 A CN 201710971541A CN 107707553 A CN107707553 A CN 107707553A
Authority
CN
China
Prior art keywords
weak passwurd
character
dictionary
weights
feedforward
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710971541.2A
Other languages
Chinese (zh)
Other versions
CN107707553B (en
Inventor
肖小剑
蒋发群
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Venus Information Security Technology Co Ltd
Venus Info Tech Inc
Venustech Group Inc
Original Assignee
Beijing Venus Information Security Technology Co Ltd
Venustech Group Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Venus Information Security Technology Co Ltd, Venustech Group Inc filed Critical Beijing Venus Information Security Technology Co Ltd
Priority to CN201710971541.2A priority Critical patent/CN107707553B/en
Publication of CN107707553A publication Critical patent/CN107707553A/en
Application granted granted Critical
Publication of CN107707553B publication Critical patent/CN107707553B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Document Processing Apparatus (AREA)
  • Character Discrimination (AREA)

Abstract

The present invention provides a kind of weak passwurd scan method, device and computer-readable storage medium, wherein, method includes:Standard weak passwurd dictionary is formed using the weights of character visible group in neural metwork training weak passwurd dictionary, wherein, the character visible group is located in the character string in the weak passwurd dictionary;The usable levels of password strings are calculated according to the standard weak passwurd dictionary;Determine whether the password strings are weak passwurd according to the usable levels.The present invention can quickly, comprehensively, precisely determine weak passwurd present in computer network and Internet of Things.

Description

Weak passwurd scan method, device and computer-readable storage medium
Technical field
The present invention relates to technical field of network security, more particularly to a kind of method that security breaches are excavated, specifically It is a kind of weak passwurd scan method, device and computer-readable storage medium.
Background technology
With the rapid development of Internet service and the quick popularization of broadband network, increasing people begins to use net Network business, enjoy convenient caused by Internet era and change.At the same time, because the sense of security of users is weak, use Access device protection it is not in place, fragility (e.g., weak passwurd (weak password) or security breaches etc.) be present, some are not The tissue of good attempt is personal by scanning these weak passwurds or security breaches, realizes the illegal purpose of oneself.
Weak passwurd is strict and accurately definition, it is generally recognized that easily by others guess to or the instrument of being cracked crack Password is weak passwurd.Weak passwurd refers to the password only comprising simple digital and letter, such as " 123 ", " abc " etc., because Such password is easy to be cracked by others, so that the account risk of user.Avoid the mode of weak passwurd main now Scanned for weak passwurd, pass through weak mouth present in weak passwurd scanning discovery computer network and the safe total defense system of Internet of Things Make security breaches.However, existing weak passwurd scan method quickly, comprehensively, can not be obtained precisely in computer network and Internet of Things Existing security breaches.
Therefore, those skilled in the art, which need badly, researches and develops a kind of weak passwurd that is quick, comprehensively, precisely obtaining network safe state Scan method.
The content of the invention
In view of this, the technical problem to be solved in the present invention is to provide a kind of weak passwurd scan method, device and calculating Machine storage medium, solve the problems, such as the scanning of existing weak passwurd can not quickly, comprehensively, accurate acquisition network safe state.
In order to solve the above-mentioned technical problem, embodiment of the invention provides a kind of weak passwurd scan method, including: Standard weak passwurd dictionary is formed using the weights of character visible group in neural metwork training weak passwurd dictionary, wherein, it is described visible Character group is located in the character string in the weak passwurd dictionary;The available of password strings is calculated according to the standard weak passwurd dictionary Value;Determine whether the password strings are weak passwurd according to the usable levels.
The embodiment of the present invention also provides a kind of weak passwurd scanning means, including:Training unit, for utilizing god Weights through character visible group in network training weak passwurd dictionary form standard weak passwurd dictionary, wherein, the character visible group In the character string in the weak passwurd dictionary;Computing unit, for calculating password strings according to the standard weak passwurd dictionary Usable levels;Determining unit, for determining whether the password strings are weak passwurd according to the usable levels.
The embodiment of the present invention also provides a kind of computer-readable storage medium for including computer executed instructions, described When computer executed instructions are handled by data processing equipment, the data processing equipment performs weak passwurd scan method.
It can be seen from the above-mentioned embodiment of the present invention, weak passwurd scan method, device and computer-readable storage medium At least have the advantages that:The ability and performance that weak passwurd scans are improved by the study of password spelling conventions.First Carry out weak passwurd dictionary weights learning and obtain standard weak passwurd dictionary, specifically:With random two in character visible (94) Individual or one unit (i.e. visible character group) of multiple compositions is all not repeat list as a dimensional vector of an input matrix Member forms the input matrix;The unit is position attribution value in the location of character string;It is initial for dimensional vector setting Experience weights;Desired output vector matrix corresponding to setting, each unit is adjusted in the position by Algorithm Learning can Weights;Position attribution value adds 1, and the operation continued as above just can obtain weights of each unit in the position with study, after 20) continuous study (is usually the maximum length of password strings, such as until position attribution value is more than setting value.Secondly, query criteria is weak Password dictionary calculates the usable levels of password strings, if the usable levels of password strings are more than preset value, it is weak mouth to assert the password strings Order.Can quickly, comprehensively, precisely determine weak passwurd present in computer network and Internet of Things, overcome existing weak passwurd to scan The defects of scarce capacity, improve the security of network.
It is to be understood that above-mentioned general description and detailed description below are merely illustrative and illustrative, it is not Can the limitation scope of the invention to be advocated.
Brief description of the drawings
Following appended accompanying drawing is the part for specification of the present invention, and it depicts the example embodiment of the present invention, institute Accompanying drawing is used for the principle for illustrating the present invention together with the description of specification.
Fig. 1 is a kind of flow chart of the embodiment one for weak passwurd scan method that the specific embodiment of the invention provides.
Fig. 2 is a kind of flow chart of the embodiment two for weak passwurd scan method that the specific embodiment of the invention provides.
