蜜语生成方法研究——兼论优势与劣势

IF 1.2 Q4 COMPUTER SCIENCE, INFORMATION SYSTEMS

Cybernetics and Information Technologies Pub Date : 2022-06-01 DOI:10.2478/cait-2022-0013

Yasser A. Yasser, A. Sadiq, Wasim Alhamdani

{"title":"蜜语生成方法研究——兼论优势与劣势","authors":"Yasser A. Yasser, A. Sadiq, Wasim Alhamdani","doi":"10.2478/cait-2022-0013","DOIUrl":null,"url":null,"abstract":"Abstract Honeyword system is a successful password cracking detection system. Simply the honeywords are (False passwords) that are accompanied to the sugarword (Real password). Honeyword system aims to improve the security of hashed passwords by facilitating the detection of password cracking. The password database will have many honeywords for every user in the system. If the adversary uses a honeyword for login, a silent alert will indicate that the password database might be compromised. All previous studies present a few remarks on honeyword generation methods for max two preceding methods only. So, the need for one that lists all preceding researches with their weaknesses is shown. This work presents all generation methods then lists the strengths and weaknesses of 26 ones. In addition, it puts 32 remarks that highlight their strengths and weaknesses points. This research has proved that every honeyword generation method has many weaknesses points.","PeriodicalId":45562,"journal":{"name":"Cybernetics and Information Technologies","volume":null,"pages":null},"PeriodicalIF":1.2000,"publicationDate":"2022-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A Scrutiny of Honeyword Generation Methods: Remarks on Strengths and Weaknesses Points\",\"authors\":\"Yasser A. Yasser, A. Sadiq, Wasim Alhamdani\",\"doi\":\"10.2478/cait-2022-0013\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abstract Honeyword system is a successful password cracking detection system. Simply the honeywords are (False passwords) that are accompanied to the sugarword (Real password). Honeyword system aims to improve the security of hashed passwords by facilitating the detection of password cracking. The password database will have many honeywords for every user in the system. If the adversary uses a honeyword for login, a silent alert will indicate that the password database might be compromised. All previous studies present a few remarks on honeyword generation methods for max two preceding methods only. So, the need for one that lists all preceding researches with their weaknesses is shown. This work presents all generation methods then lists the strengths and weaknesses of 26 ones. In addition, it puts 32 remarks that highlight their strengths and weaknesses points. This research has proved that every honeyword generation method has many weaknesses points.\",\"PeriodicalId\":45562,\"journal\":{\"name\":\"Cybernetics and Information Technologies\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":1.2000,\"publicationDate\":\"2022-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Cybernetics and Information Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.2478/cait-2022-0013\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cybernetics and Information Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2478/cait-2022-0013","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 2

摘要

摘要Honeyword系统是一个成功的密码破解检测系统。简单地说，蜜语是（假密码），伴随着糖词（真实密码）。Honeyword系统旨在通过促进密码破解的检测来提高哈希密码的安全性。密码数据库将为系统中的每个用户提供许多蜜语。如果对手使用蜜语登录，则会发出无声警报，表明密码数据库可能已被破坏。所有先前的研究都只对前两种方法的蜜语生成方法进行了一些评论。因此，有必要列出所有先前的研究及其弱点。这项工作介绍了所有的生成方法，然后列出了26种生成方法的优缺点。此外，它提出了32条意见，突出了它们的长处和短处。这项研究证明，每一种蜜语生成方法都有许多弱点。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Scrutiny of Honeyword Generation Methods: Remarks on Strengths and Weaknesses Points

Abstract Honeyword system is a successful password cracking detection system. Simply the honeywords are (False passwords) that are accompanied to the sugarword (Real password). Honeyword system aims to improve the security of hashed passwords by facilitating the detection of password cracking. The password database will have many honeywords for every user in the system. If the adversary uses a honeyword for login, a silent alert will indicate that the password database might be compromised. All previous studies present a few remarks on honeyword generation methods for max two preceding methods only. So, the need for one that lists all preceding researches with their weaknesses is shown. This work presents all generation methods then lists the strengths and weaknesses of 26 ones. In addition, it puts 32 remarks that highlight their strengths and weaknesses points. This research has proved that every honeyword generation method has many weaknesses points.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Cybernetics and Information Technologies COMPUTER SCIENCE, INFORMATION SYSTEMS-

CiteScore

3.20

自引率

25.00%

发文量

审稿时长

12 weeks