CN112000948B - Password strength evaluation method based on sequence generation antagonistic neural network - Google Patents

Abstract

The invention discloses a password strength evaluation method based on a sequence generation antagonistic neural network, which comprises the following steps: obtaining a target neural network model, wherein the target neural network model is obtained by training a password set comprising a plurality of passwords; inputting a password to be evaluated into a target neural network model to determine the number of guesses required by the password to be evaluated; and determining the security intensity of the password to be evaluated according to the guessing times. The invention also discloses a password strength evaluation device and a readable storage medium. The method can solve the problem of low accuracy when the password strength evaluation is performed on the generated antagonistic neural network model generator model.

Description

Password strength evaluation method based on sequence generation antagonistic neural network

Technical Field

The invention relates to the technical field of information security, in particular to a password strength evaluation method based on a sequence generation antagonistic neural network.

Background

Password security strength assessment is a method for measuring the effectiveness of a password against guessing attacks or brute force cracking. With the continuous development of big data and artificial intelligence technology, more and more researches are conducted on password security and password strength evaluation methods based on neural networks, such as password strength evaluation methods based on generative countermeasure neural networks.

According to the traditional password strength evaluation method based on the generated type countermeasure neural network, a generator capable of accurately learning the original data distribution characteristic is trained through the aid of a discriminator, under the countermeasure game training mechanism, the generator continuously evolves to generate synthetic data which is more similar to real data, meanwhile, the discriminator also continuously improves the discrimination capability of the real data so that a model has good password strength evaluation capability, the password can be input into the model to evaluate the password strength, but because the password is used as a natural language text, the characters are various, corpus data is discrete after vectorization, cannot correspond to a word vector space, and the strength evaluation accuracy of the password is low.

Disclosure of Invention

The invention mainly aims to provide a password strength evaluation method based on a sequence generation antagonistic neural network, which solves the problem of low strength evaluation accuracy of passwords.

In order to achieve the above object, the present invention provides a password strength evaluation method of a sequence-based generation countermeasure neural network, the password strength evaluation method of the sequence-based generation countermeasure neural network including:

obtaining a target neural network model, wherein the target neural network model is obtained by training a password set comprising a plurality of passwords;

Inputting a password to be evaluated into a target neural network model to determine the number of guesses required by the password to be evaluated;

And determining the security intensity of the password to be evaluated according to the guessing times.

Optionally, the step of determining the security strength of the password to be evaluated according to the number of guesses includes:

If the number of guesses is greater than a preset number, determining that the password to be evaluated is a weak password;

And if the guessing times are smaller than or equal to the preset times, determining that the password to be evaluated is a strong password.

Optionally, the target neural network model generates an antagonistic neural network model for the sequence, the target neural network model includes a generator model and a arbiter model, and the step of inputting the password to be evaluated into the target neural network model to determine the number of guesses required by the password to be evaluated, includes:

Generating a target password through the generator model and the probability distribution of the password to be evaluated;

Obtaining the prediction probability of the target password according to the discriminator model;

judging whether the prediction probability is larger than a preset probability or not;

If the prediction probability is larger than the preset probability, acquiring the generation times of the target password, and taking the generation times as the guessing times required by the guessed to-be-evaluated password;

If the prediction probability is smaller than or equal to the preset probability, updating the password to be evaluated by adopting the target password, and updating the generation times of the target password;

and returning to the step of executing the probability distribution of the password to be evaluated obtained through the generator model and generating a target password according to the probability distribution.

Optionally, the step of acquiring the target neural network model includes:

Acquiring a password set;

preprocessing the password set to generate a target password set;

and inputting the target password set into a preset neural network model for training to obtain a target neural network model.

Optionally, the target password set includes a training set, a verification set and a test set, and the step of inputting the target password set into a preset neural network model to train to obtain a target neural network model includes:

training the preset neural network model by using the training set;

Verifying the trained preset neural network model by using the verification set, and updating parameters of the preset network model according to a verification result;

The tested and verified preset neural network model is tested by the test set, and a loss function is calculated;

judging whether the loss function converges or not;

if the loss function converges, compressing the trained preset neural network model to generate a target neural network model;

And if the loss function is not converged, returning to the step of training the preset neural network model by using the training set.

Optionally, the step of preprocessing the password set to generate a target password set includes:

data cleaning is carried out on the password set so as to remove invalid passwords;

Coding the remaining passwords in the password set after the invalid password is removed;

classifying the coded passwords in the password set according to a preset proportion to obtain the training set, the verification set and the test set.

Optionally, the invalid password is a password with a character length smaller than a preset length or a password containing characters not existing in preset characters.

Optionally, the step of determining the security strength of the password to be evaluated according to the number of guesses includes:

and sending the security intensity information of the password to be evaluated to a terminal corresponding to the password to be evaluated and outputting prompt information.

In order to achieve the above object, the present invention also provides a password strength evaluation device including a memory, a processor, and a password strength evaluation program stored on the memory and executable on the processor, which when executed by the processor, implements the steps of the password strength evaluation method of generating an countermeasure against a neural network based on a sequence as described above.

To achieve the above object, the present invention also provides a readable storage medium having stored thereon a password strength evaluation program which, when executed by a processor, implements the steps of the password strength evaluation method of generating an antagonistic neural network based on a sequence as described above.

The invention provides a password strength evaluation method based on a sequence generation countermeasure neural network, wherein a password strength evaluation device acquires a target neural network model trained according to a password set comprising a plurality of passwords, then inputs the password to be evaluated into the target neural network model, and determines the number of guesses required by the guesses of the password to be evaluated; and finally, determining the security strength of the password to be evaluated according to the number of guesses required by the guesses of the password to be evaluated. According to the technical scheme, the sequence generation countermeasure neural network model is used as the target network model, the model calculates the guessing times required by the guessing of the password to be evaluated, and whether the password to be evaluated is a strong password or a weak password is judged by comparing the guessing times with the threshold value of the password security intensity, so that the security intensity of the password is prevented from being evaluated only by the character characteristics of the password, and the accuracy of the strength evaluation of the password is effectively improved.

Drawings

The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.

FIG. 1 is a schematic diagram of a hardware architecture of a password strength evaluation device according to an embodiment of the present invention;

FIG. 2 is a flowchart of a method for password strength evaluation based on sequence generation antagonistic neural networks according to an embodiment of the present invention;

FIG. 3 is a flowchart of a second embodiment of a password strength evaluation method for generating an antagonistic neural network based on a sequence according to the present invention;

FIG. 4 is a flowchart of a third embodiment of a password strength evaluation method for generating an antagonistic neural network based on a sequence according to the present invention;

FIG. 5 is a flowchart of a fourth embodiment of a password strength evaluation method for generating an antagonistic neural network based on a sequence according to the present invention;

FIG. 6 is a flowchart of a fifth embodiment of a password strength evaluation method for generating an antagonistic neural network based on a sequence according to the present invention.

Detailed Description

It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.

As shown in fig. 1, fig. 1 is a schematic hardware architecture diagram of a password strength evaluation device according to an embodiment of the present invention.

As shown in fig. 1, the password strength evaluation apparatus may include: a processor 1001, such as a CPU, a network interface 1004, a user interface 1003, a memory 1005, a communication bus 1002. Where a communication bus 1002 is used to enable connected communication among the components, the memory 1005 may alternatively be a storage device separate from the aforementioned processor 1001.

It will be appreciated by those skilled in the art that the configuration of the password strength evaluation device shown in fig. 1 does not constitute a limitation of the password strength evaluation device, and may include more or fewer components than shown, or may combine certain components, or may be arranged in a different arrangement of components.

As shown in fig. 1, a memory 1005, which is a computer storage medium, may include an operating system and a password strength evaluation program of the password strength evaluation apparatus.

In the password strength evaluation apparatus shown in fig. 1, the network interface 1004 is mainly used for connecting to a background server and performing data communication with the background server; the user interface 1003 is mainly used for connecting a client (user side) and performing data communication with the client; and the processor 1001 may be configured to call a password strength evaluation program stored in the memory 1005 and perform the following operations:

obtaining a target neural network model, wherein the target neural network model is obtained by training a password set comprising a plurality of passwords;

Inputting a password to be evaluated into a target neural network model to determine the number of guesses required by the password to be evaluated;

And determining the security intensity of the password to be evaluated according to the guessing times.

Further, the processor 1001 may call a password strength evaluation program of the image processing apparatus stored in the memory 1005, and further perform the following operations:

If the number of guesses is greater than a preset number, determining that the password to be evaluated is a weak password;

And if the guessing times are smaller than or equal to the preset times, determining that the password to be evaluated is a strong password.

Further, the processor 1001 may call a password strength evaluation program of the image processing apparatus stored in the memory 1005, and further perform the following operations:

Generating a target password through the generator model and the probability distribution of the password to be evaluated;

Obtaining the prediction probability of the target password according to the discriminator model;

judging whether the prediction probability is larger than a preset probability or not;

If the prediction probability is larger than the preset probability, acquiring the generation times of the target password, and taking the generation times as the guessing times required by the guessed to-be-evaluated password;

If the prediction probability is smaller than or equal to the preset probability, updating the password to be evaluated by adopting the target password, and updating the generation times of the target password;

and returning to the step of executing the probability distribution of the password to be evaluated obtained through the generator model and generating a target password according to the probability distribution.

Further, the processor 1001 may call a password strength evaluation program of the image processing apparatus stored in the memory 1005, and further perform the following operations:

Acquiring a password set;

preprocessing the password set to generate a target password set;

and inputting the target password set into a preset neural network model for training to obtain a target neural network model.

Further, the processor 1001 may call a password strength evaluation program of the image processing apparatus stored in the memory 1005, and further perform the following operations:

training the preset neural network model by using the training set;

Verifying the trained preset neural network model by using the verification set, and updating parameters of the preset network model according to a verification result;

The tested and verified preset neural network model is tested by the test set, and a loss function is calculated;

judging whether the loss function converges or not;

if the loss function converges, compressing the trained preset neural network model to generate a target neural network model;

And if the loss function is not converged, returning to the step of training the preset neural network model by using the training set.

Further, the processor 1001 may call a password strength evaluation program of the image processing apparatus stored in the memory 1005, and further perform the following operations:

data cleaning is carried out on the password set so as to remove invalid passwords;

Coding the remaining passwords in the password set after the invalid password is removed;

classifying the coded passwords in the password set according to a preset proportion to obtain the training set, the verification set and the test set.

Further, the processor 1001 may call a password strength evaluation program of the image processing apparatus stored in the memory 1005, and further perform the following operations:

and sending the security intensity information of the password to be evaluated to a terminal corresponding to the password to be evaluated and outputting prompt information.

Referring to fig. 2, fig. 2 is a flowchart of a first embodiment of a password strength evaluation method for generating an antagonistic neural network based on a sequence according to the present invention, the password strength evaluation method includes the following steps:

step S10, a target neural network model is obtained, wherein the target neural network model is obtained through training according to a password set comprising a plurality of passwords;

The password strength evaluation method in the embodiment is applied to a password strength evaluation device, such as a server, which is provided with a trained target neural network model, and evaluates the security strength of a password by acquiring the target neural network model and utilizing the target neural network model, wherein the target neural network model is obtained by training a password set comprising a plurality of passwords, the target neural network model generates an antagonistic neural network (Sequence GENERATIVE ADVERSARIAL NETS, SEQGAN) for a Sequence, a generator model and a discriminator model are arranged in the model, the generator model is a circulating neural network (Recurrent Neural Network, RNN), and meanwhile, in order to avoid the problems of gradient disappearance and gradient explosion, the generator model is preferably a Long Short-Term Memory (LSTM:) or a gate-controlled circulating unit (Gated Recurrent Unit, GRU) as a basic unit of the circulating neural network; the discriminant model is preferably a convolutional neural network (Convolutional Neural Networks, CNN).

Specifically, the target neural network model obtained through password set training is stored in a password strength evaluation device, and when an instruction for password strength evaluation is required to be received, software automatically invokes the target neural network model to evaluate the security strength of the password.

Step S20, inputting a password to be evaluated into a target neural network model to determine the number of guesses required by the guesses of the password to be evaluated;

In this embodiment, after the target neural network model is obtained, the number of times of guessing the password to be evaluated is determined, where the number of times of guessing is the number of times required by the target neural network to guess the password to be evaluated, and the number of times of guessing reflects the difficulty level of guessing the password to be evaluated, that is, the security intensity of the password to be evaluated is represented, in general, the greater the number of times of guessing, the lower the security intensity of the password to be evaluated; conversely, the smaller the number of guesses, the higher the security strength of the password to be evaluated.

And step S30, determining the security intensity of the password to be evaluated according to the guessing times.

In this embodiment, the target neural network model is preset with a preset number of times for distinguishing the strength of the password, the preset number of times is a threshold value of the password security strength, and after determining that the target neural network model is based on the number of times of guessing the password to be evaluated, the relationship between the number of times of guessing and the preset number of times is compared to determine whether the password to be evaluated is the strong password or the weak password. The preset number of times may be set according to the requirement of the security strength of the password, and is not limited herein, for example, the preset number of times may be selected to be 5, 8 or 10.

Further, when the number of times of guessing the password to be evaluated is larger than the preset number of times, the password to be evaluated is indicated to be a weak password, and the security intensity of the password to be evaluated is low; when the number of times of guessing the password to be evaluated is smaller than or equal to the preset number of times, the password to be evaluated is indicated to be a strong password, and the security intensity of the password to be evaluated is high.

Further, after the security intensity of the password to be evaluated is determined according to the number of guesses, the security intensity information of the password to be evaluated is sent to a terminal corresponding to the password to be evaluated and prompt information is output, wherein the terminal corresponding to the password to be evaluated can be a computer, a mobile phone and the like.

In the technical scheme provided by the embodiment, a password to be evaluated is input into a target neural network model by acquiring the target neural network model, and the number of guesses required by the password to be evaluated, which is guessed, is determined; and determining the security intensity of the password to be evaluated according to the number of guesses. According to the scheme, the sequence generation antagonism neural network model is used as a target network model, the gradient strategy algorithm of the model is used for updating the parameters of the generator model, gradient updating of the generator model is realized, the number of guesses required by the guesses of the password to be evaluated is calculated, the number of guesses is compared with the threshold value of the password security intensity to judge whether the password to be evaluated is a strong password or a weak password, the strength evaluation accuracy of the password is effectively improved, the password resistance and password guessing attack capacity is further improved, and the password security is improved.

Referring to fig. 3, fig. 3 is a flowchart of a second embodiment of a password strength evaluation method for generating an antagonistic neural network based on a sequence according to the present invention, based on implementation one, the step S20 includes:

S21, generating a target password through the generator model and the probability distribution of the password to be evaluated;

In this embodiment, the generator model may continuously generate a password similar to the password to be evaluated, the target password is generated by the generator model, and the probability distribution is generated by the generator model according to the probability distribution of the target password that may be generated by the password to be evaluated and input to the model, that is, the probability distribution of the password learned by the target neural network, where the probability distribution characterizes the similarity between the target password that may be generated and the password to be evaluated.

Specifically, after the password to be evaluated is input into the target neural network model, the generator model selects the password with the highest similarity with the password to be evaluated through probability distribution to generate and serve as the target password.

S22, obtaining the prediction probability of the target password according to the discriminator model;

In this embodiment, the arbiter model has the ability to distinguish the password to be evaluated from the target password, and the arbiter model judges whether the target password is the password to be evaluated input to the model or the target password generated by the generator, and the output value after the judgment is a probability, which is a prediction probability, the size of the probability characterizes the accuracy of the arbiter in distinguishing the password to be evaluated from the target password, the prediction probability range is 0-1, in general, the greater the prediction probability, the greater the likelihood that the target password is the password to be evaluated, for example, the prediction probability is 0.95, that is, the target password has a 95% probability of being the password to be evaluated.

Specifically, after the generator model generates the target password, the arbiter model judges whether the target password is the password to be evaluated or the password generated by the generator model, and outputs a prediction probability to reflect how likely the target password is the password to be evaluated.

Step S23, judging whether the prediction probability is larger than a preset probability;

Step S24, if the prediction probability is larger than a preset probability, obtaining the generation times of the target password, and taking the generation times as the guessing times required by the guessed to-be-evaluated password;

In this embodiment, the preset probability is a threshold value of accuracy of distinguishing the password to be evaluated and the target password by the discriminator model, the preset probability can be selected according to actual needs, and the range of the preset probability is 0-1, for example, the preset probability can be selected to be 0.98, the preset probability is not limited herein, and when the predicted probability is greater than the preset probability, the target password predicted by the discriminator model is very likely to be the password to be evaluated, the generator model does not generate the target password any more, i.e., the generator model and the discriminator model reach Nash equilibrium. The number of times the generator model generates the target password.

Specifically, after the password to be evaluated is input into the target neural network model, the generator model continuously generates a target password based on the password to be evaluated, the discriminator model discriminates whether the probability of the target password is the password to be evaluated or not and outputs a prediction probability, if the prediction probability is larger than a preset probability, the generator model stops generating the target password, counts the number of the generated target passwords, takes the number as the generation times of the generator, and takes the generation times as the guessed times of the password to be evaluated.

Step S25, if the prediction probability is smaller than or equal to a preset probability, updating the password to be evaluated by adopting the target password, and updating the generation times of the target password;

Step S26, the step of obtaining the probability distribution of the password to be evaluated through the generator model and generating a target password according to the probability distribution is carried out in a returning mode.

In this embodiment, the predicted probability is less than or equal to the preset probability, the target password generated by the generator is used to update the password to be evaluated, the number of times of generation of the target password is updated, and the step of obtaining the probability distribution of the password to be evaluated through the generator model and generating the target password according to the probability distribution is performed again until the predicted probability is greater than the preset probability.

According to the technical scheme provided by the embodiment, the target neural network model predicts the probability distribution of the next password based on the password to be evaluated, the probability distribution is regulated to be standard through a Softmax function, the target password is generated by sampling according to the probability distribution and combining a Monte Carlo simulation sampling method, meanwhile, the target password is predicted by the discriminator model, the prediction probability is determined, when the prediction probability is smaller than or equal to the preset probability, the target is updated to the password to be evaluated, the number of the target passwords is updated, and the steps are returned until the prediction probability is larger than the preset probability, and because the password to be evaluated is continuously updated, the gradient of the generator model is updated, so that the strength evaluation accuracy of the password is effectively improved.

Referring to fig. 4, fig. 4 is a flowchart of a third embodiment of a password strength evaluation method for generating an antagonistic neural network based on a sequence according to the present invention, based on implementation one, the step S10 includes:

Step S11, obtaining a password set;

In this embodiment, in order to obtain the target neural network model, different password sets are first required to be obtained, and the neural network model is trained by using the obtained password sets. The password set is obtained from different platforms, wherein the platforms can be an e-commerce platform, a payment platform, a game platform and the like, and the passwords of the different platforms contain different attribute characteristics, so that the accuracy of the target neural network model obtained after training is improved.

Step S12, preprocessing the password set to generate a target password set;

In this embodiment, since the passwords originate from different platforms, the formats of the passwords have differences, and the obtained password set needs to be preprocessed to obtain the target password set for unifying the formats of the passwords, where preprocessing includes data cleaning, encoding and classification.

And S13, inputting the target password set into a preset neural network model for training to obtain a target neural network model.

In this embodiment, the target password set is input into a preset neural network model for training, and the target neural network model can be obtained.

According to the technical scheme, the target password set is obtained by obtaining the password set and preprocessing the password set, the target password set is input into the preset neural network model to be trained to obtain the target neural network model, and the obtained password set has differences in format, so that the formats can be unified through preprocessing, and the model training effect is improved.

Referring to fig. 5, fig. 5 is a flowchart of a fourth embodiment of a password strength evaluation method for generating an antagonistic neural network based on a sequence according to the present invention, based on implementation three, the step S13 includes:

Step S131, training the preset neural network model by using the training set;

Step S132, verifying the trained preset neural network model by using the verification set, and updating parameters of the preset neural network model according to a verification result;

Step S133, testing the verified preset neural network model by using the test set, and calculating a loss function;

step S134, judging whether the loss function converges or not;

Step S135, if the loss function converges, compressing the trained preset neural network model to generate a target neural network model;

if the loss function does not converge, returning to the step S131, that is, training the preset neural network model by using the training set.

In this embodiment, the preprocessed password set includes a training set, a verification set and a test set, the training set is used to train the preset neural network model, the verification set is used to verify the trained preset neural network model and update parameters of the preset neural network model according to the verification result, and finally the test set is used to test the verified preset neural network model to determine whether the loss function converges, wherein the loss function is a logarithmic loss function or a cross entropy loss function.

Specifically, if the loss function converges, it is indicated that the trained preset neural network model has a better effect and higher evaluation accuracy, and the trained preset neural network model is compressed to generate the target neural network model, wherein the compression method includes, but is not limited to, light weight, lossy compression and ZigZag coding. If the loss function is not converged, the trained preset neural network model is poor in effect, and the step of training the preset neural network model by using the training set is performed in a returning mode to update parameters of the model, wherein the parameters of the model comprise, but are not limited to, the learning rate, the step length and the training round number of the neural network model until the loss function is converged, and the model parameters are saved to obtain the target neural network model.

It should be noted that, before training the preset neural network, super parameters of the model, such as the number of hidden layer neurons, the number of hidden layers, the learning rate, the number of iterations, the negative sampling dimension, etc., are generally set. Meanwhile, in order to avoid model overfitting, a Dropout mechanism can be adopted, and certain neurons in the network are deactivated randomly through pre-designated probability, so that the neural network is prevented from learning too many non-common features. Based on historical experience of neural network model training, it can be set that: (1) the number of hidden layers is 4; (2) the number of neurons in each layer of the hidden layer is 512; (3) 150 training iterations epoch; (4) the learning rate LEARNING RATE is 0.0003; (5) softmax negative sample dimension set to 216; (6) a Batch size of 64 data input; (7) a maximum Gradient cutoff Gradient of 5; (8) Dropout is 0.5.

According to the technical scheme provided by the embodiment, the password set is utilized to train, verify and test the preset neural network model, and the model with the optimal password strength evaluation effect is determined by judging whether the loss function in the test result is converged or not and is used as the target neural network model.

Referring to fig. 6, fig. 6 is a flowchart of a fifth embodiment of a password strength evaluation method for generating an antagonistic neural network based on a sequence according to the present invention, based on implementation three, the step S12 includes:

Step S121, data cleaning is carried out on the password set so as to remove invalid passwords;

In this embodiment, the purpose of data cleaning is to reject an invalid password, where the invalid password is a password with a character length smaller than a preset length or a password containing characters that do not exist in preset characters. The preset length is the number of characters contained in the password, and can be selected according to specific needs, and is not limited herein, for example, the preset length can be selected to be 5. When the length of the password is smaller than the preset length, judging that the password is an invalid password, and eliminating the password from the password set; the preset characters are characters which can be identified by the preset neural network model, the characters of each password in the password set are respectively compared with the preset characters, whether the characters of each password exist in the preset characters or not is judged, if all the characters forming the password exist in the preset characters, the password is judged to be an effective password, and if any character does not exist in the preset characters in all the characters forming the password, the password is judged to be an invalid password and is eliminated from the password set.

Step S122, coding the remaining passwords in the password set after invalid passwords are removed;

In this embodiment, the remaining passwords in the password set after the invalid password is removed are encoded, where the encoding mode may be one-hot encoding, one-hot encoding is one-bit valid encoding, N states are encoded mainly by using N state registers, each state has its independent register bit, only one bit is valid at any time, and each integer value is represented as a binary vector by one-hot encoding.

Step S123, classifying the coded passwords in the password set according to a preset proportion to obtain the training set, the verification set and the test set.

In this embodiment, the preset ratio is a ratio relationship among the training set, the verification set and the test set, the encoded password set is classified according to the preset ratio, the preset ratio may be selected according to specific needs, and the preset ratio may be, for example, 7:2:1.

In the technical scheme provided by the embodiment, the invalid passwords in the password set are removed, the remaining valid passwords are coded, the training set, the verification set and the test set are divided, and the validity of the input to the preset neural network model is ensured.

Based on the above embodiment, the present invention further provides a password strength evaluation device, where the password strength evaluation device may include a memory, a processor, and a password strength evaluation program stored in the memory and capable of running on the processor, where the processor implements the steps of the password strength evaluation method based on the sequence generation antagonistic neural network according to any one of the above embodiments when the processor executes the password strength evaluation program.

Based on the above embodiment, the present invention further provides a readable storage medium having stored thereon a password strength evaluation program, which when executed by a processor, implements the steps of the sequence-based generation challenge neural network password strength evaluation method described in any of the above embodiments.

It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.

The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.

From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) as described above, comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method according to the embodiments of the present invention.

The foregoing description is only of the preferred embodiments of the present invention, and is not intended to limit the scope of the invention, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein or in the alternative, which may be employed directly or indirectly in other related arts.

Claims (9)

1. A password strength evaluation method for generating an antagonistic neural network based on a sequence, the password strength evaluation method comprising:

obtaining a target neural network model, wherein the target neural network model is obtained by training according to a password set comprising a plurality of passwords, the target neural network model generates an countermeasure neural network model for a sequence, and the target neural network model comprises a generator model and a discriminator model;

Obtaining probability distribution of the password to be evaluated through the generator model, and generating a target password according to the probability distribution;

obtaining the prediction probability of the target password according to the discriminator model, wherein the generator model continuously generates the target password based on the password to be evaluated, and each time one target password is generated, the discriminator model discriminates the probability that the target password is the password to be evaluated and outputs a prediction probability;

judging whether the prediction probability is larger than a preset probability or not;

If the prediction probability is larger than the preset probability, acquiring the generation times of the target password, and taking the generation times as the guessing times required by the guessed to-be-evaluated password;

If the prediction probability is smaller than or equal to the preset probability, updating the password to be evaluated by adopting the target password, and updating the generation times of the target password;

returning to the step of executing the probability distribution of the password to be evaluated obtained through the generator model and generating a target password according to the probability distribution;

And determining the security intensity of the password to be evaluated according to the guessing times.

2. The method for evaluating the strength of a password based on sequence generation antagonistic neural network according to claim 1, wherein the step of determining the security strength of the password to be evaluated from the number of guesses comprises:

If the number of guesses is greater than a preset number, determining that the password to be evaluated is a weak password;

And if the guessing times are smaller than or equal to the preset times, determining that the password to be evaluated is a strong password.

3. The method for evaluating password strength of a sequence-based generation countermeasure neural network of claim 1, wherein the step of obtaining a target neural network model includes:

Acquiring a password set;

preprocessing the password set to generate a target password set;

and inputting the target password set into a preset neural network model for training to obtain a target neural network model.

4. The method for evaluating password strength of a sequence-based generation countermeasure neural network of claim 3, wherein the target password set includes a training set, a validation set, and a test set, and the step of inputting the target password set into a preset neural network model to train the target neural network model includes:

training the preset neural network model by using the training set;

Verifying the trained preset neural network model by using the verification set, and updating parameters of the preset neural network model according to a verification result;

The tested and verified preset neural network model is tested by the test set, and a loss function is calculated;

judging whether the loss function converges or not;

if the loss function converges, compressing the trained preset neural network model to generate a target neural network model;

And if the loss function is not converged, returning to the step of training the preset neural network model by using the training set.

5. The method for evaluating password strength of a sequence-based generation countermeasure neural network of claim 4, wherein the step of preprocessing the password set to generate a target password set includes:

data cleaning is carried out on the password set so as to remove invalid passwords;

Coding the remaining passwords in the password set after the invalid password is removed;

classifying the coded passwords in the password set according to a preset proportion to obtain the training set, the verification set and the test set.

6. The method for evaluating the strength of a password based on a sequence generation countermeasure neural network according to claim 5, wherein the invalid password is a password having a character length smaller than a preset length or a password containing a character which does not exist in a preset character.

7. A method of evaluating the strength of a password for a sequence-based generation countermeasure neural network according to any of claims 1 to 6, wherein the step of determining the security strength of the password to be evaluated from the number of guesses is followed by:

and sending the security intensity information of the password to be evaluated to a terminal corresponding to the password to be evaluated and outputting prompt information.

8. A password strength evaluation device, characterized in that the password strength evaluation device comprises a memory, a processor and a password strength evaluation program stored on the memory and executable on the processor, the password strength evaluation program when executed by the processor implementing the steps of the sequence-based generation challenge neural network password strength evaluation method according to any one of claims 1 to 7.

9. A readable storage medium, wherein a password strength evaluation program is stored on the readable storage medium, and the password strength evaluation program when executed by a processor implements the steps of the sequence-based generation challenge neural network password strength evaluation method according to any one of claims 1 to 7.