Centro de Documentação da PJ
Analítico de Periódico
CD 357
Beyond the dictionary attack [Recurso eletrónico] : enhancing password cracking efficiency through machine learning-induced mangling rules / Radek Hranický, Lucia Sírov, Viktor Rucký
Forensic Science International: Digital Investigation, Vol. 52, supplement (March 2025), 10 p.
Ficheiro de 903 KB em formato PDF.
INFORMÁTICA FORENSE, PROCESSAMENTO DE DADOS, PIRATARIA INFORMÁTICA, SEGURANÇA INFORMÁTICA, METODOLOGIAS
In the realm of digital forensics, password recovery is a critical task, with dictionary attacks representing one of the oldest yet most effective methods. To increase the attack power, developers of cracking tools have introduced password-mangling rules that apply modifications to the dictionary entries such as character swapping, substitution, or capitalization. Despite several attempts to automate rule creation that have been proposed over the years, creating a suitable ruleset is still a significant challenge. The current research lacks a deeper comparison and evaluation of the individual methods and their implications. We present RuleForge, a machine learningbased mangling-rule generator that leverages four clustering techniques and 19 commands with configurable priorities. Key innovations include an extended command set, advanced cluster representative selection, and various performance optimizations. We conduct extensive experiments on real-world datasets, evaluating clustering-based methods in terms of time, memory use, and hit ratios. Additionally, we compare RuleForge to existing rule-creation tools, password-cracking solutions, and popular existing rulesets. Our solution with an improved MDBSCAN clustering method achieves up to an 11.67%pt. Higher hit ratio than the original method and also outperformed the best yet-known state-of-the-art solutions for automated rule creation.
