Abstract
In this paper we propose a novel approach to strength password-based access control strategies. We describe a proactive password checker which uses a perceptron to decide whether a user’s password is easy-to-guess. The checker is simple and efficient, and it works since easy and hard-to-guess passwords seem to be linearly separable. Experimental results show that the error rates in many cases are close to zero, memory requirements can be quantified in few bytes, and the answers to classification queries are almost immediate. This research opens new directions to investigate on the applicability of neural network techniques to data security environments.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
F. Bergadano, B. Crispo, and G. Ruffo, High Dictionary Compression for Proactive Password Checking, ACM Transactions on Information and System Security, Vol. 1, No. 1, pp. 3–25, November 1998.
R. Beale and T. Jackson, Neural Computing: An Introduction, IOP Publishing Ltd, Institute of Physics, 1990.
M. Bishop, Proactive Password Checking, in Proceedings of 4thWorkshop on Computer Security Incident Handling, 1992.
M. Bishop, Improving System Security via Proactive Password Checking, Computers and Security, Vol. 14, No. 3, pp. 233–249, 1995.
B. Bloom, Space/Time Trade-offs in Hash Coding with Allowable Errors, Communications of ACM, July 1970.
C. Blundo, P. D’Arco, A. De Santis, and C. Galdi, Hyppocrates: A new Proactive Password Checker, Proocedings of ISC01, Springer-Verlag, LNCS, Vol. 2200, Malaga, October 1–3, 2001.
C. Davies, and R. Ganesan, Bapasswd: A new proactive password checker. In Proceedings of the 16th National Conference on Computer Security (Baltimore, MD, Sept. 20–23).
D. Klein, Foiling the Cracker: A Survey of, and Improvements to, Password Security. Proceedings of the Fifth Data Communications Symposium, September 1977.
A. Muffett, Crack 5.0, USENETNews.
J. B. Nagle, An obvious password detector. USENETNews.
E. Spafford, OPUS: Preventing Weak Password Choices in Computers and Security, No. 3, 1992.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Blundo, C., D’Arco, P., De Santis, A., Galdi, C. (2002). A Novel Approach to Proactive Password Checking. In: Davida, G., Frankel, Y., Rees, O. (eds) Infrastructure Security. InfraSec 2002. Lecture Notes in Computer Science, vol 2437. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45831-X_3
Download citation
DOI: https://doi.org/10.1007/3-540-45831-X_3
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44309-4
Online ISBN: 978-3-540-45831-9
eBook Packages: Springer Book Archive