SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm

SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm

Identity authentication is a main line of defense for network security, and passwords have long been the mainstream of identity authentication. In the field of password security research, large-scale password datasets have played an important role in the efficiency evaluation of password attack algo...

Full description

Bibliographic Details
Main Authors: Mengli Zhang, Gang Zhou, Muhammad Khurram Khan, Saru Kumari, Xuexian Hu, Wenfen Liu
Format: Article
Language:English
Published: IEEE 2019-01-01
Series:IEEE Access
Subjects:
Password authentication
recurrent neural network
probabilistic context-free grammar
Markov chain
simulative samples
Online Access:https://ieeexplore.ieee.org/document/8879487/
id doaj-cad943a5d13c400ca62a0b4834316cbd
record_format Article
spelling doaj-cad943a5d13c400ca62a0b4834316cbd2021-03-30T00:52:53ZengIEEEIEEE Access2169-35362019-01-01715510715511910.1109/ACCESS.2019.29489758879487SPSR-FSPG: A Fast Simulative Password Set Generation AlgorithmMengli Zhang0https://orcid.org/0000-0002-7411-2561Gang Zhou1Muhammad Khurram Khan2https://orcid.org/0000-0001-6636-0533Saru Kumari3Xuexian Hu4Wenfen Liu5State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, ChinaState Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, ChinaCenter of Excellence in Information Assurance, King Saud University, Riyadh, Saudi ArabiaDepartment of Mathematics, Chaudhary Charan Singh University, Meerut, IndiaState Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, ChinaDepartment of Computer Science and Information Security, Guilin University of Electronic Technology, Guilin, ChinaIdentity authentication is a main line of defense for network security, and passwords have long been the mainstream of identity authentication. In the field of password security research, large-scale password datasets have played an important role in the efficiency evaluation of password attack algorithms, the feasibility detection of password strength meters, and the correction of password probability models. However, due to user privacy, timeliness, effectiveness and other factors, it is still very difficult for researchers to obtain real large-scale user plaintext passwords. Based on this, this paper proposes a fast simulative password set generation algorithm based on structure partitioning and string recombination, denoted as SPSR-FSPG. The algorithm uses the probability context-free grammar to model the structure of the password, and constructs a string generation model based on the recurrent neural network to generate different types of strings, so as to learn the character composition of the password in the original dataset. In addition, the model fully considers the user's password reuse and modification behavior. Finally, the method is verified by experiment on six real Chinese and English password sets. The results show that the generation rate of SPSR-FSPG is faster than other algorithms. In terms of true password coverage, the SPSR-FPSG simulative password set is increased by 11.36% and 17.5, respectively, relative to SPPG and PCFG, and is increased by about 122.73% and 130.3%, respectively, compared to OMEN and 4-Markov. And the fit of the Zipf distribution is maintained at a level above 0.95, it is better than 0.9 of SPPG. At the same time, the SPPR-FPSG simulative password set is closer to the real password set in terms of length and character composition.https://ieeexplore.ieee.org/document/8879487/Password authenticationrecurrent neural networkprobabilistic context-free grammarMarkov chainsimulative samples
collection DOAJ
language English
format Article
sources DOAJ
author Mengli Zhang
Gang Zhou
Muhammad Khurram Khan
Saru Kumari
Xuexian Hu
Wenfen Liu
spellingShingle Mengli Zhang
Gang Zhou
Muhammad Khurram Khan
Saru Kumari
Xuexian Hu
Wenfen Liu
SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm
IEEE Access
Password authentication
recurrent neural network
probabilistic context-free grammar
Markov chain
simulative samples
author_facet Mengli Zhang
Gang Zhou
Muhammad Khurram Khan
Saru Kumari
Xuexian Hu
Wenfen Liu
author_sort Mengli Zhang
title SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm
title_short SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm
title_full SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm
title_fullStr SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm
title_full_unstemmed SPSR-FSPG: A Fast Simulative Password Set Generation Algorithm
title_sort spsr-fspg: a fast simulative password set generation algorithm
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2019-01-01
description Identity authentication is a main line of defense for network security, and passwords have long been the mainstream of identity authentication. In the field of password security research, large-scale password datasets have played an important role in the efficiency evaluation of password attack algorithms, the feasibility detection of password strength meters, and the correction of password probability models. However, due to user privacy, timeliness, effectiveness and other factors, it is still very difficult for researchers to obtain real large-scale user plaintext passwords. Based on this, this paper proposes a fast simulative password set generation algorithm based on structure partitioning and string recombination, denoted as SPSR-FSPG. The algorithm uses the probability context-free grammar to model the structure of the password, and constructs a string generation model based on the recurrent neural network to generate different types of strings, so as to learn the character composition of the password in the original dataset. In addition, the model fully considers the user's password reuse and modification behavior. Finally, the method is verified by experiment on six real Chinese and English password sets. The results show that the generation rate of SPSR-FSPG is faster than other algorithms. In terms of true password coverage, the SPSR-FPSG simulative password set is increased by 11.36% and 17.5, respectively, relative to SPPG and PCFG, and is increased by about 122.73% and 130.3%, respectively, compared to OMEN and 4-Markov. And the fit of the Zipf distribution is maintained at a level above 0.95, it is better than 0.9 of SPPG. At the same time, the SPPR-FPSG simulative password set is closer to the real password set in terms of length and character composition.
topic Password authentication
recurrent neural network
probabilistic context-free grammar
Markov chain
simulative samples
url https://ieeexplore.ieee.org/document/8879487/
work_keys_str_mv AT menglizhang spsrfspgafastsimulativepasswordsetgenerationalgorithm
AT gangzhou spsrfspgafastsimulativepasswordsetgenerationalgorithm
AT muhammadkhurramkhan spsrfspgafastsimulativepasswordsetgenerationalgorithm
AT sarukumari spsrfspgafastsimulativepasswordsetgenerationalgorithm
AT xuexianhu spsrfspgafastsimulativepasswordsetgenerationalgorithm
AT wenfenliu spsrfspgafastsimulativepasswordsetgenerationalgorithm
_version_ 1724187743725027328

Similar Items