Probabilistic password cracking system

摘要

System and methodology that utilizes keyboard patterns and alpha string patterns for password cracking. Keyboard patterns can be used as components of passwords, and the relevant shapes can extracted from these keyboard patterns and passwords. This keyboard information can be used to extend a probabilistic context-free grammar that can then be used to generate guesses containing keyboard patterns. Further, patterns in alpha strings, such as repeated words and multi-words, can be systematically learned using a training dictionary. This information can be used to extend the probabilistic context-free grammars which leads to generation of guesses based on the distribution of these patterns in the alpha strings, Keyboard patterns and alpha string patterns, individually and in combination, are shown herein to be effective for password cracking.

主权项

1. One or more tangible non-transitory computer-readable media having computer-executable instructions for performing a method of running a software program on a computing device, the computing device operating under an operating system, the method including issuing instructions from the software program for a computer processor to generate a probabilistic password cracking system for cracking a targeted password for a secured user account associated with a user, the instructions comprising:
receiving a plurality of known password strings, said plurality of known password strings formed of at least one category selected from the group consisting of alpha strings, digits, and special characters; deriving one or more base structures from said plurality of known password strings, whereby one base structure may include more than one password string from said plurality of known password strings; automatically incorporating a keyboard pattern into said one or more base structures, said keyboard pattern contained within at least one password string of said plurality of known password strings, said keyboard pattern being a sequence of contiguous characters starting from a particular key without regards to actual characters typed but uses a physical sequence shape of the actual characters; automatically assigning a set of probability values to each base structure of said one or more base structures based on a probability value of each alpha string, each digit, each special character, or each keyboard pattern in said each base structure; creating a probabilistic context free grammar based on said set of probability values assigned to said each base structure; receiving one or more input dictionaries containing a plurality of sequences of alpha characters; generating password guess strings in decreasing estimated probability via said probabilistic context-free grammar by utilizing said plurality of sequences of alpha characters; accessing a login interface to the secured user account; and applying said password guess strings from said computer processor sequentially to said login interface, whereby authentication of the user can be achieved.