Research And Application Of Integrated Optimization And Adaptive Optimization Of Password Guessing Methods

Passwords are also called ”passwords” and ”user passwords”.They are a series of input characters that are generated and maintained by users and used to identify users or access rights.Because of its ease of deployment,almost no overhead,and lightweight,it has been widely used,so password security has become the focus of attention.The security of the password is related to the encryption algorithm,the computing power of the attacker,and the guessing method used.At present,there are two problems with the mainstream password guessing methods: 1.The password description method is too simple,such as hot words and structural methods cannot accurately describe Passwords with deformed patterns,hot words with deformation and structural methods that do not have obvious learning rules;passwords are difficult;2.The problem of different feature distributions between the test set and the training set is not considered,and the resulting password guessing dictionary is easy to overfit,making guess Under efficiency.The research content of this thesis is mainly to solve the above two problems.In the learning phase of the guessing method,this thesis proposes an integrated optimization method:This method uses multiple methods to learn in parallel in different lengths.First,the number of guesses of different lengths is allocated based on the model of the number of guesses that balances length and quantity.The guessing times distribution model of multiple methods determines the guessing times of each method,and finally generates a guessing rule sequence according to the guessing times corresponding to each module,so that the generated password guessing dictionary has the characteristics of multiple guessing methods.In the generation stage of the guessing dictionary,this thesis proposes an adaptive optimization method: by analyzing a small amount of recovered plaintext features,the benefits of the rules can be recalculated based on the features,so that the guesses generated can be adjusted in real time according to the characteristics of the set of passwords to be guessed.The order of the password dictionary improves the efficiency of guessing.Finally,this thesis validates the effects of these two optimization methods through experiments.For integration optimization,we compared it with the existing multiple password guessing methods on ten real password sets,and found that the integrated method reached the highest total hit rate on multiple password sets and hits on long passwords.The rate has improved.For adaptive optimization,by constructing a difficult password set with completely different characteristics from the existing password set,we found that the adjusted password guessing dictionary has a smaller average number of guesses,and passwords similar to the special password set characteristics can be guessed first.