%0 Conference Proceedings
%T Using Personal Information in Targeted Grammar-Based Probabilistic Password Attacks
%+ Southern Illinois University [Edwardsville] (SIUE)
%A Houshmand, Shiva
%A Aggarwal, Sudhir
%Z Part 7: Forensic Techniques
%< avec comité de lecture
%( IFIP Advances in Information and Communication Technology
%B 13th IFIP International Conference on Digital Forensics (DigitalForensics)
%C Orlando, FL, United States
%Y Gilbert Peterson
%Y Sujeet Shenoi
%I Springer International Publishing
%3 Advances in Digital Forensics XIII
%V AICT-511
%P 285-303
%8 2017-01-30
%D 2017
%R 10.1007/978-3-319-67208-3_16
%K Password cracking
%K Context-free grammars
%K Personal information
%Z Computer Science [cs]Conference papers
%X Passwords are the primary means of authentication and security for online accounts and are commonly used to encrypt files and disks. This research demonstrates how personal information about users can be added systematically to enhance password cracking. Specifically, a dictionary-based probabilistic context-free grammar approach is proposed that effectively incorporates personal information about a targeted user into component grammars and dictionaries used for password cracking. The component grammars model various types of personal information such as family names and dates, previous password information and possible information about sequential passwords. A mathematical model for merging multiple grammars that combines the characteristics of the component grammars is presented. The resulting merged target grammar, which is also merged with a standard grammar, is used along with various dictionaries to generate guesses that quickly match target passwords. The experimental results demonstrate that the approach significantly improves password cracking performance.
%G English
%Z TC 11
%Z WG 11.9
%2 https://inria.hal.science/hal-01716395/document
%2 https://inria.hal.science/hal-01716395/file/456364_1_En_16_Chapter.pdf
%L hal-01716395
%U https://inria.hal.science/hal-01716395
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-AICT
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-DF
%~ IFIP-WG11-9
%~ IFIP-AICT-511