CN112861113A - Password guessing method of parameterized hybrid model - Google Patents

Password guessing method of parameterized hybrid model Download PDF

Info

Publication number
CN112861113A
CN112861113A CN202110026552.XA CN202110026552A CN112861113A CN 112861113 A CN112861113 A CN 112861113A CN 202110026552 A CN202110026552 A CN 202110026552A CN 112861113 A CN112861113 A CN 112861113A
Authority
CN
China
Prior art keywords
password
pcfg
characters
model
guess
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110026552.XA
Other languages
Chinese (zh)
Other versions
CN112861113B (en
Inventor
韩伟力
张俊杰
徐铭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fudan University
Original Assignee
Fudan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fudan University filed Critical Fudan University
Priority to CN202110026552.XA priority Critical patent/CN112861113B/en
Publication of CN112861113A publication Critical patent/CN112861113A/en
Application granted granted Critical
Publication of CN112861113B publication Critical patent/CN112861113B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Electrically Operated Instructional Devices (AREA)

Abstract

The invention belongs to the technical field of password security, and particularly relates to a password guessing method of a parameterized hybrid model. The invention comprises the following three steps: and generating an optimized PCFG and Markov password guessing model by utilizing the training set, distributing password guessing numbers according to an optimal parameterization strategy, and generating an alternative password set according to the distributed guessing numbers. The optimized PCFG and Markov password guess models are generated by utilizing the password training set, guess numbers are distributed to the optimized PCFG and Markov models according to the optimal parameterization strategy, and finally, alternative password sets are generated according to the distributed guess numbers. In addition, the invention also theoretically proves that the optimal parameterization strategy can ensure the optimality of the finally generated alternative password set. The method has good universality and can be applied to password data sets with different characteristics; the parameterization strategy provided by the method proves the optimality of the password set from theory, and can ensure the optimality of generating the alternative password set.

Description

Password guessing method of parameterized hybrid model
Technical Field
The invention belongs to the technical field of password security, and particularly relates to a password guessing method of a parameterized hybrid model.
Background
Text passwords are a typical authentication means to protect personal information and property. While researchers have proposed various methods of identity authentication (e.g., fingerprint-based identity authentication) in an attempt to replace text passwords, users have not abandoned text passwords for a short period of time due to the significant advantages of passwords in terms of user availability. In recent years, database leakage events have occurred at many web sites, such as career, CSDN. A large amount of user password data are stolen by a hacker due to database leakage events, and data-driven password guessing based on a mathematical probability model is possible due to a large amount of real data, so that the hacker can implement more efficient guessing attack on the user password, and the security of the user password is seriously damaged. In order to better evaluate the security strength of the password, researchers have proposed some efficient probabilistic password guessing methods (e.g., probabilistic context-free grammar-based guessing method, markov-based guessing method) to simulate hacking, and use the guess number required for the user to guess the password as the basis of the security strength.
In recent years, researchers have proposed several optimization schemes for the probabilistic password guessing method described above. For Probabilistic Context Free Grammar (PCFG) based guessing methods, optimization can be divided into two categories: (1) using external information (e.g., semantic information or personal information); (2) a finer grained predefined pattern (such as a keyboard pattern) is used. A typical approach to using extrinsic information is the semantic PCFG, while a typical approach to using a finer-grained predefined schema is pcfgv4.1. These optimization methods may better learn the composition of the user's password, thereby enabling generation of password guesses that are closer to the user's habits. For a Markov-based guessing method, researchers use a smoothing method to solve the sparsity problem, improve the guessing efficiency, and propose Markov models of different orders (among which a 3-order Markov model, i.e., 4-gram Markov, is effective and commonly used).
At present, no password guessing method for effectively combining different probability guessing models is provided, and most of the existing methods improve model design aiming at a single model or simply provide an ideal performance upper bound considering a plurality of models together from the perspective of theoretical evaluation. The use of a single model ignores the difference in the strengths of password guesses of different probabilistic guessing models and also makes the evaluation of the password strength evaluation inaccurate. The analysis of the upper bound of the ideal performance does not provide a password guessing method of a hybrid model from a practical and feasible point of view, and the lack of a practical and feasible attack mode can also result in that the user pays little attention to the upper bound of the ideal performance.
Disclosure of Invention
The invention aims to provide an efficient password guessing method of a parameterized hybrid model, which is practically available for users and can combine the advantages of different guessing models.
The invention provides a password guessing method of a parameterized hybrid model, which defines the category of passwords according to the types of characters forming the passwords, trains an optimized PCFG model to guess the passwords formed by two or more types of characters according to the guessing advantages of PCFG and Markov models different from the guessing advantages of the passwords formed by one type of characters and the passwords formed by two or more types of characters, trains the Markov model to guess the passwords formed by one type of characters, and thus better exerts the guessing advantages of different guessing models.
The password guessing method of the parameterized mixed model provided by the invention applies an optimal parameterized allocation strategy. The distribution strategy can distribute guess numbers for different models in the method according to the distribution characteristics of different classes of passwords in the training set, thereby realizing the optimal utilization of guess resources.
The invention provides a password guessing method of a parameterized hybrid model, which comprises the following specific steps of:
step one, training an optimized PCFG and Markov password guessing model by utilizing a training set
The training process is divided into two parts: training an optimized PCFG model and training a Markov model.
Training the optimized PCFG model by utilizing the input training set complete set, and filtering the obtained password structure; and training the Markov model by using a password formed by a class of characters in the input training set.
Step two, distributing password guess number according to the optimal parameterization strategy
And calculating the distribution guess number of the Markov model according to the input total guess number and the proportion of the password formed by the class of characters in the training set, and taking the rest distribution guess number as the distribution guess number of the optimized PCFG model.
Step three, generating alternative password set according to the distributed guess number
And respectively generating an alternative password set consisting of two or more types of characters and an alternative password set consisting of one type of characters by using the trained optimized PCFG and Markov password guessing models and guessing numbers distributed to the PCFG and Markov password guessing models, and finally combining the two alternative password sets to obtain the input alternative password set with the scale of total guessing numbers.
In the invention, the optimized PCFG is a method after the current latest PCFGv4.1 and semantic PCFG are integrated, and the method is mainly integrated by word segmentation processing of the two continuous English letter segments in a password and specifically comprises the following steps:
(1) carrying out word segmentation on the continuous English letter segments by using PCFGv4.1 to obtain one or more sections of English letter segments after word segmentation; carrying out word segmentation on the same continuous English letter segments by using semantic PCFG (primary character grid definition) to obtain one or more English letter segments after word segmentation;
(2) the above results are weighed to select a better segmentation result: if the PCFGv4.1 word segmentation result is only one segment, and the semantic PCFG word segmentation result is multiple segments, selecting the word segmentation result with higher average frequency of the segmented words in the training set; if the PCFGv4.1 word segmentation result has multiple sections and the semantic PCFG word segmentation result has only one section, checking whether the original English letter segment is in an English common word dictionary, if so, using the word segmentation result of the semantic PCFG, otherwise, using the word segmentation result of the PCFGv4.1; if the PCFGv4.1 segmentation result has multiple segments, and the semantic PCFG segmentation result also has multiple segments, but the contents of the two segments are different, the segmentation result with higher average frequency of the segmented words in the training set is selected.
In the present invention, a Markov model is used, which is a 4-gram Markov model that uses the first 3 occurring characters in a string to predict the probability of the next occurring character.
In the invention, PCFGv4.1 is proposed by Weir et al in 2019, and a multi-word segmentation method based on word frequency of a training set is used for continuous English letter segments, namely whether words are segmented or not is determined according to short words forming the continuous English letter segments; the semantic PCFG is proposed by Veras et al in 2014, and uses a word segmentation method in the natural language processing field, namely, continuous English letter segments in a password are regarded as sentences in natural language processing for word segmentation processing.
When the word segmentation results of the two methods are consistent, no additional processing is needed, and what needs to be balanced is the situation when the two word segmentation methods conflict, which is specifically divided into the following three situations:
(1) if the PCFGv4.1 word segmentation result only has one segment, and the semantic PCFG word segmentation result has multiple segments, selecting the word segmentation result with higher average frequency of the segmented words in the training set;
(2) if the PCFGv4.1 word segmentation result has multiple sections and the semantic PCFG word segmentation result has only one section, checking whether the original English letter segment is in an English common word dictionary, if so, using the word segmentation result of the semantic PCFG, otherwise, using the word segmentation result of the PCFGv4.1;
(3) if the PCFGv4.1 segmentation result has multiple segments, and the semantic PCFG segmentation result also has multiple segments, but the contents of the PCFG segmentation result and the semantic PCFG segmentation result are different, the segmentation result with higher average frequency of the segmented words in the training set is selected.
In the first step of the present invention, the structure filtering operation during the training of the optimized PCFG model specifically includes:
(1) since the optimized PCFG model in representing the password structure follows the 6 characters used by PCFGv4.1 in representing the structure: "A", "D", "O", "Y", "K", and "X". Wherein "a" represents an english letter, "D" represents a number, and "O" represents a special symbol; "Y" represents a year pattern, consisting of pure numbers; "K" represents a keyboard pattern, consisting of two or more types of characters; "X" represents a contextual pattern, also consisting of two or more types of characters;
(2) therefore, what needs to be filtered is a structure obtained by password training and composed of one type of characters, and the type of the characters represented by the structure should be only one. In combination with the meaning of the 6 characters representing the structure, the structure to be filtered is: a structure consisting of "a", a structure consisting of "D", a structure consisting of "O", a structure consisting of "Y" and a structure consisting of "D" and "Y".
In training the Markov model, the operation is required to extract a password consisting of only one type of characters from the training set as the training set of the Markov model.
In step two of the present invention, the optimal parameterization strategy for assigning guesses is specifically divided into the following steps:
(1) counting the number of passwords formed by one type of characters (namely English letters, numbers or special symbols without distinguishing large and small letters) in the training set and the total number of passwords formed by two or more types of characters (namely passwords except the password formed by one type of characters) in the training set, and dividing the number of the passwords formed by two or more types of characters by the number of the one type of passwords to obtain a ratio;
(2) the result of dividing the ratio by the power of 1.2 is recorded as k and used
Figure BDA0002890458110000041
Multiplying the value by the total guess number to obtain the distribution guess number of the 4-gram Markov; and subtracting the 4-gram Markov distribution guess number from the total guess number to obtain the distribution guess number of the optimized PCFG model.
Technical effects
The scheme provided by the invention is easy to realize, and the password guessing configuration of the optimal parameterized hybrid model can be conveniently realized. Different guess numbers can be conveniently distributed to different models in the frame in proportion according to the distribution proportion of various types of passwords in a training set used for training the probabilistic model and the upper limit of the guess number expected to be acceptable by a user, so that the total guess effect of the frame with the limited guess number can be optimal.
The parameterization strategy provided by the invention demonstrates the optimality from the perspective of theoretical proof. Starting from the definition of an optimal parameterization strategy, the optimality of a guess number distribution scheme is systematically demonstrated by using equivalent condition conversion, formula derivation and some approximate calculation.
The scheme provided by the invention has certain dependency on an application scene, and is only suitable for the condition that a training set and a test set are distributed in the same way, but the dependency is also a necessary condition when a probability model can work efficiently. Therefore, the method is used as a password guessing method of a hybrid model based on the probability model, and can play a better guessing effect in a scene that the original probability model is effective.
Drawings
FIG. 1 is a flow chart of the design of the whole framework of the password guessing method of the hybrid model.
Detailed Description
The following examples are given for the detailed description of the embodiments and the operation of the invention, but the scope of the invention is not limited to the following examples.
In the embodiment of the present invention, the design flow of the password guessing method framework of the hybrid model is shown in fig. 1. Passwords are divided into two general categories, based on their constituent characters: passwords composed of one type of characters and passwords composed of two or more types of characters. The passwords can be divided into seven subclasses according to which one or more types of characters are composed of English letters, numbers and special symbols.
Optimized PCFG model training
The optimized PCFG model integrates the PCFGv4.1 and a semantic PCFG word segmentation method for English letter fragments, and the specific mode is as follows:
TABLE 1 combination of the word segmentation method for English letter fragments for PCFGv4.1 and semantic PCFG
Figure BDA0002890458110000051
Both the PCFGv4.1 and the semantic PCFG segment long segments of English letters, thereby helping the model to better model the contents of English letters. The segmentation modes of the two methods are one dependent on phrase frequency in a data set and one dependent on word segmentation results of natural language processing, and the two methods have advantages and disadvantages respectively. Table 1 deals with cases where there is a possibility of conflict between the two, and the best segmentation result of the two is selected as the final result for each case.
For example, for the continuous english letter fragment "the proplem", pcfgv4.1 would be identified as "the" and "blem", and the semantic PCFG would be identified as "the" and "proplem". Both methods divide English letter fragments into multiple segments, and the average frequency of the segments "the" and "problem" recognized by the semantic PCFG is higher, so that the result is finally used as the final word segmentation result.
Assigning password guesses according to optimal parameterization strategy
The specific method of the optimal parameterization strategy is to take the ratio of the number of the first class character password divided by the number of other passwords in the training set to 1.2 times as the result of k division, and use the result as the parameter
Figure BDA0002890458110000052
Multiplying the value by the total guess number to obtain the distribution guess number of the 4-gram Markov; and subtracting the 4-gram Markov distribution guess number from the total guess number to obtain the distribution guess number of the optimized PCFG model. The following is a proof derivation process of optimality.
The optimal parameterization strategy considers the problem of how to assign different models to achieve optimal overall guess effect given a certain total guess number. Plotting the guessing process for each model as a "guess-to-descramble" curve, the problem becomes how to select points on these curves such that the sum of the ordinates (i.e., the descramble count for each model) (i.e., the total descramble count) is maximized with the sum of the abscissas (i.e., the guess counts used by each model) (i.e., the total descramble count) being a fixed value. Considering that the "guess-breaker" curve of each model can be approximately regarded as a smooth monotonically increasing concave function (i.e., the second derivative is less than 0), theorem 1 is proof of the solution to the problem.
Theorem 1 gives two smooth monotonically increasing concave functions (concave functions) f (x), g (x), for which the sum of any two abscissas is C (C is a constant) and point x1,x2Existence of
Figure BDA0002890458110000053
The following equivalence conditions are satisfied:
Figure BDA0002890458110000054
the demonstration process is as follows:
first, assume a point x for which the sum of any two abscissas on the two functions is C (C is a constant)1,x2Existence of
Figure BDA0002890458110000061
Satisfy the requirement of
Figure BDA0002890458110000062
Then we will point out
Figure BDA0002890458110000063
Move to the right slightly to a point
Figure BDA0002890458110000064
Will be dotted
Figure BDA0002890458110000065
Slightly move to the left to a point
Figure BDA0002890458110000066
According to the assumptions, we can get
Figure BDA0002890458110000067
In the same way, we can obtain
Figure BDA0002890458110000068
Then we start the following derivation:
Figure BDA0002890458110000069
steps (1) to (2) have been mentioned in the preceding paragraph, and steps (2) to (3) are a shift operation plus an inequality operation in which both sides are divided by a positive number,step (4) to simplify one of the steps (3),
Figure BDA00028904581100000610
show that
Figure BDA00028904581100000611
At the left limit value of the first derivative,
Figure BDA00028904581100000612
show that
Figure BDA00028904581100000613
At the right limit of the first derivative. In a similar manner to that described above,
Figure BDA00028904581100000614
show that
Figure BDA00028904581100000615
At the left limit value of the first derivative,
Figure BDA00028904581100000616
show that
Figure BDA00028904581100000617
At the right limit of the first derivative. Since the functions are smooth, the first derivative value at each point is approximately equal to the left and right limits of the first derivative value, and since the nature of the concave function determines that the first derivative of the function is monotonically decreasing, it is possible to obtain
Figure BDA00028904581100000618
And
Figure BDA00028904581100000619
in combination with step (4) we can deduce step (5):
Figure BDA00028904581100000620
since the sum of the two concave functions is also a concave function, i.e. monotonically decreasingTherefore, the local optimal point found here is the global optimal point.
Given that theorem 1 is only an analysis and a proof of the case of two models, theorem 1 for a plurality of model cases derived from theorem 1 is given below.
Theorem 1 gives n smooth monotonically increasing concave functions f1(x),f2(x),...,fn(x) For any n abscissa sums of the n (n ≧ 2) functions and the constant point x1,x2,...,xnExistence of
Figure BDA00028904581100000621
The following equivalence conditions are satisfied:
Figure BDA00028904581100000622
the demonstration process is as follows:
here demonstrated using mathematical induction.
First, theorem 1 shows that theorem 1 holds true for the case where n is 2.
Next, assuming that the theorem 1 holds when n is k (k ≧ 2), the theorem 1 holds for k points out of the k +1 points when n is k + 1. In other words, each time a point is fixed, the optimal solution is found for the remaining k points, and the last points found must be points where the k first derivatives are equal. This is repeated several times, eventually resulting in the first derivatives of the k +1 points being the same. Therefore, the case where 1 is theorem for n ═ k +1 is also true.
Thus, the case of multiple models is also solved, as can be seen from introduction 1.
The problem now to be solved becomes how to find the points with the same slope on the guessed curves of the multiple models. Considering that the slope of the guess curve represents the cracked password number in the unit guess number, according to the analysis of the predecessors and the further fitting verification, the method finds that the curve of the unit guess number and the cracked password number can be represented by fitting according to Zipf law, namely, logy- α logx, and the α values of different models are basically the same. Next, using this finding, the method proposes lemma 2.
Lemma 2 for two "unit guess-cracked password" curves that can be fitted with the Zipf's law, if their alpha values are the same, then when the ordinate of the point above them is the same, the proportion of the abscissa positively correlates with the proportion of the specific class of passwords guessed for by the different models in the training set.
The following was demonstrated:
first, for two "unit guess-number-to-solve-number" curves, the value of the ordinate of their point represents the slope of the corresponding abscissa point on the guess curve, and therefore the ratio of the assigned guess numbers finally sought is the ratio of the abscissas when their ordinates are equal. Two "Unit guess-number of password to solve" curves can be used by logy1=logC1-α*logx1And log y2=logC2-α*logx2And (4) showing. Then when the number of password hacked in their unit guess number is the same, y1=y2Then x at this time can be obtained by establishing an equation1,x2Satisfy the requirement of
Figure BDA0002890458110000071
Then, when the abscissa of the two points is the same, i.e. x1=x2Then, establishing an equation may yield y1/y2=C1/C2. This means that for any x1=x2We can get
Figure BDA0002890458110000072
In fact, the integral multiple of1idx represents the area of a space enclosed by the curve of the unit guess number-password cracking number and the coordinate axis, and the actual meaning is the number of passwords which can be cracked by the model finally. When the number of guesses that the model can use is large enough, this number will approach, infinitely, the number of passwords for the type of cracking the model in the test set. Considering that the passwords in the training set and the passwords in the test set are distributed in the same way, the two passwords are of the same typeShould also be the same, so when y is1=y2When the temperature of the water is higher than the set temperature,
Figure BDA0002890458110000073
Figure BDA0002890458110000074
so far, the optimality of the parameterization strategy provided by the invention is proved. According to the experience of experimental results, the selection of the alpha value can be 1.2-1.4, and 1.2 is recommended.

Claims (5)

1. A password guessing method of a parameterized hybrid model is characterized by comprising the following specific steps of:
step one, generating optimized PCFG and Markov password guessing model by utilizing training set
Training the optimized PCFG model by utilizing the input training set complete set, and filtering the obtained password structure; training the Markov model by using a password formed by a class of characters in the input training set;
step two, distributing password guess number according to the optimal parameterization strategy
Calculating to obtain the distribution guess number of the Markov model according to the input total guess number and the proportion of the password formed by the characters in the training set, and taking the rest distribution guess number as the distribution guess number of the optimized PCFG model;
step three, generating alternative password set according to the distributed guess number
And respectively generating an alternative password set consisting of two or more types of characters and an alternative password set consisting of one type of characters by using the trained optimized PCFG and Markov password guessing models and guessing numbers distributed to the PCFG and Markov password guessing models, and finally combining the two alternative password sets to obtain the input alternative password set with the scale of total guessing numbers.
2. The password guessing method for the parameterized hybrid model as in claim 1, wherein the optimized PCFG is a method after integrating the current latest pcfgv4.1 and the semantic PCFG, mainly integrating word segmentation processing of the current latest pcfgv4.1 and the semantic PCFG for continuous english alphabet segments in the password, and specifically comprising the following steps:
(1) carrying out word segmentation on the continuous English letter segments by using PCFGv4.1 to obtain one or more sections of English letter segments after word segmentation; carrying out word segmentation on the same continuous English letter segments by using semantic PCFG (primary character grid definition) to obtain one or more English letter segments after word segmentation;
(2) the above results are weighed to select a better segmentation result:
if the PCFGv4.1 word segmentation result is only one segment, and the semantic PCFG word segmentation result is multiple segments, selecting the word segmentation result with higher average frequency of the segmented words in the training set;
if the PCFGv4.1 word segmentation result has multiple sections and the semantic PCFG word segmentation result has only one section, checking whether the original English letter segment is in an English common word dictionary, if so, using the word segmentation result of the semantic PCFG, otherwise, using the word segmentation result of the PCFGv4.1;
if the PCFGv4.1 segmentation result has multiple segments, and the semantic PCFG segmentation result also has multiple segments, but the contents of the two segments are different, the segmentation result with higher average frequency of the segmented words in the training set is selected.
3. A parametric hybrid model password guessing method as in claim 1, characterized in that the Markov used is 4-gram Markov, i.e. a Markov model that uses the first 3 occurring characters in a string to predict the probability of the next occurring character.
4. The password guessing method for parameterized hybrid models as in claim 1, wherein in step one, the structure filtering operation in training the optimized PCFG model is specifically:
since the optimized PCFG model continues to use 6 characters as pcfgv4.1 in representing the structure: "A", "D", "O", "Y", "K", and "X"; wherein "a" represents an english letter, "D" represents a number, and "O" represents a special symbol; "Y" represents a year pattern, consisting of pure numbers; "K" represents a keyboard pattern, consisting of two or more types of characters; "X" represents a contextual pattern, also consisting of two or more types of characters;
what needs to be filtered is a structure obtained by password training composed of a class of characters, and the class of the characters represented by the structure is only one; in combination with the meaning of the 6 characters representing the structure, the structure to be filtered is:
a structure consisting of "a", a structure consisting of "D", a structure consisting of "O", a structure consisting of "Y" and a structure consisting of "D" and "Y".
5. The password guessing method for parameterized hybrid models as in claim 1, wherein the optimal parameterization strategy for assigning guesses in step two is divided into the following steps:
(1) counting the number of passwords formed by one class of characters, namely English letters, numbers or special symbols which do not distinguish large and small letters in the training set and the total number of passwords formed by two or more classes of characters in the training set, and dividing the number of the passwords formed by the two or more classes of characters by the number of the one class of passwords to obtain a ratio;
(2) the result of dividing the ratio by the power of 1.2 is recorded as k and used
Figure FDA0002890458100000021
Multiplying the value by the total guess number to obtain the distribution guess number of the 4-gram Markov; and subtracting the 4-gram Markov distribution guess number from the total guess number to obtain the distribution guess number of the optimized PCFG model.
CN202110026552.XA 2021-01-08 2021-01-08 Password guessing method of parameterized mixed model Active CN112861113B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110026552.XA CN112861113B (en) 2021-01-08 2021-01-08 Password guessing method of parameterized mixed model

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110026552.XA CN112861113B (en) 2021-01-08 2021-01-08 Password guessing method of parameterized mixed model

Publications (2)

Publication Number Publication Date
CN112861113A true CN112861113A (en) 2021-05-28
CN112861113B CN112861113B (en) 2022-05-20

Family

ID=76001939

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110026552.XA Active CN112861113B (en) 2021-01-08 2021-01-08 Password guessing method of parameterized mixed model

Country Status (1)

Country Link
CN (1) CN112861113B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113254905A (en) * 2021-07-09 2021-08-13 中国人民解放军国防科技大学 Password dictionary fusion method and system based on probability weight
CN113886784A (en) * 2021-12-06 2022-01-04 华南理工大学 Password guessing method for improving guessing efficiency of small training set based on corpus

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1694394A (en) * 2005-04-14 2005-11-09 上海交通大学 Deciphering method for file password
US9438419B1 (en) * 2011-07-12 2016-09-06 The Florida State University Research Foundation, Inc. Probabilistic password cracking system
CN106803035A (en) * 2016-11-30 2017-06-06 中国科学院信息工程研究所 A kind of password conjecture set creation method and password cracking method based on username information
CN107491689A (en) * 2017-07-11 2017-12-19 国家计算机网络与信息安全管理中心 A kind of password cracking method and apparatus
CN108763920A (en) * 2018-05-23 2018-11-06 四川大学 A kind of password strength assessment model based on integrated study
CN110555140A (en) * 2019-08-29 2019-12-10 华南理工大学 Description, generation and detection method of corpus product rule oriented to password guess
CN110708169A (en) * 2019-10-19 2020-01-17 潘安琪 Password attack method based on structure division
CN112149388A (en) * 2020-09-25 2020-12-29 华南理工大学 Method for identifying vocabulary deformation in password and generating guessing rule

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1694394A (en) * 2005-04-14 2005-11-09 上海交通大学 Deciphering method for file password
US9438419B1 (en) * 2011-07-12 2016-09-06 The Florida State University Research Foundation, Inc. Probabilistic password cracking system
CN106803035A (en) * 2016-11-30 2017-06-06 中国科学院信息工程研究所 A kind of password conjecture set creation method and password cracking method based on username information
CN107491689A (en) * 2017-07-11 2017-12-19 国家计算机网络与信息安全管理中心 A kind of password cracking method and apparatus
CN108763920A (en) * 2018-05-23 2018-11-06 四川大学 A kind of password strength assessment model based on integrated study
CN110555140A (en) * 2019-08-29 2019-12-10 华南理工大学 Description, generation and detection method of corpus product rule oriented to password guess
CN110708169A (en) * 2019-10-19 2020-01-17 潘安琪 Password attack method based on structure division
CN112149388A (en) * 2020-09-25 2020-12-29 华南理工大学 Method for identifying vocabulary deformation in password and generating guessing rule

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
宋创创等: "基于集成学习的口令强度评估模型", 《计算机应用》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113254905A (en) * 2021-07-09 2021-08-13 中国人民解放军国防科技大学 Password dictionary fusion method and system based on probability weight
CN113254905B (en) * 2021-07-09 2021-09-24 中国人民解放军国防科技大学 Password dictionary fusion method and system based on probability weight
CN113886784A (en) * 2021-12-06 2022-01-04 华南理工大学 Password guessing method for improving guessing efficiency of small training set based on corpus

Also Published As

Publication number Publication date
CN112861113B (en) 2022-05-20

Similar Documents

Publication Publication Date Title
Li et al. A {Large-Scale} Empirical Analysis of Chinese Web Passwords
CN112861113B (en) Password guessing method of parameterized mixed model
CN102156551B (en) Method and system for correcting error of word input
CN1133918C (en) Symbol input
CN103336766B (en) Short text garbage identification and modeling method and device
Han et al. Regional patterns and vulnerability analysis of chinese web passwords
US20060142993A1 (en) System and method for utilizing distance measures to perform text classification
Herdagdelen et al. Generalized syntactic and semantic models of query reformulation
CN111125334A (en) Search question-answering system based on pre-training
CN106294330B (en) Scientific and technological text selection method and device
CN110555140B (en) Description, generation and detection method of corpus product rule oriented to password guess
CN111090734B (en) Method and system for optimizing machine reading understanding capability based on hierarchical attention mechanism
CN107423440A (en) A kind of question and answer context switching based on sentiment analysis is with strengthening system of selection
CN111984792A (en) Website classification method and device, computer equipment and storage medium
CN110909531A (en) Method, device, equipment and storage medium for discriminating information security
CN112883730B (en) Similar text matching method and device, electronic equipment and storage medium
CN107678560B (en) Candidate result generation method and device of input method, storage medium and electronic equipment
CN111191008A (en) Password guessing method based on numerical factor reverse order
CN109710762B (en) Short text clustering method integrating multiple feature weights
CN116402166B (en) Training method and device of prediction model, electronic equipment and storage medium
US20220058263A1 (en) Description-entropy-based intelligent detection method for big data mobile software similarity
Kambhatla Minority vote: at-least-n voting improves recall for extracting relations
CN115455957A (en) User touch method, device, electronic equipment and computer readable storage medium
Sun et al. Predicting chinese abbreviations from definitions: An empirical learning approach using support vector regression
CN113360004A (en) Input method candidate word recommendation method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant