Smarter password guessing techniques leveraging contextual information and OSINT

Aikaterini Kanta, Iwen Coisel, Mark Scanlon

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In recent decades, criminals have increasingly used the web to research, assist and perpetrate criminal behaviour. One of the most important ways in which law enforcement can battle this growing trend is through accessing pertinent information about suspects in a timely manner. A significant hindrance to this is the difficulty of accessing any system a suspect uses that requires authentication via password. Password guessing techniques generally consider common user behaviour while generating their passwords, as well as the password policy in place. Such techniques can offer a modest success rate considering a large/average population. However, they tend to fail when focusing on a single target - especially when the latter is an educated user taking precautions as a savvy criminal would be expected to do. Open Source Intelligence is being increasingly leveraged by Law Enforcement in order to gain useful information about a suspect, but very little is currently being done to integrate this knowledge in an automated way within password cracking. The purpose of this research is to delve into the techniques that enable the gathering of the necessary context about a suspect and find ways to leverage this information within password guessing techniques.

Original languageEnglish
Title of host publicationInternational Conference on Cyber Security and Protection of Digital Services, Cyber Security 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages2
ISBN (Electronic)9781728164281
ISBN (Print)9781728164298
DOIs
Publication statusPublished - 13 Jun 2020
Event2020 International Conference on Cyber Security and Protection of Digital Services, Cyber Security 2020 - Virtual, Online, Ireland
Duration: 15 Jun 202019 Jun 2020

Conference

Conference2020 International Conference on Cyber Security and Protection of Digital Services, Cyber Security 2020
Country/TerritoryIreland
CityVirtual, Online
Period15/06/2019/06/20

Keywords

  • Context-based Password Cracking
  • Open Source Intelligence (OSINT)
  • Password Guessing Techniques
  • Password Security

Fingerprint

Dive into the research topics of 'Smarter password guessing techniques leveraging contextual information and OSINT'. Together they form a unique fingerprint.

Cite this