Your Email Address Holds the Key: Understanding the Connection Between Email and Password Security with Deep Learning

June 14, 2023 ยท Declared Dead ยท ๐Ÿ› 2023 IEEE Security and Privacy Workshops (SPW)

๐Ÿ’€ CAUSE OF DEATH: 404 Not Found
Code link is broken/dead
Authors Etienne Salimbeni, Nina Mainusch, Dario Pasquini arXiv ID 2306.08638 Category cs.CR: Cryptography & Security Citations 0 Venue 2023 IEEE Security and Privacy Workshops (SPW) Repository https://github.com/spring-epfl/DCM_sp Last Checked 2 months ago
Abstract
In this work, we investigate the effectiveness of deep-learning-based password guessing models for targeted attacks on human-chosen passwords. In recent years, service providers have increased the level of security of users'passwords. This is done by requiring more complex password generation patterns and by using computationally expensive hash functions. For the attackers this means a reduced number of available guessing attempts, which introduces the necessity to target their guess by exploiting a victim's publicly available information. In this work, we introduce a context-aware password guessing model that better capture attackers'behavior. We demonstrate that knowing a victim's email address is already critical in compromising the associated password and provide an in-depth analysis of the relationship between them. We also show the potential of such models to identify clusters of users based on their password generation behaviour, which can spot fake profiles and populations more vulnerable to context-aware guesses. The code is publicly available at https://github.com/spring-epfl/DCM_sp
Community shame:
Not yet rated
๐Ÿ“„ View on arXiv ๐ŸŒ View on ar5iv ๐Ÿ“‘ PDF ๐Ÿ’ป Repository ๐ŸŽ‰ Report Code Found
Community Contributions

Found the code? Know the venue? Think something is wrong? Let us know!

๐Ÿ“œ Similar Papers

In the same crypt โ€” Cryptography & Security

Died the same way โ€” ๐Ÿ’€ 404 Not Found