CN113411339B - Password file leakage detection method based on zero factor graph sequence - Google Patents

Password file leakage detection method based on zero factor graph sequence Download PDF

Info

Publication number
CN113411339B
CN113411339B CN202110689419.2A CN202110689419A CN113411339B CN 113411339 B CN113411339 B CN 113411339B CN 202110689419 A CN202110689419 A CN 202110689419A CN 113411339 B CN113411339 B CN 113411339B
Authority
CN
China
Prior art keywords
user
password
zero
factor graph
honeywords
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110689419.2A
Other languages
Chinese (zh)
Other versions
CN113411339A (en
Inventor
李丽香
田艳昭
彭海朋
张嘉轩
赵珊珊
党中恺
王励成
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing University of Posts and Telecommunications
Original Assignee
Beijing University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing University of Posts and Telecommunications filed Critical Beijing University of Posts and Telecommunications
Priority to CN202110689419.2A priority Critical patent/CN113411339B/en
Publication of CN113411339A publication Critical patent/CN113411339A/en
Application granted granted Critical
Publication of CN113411339B publication Critical patent/CN113411339B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a password file leakage detection method based on a zero-factor graph sequence, which comprises a honeywords generation process and a DoS attack detection mechanism. According to the method for generating the honeywords, different numbers of zero-factor graph sequences are selected according to the length of the ASCII code corresponding to the user password. That is, each user has a different number of honeywords. According to the DoS attack detection method, according to a generation mechanism of the honeywords, a DoS attack detection strategy for using the honeywords is designed, an alarm threshold value for triggering registration of the honeywords is set, and the false alarm rate of detection of the honeywords is reduced. The detection method for leakage of the password file based on the zero-factor graph sequence optimizes the existing honeyword leakage detection system, designs the honey generation method based on the zero-factor graph sequence and the password file leakage detection method for resisting DoS attack, improves the security of the password file stored in the system, and can effectively enhance the DoS attack resistance of the system.

