Skip to main content
SpringerLink
Log in

A Novel Approach to Proactive Password Checking

  • Conference paper
  • First Online:
Infrastructure Security (InfraSec 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2437))

Included in the following conference series:

Abstract

In this paper we propose a novel approach to strength password-based access control strategies. We describe a proactive password checker which uses a perceptron to decide whether a user’s password is easy-to-guess. The checker is simple and efficient, and it works since easy and hard-to-guess passwords seem to be linearly separable. Experimental results show that the error rates in many cases are close to zero, memory requirements can be quantified in few bytes, and the answers to classification queries are almost immediate. This research opens new directions to investigate on the applicability of neural network techniques to data security environments.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. F. Bergadano, B. Crispo, and G. Ruffo, High Dictionary Compression for Proactive Password Checking, ACM Transactions on Information and System Security, Vol. 1, No. 1, pp. 3–25, November 1998.

    Article  Google Scholar 

  2. R. Beale and T. Jackson, Neural Computing: An Introduction, IOP Publishing Ltd, Institute of Physics, 1990.

    Google Scholar 

  3. M. Bishop, Proactive Password Checking, in Proceedings of 4thWorkshop on Computer Security Incident Handling, 1992.

    Google Scholar 

  4. M. Bishop, Improving System Security via Proactive Password Checking, Computers and Security, Vol. 14, No. 3, pp. 233–249, 1995.

    Article  Google Scholar 

  5. B. Bloom, Space/Time Trade-offs in Hash Coding with Allowable Errors, Communications of ACM, July 1970.

    Google Scholar 

  6. C. Blundo, P. D’Arco, A. De Santis, and C. Galdi, Hyppocrates: A new Proactive Password Checker, Proocedings of ISC01, Springer-Verlag, LNCS, Vol. 2200, Malaga, October 1–3, 2001.

    Google Scholar 

  7. C. Davies, and R. Ganesan, Bapasswd: A new proactive password checker. In Proceedings of the 16th National Conference on Computer Security (Baltimore, MD, Sept. 20–23).

    Google Scholar 

  8. D. Klein, Foiling the Cracker: A Survey of, and Improvements to, Password Security. Proceedings of the Fifth Data Communications Symposium, September 1977.

    Google Scholar 

  9. A. Muffett, Crack 5.0, USENETNews.

    Google Scholar 

  10. J. B. Nagle, An obvious password detector. USENETNews.

    Google Scholar 

  11. E. Spafford, OPUS: Preventing Weak Password Choices in Computers and Security, No. 3, 1992.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Informatica ed Applicazioni, Università di Salerno, 84081, Baronissi, SA, ITALY

    Carlo Blundo & Alfredo De Santis

  2. Department of Combinatorics and Optimization, University of Waterloo, N2L 3G1, Waterloo, Ontario, Canada

    Paolo D’Arco

  3. Computer Technology Institute and Dept. of Computer Engineering and Informatics, University of Patras, 26500, Rio, Greece

    Clemente Galdi

Authors
  1. Carlo Blundo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Paolo D’Arco
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Alfredo De Santis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Clemente Galdi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Wisconsin-Milwaukee, 53201, Milwaukee, WI, USA

    George Davida

  2. TechTegrity LLC, P.O. Box 2125, 07091, Westfield, NJ, USA

    Yair Frankel

  3. Hewlett-Packard Laboratories, Filton Road, Stoke Gifford, BS34 8QZ, Bristol, UK

    Owen Rees

Rights and permissions

Reprints and permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Blundo, C., D’Arco, P., De Santis, A., Galdi, C. (2002). A Novel Approach to Proactive Password Checking. In: Davida, G., Frankel, Y., Rees, O. (eds) Infrastructure Security. InfraSec 2002. Lecture Notes in Computer Science, vol 2437. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45831-X_3

Download citation

  • DOI: https://doi.org/10.1007/3-540-45831-X_3

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-44309-4

  • Online ISBN: 978-3-540-45831-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation