SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm
Identity authentication is a main line of defense for network security, and passwords have long been the mainstream of identity authentication. In the field of password security research, large-scale password datasets have played an important role in the efficiency evaluation of password attack algo...
Main Authors: | , , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
IEEE
2019-01-01
|
Series: | IEEE Access |
Subjects: | |
Online Access: | https://ieeexplore.ieee.org/document/8879487/ |
id |
doaj-cad943a5d13c400ca62a0b4834316cbd |
---|---|
record_format |
Article |
spelling |
doaj-cad943a5d13c400ca62a0b4834316cbd2021-03-30T00:52:53ZengIEEEIEEE Access2169-35362019-01-01715510715511910.1109/ACCESS.2019.29489758879487SPSR-FSPG: A Fast Simulative Password Set Generation AlgorithmMengli Zhang0https://orcid.org/0000-0002-7411-2561Gang Zhou1Muhammad Khurram Khan2https://orcid.org/0000-0001-6636-0533Saru Kumari3Xuexian Hu4Wenfen Liu5State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, ChinaState Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, ChinaCenter of Excellence in Information Assurance, King Saud University, Riyadh, Saudi ArabiaDepartment of Mathematics, Chaudhary Charan Singh University, Meerut, IndiaState Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, ChinaDepartment of Computer Science and Information Security, Guilin University of Electronic Technology, Guilin, ChinaIdentity authentication is a main line of defense for network security, and passwords have long been the mainstream of identity authentication. In the field of password security research, large-scale password datasets have played an important role in the efficiency evaluation of password attack algorithms, the feasibility detection of password strength meters, and the correction of password probability models. However, due to user privacy, timeliness, effectiveness and other factors, it is still very difficult for researchers to obtain real large-scale user plaintext passwords. Based on this, this paper proposes a fast simulative password set generation algorithm based on structure partitioning and string recombination, denoted as SPSR-FSPG. The algorithm uses the probability context-free grammar to model the structure of the password, and constructs a string generation model based on the recurrent neural network to generate different types of strings, so as to learn the character composition of the password in the original dataset. In addition, the model fully considers the user's password reuse and modification behavior. Finally, the method is verified by experiment on six real Chinese and English password sets. The results show that the generation rate of SPSR-FSPG is faster than other algorithms. In terms of true password coverage, the SPSR-FPSG simulative password set is increased by 11.36% and 17.5, respectively, relative to SPPG and PCFG, and is increased by about 122.73% and 130.3%, respectively, compared to OMEN and 4-Markov. And the fit of the Zipf distribution is maintained at a level above 0.95, it is better than 0.9 of SPPG. At the same time, the SPPR-FPSG simulative password set is closer to the real password set in terms of length and character composition.https://ieeexplore.ieee.org/document/8879487/Password authenticationrecurrent neural networkprobabilistic context-free grammarMarkov chainsimulative samples |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Mengli Zhang Gang Zhou Muhammad Khurram Khan Saru Kumari Xuexian Hu Wenfen Liu |
spellingShingle |
Mengli Zhang Gang Zhou Muhammad Khurram Khan Saru Kumari Xuexian Hu Wenfen Liu SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm IEEE Access Password authentication recurrent neural network probabilistic context-free grammar Markov chain simulative samples |
author_facet |
Mengli Zhang Gang Zhou Muhammad Khurram Khan Saru Kumari Xuexian Hu Wenfen Liu |
author_sort |
Mengli Zhang |
title |
SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm |
title_short |
SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm |
title_full |
SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm |
title_fullStr |
SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm |
title_full_unstemmed |
SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm |
title_sort |
spsr-fspg: a fast simulative password set generation algorithm |
publisher |
IEEE |
series |
IEEE Access |
issn |
2169-3536 |
publishDate |
2019-01-01 |
description |
Identity authentication is a main line of defense for network security, and passwords have long been the mainstream of identity authentication. In the field of password security research, large-scale password datasets have played an important role in the efficiency evaluation of password attack algorithms, the feasibility detection of password strength meters, and the correction of password probability models. However, due to user privacy, timeliness, effectiveness and other factors, it is still very difficult for researchers to obtain real large-scale user plaintext passwords. Based on this, this paper proposes a fast simulative password set generation algorithm based on structure partitioning and string recombination, denoted as SPSR-FSPG. The algorithm uses the probability context-free grammar to model the structure of the password, and constructs a string generation model based on the recurrent neural network to generate different types of strings, so as to learn the character composition of the password in the original dataset. In addition, the model fully considers the user's password reuse and modification behavior. Finally, the method is verified by experiment on six real Chinese and English password sets. The results show that the generation rate of SPSR-FSPG is faster than other algorithms. In terms of true password coverage, the SPSR-FPSG simulative password set is increased by 11.36% and 17.5, respectively, relative to SPPG and PCFG, and is increased by about 122.73% and 130.3%, respectively, compared to OMEN and 4-Markov. And the fit of the Zipf distribution is maintained at a level above 0.95, it is better than 0.9 of SPPG. At the same time, the SPPR-FPSG simulative password set is closer to the real password set in terms of length and character composition. |
topic |
Password authentication recurrent neural network probabilistic context-free grammar Markov chain simulative samples |
url |
https://ieeexplore.ieee.org/document/8879487/ |
work_keys_str_mv |
AT menglizhang spsrfspgafastsimulativepasswordsetgenerationalgorithm AT gangzhou spsrfspgafastsimulativepasswordsetgenerationalgorithm AT muhammadkhurramkhan spsrfspgafastsimulativepasswordsetgenerationalgorithm AT sarukumari spsrfspgafastsimulativepasswordsetgenerationalgorithm AT xuexianhu spsrfspgafastsimulativepasswordsetgenerationalgorithm AT wenfenliu spsrfspgafastsimulativepasswordsetgenerationalgorithm |
_version_ |
1724187743725027328 |