Divide, Recombine and Conquer: Syntactic Patterns-Reassembly Algorithm applied to Password Guessing Process

COISEL, Iwen; SANCHEZ, MARTIN Jose Ignacio; GALBALLY, HERRERO Javier

doi:10.1109/CCST.2017.8167849

This work proposes a novel password guessing approach based on the identification, extraction and recombination of meaningful syntactic patterns present in human-chosen passwords. The proposed method exploits the existence of these patterns across user-selected passwords in order to effectively reduce the search space to be explored during the password guessing process. The password guessing scheme follows a two stage strategy. In the first step, a novel algorithm based on machine learning principles, identifies and extracts the syntactic meaningful patterns from a dataset of passwords. Then, in a second stage, these parts-of-passwords previously segmented are recombined in order to generate new statistically relevant password candidates that are used against a blind evaluation set. The experimental results show that this novel approach is able to retrieve complex passwords usually robust to traditional password guessing techniques.

COISEL Iwen; SANCHEZ MARTIN Jose Ignacio; GALBALLY HERRERO Javier;

2018-01-09

INSTITUTE OF ELECTRICAL AND ELECTRONICS ENGINEERS

JRC107390

2153-0742,

http://ieeexplore.ieee.org/document/8167849/, https://publications.jrc.ec.europa.eu/repository/handle/JRC107390,

10.1109/CCST.2017.8167849,

Language	Citation

Name	Country	City	Type

Datasets

ID	Title	Public URL

Dataset collections

ID	Acronym	Title	Public URL

Scripts / source codes

Description	Public URL

Additional supporting files

File name	Description	File type

Items published in the JRC Publications Repository are protected by copyright, with all rights reserved, unless otherwise indicated. Additional information: https://ec.europa.eu/info/legal-notice_en#copyright-notice