Honeywords are fake passwords that serve as an accompaniment to the real password, which is called a "sugarword." The honeyword system is an effective password cracking detection system designed to easily detect password cracking in order to improve the security of hashed passwords. For every user, the password file of the honeyword system will have one real hashed password accompanied by numerous fake hashed passwords. If an intruder steals the password file from the system and successfully cracks the passwords while attempting to log in to users' accounts, the honeyword system will detect this attempt through the honeychecker. A honeychecker is an auxiliary server that distinguishes the real password from the fake passwords and triggers an alarm if intruder signs in using a honeyword. Many honeyword generation approaches have been proposed by previous research, all with limitations to their honeyword generation processes, limited success in providing all required honeyword features, and susceptibility to many honeyword issues. This work will present a novel honeyword generation method that uses a proposed discrete salp swarm algorithm. The salp swarm algorithm (SSA) is a bio-inspired metaheuristic optimization algorithm that imitates the swarming behavior of salps in their natural environment. SSA has been used to solve a variety of optimization problems. The presented honeyword generation method will improve the generation process, improve honeyword features, and overcome the issues of previous techniques. This study will demonstrate numerous previous honeyword generating strategies, describe the proposed methodology, examine the experimental results, and compare the new honeyword production method to those proposed in previous research.
Honeyword system is a successful password cracking detection system. Simply the honeywords are (False passwords) that are accompanied to the sugarword (Real password). Honeyword system aims to improve the security of hashed passwords by facilitating the detection of password cracking. The password database will have many honeywords for every user in the system. If the adversary uses a honeyword for login, a silent alert will indicate that the password database might be compromised. All previous studies present a few remarks on honeyword generation methods for max two preceding methods only. So, the need for one that lists all preceding researches with their weaknesses is shown. This work presents all generation methods then lists the strengths and weaknesses of 26 ones. In addition, it puts 32 remarks that highlight their strengths and weaknesses points. This research has proved that every honeyword generation method has many weaknesses points.
The honeyword system is a password cracking detection technique that aims to improve the security of hashed passwords by making password cracking simpler to detect. Many honeywords (false passwords) accompany the sugarword (true password) to form the sweetwords (false and true passwords) for every user. If the attacker signs in using a honeyword, a silent alarm trigger shows that the honeyword system might be compromised. Many honeyword generation techniques are presented; each one has a flaw in the generating process, a lack of support for all honeyword characteristics, and a slew of honeyword problems. The harmony search algorithm (HSA), a metaheuristic intelligence algorithm inspired by music, is used in this article to offer a novel method for generating honeyword. The suggested honeyword generation technique will enhance the generating process, enhance honeyword characteristics, and address prior approaches’ shortcomings. This paper will show several previous honeyword generation techniques, explain the suggested one, discuss the experimental findings, and compare the new honeyword generation method with the previous ones.
An effective password cracking detection system is the honeyword system. The Honeyword method attempts to increase the security of hashed passwords by making password cracking easier to detect. Each user in the system has many honeywords in the password database. If the attacker logs in using a honeyword, a quiet alert trigger indicates that the password database has been hacked. Many honeyword generation methods have been proposed, they have a weakness in generating process, do not support all honeyword properties, and have many honeyword issues. This article proposes a novel method to generate honeyword using the meerkat clan intelligence algorithm, a metaheuristic swarm intelligence algorithm. The proposed generation methods will improve the honeyword generating process, enhance the honeyword properties, and solve the issues of previous methods. This work will show some previous generation methods, explain the proposed method, discuss the experimental results and compare the new one with the prior ones.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.