CN115883205A - Weak password detection method and device for power monitoring system - Google Patents

Weak password detection method and device for power monitoring system Download PDF

Info

Publication number
CN115883205A
CN115883205A CN202211520544.1A CN202211520544A CN115883205A CN 115883205 A CN115883205 A CN 115883205A CN 202211520544 A CN202211520544 A CN 202211520544A CN 115883205 A CN115883205 A CN 115883205A
Authority
CN
China
Prior art keywords
password
user
login
monitoring system
weak
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211520544.1A
Other languages
Chinese (zh)
Inventor
邓建锋
黄宝鑫
赖宇阳
吴昊
肖焯
王依云
许露珉
张丽娟
谭洪华
李慧娟
连晨
母天石
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southern Power Grid Digital Grid Research Institute Co Ltd
Original Assignee
Southern Power Grid Digital Grid Research Institute Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southern Power Grid Digital Grid Research Institute Co Ltd filed Critical Southern Power Grid Digital Grid Research Institute Co Ltd
Priority to CN202211520544.1A priority Critical patent/CN115883205A/en
Publication of CN115883205A publication Critical patent/CN115883205A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The application relates to a weak password detection method and device for a power monitoring system, computer equipment, a storage medium and a computer program product. The method comprises the following steps: the method comprises the steps of obtaining login flow of a login equipment node in the power monitoring system, obtaining a user identification and a user password from the login flow, generating a guessed password set according to the user password, user information and webpage information corresponding to the user identification, comparing guessed passwords in the guessed password set with user passwords, and judging whether the user passwords are weak passwords or not. By adopting the method, the login flow of the login equipment node in the power monitoring system can be directly obtained, no relevant interface is required to be deployed in all network services, resources are saved, and the compatibility between the guessed password and the user password is increased, so that the accuracy of weak password detection of the power monitoring system is further enhanced.

Description

Weak password detection method and device for power monitoring system
Technical Field
The present application relates to the field of internet, and in particular, to a method, an apparatus, a computer device, a storage medium, and a computer program product for detecting a weak password in a power monitoring system.
Background
The electric power monitoring system performs centralized management on data recorded in real time of a low-voltage or medium-voltage distribution system, the state of an equipment switch and equipment remote control by means of a computer, a metering protection device and a bus technology, and can provide an integral solution of 'monitoring integration' for enterprises through the electric power monitoring system, so that the electric power monitoring system is widely applied. However, the existing power monitoring system needs an administrator to set and manage the system, and for reasons such as convenience for remembering or inputting, employees often set passwords as weak passwords; the weak password is a password which is easy to be cracked, once the weak password is cracked by people, the weak password can invade a power monitoring system to cause the leakage of the secret of an enterprise, and if parameters are tampered, the problems of equipment and processes can be caused, so that greater economic loss is caused. In view of the fact that the conventional technology has low accuracy in detecting the weak password, the method and the device capable of detecting the weak password more accurately are significant to the power monitoring system.
Disclosure of Invention
In view of the foregoing, it is necessary to provide a weak password detection method, apparatus, computer device, computer readable storage medium and computer program product for a power monitoring system, which can improve the detection accuracy of a weak password.
In a first aspect, the application provides a weak password detection method for a power monitoring system. The method comprises the following steps:
acquiring login flow of a login equipment node in the power monitoring system; acquiring a user identifier and a user password from the login flow; generating a guess password set according to the user password, the user information corresponding to the user identification and the webpage information; and comparing the guessed password in the guessed password set with the user password to judge whether the user password is a weak password.
In one embodiment, the obtaining the login flow of the login device node in the power monitoring system includes:
acquiring ciphertext flow of the login equipment node in the power monitoring system; identifying the login traffic from the ciphertext traffic.
In one embodiment, the obtaining the user identifier and the user password from the login traffic includes:
converting the login flow into a plaintext flow; and acquiring the user identification and the user password from the plaintext flow.
In one embodiment, the step of obtaining the user information and the web page information corresponding to the user identifier includes:
and grabbing the user information and the webpage information based on an information grabbing tool.
In one embodiment, the method further comprises:
searching in a weak password dictionary library, and judging whether a weak password matched with the user password exists in the weak password dictionary library or not; and under the condition that the weak password matched with the user password does not exist in the weak password dictionary library, generating the guessed password set according to the user password, the user information corresponding to the user identification and the webpage information.
In one embodiment, the step of generating a guessed password set according to the user password, the user information corresponding to the user identifier, and the web page information includes:
processing user information and the webpage information corresponding to the user identification to obtain a key field; carrying out structuralization processing on the user password to generate a structure list; and combining the structure list and the key fields to generate a guessed password set.
In a second aspect, the application further provides a weak password detection device for the power monitoring system. The device comprises:
the login flow acquisition module is used for acquiring login flow of a login equipment node in the power monitoring system; the password acquisition module is used for acquiring the user identification and the user password from the login flow; a guess password set generating module, configured to generate a guess password set according to the user password, user information corresponding to the user identifier, and web page information; and the weak password judgment module is used for comparing the guessed password in the guessed password set with the user password and judging whether the user password is a weak password or not.
In a third aspect, the present application also provides a computer device. The computer device comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps of any embodiment of the weak password detection method of the power monitoring system when executing the computer program.
In a fourth aspect, the present application further provides a computer-readable storage medium. The computer readable storage medium has stored thereon a computer program which, when executed by a processor, implements the steps of any of the embodiments of the power monitoring system weak password detection method described above.
In a fifth aspect, the present application further provides a computer program product. The computer program product comprises a computer program which, when executed by a processor, implements the steps of any of the embodiments of the power monitoring system weak password detection method described above.
The weak password detection method, the weak password detection device, the computer equipment, the storage medium and the computer program product of the power monitoring system acquire the login flow of the login equipment node in the power monitoring system, acquire the user identification and the user password from the login flow, generate the guessed password set according to the user password, the user information corresponding to the user identification and the webpage information, compare the guessed password in the guessed password set with the user password, and judge whether the user password is the weak password. According to the technical scheme provided by the embodiment of the application, the login flow of the login equipment node in the power monitoring system is directly obtained, no relevant interface is required to be deployed in all network services, resources are saved, factors of user information and webpage information corresponding to a user are considered in the process of generating the guessed password set, the structure of the user password is also considered, the compatibility between the guessed password and the user password is convenient to increase, and the accuracy of weak password detection of the power monitoring system is improved.
Drawings
FIG. 1 is a diagram of an exemplary implementation of a weak password detection method for a power monitoring system;
FIG. 2 is a flowchart illustrating a weak password detection method of the power monitoring system according to an embodiment;
FIG. 3 is a flowchart illustrating the step of obtaining the login flow of the login device node in the power monitoring system according to an embodiment;
FIG. 4 is a block diagram of a weak password detection apparatus of the power monitoring system in one embodiment;
FIG. 5 is a diagram illustrating an internal structure of a computer device according to an embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The weak password detection method for the power monitoring system provided by the embodiment of the application can be applied to the application environment shown in fig. 1. The login equipment nodes 102 communicate with the server 104 through the network, various flow data are generated in the process that the login equipment nodes 102 communicate with the server 104, the server 104 can obtain login flow of the login equipment nodes, obtain user identifications and user passwords from the login flow, generate guessed password sets according to the user passwords, user information and webpage information corresponding to the user identifications, compare guessed passwords in the guessed password sets with the user passwords, and judge whether the user passwords are weak passwords or not. The login device node 102 includes, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, internet of things devices, portable wearable devices, and the like. The server 104 includes, but is not limited to, an independent server or a server cluster composed of a plurality of servers.
In one embodiment, as shown in fig. 2, the method is described as applied to the server 104 in fig. 1, and includes the following steps:
step 202, obtaining login flow of a login equipment node in the power monitoring system.
The power monitoring system takes a computer, communication equipment and the like as basic tools, provides a basic platform for real-time data acquisition, state detection and remote control, can help enterprises to eliminate isolated islands, reduce operation cost, improve production efficiency and accelerate the response speed to power abnormity. The login equipment node belongs to one of various types of nodes of the power monitoring system and has login capability; the login flow belongs to flow data generated by a login equipment node in the process of communicating with a server, and the login flow comprises contents such as a user password and a user identifier.
In an embodiment, the power monitoring system includes a plurality of device nodes, the login device node is one of types of the plurality of device nodes, the login device node interacts with the server to generate various pieces of traffic data, and the login traffic belongs to one of the types of the traffic data.
In one embodiment, the login traffic may be identified based on a pre-trained traffic analysis model, the traffic analysis model is generated according to sample traffic data stored by the server, and the training and testing of the traffic analysis model includes the following steps:
step one, obtaining stored sample flow data from a server and preprocessing the sample flow data, wherein the preprocessing operation comprises flow data analysis, flow data cleaning and the like, the flow data analysis converts the flow data into a data format which can be directly identified and used, the flow data cleaning is used for eliminating the problems of flow data loss, data confusion, data repetition and data inconsistency, and the preprocessed sample flow data is used as input data and is respectively input into a flow analysis model;
and step two, taking 75% of sample flow data as a training set, and taking 25% of sample flow data as a test set, wherein the training set is used for training the flow analysis model, and the test set is used for continuously adjusting various parameters of the flow analysis model.
And step 204, acquiring a user identifier and a user password from the login flow.
The login traffic includes contents such as user identification and user password, and the user identification is information capable of uniquely characterizing the user identity, for example: a user ID; the user password includes an account number, a password and the like of the user in the power monitoring system, which are acquired by the login equipment node, and in the embodiment, the acquisition, storage, use, processing and the like of a plurality of items of data are all in accordance with relevant regulations of national laws and regulations.
And step 206, generating a guessed password set according to the user password, the user information corresponding to the user identifier and the webpage information.
The user information comprises externally-disclosed information such as the name, age, birthday, mobile phone number, affiliated unit, partial relative information and the like of a user corresponding to the user identification; the webpage information comprises visible information of the user on other websites and information generated by the user based on various operations, such as a place displayed when the user makes comments. The user password can be directly input by the user, can be actively acquired by the server, and also comprises other acquisition modes. The user password consists of an alphabetic segment, a numeric segment and a special character segment; similarly, each operation of the user information and the web page information in the embodiment conforms to relevant regulations of national laws and regulations. A guess password set is generated according to the user password, user information corresponding to the user identification and webpage information, has a structure consistent with the user password, and is used for verifying whether the user password is a weak password.
And step 208, comparing the guessed password in the guessed password set with the user password, and judging whether the user password is a weak password.
The guessed password set comprises a plurality of guessed passwords, the server compares the guessed passwords in the guessed password set with the user password respectively, and the comparison content comprises the structures and the contents of the guessed passwords and the user password are completely consistent, if so, the user password is a weak password.
The weak password detection method of the power monitoring system acquires login flow of a login equipment node in the power monitoring system, the server acquires user identification and a user password from the login flow, a guessed password set is generated according to the user password, user information corresponding to the user identification and webpage information, the guessed password in the guessed password set is compared with the user password, and whether the user password is a weak password or not is judged. According to the technical scheme provided by the embodiment of the application, the login flow of the login equipment node in the power monitoring system is directly obtained, no relevant interface is required to be deployed in all network services, resources are saved, factors of user information and webpage information corresponding to a user are considered in the process of generating the guessed password set, the structure of the user password is also considered, the compatibility between the guessed password and the user password is convenient to increase, and the accuracy of weak password detection of the power monitoring system is improved.
In one embodiment, as shown in fig. 3, acquiring login traffic of a login device node in a power monitoring system includes:
302, acquiring ciphertext flow of the login equipment node in the power monitoring system;
and step 304, identifying login flow from the ciphertext flow.
The login traffic is in an encrypted state in the process of communication between the login device node and the server, and cannot be directly identified by the server, on this basis, in order to quickly acquire the login traffic of the login device node, in this embodiment, the server first acquires the ciphertext traffic in the login device node, and identifies the login traffic from the ciphertext traffic, and the specific identification means may be based on a fixed traffic classification flag and a pre-trained traffic analysis model, which is not described in this embodiment again.
In the above embodiment, the server identifies the login traffic of the login device node from the ciphertext traffic, so that the acquisition range of the login traffic is reduced, and the efficiency of acquiring the login traffic in this embodiment is directly improved.
In one embodiment, the step of obtaining the user identification and the user password from the login traffic comprises:
converting the login flow into a plaintext flow; and acquiring the user identification and the user password from the plaintext flow.
On the basis that the power monitoring system is a closed-loop system and is in a closed state, an administrator can set a corresponding encryption and decryption algorithm for flow data generated by interaction of the login equipment node and the server and record the flow data and the corresponding encryption and decryption algorithm in a database, and in the embodiment, when the login flow in the encryption state is converted into plaintext flow, the corresponding decryption algorithm recorded in the database can be referred to. And then, acquiring the user identification and the user password from the plaintext traffic, namely acquiring the user identification and the user password from the login traffic in the plaintext state.
According to the embodiment, the login flow is converted into the plaintext state from the ciphertext state, so that the user identification and the user password are obtained, and the efficiency and the accuracy of weak password detection of the power monitoring system are improved.
In one embodiment, the step of obtaining the user information and the web page information corresponding to the user identifier includes:
and grabbing the user information and the webpage information based on the information grabbing tool.
The user information comprises externally-disclosed information such as the name, age, birthday, mobile phone number, affiliated unit, partial relative information and the like of a user corresponding to the user identification; the web page information includes information visible to the user at other web sites, as well as information generated by the user based on various operations. The server can obtain user information and web page information based on an information crawling tool, wherein the information crawling tool comprises a crawler program. When the information capturing tool is a crawler program, a target crawler address is set through a server, html language of a webpage is simply analyzed, a framework of the crawler is completed according to a template, and therefore user information and webpage information are obtained in a crawling mode.
In the embodiment, the comprehensiveness of capturing the user information and the webpage information is realized by using the information capturing tool in the process of capturing the user information and the webpage information, so that the weak password of the power monitoring system is more accurately detected.
In one embodiment, the method further comprises:
searching in a weak password dictionary library, and judging whether a weak password matched with the user password exists in the weak password dictionary library or not; and under the condition that a weak password matched with the user password does not exist in the weak password dictionary library, generating the guessed password set according to the user password, the user information corresponding to the user identification and the webpage information.
The server can judge the user password in advance by means of a weak password dictionary library, in one embodiment, the weak password dictionary library comprises a popular password, a semantic password and a character password, searching is carried out in the weak password dictionary library, whether a weak password matched with the user password exists in the weak password dictionary library is judged, and if the weak password exists, the user password is proved to belong to the weak password.
The weak passwords in the weak password dictionary library further include keyboard mode passwords, which are character passwords formed according to the order of keys on a keyboard, such as passwords "QWER", "ASDF", etc. formed in the horizontal order of the keys, passwords "EDC", etc. formed in the oblique order, passwords "QSXFT", "TGBHU", "VGYHN", etc. formed in the shape of a V ", passwords" qazsedfcft ", etc. formed in the shape of a W, where the characters corresponding to the keys of the keyboard also include lower case letters or a combination of upper and lower case letters, and if the user password matches with the keyboard mode password, the user password is a weak password.
Under the condition that a weak password matched with the user password does not exist in the weak password dictionary library, the server generates a guessed password set according to the user password, user information corresponding to the user identification and webpage information, and therefore whether the user password is the weak password is judged according to the guessed password set.
The embodiment forms the sequence from retrieving the weak passwords matched with the user passwords from the weak password dictionary library to identifying the weak passwords by utilizing the guessed password set so as to evaluate the strength levels of the user passwords, so that the weak password detection of the power monitoring system is more comprehensive, efficient and accurate.
In one embodiment, the step of generating a guessed password set according to the user password, the user information corresponding to the user identifier, and the web page information includes:
processing the user information corresponding to the user identification and the webpage information to obtain a key field; carrying out structuring processing on the user password to generate a structure list; and combining the structure list and the key fields to generate a guessed password set.
Processing user information and webpage information corresponding to a user identifier to obtain key fields, wherein the key fields are used for reflecting information such as a user communication mode and a birth date, different key fields correspond to different formats, such as a mobile phone number, the format of the mobile phone number is 11 continuous digits, and the format of the birth date is 8 continuous digits.
Carrying out structural processing on the user password to generate a structural list, wherein the structural processing is used for extracting regularization information in the user password, and the regularization information can be configured in advance, for example, extracting a number segment or a letter segment in the user password can be configured in advance; the structure list records the composition structure of the user password, the appearance sequence and the appearance frequency of each composition structure, and the user password is composed of a common character section and a special character section, wherein the common character section comprises numbers and letters, and the special character section comprises characters except the numbers and the letters, such as operation symbols, punctuation marks, functional symbols and the like. The structure list and the key fields are arranged and combined to generate a guessed password set.
For example, the result obtained by processing the user information and the web page information includes a key field "birthday" and a key field "name", the format of the key field "birthday" is 8 consecutive digits, specifically "20120901", the key field "name" is "ZHANGSAN", the format of the key field "ZSs", "ZHANGSAN", "zhanggs", "ZSAN", and the like, the structure of the user password obtained by the structural processing is "2 letters +6 digits", this embodiment can arbitrarily select two letters from a plurality of letters related to the key field of the name as the first and second digits of a guessed password, it is noted that all letters in the key field "name" are to be exhausted, and arbitrarily select 6 digits from the numerical values corresponding to the key field "birthday" as the contents of the rest digits of the guessed password, and the selection of the digits includes a 8 6 In one case, letters and numbers are combined to form a guessed password, such as "ZN212901", and a plurality of guessed passwords further form a set of guessed passwords. It is emphasized that the format of the key fields relates to letters and is not limited to the precedingThe capital letters, the letters in the format also include the case of lower case letters, or the case of upper case letters and lower case letters combined with each other, and the process of generating the guess password set can refer to the operation of the capital letters, which is not described herein again.
According to the method and the device, the structure of the user password is used as the basis, the user information corresponding to the user identification and the key field obtained by processing the webpage information are fused, so that the formed guessed password is more attached to the user password, and the accuracy of weak password detection of the power monitoring system is improved.
The following describes specific steps of the weak password detection method for the power monitoring system of the present application:
the method comprises the following steps that firstly, a server captures user information and webpage information of each user based on an information capturing tool, processes the user information and the webpage information corresponding to user identification, and obtains key fields;
secondly, the server acquires ciphertext flow of a login equipment node in the power monitoring system; identifying login flow from the ciphertext flow; identifying login flow according to a fixed flow classification label or identifying login flow according to a pre-trained flow analysis model;
step three, the server converts the login flow into a plaintext flow; acquiring a user identifier and a user password from plaintext flow;
step four, the server searches in a weak password dictionary library and judges whether a weak password matched with the user password exists in the weak password dictionary library or not;
judging the user password to be a weak password under the condition that the weak password matched with the user password exists in the weak password dictionary library;
step six, under the condition that a weak password matched with the user password does not exist in the weak password dictionary library, carrying out structural processing on the user password to generate a structural list; combining the structure list and the key fields to generate a guessed password set;
step seven, the guessed password in the guessed password set is compared with the user password; if the guessed password is matched with the user password, judging the user password to be a weak password;
step eight, when the password of the user is judged to be a weak password, the server displays that the password is the weak password and the password is required to be reset; if the result of the determination is a non-weak password, the server displays "login success".
It should be understood that, although the steps in the flowcharts related to the embodiments described above are shown in sequence as indicated by the arrows, the steps are not necessarily performed in sequence as indicated by the arrows. The steps are not limited to being performed in the exact order illustrated and, unless explicitly stated herein, may be performed in other orders. Moreover, at least a part of the steps in the flowcharts related to the embodiments described above may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, and the execution order of the steps or stages is not necessarily sequential, but may be performed alternately or alternately with other steps or at least a part of the steps or stages in other steps.
Based on the same inventive concept, the embodiment of the application also provides a weak password detection device of the power monitoring system, which is used for realizing the weak password detection method of the power monitoring system. The implementation scheme for solving the problem provided by the device is similar to the implementation scheme recorded in the method, so that specific limitations in one or more embodiments of the power monitoring system weak password detection device provided below can be referred to the limitations on the power monitoring system weak password detection method in the above, and details are not described herein again.
In one embodiment, referring to fig. 4, a weak password detection apparatus for a power monitoring system is shown, comprising: a login traffic obtaining module 401, a password obtaining module 402, a guessed password set generating module 403, and a weak password judging module 404, wherein:
a login flow acquiring module 401, configured to acquire a login flow of a login device node in the power monitoring system;
and a password obtaining module 402, configured to obtain the user identifier and the user password from the login traffic.
A guess password set generating module 403, configured to generate a guess password set according to the user password, the user information corresponding to the user identifier, and the web page information.
And a weak password judgment module 404, configured to compare the guessed password in the guessed password set with the user password, and judge whether the user password is a weak password.
In one embodiment, the login traffic obtaining module includes: the ciphertext flow acquiring unit is used for acquiring ciphertext flow of a login equipment node in the power monitoring system; the login flow identification unit is used for identifying the login flow from the ciphertext flow;
in one embodiment, the password obtaining module includes a traffic converting unit, configured to convert login traffic into plaintext traffic; and the user password acquisition unit is used for acquiring the user identification and the user password from the plaintext flow.
In one embodiment, the apparatus further comprises an information acquisition module for crawling user information and web page information based on an information crawling tool.
In one embodiment, the device further comprises a weak password dictionary library retrieval module, which is used for retrieving in the weak password dictionary library and judging whether a weak password matched with the user password exists in the weak password dictionary library; and under the condition that a weak password matched with the user password does not exist in the weak password dictionary library, generating a guessed password set according to the user password, user information corresponding to the user identification and webpage information.
In one embodiment, the guessed password set generating module comprises a key field acquiring unit, configured to process user information and web page information corresponding to the user identifier to acquire a key field; the structure list generating unit is used for carrying out structural processing on the user password to generate a structure list; and the guess password set generating unit is used for combining the structure list and the key fields to generate a guess password set.
All or part of the modules in the weak password detection device of the power monitoring system can be realized by software, hardware and a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a power monitoring system, and the internal structure thereof may be as shown in fig. 5. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for storing flow data generated by weak password detection of the power monitoring system. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a power monitoring system weak password detection method.
Those skilled in the art will appreciate that the architecture shown in fig. 5 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided, which includes a memory and a processor, the memory stores a computer program, and the processor executes the computer program to implement the steps of the weak password detection method of the power monitoring system provided in any one of the embodiments of the present application.
In one embodiment, a computer readable storage medium is provided, on which a computer program is stored, which when executed by a processor, performs the steps of providing a weak password detection method for a power monitoring system in any of the embodiments of the present application.
In one embodiment, a computer program product is provided, comprising a computer program that when executed by a processor performs the steps of any of the embodiments of the present application for providing a method for weak password detection for a power monitoring system.
It should be noted that, the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data for analysis, stored data, presented data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high-density embedded nonvolatile Memory, resistive Random Access Memory (ReRAM), magnetic Random Access Memory (MRAM), ferroelectric Random Access Memory (FRAM), phase Change Memory (PCM), graphene Memory, and the like. Volatile Memory can include Random Access Memory (RAM), external cache Memory, and the like. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others. The databases referred to in various embodiments provided herein may include at least one of relational and non-relational databases. The non-relational database may include, but is not limited to, a block chain based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic devices, quantum computing based data processing logic devices, etc., without limitation.
All possible combinations of the technical features in the above embodiments may not be described for the sake of brevity, but should be considered as being within the scope of the present disclosure as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present application. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present application should be subject to the appended claims.

Claims (10)

1. A weak password detection method for a power monitoring system, the method comprising:
acquiring login flow of a login equipment node in the power monitoring system;
acquiring a user identifier and a user password from the login flow;
generating a guess password set according to the user password, the user information corresponding to the user identification and the webpage information;
and comparing the guessed passwords in the guessed password set with the user password to judge whether the user password is a weak password.
2. The method of claim 1, wherein obtaining the login traffic of the login device node in the power monitoring system comprises:
acquiring ciphertext flow of the login equipment node in the power monitoring system;
identifying the login traffic from the ciphertext traffic.
3. The method of claim 2, wherein obtaining the user identifier and the user password from the login traffic comprises:
converting the login flow into a plaintext flow;
and acquiring the user identification and the user password from the plaintext flow.
4. The method of claim 1, wherein the step of obtaining the user information and the web page information corresponding to the user identifier comprises:
and grabbing the user information and the webpage information based on an information grabbing tool.
5. The method of claim 1, further comprising:
searching in a weak password dictionary library, and judging whether a weak password matched with the user password exists in the weak password dictionary library or not;
and under the condition that the weak password matched with the user password does not exist in the weak password dictionary library, generating the guessed password set according to the user password, the user information corresponding to the user identification and the webpage information.
6. The method of claim 1, wherein the step of generating a guess password set based on the user password, the user information corresponding to the user identifier, and the web page information comprises:
processing the user information corresponding to the user identification and the webpage information to obtain a key field;
carrying out structuralization processing on the user password to generate a structure list;
and combining the structure list and the key fields to generate a guessed password set.
7. A power monitoring system weak password detection apparatus, the apparatus comprising:
the login flow acquisition module is used for acquiring the login flow of the login equipment node in the power monitoring system;
the password acquisition module is used for acquiring the user identification and the user password from the login flow;
a guess password set generating module, configured to generate a guess password set according to the user password, user information corresponding to the user identifier, and web page information;
and the weak password judgment module is used for comparing the guessed password in the guessed password set with the user password and judging whether the user password is a weak password or not.
8. A computer device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements the power monitoring system weak password detection method of any of claims 1 to 6 when executing the computer program.
9. A computer storage medium having stored thereon a computer program, characterized in that the program, when executed by a processor, implements the power monitoring system weak password detection method of any of claims 1 to 6.
10. A computer program product comprising a computer program, characterized in that the computer program, when being executed by a processor, carries out the steps of the power monitoring system weak password detection method of any one of claims 1 to 6.
CN202211520544.1A 2022-11-30 2022-11-30 Weak password detection method and device for power monitoring system Pending CN115883205A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211520544.1A CN115883205A (en) 2022-11-30 2022-11-30 Weak password detection method and device for power monitoring system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211520544.1A CN115883205A (en) 2022-11-30 2022-11-30 Weak password detection method and device for power monitoring system

Publications (1)

Publication Number Publication Date
CN115883205A true CN115883205A (en) 2023-03-31

Family

ID=85764979

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211520544.1A Pending CN115883205A (en) 2022-11-30 2022-11-30 Weak password detection method and device for power monitoring system

Country Status (1)

Country Link
CN (1) CN115883205A (en)

Similar Documents

Publication Publication Date Title
CN107423632B (en) Customizable sensitive data desensitization method and system
CN108460582B (en) System information processing method, apparatus, computer device and storage medium
CA2906475C (en) Method and apparatus for substitution scheme for anonymizing personally identifiable information
CN110597963B (en) Expression question-answering library construction method, expression search device and storage medium
CN111600874B (en) User account detection method and device, electronic equipment and medium
Guo et al. Enabling secure cross-modal retrieval over encrypted heterogeneous IoT databases with collective matrix factorization
Zhang et al. Privacy-preserving image retrieval and sharing in social multimedia applications
WO2023093638A1 (en) Abnormal data identification method and apparatus, and device and storage medium
CN114036059A (en) Automatic penetration testing system and method for power grid system and computer equipment
Boahen et al. Detection of compromised online social network account with an enhanced knn
CN111651749A (en) Method and device for finding account based on password, computer equipment and storage medium
De La Torre-Abaitua et al. On the application of compression-based metrics to identifying anomalous behaviour in web traffic
Kuvonchbek Method Authentication of Objects Information Communication
CN111475785A (en) Information acquisition method and device, computer equipment and storage medium
CN104240107B (en) Community data screening system and method thereof
CN116055067B (en) Weak password detection method, device, electronic equipment and medium
CN115883205A (en) Weak password detection method and device for power monitoring system
CN115470361A (en) Data detection method and device
CN114338058B (en) Information processing method, device and storage medium
CN110457600B (en) Method, device, storage medium and computer equipment for searching target group
CN110717078A (en) Beauty shop business data monitoring method, device, equipment and medium
CN117235803B (en) Data security authentication method and device based on data elements and electronic equipment
Jones et al. An Intelligent Analysis of Mobile Evidence Using Sentimental Analysis
CN110071849B (en) Security protocol implementation security analysis method, device, medium and equipment
US20240184865A1 (en) Systems and methods for providing user validation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination