论文信息 - Statistical models based password candidates generation for specified language used in wireless LAN security audit

Statistical models based password candidates generation for specified language used in wireless LAN security audit

The purpose of this article is to describe a new method which is proposed to be the best practice for creating a very effective password candidate lists for specified language, which could be then also used to test the security level of wireless networks protected by WPA/WPA2 PSK standards. The main principle of this technique is to create the statistical model of the new target language which could be used for password candidates generation in controlled order for security audit of the wireless network. It means that the list starts with more probable combinations, going to the less probable ones, so it can be said that this approach means sorting the Brute-force candidates according to specified language, or predicting the usage of letter combinations according to the specified language statistics. The tests have shown that this approach of generating more probable combinations as first, could improve the procedure since it is about 15 times faster in finding about 70% of passwords than common Brute-force attack, comparing to about 20% effectiveness of old dictionary attacks.

Lubomir Dobos | Matus Pleva | Jan Krekan

[1] Lubomir Dobos,et al. Accelerated GPU Powered Methods for Auditing Security of Wireless Networks Using Probabilistic Password Generation , 2012 .

[2] Hilary Johnson,et al. Rational security: Modelling everyday password use , 2012, Int. J. Hum. Comput. Stud..

[3] Sudhir Aggarwal,et al. Password Cracking Using Probabilistic Context-Free Grammars , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[4] Jozef Juhár,et al. Extracting Sentence Elements for the Natural Language Understanding Based on Slovak National Corpus , 2010, COST 2102 Conference.

[5] Jozef Juhar,et al. ANALYSIS OF MORPH-BASED LANGUAGE MODELING AND SPEECH RECOGNITION IN SLOVAK , 2012 .

[6] Matús Pleva,et al. Slovak Language Model from Internet Text Data , 2010, COST 2102 Training School.

[7] Phivos Mylonas,et al. Real-Life Paradigms of Wireless Network Security Attacks , 2011, 2011 15th Panhellenic Conference on Informatics.

[8] Lujo Bauer,et al. Encountering stronger password requirements: user attitudes and behaviors , 2010, SOUPS.

[9] Jozef Juhár,et al. Rule-Based Morphological Tagger for an Inflectional Language , 2011, COST 2102 Training School.

[10] Cormac Herley,et al. A large-scale study of web password habits , 2007, WWW '07.