TL;DR
This paper introduces GNPassGAN, a generative adversarial network-based tool for offline password guessing that outperforms previous models by guessing more passwords with fewer duplicates, enhancing password security research.
Contribution
GNPassGAN is a novel GAN-based password guessing model that improves upon PassGAN by increasing guessed passwords and reducing duplicates without requiring domain knowledge.
Findings
Guessed 88.03% more passwords than PassGAN
Generated 31.69% fewer duplicate passwords
Effective for offline password guessing without domain assumptions
Abstract
The security of passwords depends on a thorough understanding of the strategies used by attackers. Unfortunately, real-world adversaries use pragmatic guessing tactics like dictionary attacks, which are difficult to simulate in password security research. Dictionary attacks must be carefully configured and modified to represent an actual threat. This approach, however, needs domain-specific knowledge and expertise that are difficult to duplicate. This paper reviews various deep learning-based password guessing approaches that do not require domain knowledge or assumptions about users' password structures and combinations. It also introduces GNPassGAN, a password guessing tool built on generative adversarial networks for trawling offline attacks. In comparison to the state-of-the-art PassGAN model, GNPassGAN is capable of guessing 88.03\% more passwords and generating 31.69\% fewer…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
