摘要
用户在设置密码时总是会以某一种形式来组合密码,使得密码猜测成为新的研究方向。目前成熟的技术是基于统计概率的方法,运算量大,耗时长。随着深度学习的兴起,运用递归神经网络生成密码的技术被证明是更加有效的。然而,目前基于深度学习的研究仅仅针对单一数据集,数据量受限,使得跨数据集的命中率不高。因此,提出了基于单数据集的密码生成模型PL(PCFG+LSTM)。相比LSTM,PL提升单数据集的命中率16%~30%。此外,提出了基于多数据集的对抗生成模型GENPass,相比简单混合多个数据集,命中率提升超过20%。
The password has become today’s dominant method of authentication. While brute-force attack methods have proven unpractical, the research then switches to password guessing. State-of-the-art approaches are all based on statistical probability. These approaches require a large amount of calculation, which is time-consuming. Neural networks have proven more accurate and practical in password guessing than traditional methods. However, a raw neural network model is not qualified for cross-site attacks because each dataset has its own features. Aiming at generalizing those leaked passwords and improving the performance in cross-site attacks, a neural network combined with PCFG is proposed. Compared with LSTM, PL increases the matching rate by 16%-30% when learning from a single dataset. Then, a deep learning model GENPass is proposed to learn from several datasets and use adversarial generation. The result indicates that the matching rate of GENPass is 20% higher than by simply mixing datasets in the cross-site test.
作者
夏之阳
易平
XIA Zhi-yang;YI Ping(School of Cyber Security,Shanghai Jiao Tong University,Shanghai 200240,China)
出处
《通信技术》
2019年第1期161-167,共7页
Communications Technology
基金
国家自然科学基金(No.61571290)~~
关键词
密码猜测
密码分析
深度学习
递归神经网络
password guessing
password analyzing
deep learning
recurrent neural network
