基于机器学习算法和LSTM递归神经网络的密码强度验证

© В.В. Беликов, И.А. Прокуронов, В.В. Беликов, V. V. Belikov, Ivan А. Prokuronov
{"title":"基于机器学习算法和LSTM递归神经网络的密码强度验证","authors":"© В.В. Беликов, И.А. Прокуронов, В.В. Беликов, V. V. Belikov, Ivan А. Prokuronov","doi":"10.32362/2500-316x-2023-11-4-7-15","DOIUrl":null,"url":null,"abstract":"Objectives. One of the most commonly used authentication methods in computer systems, password authentication is susceptible to various attacks including brute-force and dictionary attacks. This susceptibility requires not only the strict protection of user credentials, but also the definition of criteria for increasing a password’s strength to minimize the possibility of its exploitation by an attacker. Thus, an important task is the development of a verifier for checking passwords for strength and prohibiting the user from setting passwords that are susceptible to cracking. The use of machine learning methods to construct a verifier involves algorithms for formulating requirements for password complexity based on lists of known passwords available for each strength category.Methods. The proposed supervised machine learning algorithms comprise support vector machines, random forest, boosting, and long short-term memory (LSTM) recurrent neural network types. Embedding and term frequency–inverse document frequency (TF-IDF) methods are used for data preprocessing, while cross-validation is used for selecting hyperparameters.Results. Password strength recommendations and requirements from international and Russian standards are described. The existing methods of password strength verification in various operating systems are analyzed. The experimental results based on existing datasets comprising passwords having an associated level of strength are presented.Conclusions. A LSTM recurrent neural network is highlighted as one of the most promising areas for building a password strength verifier.","PeriodicalId":282368,"journal":{"name":"Russian Technological Journal","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Password strength verification based on machine learning algorithms and LSTM recurrent neural networks\",\"authors\":\"© В.В. Беликов, И.А. Прокуронов, В.В. Беликов, V. V. Belikov, Ivan А. Prokuronov\",\"doi\":\"10.32362/2500-316x-2023-11-4-7-15\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Objectives. One of the most commonly used authentication methods in computer systems, password authentication is susceptible to various attacks including brute-force and dictionary attacks. This susceptibility requires not only the strict protection of user credentials, but also the definition of criteria for increasing a password’s strength to minimize the possibility of its exploitation by an attacker. Thus, an important task is the development of a verifier for checking passwords for strength and prohibiting the user from setting passwords that are susceptible to cracking. The use of machine learning methods to construct a verifier involves algorithms for formulating requirements for password complexity based on lists of known passwords available for each strength category.Methods. The proposed supervised machine learning algorithms comprise support vector machines, random forest, boosting, and long short-term memory (LSTM) recurrent neural network types. Embedding and term frequency–inverse document frequency (TF-IDF) methods are used for data preprocessing, while cross-validation is used for selecting hyperparameters.Results. Password strength recommendations and requirements from international and Russian standards are described. The existing methods of password strength verification in various operating systems are analyzed. The experimental results based on existing datasets comprising passwords having an associated level of strength are presented.Conclusions. A LSTM recurrent neural network is highlighted as one of the most promising areas for building a password strength verifier.\",\"PeriodicalId\":282368,\"journal\":{\"name\":\"Russian Technological Journal\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Russian Technological Journal\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.32362/2500-316x-2023-11-4-7-15\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Russian Technological Journal","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.32362/2500-316x-2023-11-4-7-15","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1

摘要

目标。密码认证是计算机系统中最常用的认证方法之一,它容易受到各种攻击,包括暴力破解和字典攻击。这种敏感性不仅需要严格保护用户凭证,还需要定义增加密码强度的标准,以最大限度地减少攻击者利用密码的可能性。因此,一个重要的任务是开发一个验证器来检查密码的强度,并禁止用户设置容易被破解的密码。使用机器学习方法构建验证器涉及基于每个强度类别可用的已知密码列表制定密码复杂度要求的算法。提出的监督机器学习算法包括支持向量机、随机森林、增强和长短期记忆(LSTM)递归神经网络类型。数据预处理采用嵌入和TF-IDF (term frequency - inverse document frequency)方法,选择超参数结果采用交叉验证方法。介绍了国际标准和俄罗斯标准对密码强度的建议和要求。分析了各种操作系统中现有的密码强度验证方法。基于现有数据集的实验结果,包括具有相关强度水平的密码。LSTM递归神经网络是构建密码强度验证器最有前途的领域之一。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Password strength verification based on machine learning algorithms and LSTM recurrent neural networks
Objectives. One of the most commonly used authentication methods in computer systems, password authentication is susceptible to various attacks including brute-force and dictionary attacks. This susceptibility requires not only the strict protection of user credentials, but also the definition of criteria for increasing a password’s strength to minimize the possibility of its exploitation by an attacker. Thus, an important task is the development of a verifier for checking passwords for strength and prohibiting the user from setting passwords that are susceptible to cracking. The use of machine learning methods to construct a verifier involves algorithms for formulating requirements for password complexity based on lists of known passwords available for each strength category.Methods. The proposed supervised machine learning algorithms comprise support vector machines, random forest, boosting, and long short-term memory (LSTM) recurrent neural network types. Embedding and term frequency–inverse document frequency (TF-IDF) methods are used for data preprocessing, while cross-validation is used for selecting hyperparameters.Results. Password strength recommendations and requirements from international and Russian standards are described. The existing methods of password strength verification in various operating systems are analyzed. The experimental results based on existing datasets comprising passwords having an associated level of strength are presented.Conclusions. A LSTM recurrent neural network is highlighted as one of the most promising areas for building a password strength verifier.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信