摘要
现有的口令脆弱性评估大多基于规则的方案,很容易绕开规则而得到不准确的评估值。因此,根据口令字符组成,基于自然语言处理中TF-IDF技术,进行口令字符特征到数值特征的转换,提出了基于机器学习的口令脆弱性评估方案。通过使用训练集添加标签的方法增加样本学习目标值,再使用逻辑回归算法进行模型训练,并在评估阶段基于该模型进行脆弱性评估。通过与测试样本口令强度与模型评估值误差分析表明,所提方案具有较高的准确度,且对一些简单口令进行实际评测,模型输出结果比较符合实际情况。
Most of the existing schemes for password vpulnerability assessments are based on basic rules,and it is easy to bypass the rulesand get inaccurate estimates.Therefore,according to the password character composition,withTF-IDF technology in natural language processing,and by converting password character features to numeric features,a password vulnerability assessment scheme based on machine learning is proposed.The sample learning target value is increased by adding a label to the training set,and then the model training is performed by using a logistic regression algorithm,andthe vulnerability assessmentbased on the model is done in the evaluation stage.Testingon the strength of sample password and the error of model evaluation valueindicates that the proposed scheme hasfairly high accuracy.The actual evaluation on some simple passwords shows that the output of the model is in good agreement with the actual situation.
作者
罗华容
程劲
LUO Hua-rong;CHENG Jin(Sichuan Scientific and Technical Information Institute,Chengdu Sichuan 610016,China)
出处
《通信技术》
2019年第3期707-710,共4页
Communications Technology
基金
四川省公益性科研院所基本科研项目~~
关键词
机器学习
口令安全
自然语言处理
TF-IDF
逻辑回归
machine learning
password security
natural language processing
TF-IDF
logistic regression
