Redes Neurais Recorrentes para Geração de Senhas em Ataques de Força Bruta Baseado em Dicionário
Abstract
The use of dictionaries in brute force attacks has shortcomings when addressing new passwords to be exploited, making the success of this type of attack impossible. In this scenario, this paper analyzes the use of recurrent neural networks to design new passwords based on the existing ones. The results show that the proposed model presents good hits, ensuring better chances of success in this type of attack.
References
Bengio, Y. (2012). Practical recommendations for gradient-based training of deep architectures. CoRR, abs/1206.5533.
Crackstation (2019). crackstation. Disponível em: [link]. Acessado em 23/08/2022.
Crackstation-Human-Only (2019). crackstation-humanonly. Disponível em: [link]. Acessado em 13/08/2022.
GitHub (2018). Probable-wordlists. Disponível em: [link]. Acessado em 02/07/2022.
GitHub (2019). Probable-wordlists. Disponível em: [link]. Acessado em 5/09/2021.
Greg (2018). Password cracker. Disponível em: [link]. Acessado em 31/08/2022.
Hitaj, B., Gasti, P., Ateniese, G., and Pérez-Cruz, F. (2017). Passgan: A deep learning approach for password guessing. CoRR, abs/1709.00440.
Jason Brownlee (2018). Text generation with lstm recurrent neural networks in python with keras. Disponível em: [link]. Acessado em 31/08/2022.
Kessler and C., G. (1996). Passwords strengths and weaknesses.
Kingma, D. P. and Ba, J. (2014). Adam: A method for stochastic optimization. arXiv preprint arXiv:1412.6980.
Narayanan, A. and Shmatikov, V. (2005). Fast dictionary attacks on passwords using time-space tradeoff. In Proceedings of the 12th ACM Conference on Computer and Communications Security, CCS ’05, page 364–372, New York, NY, USA. Association for Computing Machinery.
Raza, M., Iqbal, M., Sharif, M., and Haider, W. (2012). A survey of password attacks and comparative analysis on methods for secure authentication. World Applied Sciences Journal, 19:439–444.
RockYou (2022). Rockyou. Disponível em: [link]. Acessado em 13/08/2022.
Top85MillionWPA (2018). Top85millionwpa. Disponível em: [link]. Acessado em 13/08/2022.
Trieu, K. and Yang, Y. (2018). Artificial intelligence-based password brute force attacks.
Crackstation (2019). crackstation. Disponível em: [link]. Acessado em 23/08/2022.
Crackstation-Human-Only (2019). crackstation-humanonly. Disponível em: [link]. Acessado em 13/08/2022.
GitHub (2018). Probable-wordlists. Disponível em: [link]. Acessado em 02/07/2022.
GitHub (2019). Probable-wordlists. Disponível em: [link]. Acessado em 5/09/2021.
Greg (2018). Password cracker. Disponível em: [link]. Acessado em 31/08/2022.
Hitaj, B., Gasti, P., Ateniese, G., and Pérez-Cruz, F. (2017). Passgan: A deep learning approach for password guessing. CoRR, abs/1709.00440.
Jason Brownlee (2018). Text generation with lstm recurrent neural networks in python with keras. Disponível em: [link]. Acessado em 31/08/2022.
Kessler and C., G. (1996). Passwords strengths and weaknesses.
Kingma, D. P. and Ba, J. (2014). Adam: A method for stochastic optimization. arXiv preprint arXiv:1412.6980.
Narayanan, A. and Shmatikov, V. (2005). Fast dictionary attacks on passwords using time-space tradeoff. In Proceedings of the 12th ACM Conference on Computer and Communications Security, CCS ’05, page 364–372, New York, NY, USA. Association for Computing Machinery.
Raza, M., Iqbal, M., Sharif, M., and Haider, W. (2012). A survey of password attacks and comparative analysis on methods for secure authentication. World Applied Sciences Journal, 19:439–444.
RockYou (2022). Rockyou. Disponível em: [link]. Acessado em 13/08/2022.
Top85MillionWPA (2018). Top85millionwpa. Disponível em: [link]. Acessado em 13/08/2022.
Trieu, K. and Yang, Y. (2018). Artificial intelligence-based password brute force attacks.
Published
2023-05-22
How to Cite
RAMOS, Marlon B.; RIBEIRO, Thiago P.; MIANI, Rodrigo S..
Redes Neurais Recorrentes para Geração de Senhas em Ataques de Força Bruta Baseado em Dicionário. In: WORKSHOP ON SCIENTIFIC INITIATION AND GRADUATION - BRAZILIAN SYMPOSIUM ON COMPUTER NETWORKS AND DISTRIBUTED SYSTEMS (SBRC), 41. , 2023, Brasília/DF.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2023
.
p. 160-167.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc_estendido.2023.745.
