论文信息 - Passwords in use in a university timesharing environment

Passwords in use in a university timesharing environment

0 n Thursday morning, November 3, 1988, the national news reported that a computer virus had shut down a nationwide computer network, Internet. The virus, actually a worm program, took advantage of “flaws in utility programs in systems based on BSD-derived versions of Unix.” uThe flaws allowed the program to break into those machines and copy itself, thus infecting those systems,” cvcntually spreading to thousands of machines and halting normal network activity [ 111. One part of the worm program attempted to break user passwords using a mini-dictionary of 432 words it contained [l 11. This list, only a part of the program, raised several important questions: Where did the list come from? How was it created? Is the list representative of passwords found on other computers. ) We cannot answer the first two questions, but we can provide possible answers to the last.

Bruce L. Riddle | Murray S. Miron | Judith A. Semo | M. S. Miron | B. Riddle

[1] Leslie Lamport,et al. Password authentication with insecure communication , 1981, CACM.

[2] Ben F. Barton,et al. User-friendly password methods for computer-mediated information systems , 1984, Comput. Secur..

[3] Charles Cresson Wood. Effective information system security with password controls , 1983, Comput. Secur..

[4] Eugene H. Spafford,et al. The internet worm program: an analysis , 1989, CCRV.

[5] Lance J. Hoffman,et al. Modern methods for computer security and privacy , 1973 .

[6] D. Kahn. The codebreakers : the story of secret writing , 1968 .

[7] J. C. H. Aalders,et al. Handbook for Information Security: A Guide Towards Information Security Standards , 1986 .

[8] Donn B. Parker,et al. Fighting computer crime , 1983 .

[9] Helen Marie Wood,et al. The use of passwords for controlled access to computer resources. , 1977 .