Fig. 3 is a kind of structural representation of the embodiment one for weak passwurd scanning means that the specific embodiment of the invention provides Figure.
Fig. 4 is a kind of structural representation of the embodiment two for weak passwurd scanning means that the specific embodiment of the invention provides Figure.
Fig. 5 is a kind of structural representation of the embodiment three for weak passwurd scanning means that the specific embodiment of the invention provides Figure.
Description of reference numerals:
The computing unit of 1 training unit 2
3 determining units 4 set up unit
The input module of 11 preset module 12
The computing module of 13 first computing module 14 second
The generation module of 15 correcting module 21
22 split the enquiry module of module 23
The 24 structure setting modules of module 25
The comparison module of 26 computing module 31
The method of 32 determination module 100~103
Embodiment
For the purpose, technical scheme and advantage of the embodiment of the present invention are more clearly understood, below will with accompanying drawing and in detail Narration clearly illustrates the spirit of disclosed content, and any skilled artisan is understanding present invention After embodiment, when the technology that can be taught by present invention, it is changed and modifies, its essence without departing from present invention God and scope.
The schematic description and description of the present invention is used to explain the present invention, but not as a limitation of the invention. In addition, element/component of the same or like label used in drawings and the embodiments is for representing same or like portion Point.
On " first " used herein, " second " ... etc., not especially censure the meaning of order or cis-position, Be not used to limit the present invention, its only for distinguish with constructed term description element or operation.
On direction term used herein, such as:Upper and lower, left and right, front or rear etc., only it is the side of refer to the attached drawing To.Therefore, the direction term used is intended to be illustrative and not intended to limit this creation.
It is open term, i.e., on "comprising" used herein, " comprising ", " having ", " containing " etc. Mean including but not limited to.
On it is used herein " and/or ", include the things any or all combination.
Include " two " and " two or more " on " multiple " herein;Include " two groups " on " multigroup " herein And " more than two ".
On term used herein " substantially ", " about " etc., to modify it is any can be with the quantity or mistake of microvariations Difference, but this slight variations or error can't change its essence.In general, microvariations that such term is modified or error Scope in some embodiments can be 20%, in some embodiments can be 10%, can be in some embodiments 5% or its His numerical value.It will be understood by those skilled in the art that the foregoing numerical value referred to can adjust according to actual demand, it is not limited thereto.
It is some to describe the word of the application by it is lower or this specification other places discuss, to provide art technology Personnel's guiding extra on about the description of the present application.
Fig. 1 is a kind of flow chart of the embodiment one for weak passwurd scan method that the specific embodiment of the invention provides, such as Shown in Fig. 1, the character visible group in the character string in neural metwork training weak passwurd dictionary, after the completion of training, weak passwurd are utilized Dictionary turns into standard weak passwurd dictionary;Query criteria weak passwurd dictionary, the usable levels of password strings are calculated, can according to what is calculated Determine whether password strings are weak passwurd with value.
In the embodiment shown in the drawings, weak passwurd scan method includes:
Step 101:Standard weak passwurd word is formed using the weights of character visible group in neural metwork training weak passwurd dictionary Allusion quotation, wherein, the character visible group is located in the character string in the weak passwurd dictionary.In the specific embodiment of the present invention, god Can be feedforward multitiered network through network;Include multiple character strings in weak passwurd dictionary, each character string is by character visible group Composition, each character visible group are made up of two or more characters.
Step 102:The usable levels of password strings are calculated according to the standard weak passwurd dictionary.The specific embodiment of the present invention In, the character string in standard weak passwurd dictionary is identical with the character string in weak passwurd dictionary, but character in standard weak passwurd dictionary Go here and there known to the weights of the character visible group included.
Step 103:Determine whether the password strings are weak passwurd according to the usable levels.The specific embodiment of the present invention In, if the usable levels of password strings (and a character string) are more than preset value, it is determined that password strings are weak passwurd.
Referring to Fig. 1, can quickly, comprehensively, precisely determine password strings present in computer network and Internet of Things whether be Weak passwurd, the defects of overcoming existing weak passwurd scan capability deficiency, the accuracy of weak passwurd judgement is greatly improved, safely may be used Lean on.
Fig. 2 is a kind of flow chart of the embodiment two for weak passwurd scan method that the specific embodiment of the invention provides, such as Shown in Fig. 2, using the weights of character visible group in weak passwurd dictionary described in neural metwork training formed standard weak passwurd dictionary it Before, character visible group is set up with the character visible of predetermined quantity.
In the embodiment shown in the drawings, before step 101, the weak passwurd scan method also includes:
Step 100:Character visible group is set up with the character visible of predetermined quantity.It is described in the specific embodiment of the present invention Predetermined quantity is 2,3 or 4.For example, with random two establishments character visible group in character visible (94).In character visible group Character is identical, but during character sequence difference, it is believed that it is two character visible groups, for example, when character visible group is by two visible words During symbol composition, ab is different character visible groups from ba;When character visible group is made up of three character visibles, abc, bac, Bca, acb, cab, cba are mutually different character visible groups, and the present invention is not limited.
Referring to Fig. 2, character visible group is set up with the character visible of predetermined quantity, calculates the weights of each character visible group, Strengthen the scan capability of weak passwurd.
In the specific embodiment mode of the present invention, step 101 specifically includes:
For the weights W of every layer of neuron of the feedforward multitiered networki,jThe preset one non-zero random number for being less than 1, its In, the feedforward multitiered network shares n-layer, and every layer has n neuron, i=1,2 ..., n, j=1, and 2 ..., n, i represent feedforward The layer of multitiered network, j represent every layer of neuron, and the character string in the weak passwurd dictionary corresponds to the feedforward multitiered network Layer, the neuron of the character visible group respective layer in character string.
To the feedforward multitiered network input sample X, and desired output Y corresponding to setting, wherein, X=(X1,X2,…, Xn,1);Y=[0 | 1].
Calculate the output of i-th of neuron of kth layer of the feedforward multitiered networkWherein,Wi,n+1=-θ, θ are threshold value, 1≤K≤n.
Calculate the learning error of the feedforward multitiered network output layerWith other layers outside output layer of learning error Wherein,
Correct weights Wi,jAnd threshold θ, wherein, ΔWi,j(t)=Wi,j (t)-Wi,j(t-1).In the specific embodiment of the present invention, weights W is correctedi,jAnd threshold θ, until meeting to require, obtain neuron Weights.
In the specific embodiment mode of the present invention, step 102 specifically includes:
Utilize the password strings of random algorithm generation corresponding length.
The password strings are split into multiple character visible groups.In the specific embodiment of the present invention, password strings are split into During multiple character visible groups, in order to ensure after password strings are split into multiple character visible groups, remaining character visible is not had, is adopted With overlapping Split Method.For example, the character quantity of character visible group is 2, password strings abc, character visible group ab, bc is split into Afterwards.For another example, it is seen that the character quantity of character group is 3, password strings abcde, after splitting into character visible group abc, bcd, cde, The present invention is not limited.
The weights of the character visible group are inquired about in the standard weak passwurd dictionary.
The weight vector W of the password strings is built according to the weights, wherein, W=(W1,W2,…,Wn)。
The position importance value vector R of the character visible group is set, wherein, R=(R1,R2,…,Rn)。
The usable levels ROS of the password strings is calculated according to the weight vector W and position importance value vector R, wherein, TakeOperator, i.e., first it is multiplied and sums again;F([X1, X2,…,Xn]) it is normalized function;ROS=F (X).
In the specific embodiment mode of the present invention, step 103 specifically includes:
Compare the usable levels and the size of preset value.
If the usable levels are less than the preset value, judge that the password strings are unavailable.In the specific embodiment of the invention, If it is determined that password strings are unavailable, it is necessary to generate the password strings of corresponding length again using random algorithm.
Fig. 3 is a kind of structural representation of the embodiment one for weak passwurd scanning means that the specific embodiment of the invention provides Figure, device as shown in Figure 3 may apply in the method shown in Fig. 1, Fig. 2, using in neural metwork training weak passwurd dictionary Character string in character visible group, after the completion of training, weak passwurd dictionary turns into standard weak passwurd dictionary;Query criteria weak passwurd Dictionary, the usable levels of password strings are calculated, determine whether password strings are weak passwurd according to the usable levels calculated.
In the embodiment shown in the drawings, weak passwurd scanning means includes:Training unit 1, computing unit 2 and really Order member 3.Wherein, training unit 1 is used to utilize the weights of character visible group in neural metwork training weak passwurd dictionary to form mark Quasi- weak passwurd dictionary, wherein, the character visible group is located in the character string in the weak passwurd dictionary;Computing unit 2 is used for The usable levels of password strings are calculated according to the standard weak passwurd dictionary;Determining unit 3 is used for according to determining the usable levels Whether password strings are weak passwurd.
Referring to Fig. 3, can quickly, comprehensively, precisely determine password strings present in computer network and Internet of Things whether be Weak passwurd, the defects of overcoming existing weak passwurd scan capability deficiency, the accuracy of weak passwurd judgement is greatly improved, safely may be used Lean on.
Fig. 4 is a kind of structural representation of the embodiment two for weak passwurd scanning means that the specific embodiment of the invention provides Figure, as shown in figure 4, forming standard weak passwurd word using the weights of character visible group in weak passwurd dictionary described in neural metwork training Before allusion quotation, character visible group is set up with the character visible of predetermined quantity.
In the embodiment shown in the drawings, weak passwurd scanning means also includes setting up unit 4.Wherein, set up single Member 4 is used to set up character visible group with the character visible of predetermined quantity.
Referring to Fig. 4, character visible group is set up with the character visible of predetermined quantity, calculates the weights of each character visible group, Strengthen the scan capability of weak passwurd.
Fig. 5 is a kind of structural representation of the embodiment three for weak passwurd scanning means that the specific embodiment of the invention provides Figure, as shown in figure 5, neutral net can be feedforward multitiered network, training unit specifically includes preset module, input module, the One computing module, the second computing module and correcting module;Computing unit specifically include generation module, split module, enquiry module, Build module, setting module and computing module.
In the embodiment shown in the drawings, the training unit 1 specifically includes preset module 11, input module 12nd, the first computing module 13, the second computing module 14 and correcting module 15.Wherein, preset module 11 is used to be that the feedforward is more The weights W of every layer of neuron of layer networki,jThe preset one non-zero random number for being less than 1, wherein, the feedforward multitiered network is total to There is a n-layer, every layer has a n neuron, i=1,2 ..., n, j=1,2 ..., n, and the character string in the weak passwurd dictionary corresponds to institute The layer of feedforward multitiered network is stated, the neuron of the character visible group respective layer in character string;Input module 12 is used for before described Multitiered network input sample X, and desired output Y corresponding to setting are presented, wherein, X=(X1,X2,…,Xn,1);Y=[0 | 1];The One computing module 13 is used for the output for calculating i-th of neuron of kth layer of the feedforward multitiered networkWherein,Wi,n+1=-θ, θ are threshold value, 1≤K≤n;Second computing module 14 is used to calculate institute State the learning error of feedforward multitiered network output layerWith other layers outside output layer of learning errorWherein,Correcting module 15 is used to correct weights Wi,jAnd threshold θ, wherein, ΔWi,j(t)=Wi,j(t)-Wi,j(t-1)。
Further, the computing unit 2 specifically includes generation module 21, splits module 22, enquiry module 23, structure mould Block 24, setting module 25 and computing module 26.Wherein, generation module 21 is used to utilize the described of random algorithm generation corresponding length Password strings;Module 22 is split to be used to the password strings splitting into multiple character visible groups;Enquiry module 23 is used in the mark The weights of the character visible group are inquired about in quasi- weak passwurd dictionary;Module 24 is built to be used to build the password according to the weights The weight vector W of string, wherein, W=(W1,W2,…,Wn);The position that setting module 25 is used to set the character visible group is important It is worth vectorial R, wherein, R=(R1,R2,…,Rn);Computing module 26 is used for according to the weight vector W and the position importance value Vectorial R calculates the usable levels ROS of the password strings, wherein, TakeOperator;F([X1,X2,…,Xn]) it is normalized function;ROS=F (X).
Further, the determining unit 3 specifically includes comparison module 31 and determination module 32.Wherein, comparison module 31 For the usable levels and the size of preset value;Determination module 32 judges when being less than the preset value for the usable levels The password strings are unavailable.
The specific embodiment of the invention also provides a kind of computer-readable storage medium for including computer executed instructions, the meter When calculation machine execute instruction is handled by data processing equipment, the data processing equipment performs weak passwurd scan method, this method Comprise the following steps:
Step 101:Standard weak passwurd word is formed using the weights of character visible group in neural metwork training weak passwurd dictionary Allusion quotation, wherein, the character visible group is located in the character string in the weak passwurd dictionary.
Step 102:The usable levels of password strings are calculated according to the standard weak passwurd dictionary.
Step 103:Determine whether the password strings are weak passwurd according to the usable levels.
The specific embodiment of the invention also provides a kind of computer-readable storage medium for including computer executed instructions, the meter When calculation machine execute instruction is handled by data processing equipment, the data processing equipment performs weak passwurd scan method, this method Comprise the following steps:
Step 100:Character visible group is set up with the character visible of predetermined quantity.
Step 101:Standard weak passwurd word is formed using the weights of character visible group in neural metwork training weak passwurd dictionary Allusion quotation, wherein, the character visible group is located in the character string in the weak passwurd dictionary.
Step 102:The usable levels of password strings are calculated according to the standard weak passwurd dictionary.
Step 103:Determine whether the password strings are weak passwurd according to the usable levels.
The specific embodiment of the invention also provides a kind of computer-readable storage medium for including computer executed instructions, the meter When calculation machine execute instruction is handled by data processing equipment, the data processing equipment performs weak passwurd scan method, this method Comprise the following steps:
For the weights W of every layer of neuron of the feedforward multitiered networki,j(i.e. weights Wij) it is preset one be less than 1 non-zero Random number, wherein, the feedforward multitiered network shares n-layer, and every layer has a n neuron, i=1,2 ..., n, j=1,2 ..., n, Character string in the weak passwurd dictionary corresponds to the layer of the feedforward multitiered network, the character visible group respective layer in character string Neuron.
To the feedforward multitiered network input sample X, and desired output Y corresponding to setting, wherein, X=(X1,X2,…, Xn,1);Y=[0 | 1].
Calculate the output of i-th of neuron of kth layer of the feedforward multitiered networkWherein,Wi,n+1=-θ, θ are threshold value, 1≤K≤n.
Calculate the learning error of the feedforward multitiered network output layerWith other layers outside output layer of learning errorWherein,
Correct weights Wi,jAnd threshold θ, wherein, ΔWi,j(t)=Wi,j (t)-Wi,j(t-1)。
Step 102:The usable levels of password strings are calculated according to the standard weak passwurd dictionary.
Step 103:Determine whether the password strings are weak passwurd according to the usable levels.
The specific embodiment of the invention also provides a kind of computer-readable storage medium for including computer executed instructions, the meter When calculation machine execute instruction is handled by data processing equipment, the data processing equipment performs weak passwurd scan method, this method Comprise the following steps:
Step 101:Standard weak passwurd word is formed using the weights of character visible group in neural metwork training weak passwurd dictionary Allusion quotation, wherein, the character visible group is located in the character string in the weak passwurd dictionary.
Utilize the password strings of random algorithm generation corresponding length.
The password strings are split into multiple character visible groups.
The weights of the character visible group are inquired about in the standard weak passwurd dictionary.
The weight vector W of the password strings is built according to the weights, wherein, W=(W1,W2,…,Wn)。
The position importance value vector R of the character visible group is set, wherein, R=(R1,R2,…,Rn)。
The usable levels ROS of the password strings is calculated according to the weight vector W and position importance value vector R, wherein, TakeOperator;F([X1,X2,…,Xn]) it is normalizing Change function;ROS=F (X).
Step 103:Determine whether the password strings are weak passwurd according to the usable levels.
The specific embodiment of the invention also provides a kind of computer-readable storage medium for including computer executed instructions, the meter When calculation machine execute instruction is handled by data processing equipment, the data processing equipment performs weak passwurd scan method, this method Comprise the following steps:
Step 101:Standard weak passwurd word is formed using the weights of character visible group in neural metwork training weak passwurd dictionary Allusion quotation, wherein, the character visible group is located in the character string in the weak passwurd dictionary.
Step 102:The usable levels of password strings are calculated according to the standard weak passwurd dictionary.
Compare the usable levels and the size of preset value.
If the usable levels are less than the preset value, judge that the password strings are unavailable.
The specific embodiment of the invention provides a kind of weak passwurd scan method, device and computer-readable storage medium, passes through password Spelling conventions learn to improve the ability and performance of weak passwurd scanning.Weak passwurd dictionary weights learning is carried out first obtains standard Weak passwurd dictionary, specifically:A unit (i.e. visible character group) is formed with random two in character visible (94), is made For a dimensional vector of an input matrix, all not repeat units form the input matrix;The unit is residing for character string Position is position attribution value;Initial experience weights are set for a dimensional vector;Desired output vector matrix corresponding to setting, warp Cross Algorithm Learning can and adjust weights of each unit in the position;Position attribution value adds 1, continue operation as above with Study just can obtain weights of each unit in the position, and it (is usually mouth to continue study until position attribution value is more than setting value The maximum length of string is made, such as 20).Secondly, query criteria weak passwurd dictionary calculates the usable levels of password strings, if password strings Usable levels are more than preset value, then it is weak passwurd to assert the password strings.Can quickly, comprehensively, precisely determine computer network and thing Weak passwurd present in networking, the defects of overcoming existing weak passwurd scan capability deficiency.
The above-mentioned embodiment of the present invention can be implemented in various hardware, Software Coding or both combination.For example, this hair Bright embodiment, which is alternatively in data signal processor (Digital Signal Processor, DSP), performs the above method Program code.The present invention can also refer to computer processor, digital signal processor, microprocessor or field-programmable gate array Arrange the multiple functions that (Field Programmable Gate Array, FPGA) is performed.Above-mentioned processing can be configured according to the present invention Device performs particular task, and it defines the machine-readable software code for the ad hoc approach that the present invention discloses or firmware generation by performing Code is completed.Software code or firmware code can be developed into different program languages and different forms or form.Or Different target platform composing software codes.However, in generation, is configured according to the software code of execution task of the present invention and other types Different code pattern, type and the language of code do not depart from spirit and scope of the invention.
The schematical embodiment of the present invention is the foregoing is only, before the design of the present invention and principle is not departed from Put, the equivalent variations and modification that any those skilled in the art is made, the scope of protection of the invention all should be belonged to.

Claims (16)

1. a kind of weak passwurd scan method, it is characterised in that this method includes:
Standard weak passwurd dictionary is formed using the weights of character visible group in neural metwork training weak passwurd dictionary, wherein, it is described Character visible group is located in the character string in the weak passwurd dictionary;
The usable levels of password strings are calculated according to the standard weak passwurd dictionary;And
Determine whether the password strings are weak passwurd according to the usable levels.
2. weak passwurd scan method as claimed in claim 1, it is characterised in that utilize weak passwurd word described in neural metwork training The weights of character visible group were formed before the step of standard weak passwurd dictionary in allusion quotation, and this method also includes:
Character visible group is set up with the character visible of predetermined quantity.
3. weak passwurd scan method as claimed in claim 2, it is characterised in that the predetermined quantity is 2.
4. weak passwurd scan method as claimed in claim 1, it is characterised in that the neutral net is feedforward multitiered network.
5. weak passwurd scan method as claimed in claim 4, it is characterised in that utilize weak passwurd word described in neural metwork training The weights of character visible group form the step of standard weak passwurd dictionary in allusion quotation, specifically include:
For the weights W of every layer of neuron of the feedforward multitiered networki,jThe preset one non-zero random number for being less than 1, wherein, institute State feedforward multitiered network and share n-layer, every layer has n neuron, i=1,2 ..., n, j=1,2 ..., n, the weak passwurd dictionary In character string correspond to the layer of the feedforward multitiered network, the neuron of the character visible group respective layer in character string;
To the feedforward multitiered network input sample X, and desired output Y corresponding to setting, wherein, X=(X1,X2,…,Xn,1); Y=[0 | 1];
Calculate the output of i-th of neuron of kth layer of the feedforward multitiered networkWherein,Wi,n+1=-θ, θ are threshold value, 1≤K≤n;
Calculate the learning error of the feedforward multitiered network output layerWith other layers outside output layer of learning errorIts In,And
Correct weights Wi,jAnd threshold θ, wherein, ΔWi,j(t)=Wi,j (t)-Wi,j(t-1)。
6. weak passwurd scan method as claimed in claim 1, it is characterised in that mouth is calculated according to the standard weak passwurd dictionary The step of making the usable levels of string, specifically includes:
The password strings are split into multiple character visible groups;
The weights of the character visible group are inquired about in the standard weak passwurd dictionary;
The weight vector W of the password strings is built according to the weights, wherein, W=(W1,W2,…,Wn);
The position importance value vector R of the character visible group is set, wherein, R=(R1,R2,…,Rn);And
The usable levels ROS of the password strings is calculated according to the weight vector W and position importance value vector R, wherein, TakeOperator;F([X1,X2,…,Xn]) it is normalization Function;ROS=F (X).
7. weak passwurd scan method as claimed in claim 6, it is characterised in that the password strings are split into multiple visible words Before the step of symbol group, in addition to:
Utilize the password strings of random algorithm generation corresponding length.
8. weak passwurd scan method as claimed in claim 1, it is characterised in that determine the password strings according to the usable levels The step of whether being weak passwurd, specifically include:
Compare the usable levels and the size of preset value;And
If the usable levels are less than the preset value, judge that the password strings are unavailable.
9. a kind of weak passwurd scanning means, it is characterised in that the device includes:
Training unit, for forming standard weak passwurd word using the weights of character visible group in neural metwork training weak passwurd dictionary Allusion quotation, wherein, the character visible group is located in the character string in the weak passwurd dictionary;
Computing unit, for calculating the usable levels of password strings according to the standard weak passwurd dictionary;And
Determining unit, for determining whether the password strings are weak passwurd according to the usable levels.
10. weak passwurd scanning means as claimed in claim 9, it is characterised in that the device also includes:
Unit is set up, for setting up character visible group with the character visible of predetermined quantity.
11. weak passwurd scanning means as claimed in claim 9, it is characterised in that the neutral net is feedforward multitiered network.
12. weak passwurd scanning means as claimed in claim 11, it is characterised in that the training unit specifically includes:
Preset module, the weights W for every layer of neuron for the feedforward multitiered networki,jPreset one less than 1 non-zero with Machine number, wherein, the feedforward multitiered network shares n-layer, and every layer has n neuron, i=1,2 ..., n, j=1,2 ..., n, institute State the layer that the character string in weak passwurd dictionary corresponds to the feedforward multitiered network, the god of the character visible group respective layer in character string Through member;
Input module, for the feedforward multitiered network input sample X, and desired output Y corresponding to setting, wherein, X= (X1,X2,…,Xn,1);Y=[0 | 1];
First computing module, the output of i-th of neuron of kth layer for calculating the feedforward multitiered networkWherein,Wi,n+1=-θ, θ are threshold value, 1≤K≤n;
Second computing module, for calculating the learning error of the feedforward multitiered network output layerWith other layers outside output layer Learning errorWherein, And
Correcting module, for correcting weights Wi,jAnd threshold θ, wherein, ΔWi,j(t)=Wi,j (t)-Wi,j(t-1)。
13. weak passwurd scanning means as claimed in claim 9, it is characterised in that the computing unit specifically includes:
Module is split, for the password strings to be split into multiple character visible groups;
Enquiry module, for inquiring about the weights of the character visible group in the standard weak passwurd dictionary;
Module is built, for building the weight vector W of the password strings according to the weights, wherein, W=(W1,W2,…,Wn);
Setting module, for setting the position importance value vector R of the character visible group, wherein, R=(R1,R2,…,Rn);With And
Computing module, for calculating the usable levels of the password strings according to the weight vector W and position importance value vector R ROS, wherein, TakeOperator;F([X1,X2,…, Xn]) it is normalized function;ROS=F (X).
14. weak passwurd scanning means as claimed in claim 13, it is characterised in that the computing unit also includes:
Generation module, for the password strings using random algorithm generation corresponding length.
15. weak passwurd scanning means as claimed in claim 9, it is characterised in that the determining unit specifically includes:
Comparison module, for the usable levels and the size of preset value;And
Determination module, judge that the password strings are unavailable when being less than the preset value for the usable levels.
A kind of 16. computer-readable storage medium for including computer executed instructions, it is characterised in that the computer executed instructions warp When crossing data processing equipment processing, 1~8 any described method of data processing equipment perform claim requirement.
CN201710971541.2A 2017-10-18 2017-10-18 Weak password scanning method and device and computer storage medium Active CN107707553B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710971541.2A CN107707553B (en) 2017-10-18 2017-10-18 Weak password scanning method and device and computer storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710971541.2A CN107707553B (en) 2017-10-18 2017-10-18 Weak password scanning method and device and computer storage medium

Publications (2)

Publication Number Publication Date
CN107707553A true CN107707553A (en) 2018-02-16
CN107707553B CN107707553B (en) 2020-02-07

Family

ID=61181406

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710971541.2A Active CN107707553B (en) 2017-10-18 2017-10-18 Weak password scanning method and device and computer storage medium

Country Status (1)

Country Link
CN (1) CN107707553B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110519289A (en) * 2019-09-02 2019-11-29 杭州安恒信息技术股份有限公司 Weak passwurd detection method and device based on industrial control system
CN111385272A (en) * 2018-12-29 2020-07-07 北京奇虎科技有限公司 Weak password detection method and device
CN112257433A (en) * 2020-12-23 2021-01-22 四川大学 Password dictionary generation method and system based on Markov chain and neural network
CN112800415A (en) * 2021-04-13 2021-05-14 深圳市云盾科技有限公司 Weak password detection method and system based on greedy algorithm model

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6151593A (en) * 1997-07-14 2000-11-21 Postech Foundation Apparatus for authenticating an individual based on a typing pattern by using a neural network system
CN101295333A (en) * 2007-04-28 2008-10-29 佛山市顺德区顺达电脑厂有限公司 Artificial neural network cipher system and cipher recognizing method using the same
CN103500307A (en) * 2013-09-26 2014-01-08 北京邮电大学 Mobile internet malignant application software detection method based on behavior model
CN104573142A (en) * 2013-10-10 2015-04-29 无锡市思库瑞科技信息有限公司 Password attribute analysis method based on neural network
CN104751047A (en) * 2013-12-31 2015-07-01 北京新媒传信科技有限公司 Weak password scanning method and device
CN104809069A (en) * 2015-05-11 2015-07-29 中国电力科学研究院 Source node loophole detection method based on integrated neural network
CN105991517A (en) * 2015-01-28 2016-10-05 中国信息安全测评中心 Vulnerability discovery method and device
CN107104978A (en) * 2017-05-24 2017-08-29 赖洪昌 A kind of network risks method for early warning based on deep learning

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6151593A (en) * 1997-07-14 2000-11-21 Postech Foundation Apparatus for authenticating an individual based on a typing pattern by using a neural network system
CN101295333A (en) * 2007-04-28 2008-10-29 佛山市顺德区顺达电脑厂有限公司 Artificial neural network cipher system and cipher recognizing method using the same
CN103500307A (en) * 2013-09-26 2014-01-08 北京邮电大学 Mobile internet malignant application software detection method based on behavior model
CN104573142A (en) * 2013-10-10 2015-04-29 无锡市思库瑞科技信息有限公司 Password attribute analysis method based on neural network
CN104751047A (en) * 2013-12-31 2015-07-01 北京新媒传信科技有限公司 Weak password scanning method and device
CN105991517A (en) * 2015-01-28 2016-10-05 中国信息安全测评中心 Vulnerability discovery method and device
CN104809069A (en) * 2015-05-11 2015-07-29 中国电力科学研究院 Source node loophole detection method based on integrated neural network
CN107104978A (en) * 2017-05-24 2017-08-29 赖洪昌 A kind of network risks method for early warning based on deep learning

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111385272A (en) * 2018-12-29 2020-07-07 北京奇虎科技有限公司 Weak password detection method and device
CN110519289A (en) * 2019-09-02 2019-11-29 杭州安恒信息技术股份有限公司 Weak passwurd detection method and device based on industrial control system
CN110519289B (en) * 2019-09-02 2022-03-11 杭州安恒信息技术股份有限公司 Weak password detection method and device based on industrial control system
CN112257433A (en) * 2020-12-23 2021-01-22 四川大学 Password dictionary generation method and system based on Markov chain and neural network
CN112800415A (en) * 2021-04-13 2021-05-14 深圳市云盾科技有限公司 Weak password detection method and system based on greedy algorithm model
CN112800415B (en) * 2021-04-13 2021-09-07 深圳市云盾科技有限公司 Weak password detection method and system based on greedy algorithm model

Also Published As

Publication number Publication date
CN107707553B (en) 2020-02-07

Similar Documents

Publication Publication Date Title
CN107707553A (en) Weak passwurd scan method, device and computer-readable storage medium
CN107247947A (en) Face character recognition methods and device
CN108171663B (en) Image filling system of convolutional neural network based on feature map nearest neighbor replacement
CN105897714A (en) Botnet detection method based on DNS (Domain Name System) flow characteristics
CN107563995A (en) A kind of confrontation network method of more arbiter error-duration models
CN109558902A (en) A kind of fast target detection method
CN110175851A (en) A kind of cheating detection method and device
CN108595655A (en) A kind of abnormal user detection method of dialogue-based characteristic similarity fuzzy clustering
CN111143813B (en) Verification problem generation method, verification method and device
JP7384217B2 (en) Learning devices, learning methods, and programs
CN112966685B (en) Attack network training method and device for scene text recognition and related equipment
CN106709474A (en) Handwritten telephone number identification, verification and information sending system
CN110958244A (en) Method and device for detecting counterfeit domain name based on deep learning
CN117272306A (en) Federal learning half-target poisoning attack method and system based on alternate minimization
CN111881706B (en) Living body detection, image classification and model training method, device, equipment and medium
CN114499956A (en) Network information security risk assessment system and method thereof
WO2015153910A1 (en) Determining job applicant fit score
CN109558591A (en) Chinese event detection method and device
CN116777294A (en) Crowd-sourced quality safety assessment method based on federal learning under assistance of blockchain
CN108171229A (en) A kind of recognition methods of hollow adhesion identifying code and system
US10706734B2 (en) Methods for improving test efficiency and accuracy in a computer adaptive test (CAT)
CN112395866B (en) Customs clearance sheet data matching method and device
CN110059705A (en) A kind of OCR recognition result decision method and equipment based on modeling
CN109101984A (en) A kind of image-recognizing method and device based on convolutional neural networks
He et al. Group password strength meter based on attention mechanism

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant