CN109361518A - A kind of weak passwurd detection method, device and computer readable storage medium - Google Patents
A kind of weak passwurd detection method, device and computer readable storage medium Download PDFInfo
- Publication number
- CN109361518A CN109361518A CN201811202283.2A CN201811202283A CN109361518A CN 109361518 A CN109361518 A CN 109361518A CN 201811202283 A CN201811202283 A CN 201811202283A CN 109361518 A CN109361518 A CN 109361518A
- Authority
- CN
- China
- Prior art keywords
- weak passwurd
- information
- dictionary library
- password
- weak
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The embodiment of the invention discloses a kind of weak passwurd detection method, device and computer readable storage mediums, obtain the flow information of server;Flow information is parsed, account password is obtained;It inquires in the weak passwurd dictionary library pre-established with the presence or absence of the target weak passwurd to match with account password;It wherein, include the weak passwurd information gone out according to Rule Extraction in weak passwurd dictionary library;When there is the target weak passwurd to match with account password in weak passwurd dictionary library, alarm notification is carried out, to remind user to modify account password.In the technical scheme, account password is detected according to the weak passwurd dictionary library pre-established, effectively improves the efficiency of weak passwurd detection.And the comprehensive of the weak passwurd information for including in weak passwurd dictionary library is improved according to Rule Extraction weak passwurd information when establishing weak passwurd dictionary library, to effectively improve the accuracy of weak passwurd detection.
Description
Technical field
The present invention relates to technical field of system security, more particularly to a kind of weak passwurd detection method, device and computer
Readable storage medium storing program for executing.
Background technique
Weak passwurd (weak password) it has been generally acknowledged that be easy guessed by others to or the password that cracks of the tool of being cracked.
The weak passwurd often password only comprising simple number and letter, such as " 123 ", " abc " etc., because such password holds very much
It is easily cracked by others, so that computer used by a user faces security risk, therefore recommended user does not use weak passwurd
As account password.
Brute Force has been the attacking ways that a common account password guess cracks.With modern computer operation
Speed be substantially improved and password dictionary that hacker is grasped is more and more comprehensively perfect, cause violence mode to crack account mouth
The feasibility and success rate of order also increase much, so we can still encounter generation account password quilt frequently all the time
The event for cracking and maliciously being usurped.
Nowadays specifically for the attack of the detection attack and Brute Force of enterprise email system account password
It is growing in intensity.Because the mailing system of enterprise unavoidably needs external offer service, naturally also it is easy to be stared at by hacker
On, the target as weak passwurd detection attack.
Most mailing systems are authenticated with the user name and password, and the importance of password can be thought and cicada.Password is with regard to phase
When in enter door key, when other people have one can enter your family key, great security risk can be brought.Because weak
Password is easy to be guessed or cracked by other people, so if user uses weak passwurd as account password, just as family's door key
The cushion on entrance is placed in the following, being breakneck.
If can be in the user setting account password stage, it is avoided that user uses weak passwurd as account password, by pole
The account security of big promotion user.In traditional approach, weak passwurd detection technique often uses the technical side with Brute Force
Formula is the same, that is, uses the method for exhaustion, according to certain rules and algorithm, password is calculated one by one.Although this scheme can be with
Whether the password of detection user setting belongs to weak passwurd, but detection process consumes performance very much, needs to spend longer time.
It is those skilled in the art's urgent problem to be solved as it can be seen that how to promote the efficiency of weak passwurd detection.
Summary of the invention
The purpose of the embodiment of the present invention is that a kind of weak passwurd detection method, device and computer readable storage medium are provided,
The efficiency of weak passwurd detection can be promoted.
In order to solve the above technical problems, the embodiment of the present invention provides a kind of weak passwurd detection method, comprising:
Obtain the flow information of server;
The flow information is parsed, account password is obtained;
It inquires in the weak passwurd dictionary library pre-established with the presence or absence of the target weak passwurd to match with the account password;
It wherein, include the weak passwurd information gone out according to Rule Extraction in the weak passwurd dictionary library
If so, carrying out alarm notification.
Optionally, the establishment process of the weak passwurd dictionary library includes:
Obtain the historical traffic information of server;
The historical traffic information is parsed, log-on message is obtained;Wherein, the log-on message includes account letter
Breath, account password, logging state and login time;
The target log-on message for meeting Brute Force rule is selected from the log-on message, and the target is logged in
Account password in information is saved to weak passwurd dictionary library;
Weak passwurd information is obtained from public network, and by the weak passwurd information preservation to the weak passwurd dictionary library, with complete
At the foundation of the weak passwurd dictionary library.
Optionally, described that the historical traffic information is parsed, after acquisition log-on message further include:
Save the log-on message.
Optionally, it is described from selected in the log-on message meet Brute Force rule target log-on message after
Further include:
Judge whether the account password in the target log-on message meets preset password complexity rule;
When exist meet the password complexity rule target account password when, it is described will be in the target log-on message
Account password to save to weak passwurd dictionary library be specially to save the target account password to weak passwurd dictionary library;
Correspondingly, described after obtaining weak passwurd information in public network further include:
Judge whether the weak passwurd information meets preset password complexity rule;
When exist meet the password complexity rule target weak passwurd information when, it is described by weak passwurd information preservation extremely
Weak passwurd dictionary library is specially by the target weak passwurd information preservation to weak passwurd dictionary library.
Optionally, it whether there is in the weak passwurd dictionary library inquired and pre-established and match with the account password
Target weak passwurd before further include:
Judge whether the account password meets the password complexity rule;
If it is not, then showing the notice that password format is not inconsistent;
If so, executing whether there is and the account password phase in the weak passwurd dictionary library inquired and pre-established
The step of target weak passwurd matched.
Optionally, further includes:
Count the account password being cracked;
The account password being cracked is added to the weak passwurd dictionary library.
The embodiment of the invention also provides a kind of weak passwurd detection devices, including acquiring unit, resolution unit, query unit
And Alarm Unit;
The acquiring unit, for obtaining the flow information of server;
The resolution unit obtains account password for parsing to the flow information;
The query unit whether there is and the account password phase for inquiring in the weak passwurd dictionary library pre-established
Matched target weak passwurd;It wherein, include the weak passwurd information gone out according to Rule Extraction in the weak passwurd dictionary library;If
It is then to trigger the Alarm Unit;
The Alarm Unit, for carrying out alarm notification.
Optionally, it is directed to the establishment process of the weak passwurd dictionary library, described device further includes selection unit and building
Unit;
The acquiring unit is also used to obtain the historical traffic information of server;
The parsing is singly also used to parse the historical traffic information, obtains log-on message;Wherein, the login
Information includes account information, account password, logging state and login time;
The selection unit, for selecting the target login letter for meeting Brute Force rule from the log-on message
Breath, and the account password in the target log-on message is saved to weak passwurd dictionary library;
The construction unit, for obtaining weak passwurd information from public network, and by the weak passwurd information preservation to described
Weak passwurd dictionary library, to complete the foundation of the weak passwurd dictionary library.
It optionally, further include storage unit;
The storage unit after obtaining log-on message, is protected for parsing described to the historical traffic information
Deposit the log-on message.
It optionally, further include the first judging unit and second judgment unit;
First judging unit, for meeting the mesh of Brute Force rule in described select from the log-on message
After marking log-on message, judge whether the account password in the target log-on message meets preset password complexity rule;
Correspondingly, the selection unit is specifically used for when in the presence of the target account password for meeting the password complexity rule
When, the target account password is saved to weak passwurd dictionary library;
The second judgment unit, for after obtaining weak passwurd information in public network, judging the weak passwurd described
Whether information meets preset password complexity rule;
Correspondingly, the construction unit is specifically used for when in the presence of the target weak passwurd letter for meeting the password complexity rule
When breath, by the target weak passwurd information preservation to weak passwurd dictionary library.
It optionally, further include third judging unit and display unit;
The third judging unit, for it is described inquire in the weak passwurd dictionary library that pre-establishes with the presence or absence of with it is described
Before the target weak passwurd that account password matches, judge whether the account password meets the password complexity rule;If
It is no, then trigger the display unit;If so, triggering the query unit;
The display unit, the notice not being inconsistent for showing password format.
It optionally, further include statistic unit and adding unit;
The statistic unit, for counting the account password being cracked;
The adding unit, for the account password being cracked to be added to the weak passwurd dictionary library.
The embodiment of the invention also provides a kind of weak passwurd detection devices, comprising:
Memory, for storing computer program;
Processor, for executing the computer program to realize such as the step of above-mentioned weak passwurd detection method.
The embodiment of the invention also provides a kind of computer readable storage medium, deposited on the computer readable storage medium
Computer program is contained, is realized when the computer program is executed by processor such as the step of above-mentioned weak passwurd detection method.
The flow information of server is obtained it can be seen from above-mentioned technical proposal;Flow information is parsed, account is obtained
The registered permanent residence enables;It inquires in the weak passwurd dictionary library pre-established with the presence or absence of the target weak passwurd to match with account password;Its
In, it include the weak passwurd information gone out according to Rule Extraction in weak passwurd dictionary library;When in weak passwurd dictionary library exist and the account
When the registered permanent residence enables the target weak passwurd to match, then illustrate that the account password in the flow information obtained is weak passwurd, in order to be promoted
Account security carries out alarm notification at this time, to remind user to modify account password.In the technical scheme, foundation is built in advance
Vertical weak passwurd dictionary library detects account password, effectively improves the efficiency of weak passwurd detection.And it is weak establishing
According to Rule Extraction weak passwurd information when password dictionary library, the comprehensive of the weak passwurd information for including in weak passwurd dictionary library is improved
Property, to effectively improve the accuracy of weak passwurd detection.
Detailed description of the invention
In order to illustrate the embodiments of the present invention more clearly, attached drawing needed in the embodiment will be done simply below
It introduces, it should be apparent that, drawings in the following description are only some embodiments of the invention, for ordinary skill people
For member, without creative efforts, it is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of flow chart of weak passwurd detection method provided in an embodiment of the present invention;
Fig. 2 is a kind of flow chart for the method for establishing weak passwurd dictionary library provided in an embodiment of the present invention;
Fig. 3 is a kind of structural schematic diagram of weak passwurd detection device provided in an embodiment of the present invention;
Fig. 4 is a kind of hardware structural diagram of weak passwurd detection device provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, rather than whole embodiments.Based on this
Embodiment in invention, those of ordinary skill in the art are without making creative work, obtained every other
Embodiment belongs to the scope of the present invention.