Description

Password file leakage detection method based on zero factor graph sequence
Technical Field
The invention relates to the technical field of computer information security, in particular to a password file leakage detection method based on a zero-factor graph sequence.
Background
With the increase of network bandwidth and the decrease of expenses, people can realize remote office, shopping, entertainment, navigation and payment through the network. However, with the richness of application scenarios, the network security problem becomes more and more prominent. Among them, password leakage of identity authentication is the most concerned security problem. If the password is leaked, anyone can legally log in through the leaked password.
Since 2016, many known websites such as Yahoo, Facebook, Google, Bilibili, etc., have exposed the name and password of the registered user to leakage. After a period of time, the password manager may detect the vulnerability, which presents a significant security risk to the user and the service provider. Anyone can access the data over the internet due to unreasonable password protection mechanisms. For a plaintext password, once a password file is leaked, most of the plaintext passwords can be quickly analyzed by using the existing password cracking technology.
To solve this problem, one idea is to design an authentication method that replaces the text password. Windows and other typical image recognition authentication mechanisms, but shoulder surfing attack is the biggest defect faced by such authentication methods. Another idea is to design a password leak detection method, but many passwords are leaked for a period of time before being discovered. If the password can be found to be leaked in time and replaced or reset, the risk of attack can be effectively reduced, and the idea is relatively low in cost. At present, many scholars propose a password leak detection method, and a honeywords scheme is relatively promising.
In 2013, Juels and Rivest propose a password leakage detection technology based on the honeylanguage. The user's true password is mixed with k-1honeywords as the user's "password". If the generation method of the honeywords is flat enough, an adversary can hardly guess the true password of the user when the hash file of the user password is inverted. Meanwhile, the system can detect the honeywords by using the honeywords to log in the server by an attacker. Moreover, the honeywords scheme only requires relatively low deployment cost, which is very helpful for upgrading the existing authentication system. At present, many honeyword generation schemes have been proposed. The scheme is proposed based on two strategies: firstly, designing a honeypot account for improving the security of user registration information; another approach is to design honeywords (fake passwords) to generate k-1 fake passwords for each account, increasing the difficulty of an adversary in breaking a user's password. When an adversary logs in a server side by using the honeywords, the honeykey can detect the password leakage in time. And prompting the server to take proper safety measures. Erguer proposes to use the other user's password to construct the meld to improve the flatness/flatness of the meld. The key problem of the honeylanguage scheme is how to generate effective honeylanguages, namely, the honeylanguages are difficult to distinguish from the real passwords of users, and in addition, the generation space of the honeylanguages is large enough to resist brute force cracking.
Wans et al tested 4 honeylanguage generation schemes proposed by Juels and Rivest using a real cryptographic database, and the results showed that neither of these schemes provides sufficient security. Chakraborty et al proposed a honey generation scheme PDP (Pair Distance protocol), but this scheme is difficult to resist cross-attack based on multiple systems. Guo Yixu 261073 and the like put forward a matching attack model, and find that some Mandarin schemes meet the requirement of perfect flatness, but an attacker still can obtain higher attack success rate.
Publication number CN 109711173 a discloses a password file leakage detection method, which includes a self-adaptive honeywords generation process and a DoS attack detection process; the self-adaptive honeywords generation method can automatically adjust according to the real password distribution conditions of different websites, so that the generated honeywords are close to the real distribution of real passwords continuously. The DoS attack detection method can be used for detecting DoS attacks aiming at the honeywords, so that the false alarm rate of the honeywords detection is greatly reduced. However, the technical solution has the following problems in the detection process of password leakage: 1) in the process of generating the honeywords, the generation space of the honeywords is based on the passwords of the existing users as the honeywords, the existing user passwords are based on natural languages, such as behavior habits of the users, user preferences, privacy of the users and the like, and theoretical bases are provided for statistical analysis. The inherent defect of generating the honey language by using the natural language is difficult to solve by a honey language generation strategy, and meanwhile, the honey language is generated based on the existing user password, the generation space of the honey language is limited, and the possibility is brought to violent crack of an enemy. 2) In the DoS attack resisting process, aiming at an adversary, the adversary logs in with the honeywords to trigger the honeywords alarm, the detection of the honeywords is heuristic, and the threshold value for triggering the alarm by the system has the possibility of misjudgment.
Disclosure of Invention
Aiming at the technical problems, the invention provides a password file leakage detection method based on a zero-factor graph sequence, which optimizes the existing honeyword leakage detection system, designs a honeyword generation method based on the zero-factor graph sequence and a password file leakage detection method for resisting DoS attack, and improves the security of system storage password files.
In order to achieve the above purpose, the invention provides the following technical scheme:
in the method for detecting the leakage of the password file based on the zero-factor graph sequence, an auxiliary service end provides the zero-factor graph sequence in the user registration process, the service end converts the user password into an ASCII code, the ASCII code and the zero-factor graph sequence are operated to obtain sweet sequences, only one of the sequence sets is the real password of the user, and the rest are honeywords; in the user login process, a user inputs a real password, the server side passes authentication, and the server side identifies honeywords to detect password file leakage; according to the DoS attack detection method, the situation that honeywords are used for logging in the DoS attack process is eliminated, and the DoS attack resistance is achieved; wherein, the service end is added with a honeyhecker end, and the generation process of honeywords is as follows: the method comprises the steps that a honey rechecker end generates a plurality of zero factor graphs according to a zero factor graph algorithm, generates a zero factor graph matrix corresponding to a zero factor graph, converts the zero factor graph matrix into a zero factor graph sequence according to a generation rule of the zero factor graph sequence, sends the zero factor graph sequence to a server end, converts a password input by a user into a corresponding ASCII code by the server end, selects the zero factor graph sequence and the ASCII code to carry out operation, and generates sweet sequences.
Further, in the user registration process, the number of the zero-factor graph sequences is selected according to the length of the ASCII code corresponding to the user password.
Furthermore, the password length is more than 10 bits, the length range of the ASCII code corresponding to the user password is 10-30, and the number of the user honeywords is 20-40.
Further, in the user registration process, a user submits a user name and a user password to a server, the server generates a plurality of Honeywords for each user, the Honeywords are stored in the server, the zero-factor graph sequence position t where the user password is located and the identification code ID of the user are sent to a Honeyhecker, and in the login stage, the Honeyhecker detects the authenticity of the user password by checking whether the ID is consistent with the t.
Further, in the user login process, the server judges whether the user is a registered user, and if the user is not registered, the server prompts the user to register; the server firstly judges whether the user password is a honeywords or not according to the user name and the user password submitted by the user, if not, the server refuses to log in and prompts the user to re-input the password; if the password of the user corresponds to t 'previous honeywords, whether the t' th position is the position t where the user really locates is judged through the password checking end, if yes, login is allowed, and the login is recorded; otherwise, the submitted password is named as honeywords, and records are made for the logins, and the logins are used as reference values for setting the threshold value for resisting the DoS attack.
Further, the zero-factor graph algorithm is as follows: and determining N, solving a triad (x, y, z) set of a triad equation xyz [ identical to ] 0modN, and randomly selecting a plurality of triads to generate a zero factor graph.
Further, the DoS attack detection step includes: 1) in the user login process, the system records the use conditions of the following indexes: the node overall resource occupancy rate and the number of times of logging in the system in unit time are as follows: the times PN of logging in the system by the real password, the times HN of logging in the system by the honeywords and the times TN of inputting the logging in the system by other users; 2) when the server side authenticates the user, recording the condition of the index, and judging whether the DoS attack is performed or the password file is leaked; 3) if the times HN of login of the honeywords to the system and the times TN of other input login systems exceed the threshold value of the system, the system is considered to be attacked by DoS; 4) if the times PN of logging in the system by the real password and the times HN of logging in the system by the honeywords are rapidly increased in a short time, and the times TN of inputting other login systems are unchanged, the password file is considered to be leaked, and the system needs to take safety measures; 5) if the times PN of the true password login system, the times HN of the honeywords login system and the times TN of other input login systems are rapidly increased in a short time, the password file is considered to be leaked, an attacker adopts the leaked password file to login the system, and the system needs to take safety measures; 6) if the system judges that the password file is leaked, adopting safety measures; 7) and if the system judges that the system is the DoS attack, adopting a security measure aiming at the DoS attack.
Further, the overall resource occupancy rate of the node includes a CPU usage rate, a physical memory usage rate, a virtual memory/SWAP space usage rate, a disk space usage rate, a network bandwidth usage rate, a network connection usage rate, an uplink bandwidth usage rate, a downlink bandwidth usage rate, a process increase rate, a thread increase rate, a disk busy rate, a disk write-in rate, and a disk read rate.
Further, the safety measures are specifically as follows: the system is prompted to modify the login password for the affected user.
Further, the security measure for DoS attack specifically includes: by analyzing the web log or checking the number of network connections, when the number of concurrent connections of a certain IP is too large, a firewall command is called to seal off the corresponding IP.
Compared with the prior art, the invention has the beneficial effects that:
the invention discloses a password file leakage detection method based on a zero factor graph sequence, which is a method for generating honeylanguages by using a zero factor graph and graph labels and provides a zero factor graph sequence generation algorithm easy to deploy on a honeylanguage verification server. The invention designs a zero factor graph generation strategy aiming at the problems of computation overhead and storage overhead of the zero factor graph, and the existing hardware equipment can meet the two overheads. Through analysis on the aspects of safety, flatness, storage overhead and the like, the honeyword scheme provided by the invention has better advantages, and an attacker can be detected in time through randomly selecting a honeyword verification system constructed by a zero-factor graph.
Drawings
In order to more clearly illustrate the embodiments of the present application or technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present invention, and other drawings can be obtained by those skilled in the art according to the drawings.
Fig. 1 is a flowchart of a user registration phase in a honeywords detection system according to an embodiment of the present invention.
Fig. 2 is a flowchart of a user login stage in the honeywords detection system according to the embodiment of the present invention.
Fig. 3 is a flowchart for generating the honeywords in the honeywords detection system according to the embodiment of the present invention.
Fig. 4 is a flowchart of a password modification phase in the honeywords detection system according to an embodiment of the present invention.
Detailed Description
The method for detecting the leakage of the password file based on the zero factor graph sequence comprises a honeywords generation process and a DoS attack detection mechanism. According to the method for generating the honeywords, different numbers of zero-factor graph sequences are selected according to the length of the ASCII code corresponding to the user password. That is, each user has a different number of honeywords. According to the DoS attack detection method, according to a generation mechanism of the honeywords, a DoS attack detection strategy for using the honeywords is designed, an alarm threshold value for triggering registration of the honeywords is set, and the false alarm rate of detection of the honeywords is reduced.
The invention improves the existing honeywords leakage detection scheme, overcomes the inherent semantic defect of honeywords generated by natural language, reduces the statistical characteristic of honeywords, improves the DoS attack resistance, and realizes the leakage detection of password files.
For a better understanding of the present invention, the method of the present invention is described in detail below with reference to the accompanying drawings.
The technical scheme provided by the invention is as follows:
a password file leakage detection method based on zero-factor graph sequences is characterized in that in a user registration stage, all passwords of a user are converted into corresponding ASCII (American standard code for information interchange) codes, the zero-factor graph sequences and the ASCII codes are combined to generate sweet sequences, only one of the sequence sets is a real password of the user, and the rest are honeywords; and eliminating the situation of using the honeywords for login in the DoS attack process according to a DoS attack detection mechanism, and realizing the DoS attack resistance.
First, system initialization procedure
And selecting the number of the zero factor graphs according to the length of the ASCII code corresponding to the user password. In order to improve the security of the user password, the password length set by the user should not be too short. The recommended user password length is more than 10 digits. Therefore, the length range of the ASCII code corresponding to the user password is 10-30, and the number of the user honeywords is 20-40.
Initializing a honeywords system, or adding a honeykey end to a traditional authentication service end.
Two, Honeywords generation process
The method comprises the steps that a honey rechecker end generates a plurality of zero factor graphs according to a zero factor graph algorithm, generates a zero factor graph matrix corresponding to a zero factor graph, converts the zero factor graph matrix into a zero factor graph sequence according to a generation rule of the zero factor graph sequence, sends the zero factor graph sequence to a server end, converts a password input by a user into a corresponding ASCII code by the server end, selects the zero factor graph sequence and the ASCII code to carry out operation, and generates sweet sequences. And randomly sequencing sweet sequences, and recording the zero factor graph sequence position of the user password.
The generation process of the honeywords is explained by specific examples below.
For example, the mathematical part:
Figure BDA0003126005870000071
X=(x1,x2,...,xq),E=(e1,e2,...,eq),Y=(y1,y2,...,yq)
xieiyi≡0mod N,i∈[1,q] (1)
randomly selecting a value of N, solving an equation (1) to obtain a triplet (x, e, y) set, randomly selecting a plurality of triples (for example, M is 6) to generate a zero factor graph, obtaining a corresponding zero factor graph matrix according to the combination condition of the triples, and obtaining a zero factor graph sequence according to the generation rule of the zero factor graph sequence.
For example: n100, M6, the triad sequence is: { (30,77,80), (84,85,95), (10,29,40), (40,50,80), (25,60,97), (34,60,85) }; { (14,24,75), (25,26,90), (70,72,75), (50,58,82), (16,30,95), (10,25,42) }; { (22,70,75), (24,25,96), (11,50,52), (20,22,25), (75,76,89), (32,34,50) }; {(10,70,93),(14,45,50),(29,55,60),(36,37,50),(40,75,96),(17,20,95)}.
A matrix generated from triples:
Figure BDA0003126005870000072
Figure BDA0003126005870000073
as the triples are arranged in different orders, the resulting matrix is also different.
The zero factor graph matrix can obtain several modes of the zero factor graph sequence, and the generation mode can be designed according to practical application.
Matrix (1)
Figure BDA0003126005870000074
Matrix (2)
Figure BDA0003126005870000081
Matrix (3)
Figure BDA0003126005870000082
Matrix (4)
Figure BDA0003126005870000083
Sequence of zero-factor graphs obtained from the way matrix (1) is generated:
Figure BDA0003126005870000084
Figure BDA0003126005870000085
……
Figure BDA0003126005870000086
……
Figure BDA0003126005870000087
is the user password angel #?
The user password corresponds to 971101031011083563 ASCII.
The ASCII corresponding to the user password is combined with the zero factor graph sequence to generate a new sequence as follows:
9:308410402534606059298577809540809785
97:142570501610293058722624759075829542
……
971101031011083563:222911207511340102503100151608235963
……
101429364017207537554570935060509695
a total of 25(ASCII length +7) zero-factor graph sequences, that is, the user has 25 sweet sequences, only one of which is the user's true password, 24 honeywords.
Third, user registration and login process
And in the processes of user registration and login, the honeywords are obtained according to the method for generating the honeywords in the step two, the server side judges the real password of the user, and the authentication is passed.
1) And in the registration stage, a user submits a user name and a user password to a server, the server generates a plurality of honeywords for each user according to the method in the step two, stores the plurality of honeywords in the server, and sends the zero-factor graph sequence position t where the user password is located and the identification code ID of the user to a honeykey (the authenticity of the user password is detected by checking whether the (ID, t) is consistent).
2) And in the login stage, the server judges whether the user is a registered user, and if the user is not registered, the server prompts the user to register. The server firstly judges whether the user password is a honeywords or not according to the user name and the user password submitted by the user, and if not, the server refuses to log in and prompts the user to re-input the password.
3) If the password of the user corresponds to t 'previous honeywords, the password checking terminal judges whether the t' th position is the position t where the user really locates the password, if yes, login is allowed, and the login is recorded.
4) Otherwise, the submitted password is named as the honeywords, the logins are recorded, and the logins are used as reference values for setting the threshold value of the DoS attack resistance.
5) In the above login behavior, the system detects and records the login behavior as a basis for judging whether the password is leaked.
Fourth, password file leakage detection method for resisting DoS attack
In the scheme for detecting password leakage of the honeywords, DoS attack resistance is the most important security problem to be solved by the system, and by setting a threshold value for triggering an alarm by an attacker through login of the honeywords, the sensitivity of the system during login of the honeywords is reduced, and the normal login environment of a legal user is maintained. The method for detecting the leakage of the password file against the DoS attack is as follows.
1) DoS attack detection method
Because DoS attacks do not necessarily act on the service process (i.e., the resource consumption of the service process is not increased), a better service denial effect can be obtained only by consuming the resources of the whole node to a certain degree, and therefore the resource consumption of the service process cannot be used as a basis for whether the DoS attacks are resource-depleted. The invention adopts the whole resource occupancy rate of the node when calculating the resource consumption of the node, and the resource importance of the node is obtained by the resource importance of each service on the node and the importance of the service.
In the user login process, the system records the use conditions of the following indexes. CPU utilization, physical memory utilization, virtual memory/SWAP space utilization, disk space utilization, network bandwidth utilization, network connection utilization, uplink bandwidth utilization, downlink bandwidth utilization, process increase, thread increase, disk busy, disk write-in rate, and disk read rate. The number of times the system is logged on per unit time. The method comprises the steps of PN times of logging in the system by a real password, HN times of logging in the system by a honeywords, and TN times of logging in the system by other inputs.
2) And when the server side authenticates the user, recording the condition of the index, and judging whether the DoS attack is performed or the password file is leaked.
3) A DoS attack is considered to have been encountered if the number HN of times a honeywords logs into the system and the number TN of times other inputs log into the system exceed a threshold value for the system.
4) If the times PN of the real password login system and the times HN of the honeywords login system are rapidly increased in a short time, and the times TN of other input login systems are unchanged, the password file is considered to be leaked, and the system needs to take safety measures.
5) If the times PN of the real password login system, the times HN of the honeywords login system and the times TN of other input login systems are rapidly increased in a short time, the password file is considered to be leaked, an attacker adopts the leaked password file to login the system, and the system needs to take safety measures.
6) And if the system judges that the password file is leaked, corresponding safety measures are adopted. For example, the system may be prompted to modify the login password for the affected user.
7) If the system judges that the IP address is the DoS attack, a safety measure aiming at the DoS attack is adopted, for example, a web log can be analyzed, or the number of network connections can be checked, and when the number of concurrent connections of a certain IP is too large, a firewall command is called to seal off the corresponding IP.
Based on the steps, a DoS attack resistant password file leakage detection mechanism generated by the honeywords based on the zero-factor graph sequence is realized.
The honey language scheme in the invention is constructed based on a zero factor graph sequence. Firstly, solving a ternary congruence equation xyz [ identical to ] 0modN to obtain a triplet (x, y, z), secondly, randomly selecting a plurality of triples from a triplet set to generate a zero-factor graph matrix, randomly selecting a plurality of triples from the generated zero-factor graph matrix to serve as a zero-factor graph sequence, and finally converting the zero-factor graph matrix into the zero-factor graph sequence according to a generation rule of the zero-factor graph sequence. Since the triples and the zero factor graph matrix are randomly selected in the process of generating the zero factor graph sequence, the set space of the zero factor graph sequence is undoubtedly increased, and brute force cracking can be well resisted. The number of honeywords generated for each user depends on the length of the ASCII code corresponding to the user password, and the system can flexibly select the number of zero-factor graph sequences according to the user password submitted by the user, and has no requirement on the number of registered users. In the design process of the DoS attack resisting strategy, in order to reduce the threshold value of the alarm which triggers the nectar checker when an attacker possibly adopts nectar login, the segmentation strategy of the ASCII code corresponding to the user password is designed, and the DoS attack resisting capability of the system can be effectively enhanced.
The above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: it is to be understood that modifications may be made to the technical solutions described in the foregoing embodiments, or equivalents may be substituted for some of the technical features thereof, but such modifications or substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims (1)

1. The password file leakage detection method based on the zero-factor graph sequence is characterized in that in the user registration process, an auxiliary service end provides the zero-factor graph sequence, the service end converts a user password into an ASCII code, the number of the zero-factor graph sequence is selected according to the length of the ASCII code corresponding to the user password, the ASCII code and the zero-factor graph sequence are operated to obtain sweet sequences, only one of the sequence sets is a user true password, the rest are honeywords, the password length is more than 10 bits, the length range of the ASCII code corresponding to the user password is 10-30, and the number of the honeywords of the user is 20-40; in the user login process, a user inputs a real password, the server side passes authentication, and the server side identifies honeywords to detect password file leakage; according to the DoS attack detection method, the situation that honeywords are used for logging in the DoS attack process is eliminated, and the DoS attack resistance is achieved; wherein, the service end is added with a honeyhecker end, and the generation process of honeywords is as follows: the method comprises the following steps that a honeyhecker end generates a plurality of zero factor graphs according to a zero factor graph algorithm, a zero factor graph matrix corresponding to a zero factor graph is generated, the zero factor graph matrix is converted into a zero factor graph sequence according to a generation rule of the zero factor graph sequence, the honeyhecker end sends the zero factor graph sequence to a server end, the server end converts a password input by a user into a corresponding ASCII code, the zero factor graph sequence and the ASCII code are selected for operation, and sweet sequences are generated; the zero-factor graph algorithm is as follows: determining N, solving a triple (x, y, z) set of a ternary equation xyz [ identical to ] 0mod N, and randomly selecting a plurality of triples to generate a zero factor graph; in the user registration process, a user submits a user name and a user password to a server, the server generates a plurality of honey words for each user, the honey words are stored in the server, a zero factor graph sequence position t where the user password is located and an identification code ID of the user are sent to a honey tracker, and in a login stage, the honey tracker detects the authenticity of the user password by checking whether the ID is consistent with the t.
CN202110689419.2A 2021-06-22 2021-06-22 Password file leakage detection method based on zero factor graph sequence Active CN113411339B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110689419.2A CN113411339B (en) 2021-06-22 2021-06-22 Password file leakage detection method based on zero factor graph sequence

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110689419.2A CN113411339B (en) 2021-06-22 2021-06-22 Password file leakage detection method based on zero factor graph sequence

Publications (2)

Publication Number Publication Date
CN113411339A CN113411339A (en) 2021-09-17
CN113411339B true CN113411339B (en) 2022-05-06

Family

ID=77682148

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110689419.2A Active CN113411339B (en) 2021-06-22 2021-06-22 Password file leakage detection method based on zero factor graph sequence

Country Status (1)

Country Link
CN (1) CN113411339B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114338147B (en) * 2021-12-28 2023-08-11 中国银联股份有限公司 Password blasting attack detection method and device

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111143812A (en) * 2019-11-15 2020-05-12 南京航空航天大学 Login authentication method based on graph

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8528060B2 (en) * 2005-12-22 2013-09-03 Telcordia Technologies, Inc. Method and system for password protocols in the bounded retrieval mode with security dictionary attacks and intrusions
CN109711173B (en) * 2019-02-03 2020-10-09 北京大学 Password file leakage detection method
CN111181998B (en) * 2020-01-09 2022-07-26 南京邮电大学 Design method of honeypot capture system for terminal equipment of Internet of things
CN112507306B (en) * 2020-12-21 2023-04-25 南京航空航天大学 Password protection method based on honeyword

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111143812A (en) * 2019-11-15 2020-05-12 南京航空航天大学 Login authentication method based on graph

Also Published As

Publication number Publication date
CN113411339A (en) 2021-09-17

Similar Documents

Publication Publication Date Title
US10554639B2 (en) Systems and methods for managing resetting of user online identities or accounts
Preuveneers et al. SmartAuth: dynamic context fingerprinting for continuous user authentication
US20040225899A1 (en) Authentication system and method based upon random partial digitized path recognition
KR100745044B1 (en) Apparatus and method for protecting access of phishing site
Chang et al. Generation of secure and reliable honeywords, preventing false detection
Dionysiou et al. Honeygen: Generating honeywords using representation learning
Tian et al. Achieving flatness: Graph labeling can generate graphical honeywords
Guo et al. Superword: A honeyword system for achieving higher security goals
CN106878335A (en) A kind of method and system for login authentication
CN113411339B (en) Password file leakage detection method based on zero factor graph sequence
Guan et al. A novel verification scheme to resist online password guessing attacks
Revett et al. Enhancing login security through the use of keystroke input dynamics
KR100927280B1 (en) How to prevent secure string exposure using fake rounds
CN114374531B (en) Access behavior control method, device, computer equipment and storage medium
EP4068125B1 (en) Method of monitoring and protecting access to an online service
Nokovic et al. API security risk assessment based on dynamic ML models
Wu et al. A secure strong-password authentication protocol
WO2019159809A1 (en) Access analysis system and access analysis method
Jain et al. A literature review on machine learning for cyber security issues
CN117134999B (en) Safety protection method of edge computing gateway, storage medium and gateway
CA2579826C (en) Authentication system and method based upon random partial digitized path recognition
Walker Importance of Secret Question Validation when Implementing Multi-Factor Authentication Protocols
Huang Exploratory Analysis of Password and Login Security Methods
Rahim et al. A survey on anti-phishing techniques: From conventional methods to machine learning
Suryawanshi et al. Enhancing the Security Using Honeywords

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant