Abstract
The use of passwords in daily life has become more and more widespread, which has become an indispensable part of life. However, there are still some security risks when using passwords. These security risks occupy a large part due to users using low strength password because of the very limited memory ability of human beings. It makes verbal guessing based on human memory habits achieve good attack effectiveness. In order to improve the security of network password system, this paper proposes a password enhancement method combining Markov model intelligent prediction and dynamic password enhanced technology. This method can greatly increase the password strength by more than 80% without increasing the memory burden of the user. At the same time, it does not need to store complex keys in the system, which can significantly improve the security of the network password system.
Supported by National Natural Science Foundation of China (No. 61772162), Joint fund of National Natural Science Fund of China (No. U1709220), National Key R&D Program of China (No. 2016YFB0800201), Zhejiang Natural Science Foundation of China (No. LY16F020016).
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Dell Amico, M., Michiardi, P., Roudier, Y.F.: Password strength: an empirical analysis. In: 2010 Proceedings IEEE INFOCOM, San Diego, CA, USA, pp. 1–9 (2010)
Wang, P., Wang, D., Huang, X.: Advances in password security. J. Comput. Res. Dev. 53(10), 2173–2188 (2016)
Vu, K.P.L., Proctor, R.W., Bhargav-Spantzel, A., et al.: Improving password security and memorability to protect personal and organi-zational information. Int. J. Hum.-Comput. Stud. 65(8), 744–757 (2007)
Castelluccia, C., Chaabane, A., Dürmuth, M., et al.: When privacy meets security: leveraging personal information for password cracking. Computer Science (2013)
Bonneau, J.: The science of guessing: analyzing an anonymized corpus of 70 million passwords. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 538–552. IEEE (2012)
Ma, J., Yang, W., Luo, M., et al.: A study of probabilistic password models. In: 2014 IEEE Symposium on Security and Privacy (SP), pp. 689–704. IEEE (2014)
Kelley, P.G., Komanduri, S., Mazurek, M.L., et al.: Guess again (and again and again): measuring password strength by simulating password-cracking algorithms. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 523–537. IEEE (2012)
Komanduri, S., Shay, R., Kelley, P.G., et al.: Of passwords and people: measuring the effect of password-composition policies. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 2595–2604. ACM (2011)
Narayanan, A., Shmatikov, V.: Fast dictionary attacks on passwords using time-space tradeoff. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 364–372. ACM (2005)
Weir, M., Aggarwal, S., de Medeiros, B., Glodek, B.: Password cracking using probabilistic context-free grammars. In: Proceedings of the 30th IEEE Symposium on Security and Privacy, pp. 391–405. IEEE (2009)
Weir, M., Aggarwal, S., Collins, M., et al.: Testing metrics for password creation policies by attacking large sets of re-vealed passwords. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 162–175. ACM (2010)
Castelluccia, C., Dürmuth, M., Perito, D.: Adaptive password-strength meters from markov models. In: The Network and Distributed System Security Symposium (NDSS 2012) (2012)
de Carnavalet, X.D.C., Mannan, M.: From very weak to very strong: analyzing password-strength meters. In: The Network and Distributed System Security Symposium (NDSS 2014) (2014)
Dürmuth, M., Angelstorf, F., Castelluccia, C., Perito, D., Chaabane, A.: OMEN: faster password guessing using an ordered markov enumerator. In: International Symposium on Engineering Secure Software and Systems, Mar 2015, Milan, Italy (2015)
Batagelj, V., Brandes, U.: Efficient generation of large random networks. Phys. Rev. E 71(3), 036113 (2005)
Zhendong, W., Liang, B., You, L., Jian, Z., Li, J.: High-dimension space projection-based biometric encryption for fingerprint with fuzzy minutia. Soft Comput. 20(12), 4907–4918 (2016)
Zhendong, W., Tian, L., Li, P., Ting, W., Jiang, M., Wu, C.: Generating stable biometric keys for flexible cloud computing authentication using finger vein. Inf. Sci. 433, 431–447 (2018)
Li, J., Sun, L., Yan, Q., Li, Z., Witawas, S., Ye, H.: Significant permission identification for machine learning based android mal-waredetection. IEEE Trans. Ind. Inform. 1–12 (2018). https://doi.org/10.1109/TII.2017.2789219
Liu, Z., Wu, Z., Li, T., Li, J., Shen, C.: GMM and CNN hybrid method for short utterance speaker recognition. IEEE Trans. Ind. Inform. 1–10 (2018). https://doi.org/10.1109/TII.2018.2799928
Melicher, W., et al.: Fast, lean, and accurate: modeling password guessability using neural networks. In: Proceedings of the 25th USENIX Security Symposium, 10–12 August, Austin, TX (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Wu, Z., Xia, Y. (2018). User Password Intelligence Enhancement by Dynamic Generation Based on Markov Model. In: Vaidya, J., Li, J. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2018. Lecture Notes in Computer Science(), vol 11337. Springer, Cham. https://doi.org/10.1007/978-3-030-05063-4_25
Download citation
DOI: https://doi.org/10.1007/978-3-030-05063-4_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05062-7
Online ISBN: 978-3-030-05063-4
eBook Packages: Computer ScienceComputer Science (R0)