Description, generation and detection method of corpus product rule for password guessing

A detection method and rule technology, applied in the field of password guessing, can solve problems such as large computational overhead, inappropriate password segmentation, and difficulty in providing a unified processing mode for corpus vocabulary.

Active Publication Date: 2019-12-10
SOUTH CHINA UNIV OF TECH
View PDF2 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the PCFG method has two important defects: 1) it is segmented according to the character type of the password, and it is difficult to provide a unified processing mode for corpus vocabulary containing multiple character types; 2) it needs to calculate the probability of occurrence of each password to be guessed, And according to the probability of each password from high to low, a large calculation overhead is introduced in the password guessing process, which is difficult to meet the password generation speed requirements of the online password guessing process
This method has two main problems: 1) Using the maximum vocabulary coverage as the word segmentation basis may lead to inappropriate password segmentation; 2) Same as the PCFG method, this method needs to predict the probability of each password to be guessed, and based on the probability Trying from high to low will also generate a large overhead in the password guessing process

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Description, generation and detection method of corpus product rule for password guessing
  • Description, generation and detection method of corpus product rule for password guessing
  • Description, generation and detection method of corpus product rule for password guessing

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0118] The password "loverain" contains multiple words, including "love", "lover", "over", "in" and so on. Based on these words, a directed acyclic graph of "loverain" can be formed, such as Figure 5 shown.

[0119] Each path in the directed acyclic graph of the password "loverain" has a weight, and the weight of each path is equal to the number of words in the corresponding corpus. Among them, the number of words in the corpus EN0_2 of "in" is 255, the number of words in the corpus EN0_4 of "love", "over" and "rain" is 5620, and the number of words in the corpus EN0_5 of "lover" is 2977. The vocabulary size of the lowercase alphabet road corpus is 26.

[0120] Traverse the directed acyclic graph to get all possible paths from the start point to the end point. Each path corresponds to a rule, and thus the number of guesses and the number of segments corresponding to the path and rule can be obtained. The password "loverain" has the following 8 paths, as shown in Table 1: ...

Embodiment 2

[0125] In this embodiment, the password set Rockyou is used as the training set, and the password set phpBB is used as the test set. When the number of guesses changes, the hit rate of the test set in the present invention is shown in Table 2, and the relationship between the number of guesses and the hit rate Such as Image 6 shown.

[0126] Table 2

[0127] number of guesses 10 8

10 9

10 10

10 11

10 12

10 13

10 14

10 15

hit rate 38% 52% 63% 72% 80% 86% 90% 94%

[0128] Table 3 shows the guessing hit rate compared with the password guessing methods in the present invention and related papers. In most cases, the hit rate of the password of the present invention is obviously better than the existing experimental results in most cases, and there is only one exception, that is, when the total number of guesses is small, the present invention is slightly weaker than the 5th order Markov process, and this is due to The g...

Embodiment 3

[0135] The corpus Γ is set to only contain four types of corpus collections such as uppercase letters, lowercase letters, letters and numbers, then the method of the present invention can generate a sequence of brute force guessing rules.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a description, generation and detection method of a corpus product rule for password guessing. The method comprises the following steps: defining constraint conditions of a corpus; describing a corpus product rule; generating a single password corpus product rule for each training password in the training password set, and counting the frequency of different corpus productrules in a rule set generated by the training password set; sorting the corpus product rule set generated by the training password set from high to low by using the efficiency-cost ratio index; selecting a rule from the corpus product rule sequence of which the cost-effectiveness ratio is from high to low according to a password guessing frequency requirement; and detecting the hit rate of the corpus product rule sequence for the test password set. The invention has the advantages that hit rate is high, rule description is clear, the to-be-guessed password set is easily generated subsequentlyon line, and hit rate of the corpus product rule set can be quickly detected.

Description

technical field [0001] The invention relates to the technical field of password guessing, in particular to a method for describing, generating and detecting a corpus product rule for password guessing. Background technique [0002] The basic method of password guessing is to keep trying possible passwords used by the user until the correct password is found, or the guessing is given up when the predetermined number of guesses is reached. Therefore, to improve the efficiency of guessing, it is necessary to give priority to guessing passwords that are more likely to be used by users. Existing password guessing methods mainly include five types: brute force, crushing, Markov process, probabilistic context-free grammar (PCFG), and semantic mode. [0003] The brute force method is the most traditional password guessing method, and its main defect is that the password length that can be guessed is relatively short. Due to the limitation of the total number of guesses, the length...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F16/901G06K9/62G06F21/45
CPCG06F16/9024G06F21/45G06F18/214
Inventor 陈虎颜锐荣
Owner SOUTH CHINA UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap