Password detection methods, devices, equipment, storage media, and program products

By employing a dual detection method combining preset extraction rules and detection models, along with multi-task learning and knowledge distillation techniques, the problems of missed and false alarms in weak password detection are solved, achieving highly sensitive and accurate weak password recognition and ensuring system security.

CN119172109BActive Publication Date: 2026-06-30CHINA MOBILE INFORMATION TECHNOLOGY CO LTD +1

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
CHINA MOBILE INFORMATION TECHNOLOGY CO LTD
Filing Date
2024-08-26
Publication Date
2026-06-30

AI Technical Summary

Technical Problem

In existing technologies, dictionary scanning methods have the risk of missing or false positives in weak password detection, which reduces the accuracy of detection.

Method used

Regularized character extraction is performed using preset extraction rules, and dual detection is performed by combining preset detection algorithms and detection models. First, it is compared with a preset password database to determine whether it is a weak password. Then, the preset detection model is used to identify the password type. Teacher and student models are constructed through multi-task learning and knowledge distillation methods for adaptive learning to improve the recognition accuracy.

Benefits of technology

It achieves highly sensitive identification of weak passwords, reduces the possibility of false alarms and missed alarms, significantly improves the identification accuracy, adapts to constantly changing weak password patterns, and ensures system security.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN119172109B_ABST
    Figure CN119172109B_ABST
Patent Text Reader

Abstract

This application discloses a password detection method, apparatus, device, storage medium, and program product. The method includes: acquiring a password to be detected; performing regularized character extraction on the password to be detected using preset extraction rules to obtain a first character set of the password to be detected; performing character detection on the first character set using a first preset detection algorithm to obtain a first detection result; if the first detection result determines that the password is not a weak password, inputting the password to be detected into a preset detection model, and using the preset detection model to perform password type identification on the password to be detected to obtain a second detection result. According to the embodiments of this application, the accuracy of weak password detection can be improved.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application pertains to network security technology, and particularly relates to a password detection method, apparatus, device, storage medium, and program product. Background Technology

[0002] Weak passwords are a type of password with low security that is easy to guess or crack. When logging into a software system using a weak password, it is usually easily cracked by attackers using brute-force tools or dictionary attacks.

[0003] Currently, in order to reduce the occurrence of weak passwords, weak password detection methods are usually configured in software systems to remind users that the passwords they set are weak. Among related technologies, dictionary scanning is a commonly used weak password detection method. Dictionary scanning usually involves traversing the existing password dictionary and using it as a password to try to log in to the software system. If the login is successful, it means that the password is weak.

[0004] In the aforementioned related technologies, the process of traversing and searching through the password dictionary results in a large amount of scanned data, which poses a risk of missed or false alarms and reduces the accuracy of password detection. Summary of the Invention

[0005] This application provides a password detection method, apparatus, device, storage medium, and program product that can improve the accuracy of weak password detection.

[0006] On the one hand, embodiments of this application provide a password detection method, the method including:

[0007] Obtain the password to be tested;

[0008] The password to be detected is extracted using regularized characters according to preset extraction rules to obtain the first character set of the password to be detected.

[0009] The first character set is detected using a first preset detection algorithm to obtain a first detection result;

[0010] If the first detection result determines that the password is not weak, the password to be detected is input into a preset detection model, and the password type is identified by the preset detection model to obtain a second detection result.

[0011] Optionally, the step of performing character detection on the first character set using a first preset detection algorithm to obtain a first detection result includes:

[0012] The first preset detection algorithm is used to traverse the preset character library to obtain the second character set. The preset character library is used to store characters for preset weak passwords.

[0013] Compare the first character set with the second character set to determine the character similarity.

[0014] If the character similarity is less than or equal to a preset similarity, the first detection result is determined to be not a weak password.

[0015] Optionally, the preset detection model includes a teacher model and a student model. Before using the student model of the preset detection model to perform password type recognition on the password to be detected and obtain the recognition result, the method further includes:

[0016] The preset basic detection model is fine-tuned to obtain the first detection model;

[0017] Obtain a first training sample set, which includes preset passwords and their corresponding preset password types, as well as preset password tasks and their corresponding preset task types.

[0018] A teacher model is constructed based on the first basic detection model. The preset password and preset password task are taken as inputs, and the preset task type and preset password type are taken as outputs. The first basic detection model is trained to obtain a trained teacher model.

[0019] A student model is constructed based on the first basic detection model. The prediction results of the teacher model are used as input, and the preset password type and preset task type are used as output. The student model is trained to obtain a well-trained student model.

[0020] Optionally, the step of fine-tuning the preset basic detection model to obtain the first basic detection model includes:

[0021] The first preset fine-tuning application is used to fine-tune the preset basic model to obtain the second basic detection model;

[0022] The second basic detection model is obtained by fine-tuning the second basic detection model using the second preset fine-tuning method.

[0023] Optionally, the step of constructing a teacher model based on the first basic detection model involves taking the preset password and preset password task as inputs, and the preset task type and preset password type as outputs, respectively, to train the first basic detection model to obtain a trained teacher model, including:

[0024] The preset password and preset password task are input into the teacher model to obtain the predicted password type and predicted task type;

[0025] The first loss function value is determined based on the predicted password type and the preset password type;

[0026] The second loss function value is determined based on the predicted task type and the preset task type;

[0027] Calculate the total loss function value based on the first loss function value and the second loss function value;

[0028] If the total loss function value does not meet the preset convergence condition, the model parameters of the teacher model are adjusted until the total loss function value meets the preset convergence condition, thus obtaining a trained teacher model.

[0029] Optionally, after the student model using the preset detection model performs password type recognition on the password to be detected and obtains the second detection result, the method further includes:

[0030] If the first detection result determines that the password is weak or the second detection result determines that the password is weak, an interception instruction is generated, which is used to prevent the user from logging in;

[0031] Alarm repair information is generated based on the interception command.

[0032] Optionally, after using the preset detection model to identify the password type of the password to be detected and obtaining the second detection result, the method further includes:

[0033] Based on the password to be detected and the second detection result, the preset detection model is iteratively trained to obtain a new preset detection model.

[0034] On the other hand, embodiments of this application provide a password detection device, the device comprising:

[0035] The module retrieves the password to be tested.

[0036] The extraction module is used to extract regularized characters from the password to be detected using preset extraction rules to obtain a first character set of the password to be detected;

[0037] The first detection module is used to perform character detection on the first character set using a first preset detection algorithm to obtain a first detection result;

[0038] The second detection module is used to input the password to be detected into a preset detection model when the first detection result determines that it is not a weak password, and to use the preset detection model to identify the password type of the password to be detected to obtain a second detection result.

[0039] In another aspect, embodiments of this application provide an electronic device, the device comprising: a processor and a memory storing computer program instructions;

[0040] When the processor executes the computer program instructions, it implements the password detection method as described in the first aspect.

[0041] In another aspect, embodiments of this application provide a computer storage medium on which computer program instructions are stored, and when executed by a processor, the computer program instructions implement the password detection method as described in the first aspect.

[0042] In another aspect, embodiments of this application provide a computer program product in which instructions, when executed by a processor of an electronic device, cause the electronic device to perform the password detection method as described in the first aspect.

[0043] The password detection method, apparatus, device, and computer storage medium of this application embodiment can first perform a password detection by comparing it with a preset password database when a user logs in with the password to be detected, to determine whether the password to be detected is a weak password. If the password to be detected is not a weak password, a preset detection model is used to perform a second identification of the password to be detected. When using the preset detection model for password identification and analysis, it can achieve high-sensitivity identification of weak passwords through analysis of the password to be detected. Furthermore, through the adaptive learning of the preset detection model, it can adapt to constantly changing weak passwords, reducing the possibility of false alarms and missed alarms, and significantly improving the identification accuracy. Attached Figure Description

[0044] To more clearly illustrate the technical solutions of the embodiments of this application, the accompanying drawings used in the embodiments of this application will be briefly introduced below. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0045] Figure 1 This is a flowchart illustrating a password detection method provided in one embodiment of this application;

[0046] Figure 2 This is a flowchart illustrating a first-ever password detection method for detecting passwords to be detected, provided in one embodiment of this application.

[0047] Figure 3 This is a flowchart illustrating a training method for a preset detection model provided in one embodiment of this application;

[0048] Figure 4 This is a schematic diagram of the structure of a password detection device provided in another embodiment of this application;

[0049] Figure 5 This is a schematic diagram of the structure of an electronic device provided in another embodiment of this application. Detailed Implementation

[0050] The features and exemplary embodiments of various aspects of this application will be described in detail below. To make the objectives, technical solutions, and advantages of this application clearer, the application will be further described in detail below with reference to the accompanying drawings and specific embodiments. It should be understood that the specific embodiments described herein are only intended to explain this application and not to limit it. For those skilled in the art, this application can be implemented without some of these specific details. The following description of the embodiments is merely to provide a better understanding of this application by illustrating examples.

[0051] It should be noted that, in this document, relational terms such as "first" and "second" are used merely to distinguish one entity or operation from another, and do not necessarily require or imply any such actual relationship or order between these entities or operations. Furthermore, the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such a process, method, article, or apparatus. Without further limitations, an element defined by the phrase "comprising..." does not exclude the presence of additional identical elements in the process, method, article, or apparatus that includes the element.

[0052] To address the problems in the prior art, embodiments of this application provide a password detection method, apparatus, device, storage medium, and program product.

[0053] When a user logs in with a password to be detected, the system first performs a password detection by comparing it with a preset password database to determine if the password is weak. If the password is not weak, the system uses a preset detection model for a second identification. By using the preset detection model for password identification and analysis, the system can achieve highly sensitive identification of weak passwords. Furthermore, the adaptive learning of the preset detection model can adapt to constantly changing weak passwords, reducing the possibility of false positives and false negatives, and significantly improving the identification accuracy.

[0054] The password detection method provided in the embodiments of this application will be introduced first below.

[0055] Figure 1 A flowchart illustrating a password detection method according to an embodiment of this application is shown. Figure 1 As shown, the password detection method may include the following steps S101-S104:

[0056] S101, Obtain the password to be tested.

[0057] In one embodiment, in order to obtain the password to be tested set by the user during registration or login, an agent program is deployed on the server and then linked with the driver background to realize the security baseline verification of the middleware and database in the server, while obtaining the password to be tested when the user registered.

[0058] In this embodiment, the deployment process can automatically maintain the server asset list, saving security personnel time and costs, quickly performing security checks on the server, and obtaining the password to be tested under secure conditions, so that the obtained password to be tested can be excluded from other dangers, such as being intercepted and modified when the user enters the password to be tested.

[0059] It is understandable that the password to be tested can be the password entered when a user registers a system account, or the password to be tested when logging into the middleware; there are no restrictions here.

[0060] S102, use preset extraction rules to perform regular character extraction on the password to be detected, and obtain the first character set of the password to be detected.

[0061] In this embodiment, after obtaining the password to be detected, in order to facilitate the determination of whether the password to be detected is a weak password, it is necessary to use a preset extraction rule to extract characters from the password to be detected, so as to facilitate the detection of the password to be detected through the first character set.

[0062] In one specific embodiment, the preset extraction rule can be a regular expression extraction rule, that is, the regularized characters of the password to be detected are extracted according to the regular expression method, the password to be detected is located in the form of ordinary characters and special characters, and a first character set corresponding to the password to be detected is formed by setting qualifiers and anchors.

[0063] S103, use the first preset detection algorithm to perform character detection on the first character set to obtain the first detection result.

[0064] Reference Figure 2 In one specific embodiment, S103 may specifically include the following steps:

[0065] S1031, use the first preset detection algorithm to traverse the preset character library to obtain the second character set;

[0066] S1032, compare the characters of the first character set with the second character set, and calculate the character similarity.

[0067] S1033, if the character similarity is less than or equal to the preset similarity, the first detection result is determined to be not a weak password.

[0068] In this embodiment, when performing the first detection on the password to be detected, the first preset detection algorithm is used to traverse the preset character library to obtain the second character set. The preset character library is used to store the characters of the preset weak passwords. The preset character library is constructed based on historical weak passwords, such as "111, 222, 000, 123". Then, the characters corresponding to these weak passwords are extracted and stored in the preset character library to facilitate the detection of the password to be detected according to the first preset detection algorithm.

[0069] Since weak passwords are not limited to simple repeated numbers, but also include combinations of simple numbers and letters, and each weak password's corresponding first character set contains multiple characters, the number of characters in the same position between the first character set and the second character set is searched to calculate the character similarity. Then, the character similarity is compared with a preset similarity. If the character similarity is less than or equal to the preset similarity, it indicates that the password to be detected is not a weak password; if the character similarity is greater than the preset similarity, then the password to be detected is a weak password.

[0070] As an example, the preset similarity can be either 80% or 85%, and no limit is specified here.

[0071] It is worth noting that the first preset detection algorithm can be an Aspect Oriented Programming (AOP) detection algorithm.

[0072] S104, if the first detection result determines that the password to be detected is not a weak password, the password to be detected is input into the preset detection model, and the preset detection model is used to identify the password type of the password to be detected to obtain the second detection result.

[0073] In this embodiment, when the password to be detected is detected in the first round using the AOP detection algorithm, in order to ensure the accuracy of the detection results, the password to be detected is input into the preset detection model, and the preset detection model is used to detect the password to be detected again, reducing the possibility of missed or false detections due to the AOP detection algorithm. At the same time, since attackers will continuously damage the system using weak passwords, the high sensitivity of the preset detection model to identify weak passwords can adapt to constantly changing attack patterns. In addition, when logging into the middleware with a weak password, the preset detection model can also identify and adapt to the data patterns and behavioral patterns held in the middleware environment.

[0074] When a user logs in with a password to be detected, the system first performs a password detection by comparing it with a preset password database to determine if the password is weak. If the password is not weak, the system uses a preset detection model for a second identification. By using the preset detection model for password identification and analysis, the system can achieve highly sensitive identification of weak passwords. Furthermore, the adaptive learning of the preset detection model can adapt to constantly changing weak passwords, reducing the possibility of false positives and false negatives, and significantly improving the identification accuracy.

[0075] Reference Figure 3 In order to enable the preset detection model to be context-aware and to identify weak passwords and perform password tasks, the following steps may be included after S104:

[0076] S1041, Fine-tune the preset basic detection model to obtain the first detection model;

[0077] S1042, Obtain the first training sample set, which includes preset passwords and their corresponding preset password types, as well as preset password tasks and their corresponding preset task types.

[0078] S1043, Construct a teacher model based on the first basic detection model, taking the preset password and preset password task as inputs, and the preset task type and preset password type as outputs, respectively, to train the first basic detection model and obtain the trained teacher model;

[0079] S1044: Based on the first basic detection model, a student model is constructed. The prediction results of the teacher model are used as input, and the preset password type and preset task type are used as output to train the student model and obtain a trained student model.

[0080] In this embodiment, when logging into the system using a weak password, middleware is required to verify the password. At this time, the middleware records the user's behavior, such as logging in, accessing, and modifying, and then uses a preset detection model to detect whether the user's behavior is abnormal, that is, whether the password task is abnormal, including the number of times the user failed to log in, the access frequency, and the access path.

[0081] As an example, the preset basic detection model adopts the chatGLM model. In order to enable the preset detection model to better identify passwords and detect weak password behavior, it can not only ensure the security of the middleware from the perspective of password identification, but also maintain the security of user information. In this embodiment, multi-task learning and knowledge distillation methods are used to construct the preset detection model. This not only ensures the accuracy of password identification, but also completes the password task identification while identifying the password, thus ensuring the security of user information.

[0082] Specifically, building a teacher model can handle complex tasks, and it can also use knowledge distillation technology to build a student model by distillation temperature, optimize the model structure, and transform complex models into simpler and more intuitive models, thereby improving the efficiency of password detection and password task recognition and reducing resource consumption.

[0083] In this embodiment, a teacher model can be constructed that can simultaneously detect passwords and recognize passwords. By performing knowledge distillation on the password detection and password task recognition respectively, a student model for password detection and a student model for password task recognition are obtained, thereby completing the second recognition of password detection and the detection of password task recognition.

[0084] In one embodiment, in order for the preset detection model to quickly recognize passwords in the middleware security domain, it is necessary to pre-train the preset basic model so that the preset basic model can clearly define the detection task and achieve context awareness. After completing the pre-training, in order to make the preset detection model more accurate, it is also necessary to perform fine-tuning training to ensure recognition accuracy. Therefore, the preset basic detection model is fine-tuned to obtain the first detection model, which may specifically include:

[0085] The first preset fine-tuning application is used to fine-tune the preset basic model to obtain the second basic detection model;

[0086] The second basic detection model is obtained by fine-tuning the second basic detection model using the second preset fine-tuning method.

[0087] In this embodiment, as an example, the first preset fine-tuning application can be a P-Tuning application or a P-Turning V2 application, and the second preset fine-tuning application can be a LoRA application.

[0088] It is worth noting that, firstly, the preset base model is fine-tuned using the first preset fine-tuning application to obtain the first base detection model. That is, the P-Tuning application introduces additional fine-tuning parameters without changing the ChatGLM main model. Then, the first preset fine-tuning model is fine-tuned using these fine-tuning parameters to obtain the first base model. It should be understood that the P-Tuning application is a black-box adjustment, so when adjusting the fine-tuning parameters, it is only necessary to meet the fine-tuning purpose, which can be to achieve faster recognition and detection.

