口令攻击的集成学习模型构建方法  

作　　者：陈辰[1,2] 肖杨 曾剑平 CHEN Chen;XIAO Yang;ZENG Jianping(School of Computer Science,Fudan University,Shanghai 200433,China;Engineering Research Center of Cyber Security Auditing and Monitoring,Ministry of Education,Shanghai 200433,China)

机构地区：[1]复旦大学计算机科学技术学院,上海200433 [2]教育部网络信息安全审计与监控工程研究中心,上海200433

出　　处：《小型微型计算机系统》2024年第11期2747-2755,共9页Journal of Chinese Computer Systems

基　　金：教育部产学合作协同育人项目(CCS54WHZ4220491)资助.

摘　　要：多年来,研究者们提出了多种不同的口令模型,提高了口令攻击的效率,其中包括基于概率上下文无关模型、马尔可夫模型等不同原理的方法,它们分别捕捉了口令中不同方面的特征,这使得通过这些不同特征结合到一起来提高攻击效率成为可能.另一方面,在机器学习领域被广泛使用的集成学习方法能够整合多种模型来学习数据集中的不同特征,因此本文提出将集成学习应用于口令生成领域.本文提出了可扩展的集成口令攻击方法,并重点描述它的两个实例,通过分析多个重要的影响因素,以及进行大量实验来研究它们对攻击性能的影响.本文提出的集成口令攻击方法可以显著提升攻击效率,实验结果表明它相对于经典口令模型有着更高的攻击成功率,尤其是在跨站攻击的场景中,有近20%的提升.In order to improve the performance on cracking passwords,various of password models have been devised,including Probabilistic Context-Free Grammar(PCFG),Markov,etc.These models work on different principles,hence they can extract diverse characteristics from users′passwords.Therefore,it is possible to combine these characteristics together to improve password cracking efficiency.Considering that ensemble learning which is widely used in machine learning can integrate several models to seize different patterns in the given dataset,we introduce the idea of the ensemble learning to construct a stronger method for password generation in this paper.We propose the password guessing ensemble method(PGEM)with emphasize on its instances,that is,PassBagging and PassBoost which are respectively based on Bagging and Boosting in ensemble learning.We analyze on several important factors in the two methods,and extensive experiments are conducted to study how they influence the guessing performance.The novel PGEM method can significantly improve the guessing performance by integrating several guessing models.Experiment results show that the percentage of cracked passwords can be promoted compared with the typical password models.Especially in cross-site attack scenario,almost 20%more passwords can be cracked by the PassBagging which integrates PCFG and Markov models than that of using single model.

关 键 词：口令攻击 口令模型 集成学习 口令模式 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]