In order to enable those skilled in the art to better understand the solution of the present invention, with reference to the accompanying drawings and detailed description
The present invention is described in further detail.
Next, a kind of weak passwurd detection method provided by the embodiment of the present invention is discussed in detail.Fig. 1 is that the present invention is implemented
A kind of flow chart for weak passwurd detection method that example provides, this method comprises:
S101: the flow information of server is obtained.
Flow information can be via server include account password information.
In the concrete realization, the flow information of server can be navigated to according to server ip and the two information of port.
S102: parsing flow information, obtains account password.
It include multiple fields, such as account information, account password, logging state, login time etc. in flow information
Information.
For detecting mail weak passwurd, account password can be regarded as registration mailing system login password either according to
The password being arranged when transmitting file according to mail server.
When the account password of setting is weak passwurd, it is very easy to be cracked by unauthorized person, thus to server system
Safety brings threat.In order to promote the safety of server system, account password can be detected, therefore, obtained
It to after flow information, needs to parse it, to obtain account password included in the flow information.From flow information
It parses account password and belongs to common technological means, details are not described herein.
S103: it inquires in the weak passwurd dictionary library pre-established with the presence or absence of the weak mouth of target to match with account password
It enables.
When carrying out the detection of weak passwurd by the method for exhaustion, the time of cost is longer.Also, weak passwurd is carried out using the method for exhaustion
Detection when, enumerated dependent on timing rule, the weak passwurd enumerated cover often not comprehensively, cause detection standard
True rate is not high.
Therefore, in embodiments of the present invention, can according to setting rule to weak passwurd information carry out it is intelligentized statistics,
Filtering, to establish weak passwurd dictionary library.
When needing to carry out weak passwurd detection to account information, it is only necessary to the weak passwurd of the account information and foundation that will acquire
Dictionary library compares.When there is the target weak passwurd to match with account password in weak passwurd dictionary library, then illustrate
Account information is weak passwurd, can execute S104 at this time.
Wherein, the target weak passwurd to match with account password can be with the identical password of account password,
It can be and the account higher password of password similarity.
For example, then illustrating the account when there is target weak passwurd identical with account password in weak passwurd dictionary library
It is weak passwurd that the registered permanent residence, which enables,;Either work as the target weak passwurd for existing in weak passwurd dictionary library and being higher than threshold value with account password similarity
When, then illustrate that account password is weak passwurd.Calculating about password similarity belongs to routine techniques, and details are not described herein.Its
In, the value of threshold value can be set according to actual demand, it is not limited here.
S104: when there is the target weak passwurd to match with account password in weak passwurd dictionary library, alarm notification is carried out.
When there is the target weak passwurd to match with account password in weak passwurd dictionary library, it is possible to determine that account password is
Weak passwurd carries out alarm notification to promote account security at this time, to remind user to modify account password.
Wherein, the concrete form of alarm notification may include carrying out warning note and showing to reset account password
Notice.
It can be played a warning role by carrying out warning note, to cause the attention of user.Wherein, warning note can be
Play voice prompting etc..
The notice that account password is reset by showing, can reset account password in order to user.
In order to promote the success rate that user resets account password, i.e., reduction user sets weak for account password again
The case where password, occurs, and when displaying resets the notice of account password, can show the prompt of setting account password together
Information.For example, causing it to belong to weak passwurd due to containing continuous number in the account password that user is arranged for the first time, then existing
When displaying resets the notice of account password, the prompt information of " continuation character string be not set " can be shown together.
The foundation of weak passwurd dictionary library is to realize the premise of above-mentioned weak passwurd detection, next will be to weak passwurd dictionary library
Establishment process expansion is introduced, and the establishment process of weak passwurd dictionary library is illustrated in figure 2:
S201: the historical traffic information of server is obtained.
In embodiments of the present invention, historical traffic information can be acquired according to cycle time.
The value of cycle time can be set according to actual demand, it is not limited here.For example, can be by the period when
Between be set as one month.
In the concrete realization, can according to a cycle time historical traffic information as sample, complete weak passwurd word
The foundation in allusion quotation library.Weak passwurd dictionary library can be carried out not according to the historical traffic information obtained in each cycle time later
Disconnected perfect update.
S202: parsing historical traffic information, obtains log-on message.
Wherein, log-on message may include account information, account password, logging state and login time.Logging state can
To include logining successfully or login failure.
The process that historical traffic information is parsed is similar with the process of above-mentioned S102, and details are not described herein.
S203: the target log-on message for meeting Brute Force rule is selected from log-on message, and target is logged in and is believed
Account password in breath is saved to weak passwurd dictionary library.
The target log-on message for meeting Brute Force rule can be the log-on message for meeting timing planning and login failure.
Wherein, timing planning can be the log-on message for log according to temporal regularity trial.For example, using different accounts
Number, a mail server was logged in every one second, often logging in a mail server can parse to a log-on message, then this
The log-on message obtained in the section time is to meet the target log-on message of Brute Force rule.
S204: obtaining weak passwurd information, and by weak passwurd information preservation to weak passwurd dictionary library from public network, weak to complete
The foundation of password dictionary library.
In embodiments of the present invention, in order to enable weak passwurd dictionary library more comprehensively covers all types of weak passwurds,
It, can also be by common weak mouth in weak passwurd dictionary library other than the account password comprising being selected according to Brute Force rule
It enables information be summarized, is added in weak passwurd dictionary library.
Wherein, common weak passwurd information can be obtained from public network.
For example, account password is qaz@wsx, although account password setup meets the requirement of password complexity,
Be account password be according to keyboard rule be arranged, it is easy to be cracked, this kind of account password is common weak passwurd information.
By adding common account password in weak passwurd dictionary library, so that can cover in weak passwurd dictionary library more
The weak passwurd information of type, improves the comprehensive of weak passwurd dictionary library, to improve using the weak passwurd dictionary library to weak
The accuracy of password detection.
The flow information of server is obtained it can be seen from above-mentioned technical proposal;Flow information is parsed, account is obtained
The registered permanent residence enables;It inquires in the weak passwurd dictionary library pre-established with the presence or absence of the target weak passwurd to match with account password;Its
In, it include the weak passwurd information gone out according to Rule Extraction in weak passwurd dictionary library;When in weak passwurd dictionary library exist and the account
When the registered permanent residence enables the target weak passwurd to match, then illustrate that the account password in the flow information obtained is weak passwurd, in order to be promoted
Account security carries out alarm notification at this time, to remind user to modify account password.In the technical scheme, foundation is built in advance
Vertical weak passwurd dictionary library detects account password, effectively improves the efficiency of weak passwurd detection.And it is weak establishing
According to Rule Extraction weak passwurd information when password dictionary library, the comprehensive of the weak passwurd information for including in weak passwurd dictionary library is improved
Property, to effectively improve the accuracy of weak passwurd detection.
In embodiments of the present invention, historical traffic information is parsed, getting log-on message can also save later
Log-on message, in order to subsequent query calls.
In practical applications, in addition to including account information, account password, logging state and login time in log-on message
Outside, the other information parsed in historical traffic information can also be saved as log-on message.
In order to promote the safety of account, in user setting account password, often to the form of account password
It is required that i.e. setting password complexity is regular, such as, it is desirable that the account password length of setting is not less than eight, while including number
Word, letter and spcial character etc..
When being provided with password complexity rule to account password, it is in the weak passwurd dictionary library that inquiry pre-establishes then
Before the target weak passwurd that no presence matches with account password, then it can first judge whether account password meets password complexity
Rule.
When account password meets password complexity rule, then illustrate that the form satisfaction of the account password of user setting is wanted
It asks, can be executed in the weak passwurd dictionary library that inquiry pre-establishes at this time with the presence or absence of the weak mouth of target to match with account password
The step of enabling.
When account password does not meet password complexity rule, then illustrate that the form of the account password of user setting is unsatisfactory for
It is required that can show the notice that password format is not inconsistent, at this time in order to which user's reset meets the account of password complexity rule
The registered permanent residence enables.
When being provided with password complexity rule to account password, the account password of user setting is to meet password complexity
Therefore the password of metric then when establishing weak passwurd dictionary library, can detect the concrete form of log-on message.Specifically
, from selected in log-on message meet Brute Force rule target log-on message after can further judge that target is stepped on
Whether the account password in record information meets preset password complexity rule.
When there is the target account password for meeting password complexity rule, then target account password is saved to weak passwurd
Dictionary library.
Correspondingly, pre- can further judge whether weak passwurd information meets after obtaining weak passwurd information in public network
If password complexity rule.
When there is the target weak passwurd information for meeting password complexity rule, then by target weak passwurd information preservation to weak
Password dictionary library.
When to account password be provided with password complexity rule when, by according to password complexity rule to log-on message into
Row screening ensure that the weak passwurd information saved in weak passwurd dictionary library meets password complexity rule, carry out weak passwurd
When detection, avoid will meet password complexity rule account password and do not meet password complexity rule weak passwurd progress
Unnecessary comparison improves the efficiency of weak passwurd detection.
In embodiments of the present invention, the account password being cracked can also be counted;The account password being cracked is added to
Weak passwurd dictionary library constantly improve weak passwurd dictionary library with realizing, carries out weak mouth according to weak passwurd dictionary library to be promoted
Enable the accuracy of detection.
Fig. 3 be a kind of structural schematic diagram of weak passwurd detection device provided in an embodiment of the present invention, including acquiring unit 31,
Resolution unit 32, query unit 33 and Alarm Unit 34;
Acquiring unit 31, for obtaining the flow information of server;
Resolution unit 32 obtains account password for parsing to flow information;
Query unit 33, for inquiring in the weak passwurd dictionary library pre-established with the presence or absence of matching with account password
Target weak passwurd;It wherein, include the weak passwurd information gone out according to Rule Extraction in the weak passwurd dictionary library;If so, touching
Send out Alarm Unit 34;
Alarm Unit 34, for carrying out alarm notification.
Optionally, it is directed to the establishment process of weak passwurd dictionary library, device further includes selection unit and construction unit;
Acquiring unit is also used to obtain the historical traffic information of server;
Parsing is singly also used to parse historical traffic information, obtains log-on message;Wherein, log-on message includes account
Information, account password, logging state and login time;
Selection unit, for selecting the target log-on message for meeting Brute Force rule from log-on message, and by mesh
Account password in mark log-on message is saved to weak passwurd dictionary library;
Construction unit, for obtaining weak passwurd information from public network, and by weak passwurd information preservation to weak passwurd dictionary library,
To complete the foundation of weak passwurd dictionary library.
It optionally, further include storage unit;
Storage unit after obtaining log-on message, saves log-on message for parsing to historical traffic information.
It optionally, further include the first judging unit and second judgment unit;
First judging unit, for selected from log-on message the target log-on message for meeting Brute Force rule it
Afterwards, judge whether the account password in target log-on message meets preset password complexity rule;
Correspondingly, selection unit is specifically used for when there is the target account password for meeting password complexity rule, by mesh
Mark account password is saved to weak passwurd dictionary library;
Second judgment unit, for judging whether weak passwurd information meets after obtaining weak passwurd information in public network
Preset password complexity rule;
Correspondingly, construction unit is specifically used for when there is the target weak passwurd information for meeting password complexity rule, it will
Target weak passwurd information preservation is to weak passwurd dictionary library.
It optionally, further include third judging unit and display unit;
Third judging unit, for whether there is and account password phase in the weak passwurd dictionary library that inquiry pre-establishes
Before the target weak passwurd matched, judge whether account password meets password complexity rule;If it is not, then triggering display unit;If
It is then to trigger query unit;
Display unit, the notice not being inconsistent for showing password format.
It optionally, further include statistic unit and adding unit;
Statistic unit, for counting the account password being cracked;
Adding unit, for the account password being cracked to be added to weak passwurd dictionary library.
The explanation of feature may refer to the related description of embodiment corresponding to Fig. 1 and Fig. 2 in embodiment corresponding to Fig. 3, this
In no longer repeat one by one.
The flow information of server is obtained it can be seen from above-mentioned technical proposal;Flow information is parsed, account is obtained
The registered permanent residence enables;It inquires in the weak passwurd dictionary library pre-established with the presence or absence of the target weak passwurd to match with account password;Its
In, it include the weak passwurd information gone out according to Rule Extraction in weak passwurd dictionary library;When in weak passwurd dictionary library exist and the account
When the registered permanent residence enables the target weak passwurd to match, then illustrate that the account password in the flow information obtained is weak passwurd, in order to be promoted
Account security carries out alarm notification at this time, to remind user to modify account password.In the technical scheme, foundation is built in advance
Vertical weak passwurd dictionary library detects account password, effectively improves the efficiency of weak passwurd detection.And it is weak establishing
According to Rule Extraction weak passwurd information when password dictionary library, the comprehensive of the weak passwurd information for including in weak passwurd dictionary library is improved
Property, to effectively improve the accuracy of weak passwurd detection.
Fig. 4 is a kind of hardware structural diagram of weak passwurd detection device 40 provided in an embodiment of the present invention, comprising:
Memory 41, for storing computer program;
Processor 42, for executing computer program to realize such as the step of above-mentioned weak passwurd detection method.
The embodiment of the invention also provides a kind of computer readable storage medium, it is stored on computer readable storage medium
Computer program is realized when computer program is executed by processor such as the step of above-mentioned weak passwurd detection method.
It is provided for the embodiments of the invention a kind of weak passwurd detection method, device and computer readable storage medium above
It is described in detail.Each embodiment is described in a progressive manner in specification, the highlights of each of the examples are
With the difference of other embodiments, the same or similar parts in each embodiment may refer to each other.Embodiment is disclosed
Device for, since it is corresponded to the methods disclosed in the examples, so be described relatively simple, related place is referring to method
Part illustrates.It should be pointed out that for those skilled in the art, before not departing from the principle of the invention
It puts, can be with several improvements and modifications are made to the present invention, these improvement and modification also fall into the guarantor of the claims in the present invention
It protects in range.
Professional further appreciates that, unit described in conjunction with the examples disclosed in the embodiments of the present disclosure
And algorithm steps, can be realized with electronic hardware, computer software, or a combination of the two, in order to clearly demonstrate hardware and
The interchangeability of software generally describes each exemplary composition and step according to function in the above description.These
Function is implemented in hardware or software actually, the specific application and design constraint depending on technical solution.Profession
Technical staff can use different methods to achieve the described function each specific application, but this realization is not answered
Think beyond the scope of this invention.
The step of method described in conjunction with the examples disclosed in this document or algorithm, can directly be held with hardware, processor
The combination of capable software module or the two is implemented.Software module can be placed in random access memory (RAM), memory, read-only deposit
Reservoir (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technology
In any other form of storage medium well known in field.
Claims (10)
1. a kind of weak passwurd detection method characterized by comprising
Obtain the flow information of server;
The flow information is parsed, account password is obtained;
It inquires in the weak passwurd dictionary library pre-established with the presence or absence of the target weak passwurd to match with the account password;Its
In, it include the weak passwurd information gone out according to Rule Extraction in the weak passwurd dictionary library;
If so, carrying out alarm notification.
2. the method according to claim 1, wherein the establishment process of the weak passwurd dictionary library includes:
Obtain the historical traffic information of server;
The historical traffic information is parsed, log-on message is obtained;Wherein, the log-on message includes account information, account
The registered permanent residence enables, logging state and login time;
Select the target log-on message for meeting Brute Force rule from the log-on message, and by the target log-on message
In account password save to weak passwurd dictionary library;
Weak passwurd information is obtained from public network, and by the weak passwurd information preservation to the weak passwurd dictionary library, to complete
State the foundation of weak passwurd dictionary library.
3. according to the method described in claim 2, obtaining it is characterized in that, described parse the historical traffic information
After log-on message further include:
Save the log-on message.
4. according to the method described in claim 2, it is characterized in that, meeting violence in described select from the log-on message
After the target log-on message for cracking rule further include:
Judge whether the account password in the target log-on message meets preset password complexity rule;
When there is the target account password for meeting the password complexity rule, the account by the target log-on message
It is specially to save the target account password to weak passwurd dictionary library that the registered permanent residence, which is enabled and being saved to weak passwurd dictionary library,;
Correspondingly, described after obtaining weak passwurd information in public network further include:
Judge whether the weak passwurd information meets preset password complexity rule;
It is described by weak passwurd information preservation to weak mouth when there is the target weak passwurd information for meeting the password complexity rule
Enabling dictionary library is specially by the target weak passwurd information preservation to weak passwurd dictionary library.
5. according to the method described in claim 4, it is characterized in that, being in the weak passwurd dictionary library inquired and pre-established
Before the target weak passwurd that no presence matches with the account password further include:
Judge whether the account password meets the password complexity rule;
If it is not, then showing the notice that password format is not inconsistent;
If so, executing described inquire in the weak passwurd dictionary library that pre-establishes with the presence or absence of matching with the account password
The step of target weak passwurd.
6. method described in -5 any one according to claim 1, which is characterized in that further include:
Count the account password being cracked;
The account password being cracked is added to the weak passwurd dictionary library.
7. a kind of weak passwurd detection device, which is characterized in that including acquiring unit, resolution unit, query unit and Alarm Unit;
The acquiring unit, for obtaining the flow information of server;
The resolution unit obtains account password for parsing to the flow information;
The query unit matches for inquiring to whether there is in the weak passwurd dictionary library pre-established with the account password
Target weak passwurd;It wherein, include the weak passwurd information gone out according to Rule Extraction in the weak passwurd dictionary library;If so,
Trigger the Alarm Unit;
The Alarm Unit, for carrying out alarm notification.
8. device according to claim 7, which is characterized in that be directed to the establishment process of the weak passwurd dictionary library, institute
Stating device further includes selection unit and construction unit;
The acquiring unit is also used to obtain the historical traffic information of server;
The parsing is singly also used to parse the historical traffic information, obtains log-on message;Wherein, the log-on message
Including account information, account password, logging state and login time;
The selection unit, for selecting the target log-on message for meeting Brute Force rule from the log-on message, and
Account password in the target log-on message is saved to weak passwurd dictionary library;
The construction unit, for obtaining weak passwurd information from public network, and by the weak passwurd information preservation to the weak mouth
Dictionary library is enabled, to complete the foundation of the weak passwurd dictionary library.
9. a kind of weak passwurd detection device characterized by comprising
Memory, for storing computer program;
Processor, for executing the computer program to realize the weak passwurd detection side as described in claim 1 to 6 any one
The step of method.
10. a kind of computer readable storage medium, which is characterized in that be stored with computer on the computer readable storage medium
Program, realizing the weak passwurd detection method as described in any one of claim 1 to 6 when the computer program is executed by processor
Step.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811202283.2A CN109361518A (en) | 2018-10-16 | 2018-10-16 | A kind of weak passwurd detection method, device and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811202283.2A CN109361518A (en) | 2018-10-16 | 2018-10-16 | A kind of weak passwurd detection method, device and computer readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109361518A true CN109361518A (en) | 2019-02-19 |
Family
ID=65349116
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811202283.2A Pending CN109361518A (en) | 2018-10-16 | 2018-10-16 | A kind of weak passwurd detection method, device and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109361518A (en) |
Cited By (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109948332A (en) * | 2019-04-02 | 2019-06-28 | 山东浪潮云信息技术有限公司 | A kind of physical machine login password remapping method and device |
| CN110084034A (en) * | 2019-05-06 | 2019-08-02 | 重庆天蓬网络有限公司 | A kind of cipher set-up method, storage medium and electronic equipment based on weak passwurd detection |
| CN110222499A (en) * | 2019-05-22 | 2019-09-10 | 杭州安恒信息技术股份有限公司 | Mysql database weak password detection method |
| CN110336824A (en) * | 2019-07-10 | 2019-10-15 | 中国民航信息网络股份有限公司 | A kind of weak passwurd detection method, detection control equipment and weak passwurd detection system |
| CN110633565A (en) * | 2019-09-27 | 2019-12-31 | 上海赛可出行科技服务有限公司 | Domain user weak password detection method based on hash collision |
| CN110635914A (en) * | 2019-09-23 | 2019-12-31 | 南京经纬信安科技有限公司 | Weak password detection method and system |
| CN110768947A (en) * | 2019-08-14 | 2020-02-07 | 奇安信科技集团股份有限公司 | Penetration test password sending method and device, storage medium and electronic device |
| CN110826051A (en) * | 2019-10-14 | 2020-02-21 | 广州江南科友科技股份有限公司 | Weak password detection method, device, medium and terminal equipment |
| CN110929253A (en) * | 2019-11-28 | 2020-03-27 | 深圳昂楷科技有限公司 | Weak password detection method and device and intelligent equipment |
| CN111310169A (en) * | 2020-01-19 | 2020-06-19 | 广州数智网络科技有限公司 | Distributed weak password blasting algorithm and system |
| CN111339527A (en) * | 2020-02-20 | 2020-06-26 | 北京天融信网络安全技术有限公司 | Weak password detection method and system |
| CN111510437A (en) * | 2020-03-28 | 2020-08-07 | 杭州迪普科技股份有限公司 | Communication method and communication device |
| CN111641584A (en) * | 2020-04-13 | 2020-09-08 | 国网浙江省电力有限公司杭州供电公司 | Camera weak password monitoring method and device |
| CN111859368A (en) * | 2020-07-28 | 2020-10-30 | 深圳竹云科技有限公司 | Weak password generation method, password detection method, device and electronic equipment |
| CN111931165A (en) * | 2020-07-30 | 2020-11-13 | 合肥优尔电子科技有限公司 | Host password detection method and system based on dictionary library |
| CN111949975A (en) * | 2020-08-25 | 2020-11-17 | 深圳市广通软件有限公司 | Database password auditing method and device |
| CN112163215A (en) * | 2020-10-14 | 2021-01-01 | 杭州安恒信息技术股份有限公司 | Weak password detection method and device and computer equipment |
| CN112613029A (en) * | 2021-01-06 | 2021-04-06 | 深信服科技股份有限公司 | Weak password detection method and device, computer storage medium and equipment |
| CN113852625A (en) * | 2021-09-23 | 2021-12-28 | 杭州安恒信息技术股份有限公司 | Weak password monitoring method, device, equipment and storage medium |
| CN113852637A (en) * | 2021-09-28 | 2021-12-28 | 全球能源互联网研究院有限公司 | Weak password detection method and device and electronic equipment |
| CN114124570A (en) * | 2021-12-08 | 2022-03-01 | 杭州安恒信息安全技术有限公司 | ftp service weak password detection method, device, equipment and readable storage medium |
| CN115314276A (en) * | 2022-08-03 | 2022-11-08 | 厦门国际银行股份有限公司 | Security check management system, method and terminal equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150304302A1 (en) * | 2014-04-16 | 2015-10-22 | Alibaba Group Holding Limited | Method and apparatus of detecting weak password |
| CN106453256A (en) * | 2016-09-09 | 2017-02-22 | 四川长虹电器股份有限公司 | Password feature library system with automatic learning function and learning method thereof |
| CN106603507A (en) * | 2016-11-29 | 2017-04-26 | 哈尔滨安天科技股份有限公司 | Method and system for automatically completing network security self checking |
| CN107196899A (en) * | 2017-03-21 | 2017-09-22 | 北京神州泰岳软件股份有限公司 | Equipment weak passwurd management method and device |
| CN107426203A (en) * | 2017-07-13 | 2017-12-01 | 四川长虹电器股份有限公司 | Weak passwurd detecting system and implementation method and WEB platform |
-
2018
- 2018-10-16 CN CN201811202283.2A patent/CN109361518A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150304302A1 (en) * | 2014-04-16 | 2015-10-22 | Alibaba Group Holding Limited | Method and apparatus of detecting weak password |
| CN106453256A (en) * | 2016-09-09 | 2017-02-22 | 四川长虹电器股份有限公司 | Password feature library system with automatic learning function and learning method thereof |
| CN106603507A (en) * | 2016-11-29 | 2017-04-26 | 哈尔滨安天科技股份有限公司 | Method and system for automatically completing network security self checking |
| CN107196899A (en) * | 2017-03-21 | 2017-09-22 | 北京神州泰岳软件股份有限公司 | Equipment weak passwurd management method and device |
| CN107426203A (en) * | 2017-07-13 | 2017-12-01 | 四川长虹电器股份有限公司 | Weak passwurd detecting system and implementation method and WEB platform |
Cited By (29)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109948332A (en) * | 2019-04-02 | 2019-06-28 | 山东浪潮云信息技术有限公司 | A kind of physical machine login password remapping method and device |
| CN110084034A (en) * | 2019-05-06 | 2019-08-02 | 重庆天蓬网络有限公司 | A kind of cipher set-up method, storage medium and electronic equipment based on weak passwurd detection |
| CN110222499A (en) * | 2019-05-22 | 2019-09-10 | 杭州安恒信息技术股份有限公司 | Mysql database weak password detection method |
| CN110336824A (en) * | 2019-07-10 | 2019-10-15 | 中国民航信息网络股份有限公司 | A kind of weak passwurd detection method, detection control equipment and weak passwurd detection system |
| CN110768947A (en) * | 2019-08-14 | 2020-02-07 | 奇安信科技集团股份有限公司 | Penetration test password sending method and device, storage medium and electronic device |
| CN110635914A (en) * | 2019-09-23 | 2019-12-31 | 南京经纬信安科技有限公司 | Weak password detection method and system |
| CN110635914B (en) * | 2019-09-23 | 2022-11-18 | 南京经纬信安科技有限公司 | Weak password detection method |
| CN110633565A (en) * | 2019-09-27 | 2019-12-31 | 上海赛可出行科技服务有限公司 | Domain user weak password detection method based on hash collision |
| CN110826051A (en) * | 2019-10-14 | 2020-02-21 | 广州江南科友科技股份有限公司 | Weak password detection method, device, medium and terminal equipment |
| CN110929253A (en) * | 2019-11-28 | 2020-03-27 | 深圳昂楷科技有限公司 | Weak password detection method and device and intelligent equipment |
| CN111310169B (en) * | 2020-01-19 | 2020-10-23 | 广州数智网络科技有限公司 | Distributed weak password blasting algorithm and system |
| CN111310169A (en) * | 2020-01-19 | 2020-06-19 | 广州数智网络科技有限公司 | Distributed weak password blasting algorithm and system |
| CN111339527A (en) * | 2020-02-20 | 2020-06-26 | 北京天融信网络安全技术有限公司 | Weak password detection method and system |
| CN111339527B (en) * | 2020-02-20 | 2022-10-21 | 北京天融信网络安全技术有限公司 | Weak password detection method and system |
| CN111510437A (en) * | 2020-03-28 | 2020-08-07 | 杭州迪普科技股份有限公司 | Communication method and communication device |
| CN111510437B (en) * | 2020-03-28 | 2022-03-22 | 杭州迪普科技股份有限公司 | Communication method and communication device |
| CN111641584A (en) * | 2020-04-13 | 2020-09-08 | 国网浙江省电力有限公司杭州供电公司 | Camera weak password monitoring method and device |
| CN111859368A (en) * | 2020-07-28 | 2020-10-30 | 深圳竹云科技有限公司 | Weak password generation method, password detection method, device and electronic equipment |
| CN111931165A (en) * | 2020-07-30 | 2020-11-13 | 合肥优尔电子科技有限公司 | Host password detection method and system based on dictionary library |
| CN111949975A (en) * | 2020-08-25 | 2020-11-17 | 深圳市广通软件有限公司 | Database password auditing method and device |
| CN112163215A (en) * | 2020-10-14 | 2021-01-01 | 杭州安恒信息技术股份有限公司 | Weak password detection method and device and computer equipment |
| CN112613029A (en) * | 2021-01-06 | 2021-04-06 | 深信服科技股份有限公司 | Weak password detection method and device, computer storage medium and equipment |
| CN113852625A (en) * | 2021-09-23 | 2021-12-28 | 杭州安恒信息技术股份有限公司 | Weak password monitoring method, device, equipment and storage medium |
| CN113852625B (en) * | 2021-09-23 | 2024-04-30 | 杭州安恒信息技术股份有限公司 | Weak password monitoring method, device, equipment and storage medium |
| CN113852637A (en) * | 2021-09-28 | 2021-12-28 | 全球能源互联网研究院有限公司 | Weak password detection method and device and electronic equipment |
| CN114124570A (en) * | 2021-12-08 | 2022-03-01 | 杭州安恒信息安全技术有限公司 | ftp service weak password detection method, device, equipment and readable storage medium |
| CN114124570B (en) * | 2021-12-08 | 2024-04-26 | 杭州安恒信息安全技术有限公司 | Ftp service weak password detection method, apparatus, device and readable storage medium |
| CN115314276A (en) * | 2022-08-03 | 2022-11-08 | 厦门国际银行股份有限公司 | Security check management system, method and terminal equipment |
| CN115314276B (en) * | 2022-08-03 | 2023-07-04 | 厦门国际银行股份有限公司 | Security check management system, method and terminal equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109361518A (en) | A kind of weak passwurd detection method, device and computer readable storage medium | |
| US10867034B2 (en) | Method for detecting a cyber attack | |
| Hao et al. | Understanding the domain registration behavior of spammers | |
| US11030311B1 (en) | Detecting and protecting against computing breaches based on lateral movement of a computer file within an enterprise | |
| US10848505B2 (en) | Cyberattack behavior detection method and apparatus | |
| US9338187B1 (en) | Modeling user working time using authentication events within an enterprise network | |
| EP3068095B1 (en) | Monitoring apparatus and method | |
| CN105100032B (en) | A kind of method and device for preventing resource from stealing | |
| US20120158454A1 (en) | Method and system for monitoring high risk users | |
| CN102368853B (en) | Communication event processing method and system thereof | |
| JP4692776B2 (en) | Method for protecting SIP-based applications | |
| US8024782B2 (en) | Cumulative login credit | |
| CN110233831A (en) | The detection method and device of malicious registration | |
| CN102045300A (en) | Detecting method, device and system of botnet | |
| CN109409113B (en) | Power grid data safety protection method and distributed power grid data safety protection system | |
| CN106790073B (en) | Blocking method and device for malicious attack of Web server and firewall | |
| CN105939328A (en) | Method and device for updating network attack feature library | |
| CN105530251A (en) | Method and device for identifying phishing website | |
| CN109726578B (en) | Dynamic two-dimensional code anti-counterfeiting solution | |
| CN108040076A (en) | DNS water punishment attack processing methods and system based on Spark Streaming | |
| CN108712365B (en) | DDoS attack event detection method and system based on flow log | |
| CN109005181A (en) | A kind of detection method, system and the associated component of DNS amplification attack | |
| US10089448B1 (en) | System and method for program security protection | |
| CN111654499A (en) | Method and device for identifying attack breach based on protocol stack | |
| CN102945254A (en) | Method for detecting abnormal data among TB-level mass audit data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190219 |