[0089] In another embodiment, the second basic detection model is fine-tuned a second time using a second preset fine-tuning application to obtain a first basic detection model. It can be understood that the LoRA application can fine-tune the structure of each layer of the second basic detection model, that is, add a low-rank update matrix to each layer, thereby adjusting the weights of the second basic detection model so that the obtained first basic detection model can more accurately identify weak passwords and password tasks.

[0090] In one embodiment, S1043 may specifically include the following steps:

[0091] Input the preset password and preset password task into the teacher model to obtain the predicted password type and predicted task type;

[0092] The first loss function value is determined based on the predicted password type and the preset password type;

[0093] The value of the second loss function is determined based on the predicted task type and the preset task type;

[0094] The total loss function value is calculated based on the first and second loss function values.

[0095] If the total loss function value does not meet the preset convergence condition, the model parameters of the teacher model are adjusted until the total loss function value meets the preset convergence condition, thus obtaining a trained teacher model.

[0096] In this embodiment, when training the first basic detection model based on multi-task learning and knowledge distillation algorithms, the first basic detection model is trained to perform multi-task detection, that is, the trained teacher model can simultaneously handle password detection and password task recognition.

[0097] As an example, the multi-task loss function for training in multi-task learning can be expressed as: L = ∑i=1nαiLi, where Li is the loss function of the i-th task and αi is the task weight.

[0098] By continuously adjusting the loss function, the performance of the preset detection model on multiple security tasks can be improved.

[0099] In another optional embodiment, when training the teacher model, since the teacher model needs to handle multiple detection tasks simultaneously, the corresponding total loss function value needs to be determined by the first loss function value and the second loss function value. It is worth noting that the first loss function value can be determined based on the predicted password type and the preset password type, and the second loss function value can be determined based on the predicted task type and the preset task type. Both the first loss function value and the second loss function value are calculated using the cross-entropy loss function.

[0100] After training the teacher model using the above training method, the distillation temperature T is obtained using the knowledge distillation algorithm. As an example, the distillation temperature T can include password detection and password task recognition. The student model is trained using the distillation temperature T, taking the preset password and preset password task of the teacher model as input, and the preset task type and preset password type as output, to obtain the trained student model.

[0101] In this embodiment, the teacher model and student model are obtained through the above training method, and the optimization objective of the preset detection model can be obtained, which is expressed as:

[0102] LKD=(1-α)LCE(y,S(x))+αT(x)logS(x)

[0103] Where LKD is the optimization objective, LCE is the cross-entropy loss, T and S are the teacher network and student network, respectively, and α is the task weight.

[0104] In this embodiment, in the field of middleware security, by combining multi-task learning and knowledge distillation algorithms, it is possible to achieve efficient training and lightweight deployment of the preset detection model in password detection and password task recognition, thereby enabling rapid and accurate identification of weak passwords and improving the accuracy of password detection.

[0105] In another optional embodiment, since the password detection is divided into two detections, if the first detection result determines that the password is weak or the second detection result determines that the password is weak, an interception instruction is generated, which is used to prevent the user from logging in.

[0106] Alarm information is generated based on the interception command.

[0107] In this embodiment, regardless of whether the user uses the password to be detected for login or registration, once a weak password is identified, an interception command will be generated to prevent the user from using the password to be detected for login or registration, thereby protecting user information and improving system security.

[0108] In another optional embodiment, to make the preset detection model more accurate, after S104, the following may be included:

[0109] The preset detection model is iteratively trained based on the password to be detected and the second detection result to obtain a new preset detection model.

[0110] In this embodiment, in order to improve the accuracy of the preset detection algorithm, after each password to be detected is identified, the password to be detected is used as a training sample to train the preset detection password, and the preset detection model is continuously iterated to ensure that the preset detection model is continuously updated as the threat evolves and to ensure long-term effectiveness.

[0111] Reference Figure 4 This application embodiment also provides a password detection device 400, which may include:

[0112] Module 401 retrieves the password to be tested;

[0113] Extraction module 402 is used to extract regularized characters from the password to be detected using preset extraction rules to obtain the first character set of the password to be detected;

[0114] The first detection module 403 is used to perform character detection on the first character set using a first preset detection algorithm to obtain a first detection result;

[0115] The second detection module 404 is used to input the password to be detected into the preset detection model when the first detection result determines that it is not a weak password, and to use the preset detection model to identify the password type of the password to be detected to obtain the second detection result.

[0116] As an optional implementation, the first detection module 403 may further include:

[0117] The traversal unit is used to traverse the preset character library using the first preset detection algorithm to obtain the second character set. The preset character library is used to store the characters of the preset weak password.

[0118] The comparison unit is used to compare characters in the first character set with the second character set and to determine character similarity.

[0119] The determining unit is used to determine the first detection result as not a weak password when the character similarity is less than or equal to a preset similarity.

[0120] As an optional implementation, the second detection module 404 may further include:

[0121] The fine-tuning unit is used to fine-tune the preset basic detection model to obtain the first detection model.

[0122] The acquisition unit is used to acquire a first training sample set, which includes a preset password and its corresponding preset password type, as well as a preset password task and its corresponding preset task type.

[0123] The first construction unit is used to build a teacher model based on the first basic detection model. It takes a preset password and a preset password task as input, and a preset task type and a preset password type as output to train the first basic detection model and obtain a trained teacher model.

[0124] The second building unit is used to build a student model based on the first basic detection model. It takes the prediction results of the teacher model as input, and preset password type and preset task type as output to train the student model and obtain a trained student model.

[0125] As an optional implementation, the fine-tuning unit can specifically be used for:

[0126] The first preset fine-tuning application is used to fine-tune the preset basic model to obtain the second basic detection model;

[0127] The second basic detection model is obtained by fine-tuning the second basic detection model using the second preset fine-tuning method.

[0128] As an alternative implementation, the first building unit can also be used for:

[0129] Input the preset password and preset password task into the teacher model to obtain the predicted password type and predicted task type;

[0130] The first loss function value is determined based on the predicted password type and the preset password type;

[0131] The value of the second loss function is determined based on the predicted task type and the preset task type;

[0132] The total loss function value is calculated based on the first and second loss function values.

[0133] If the total loss function value does not meet the preset convergence condition, the model parameters of the teacher model are adjusted until the total loss function value meets the preset convergence condition, thus obtaining a trained teacher model.

[0134] As an optional implementation, the second detection module 404 can also be used for:

[0135] If the first detection result determines that the password is weak, or if the second detection result determines that the password is weak, an interception command is generated to prevent the user from logging in.

[0136] Alarm repair information is generated based on the interception command.

[0137] As an optional implementation, the second detection module 404 can also be used for:

[0138] The preset detection model is iteratively trained based on the password to be detected and the second detection result to obtain a new preset detection model.

[0139] Figure 5 A schematic diagram of the hardware structure of the electronic device provided in an embodiment of this application is shown.

[0140] An electronic device may include a processor 501 and a memory 502 storing computer program instructions.

[0141] Specifically, the processor 501 may include a central processing unit (CPU), an application specific integrated circuit (ASIC), or one or more integrated circuits that can be configured to implement the embodiments of this application.

[0142] Memory 502 may include mass storage for data or instructions. For example, and not limitingly, memory 502 may include a hard disk drive (HDD), floppy disk drive, flash memory, optical disk, magneto-optical disk, magnetic tape, or Universal Serial Bus (USB) drive, or a combination of two or more of these. In one instance, memory 602 may include removable or non-removable (or fixed) media, or memory 602 may be non-volatile solid-state memory. Memory 502 may be internal or external to the integrated gateway disaster recovery device.

[0143] In one instance, memory 502 may be read-only memory (ROM). In one instance, the ROM may be a mask-programmed ROM, a programmable ROM (PROM), an erasable PROM (EPROM), an electrically erasable PROM (EEPROM), an electrically rewritable ROM (EAROM), or flash memory, or a combination of two or more of these.

[0144] Memory 502 may include read-only memory (ROM), random access memory (RAM), disk storage media device, optical storage media device, flash memory device, electrical, optical, or other physical / tangible memory storage device. Therefore, typically, memory includes one or more tangible (non-transitory) computer-readable storage media (e.g., memory devices) encoded with software including computer-executable instructions, and when the software is executed (e.g., by one or more processors), it is operable to perform the operations described with reference to the video query method according to the first aspect of this disclosure.

[0145] The processor 501 reads and executes computer program instructions stored in the memory 502 to achieve... Figure 1 A password detection method is shown in the embodiment.

[0146] In one example, the electronic device may also include a communication interface 503 and a bus 504. For example, Figure 5As shown, the processor 501, memory 502, and communication interface 503 are connected through bus 504 and complete communication with each other.

[0147] The communication interface 503 is mainly used to realize communication between various modules, devices, units and / or equipment in the embodiments of this application.

[0148] Bus 504 includes hardware, software, or both, that couples components of an electronic device together. For example, and not limitingly, the bus may include an Accelerated Graphics Port (AGP) or other graphics bus, an Extended Industry Standard Architecture (EISA) bus, a Front Side Bus (FSB), a Hyper Transport (HT) interconnect, an Industry Standard Architecture (ISA) bus, an Infinite Bandwidth Interconnect, a Low Pin Count (LPC) bus, a memory bus, a Microchannel Architecture (MCA) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-Express (PCI-X) bus, a Serial Advanced Technology Attachment (SATA) bus, a Video Electronics Standards Association Local (VLB) bus, or other suitable buses, or combinations of two or more of these. Where appropriate, bus 504 may include one or more buses. Although specific buses are described and illustrated in embodiments of this application, this application contemplates any suitable bus or interconnect.

[0149] The electronic device can execute the password detection method in the embodiments of this application, thereby achieving a combination of Figures 1-4 The password detection method and apparatus described.

[0150] In addition, in conjunction with the password detection methods in the above embodiments, this application embodiment can provide a computer storage medium for implementation. The computer storage medium stores computer program instructions; when these computer program instructions are executed by a processor, they implement any of the password detection methods in the above embodiments.

[0151] In an optional embodiment, in conjunction with the password detection methods in the above embodiments, this application embodiment can provide a computer program product to implement the method. The instructions in the computer program product are executed by the processor of the electronic device, enabling the electronic device to implement any of the password detection methods in the above embodiments.

[0152] It should be clarified that this application is not limited to the specific configurations and processes described above and shown in the figures. For the sake of brevity, detailed descriptions of known methods are omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method process of this application is not limited to the specific steps described and shown. Those skilled in the art can make various changes, modifications, and additions, or change the order of steps, after understanding the spirit of this application.

[0153] The functional blocks shown in the above block diagram can be implemented as hardware, software, firmware, or a combination thereof. When implemented in hardware, they can be, for example, electronic circuits, application-specific integrated circuits (ASICs), appropriate firmware, plug-ins, function cards, etc. When implemented in software, the elements of this application are programs or code segments used to perform the required tasks. Programs or code segments can be stored on a machine-readable medium or transmitted over a transmission medium or communication link via data signals carried on a carrier wave. "Machine-readable medium" can include any medium capable of storing or transmitting information. Examples of machine-readable media include electronic circuits, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, radio frequency (RF) links, etc. Code segments can be downloaded via computer networks such as the Internet, intranets, etc.

[0154] It should also be noted that the exemplary embodiments mentioned in this application describe methods or systems based on a series of steps or apparatus. However, this application is not limited to the order of the above steps; that is, the steps can be performed in the order mentioned in the embodiments, or in a different order, or several steps can be performed simultaneously.

[0155] The aspects of this disclosure have been described above with reference to flowchart illustrations and / or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of this disclosure. It should be understood that each block in the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, a special-purpose computer, or other programmable data processing apparatus to produce a machine such that these instructions, executable via the processor of the computer or other programmable data processing apparatus, enable the implementation of the functions / actions specified in one or more blocks of the flowchart illustrations and / or block diagrams. Such a processor can be, but is not limited to, a general-purpose processor, a special-purpose processor, a special application processor, or a field-programmable logic circuit. It is also understood that each block in the block diagrams and / or flowcharts, and combinations of blocks in the block diagrams and / or flowcharts, can also be implemented by special-purpose hardware performing the specified functions or actions, or can be implemented by a combination of special-purpose hardware and computer instructions.

[0156] The above are merely specific embodiments of this application. Those skilled in the art will clearly understand that, for the sake of convenience and brevity, the specific working processes of the systems, modules, and units described above can be referred to the corresponding processes in the foregoing method embodiments, and will not be repeated here. It should be understood that the protection scope of this application is not limited thereto. Any person skilled in the art can easily conceive of various equivalent modifications or substitutions within the technical scope disclosed in this application, and these modifications or substitutions should all be covered within the protection scope of this application.

Claims

1. A password detection method, characterized in that, include: Obtain the password to be detected and the corresponding behavioral information, including the number of times the user failed to log in, the access frequency, and the access path; The password to be detected is extracted using regularized characters according to preset extraction rules to obtain the first character set of the password to be detected. The first character set is detected using a first preset detection algorithm to obtain a first detection result; If the first detection result determines that the password is not weak, the password to be detected and the behavior information are input into a preset detection model. The preset detection model is used to identify the password type and password task of the password to be detected and the behavior information to obtain a second detection result. The preset detection model includes a teacher model and a student model. Before using the student model of the preset detection model to perform password type recognition on the password to be detected and obtain the recognition result, the method further includes: The preset basic detection model is fine-tuned to obtain the first basic detection model; Obtain a first training sample set, which includes preset passwords and their corresponding preset password types, as well as preset password tasks and their corresponding preset task types. A teacher model is constructed based on the first basic detection model. The preset password and preset password task are taken as inputs, and the preset task type and preset password type are taken as outputs. The first basic detection model is trained to obtain a trained teacher model. A student model is constructed based on the first basic detection model. The prediction results of the teacher model are used as input, and the preset password type and preset task type are used as output. The student model is then trained to obtain a trained student model. The training process of the teacher model includes: The preset password and preset password task are input into the teacher model to obtain the predicted password type and predicted task type; The first loss function value is determined based on the predicted password type and the preset password type; The second loss function value is determined based on the predicted task type and the preset task type; Calculate the total loss function value based on the first loss function value and the second loss function value; If the total loss function value does not meet the preset convergence condition, the model parameters of the teacher model are adjusted until the total loss function value meets the preset convergence condition, thus obtaining a trained teacher model.

2. The method according to claim 1, characterized in that, The step of using a first preset detection algorithm to perform character detection on the first character set to obtain a first detection result includes: The first preset detection algorithm is used to traverse the preset character library to obtain the second character set. The preset character library is used to store characters for preset weak passwords. Compare the first character set with the second character set to determine the character similarity. If the character similarity is less than or equal to a preset similarity, the first detection result is determined to be not a weak password.

3. The method according to claim 1, characterized in that, The step of fine-tuning the preset basic detection model to obtain the first basic detection model includes: The first preset fine-tuning application is used to fine-tune the preset basic model to obtain the second basic detection model; The second basic detection model is obtained by fine-tuning the second basic detection model using the second preset fine-tuning method.

4. The method according to claim 1, characterized in that, After using the preset detection model to identify the password type and password task of the password to be detected and obtaining the second detection result, the method further includes: If the first detection result determines that the password is weak or the second detection result determines that the password is weak, an interception instruction is generated, which is used to prevent the user from logging in; Alarm repair information is generated based on the interception command.

5. The method according to any one of claims 1-4, characterized in that, After using the preset detection model to identify the password type of the password to be detected and obtaining the second detection result, the method further includes: Based on the password to be detected and the second detection result, the preset detection model is iteratively trained to obtain a new preset detection model.

6. A password detection device, characterized in that, The device includes: The acquisition module acquires the password to be detected and the corresponding behavioral information, including the number of times the user failed to log in, the access frequency, and the access path. The extraction module is used to extract regularized characters from the password to be detected using preset extraction rules to obtain a first character set of the password to be detected; The first detection module is used to perform character detection on the first character set using a first preset detection algorithm to obtain a first detection result; The second detection module is used to input the password to be detected and the behavior information into a preset detection model when the first detection result determines that it is not a weak password, and to use the preset detection model to identify the password type and password task of the password to be detected and the behavior information to obtain a second detection result. The second detection module also includes: The fine-tuning unit is used to fine-tune the preset basic detection model to obtain the first basic detection model. The acquisition unit is used to acquire a first training sample set, which includes a preset password and its corresponding preset password type, as well as a preset password task and its corresponding preset task type. The first construction unit is used to construct a teacher model based on the first basic detection model. It takes the preset password and preset password task as input, and the preset task type and preset password type as output, respectively, to train the first basic detection model and obtain the trained teacher model. The second construction unit is used to build a student model based on the first basic detection model. It takes the prediction results of the teacher model as input and preset password type and preset task type as output to train the student model and obtain a trained student model. The first building block is used during the training of the teacher model to: The preset password and preset password task are input into the teacher model to obtain the predicted password type and predicted task type; The first loss function value is determined based on the predicted password type and the preset password type; The second loss function value is determined based on the predicted task type and the preset task type; Calculate the total loss function value based on the first loss function value and the second loss function value; If the total loss function value does not meet the preset convergence condition, the model parameters of the teacher model are adjusted until the total loss function value meets the preset convergence condition, thus obtaining a trained teacher model.

7. An electronic device, characterized in that, The device includes: a processor and a memory storing computer program instructions; When the processor executes the computer program instructions, it implements the password detection method as described in any one of claims 1-5.

8. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores computer program instructions, which, when executed by a processor, implement the password detection method as described in any one of claims 1-5.

9. A computer program product, characterized in that, When the instructions in the computer program product are executed by the processor of the electronic device, the electronic device performs the password detection method as described in any one of claims 1-5.