A survey exploring open source Intelligence for smarter password cracking

Kanta, Aikaterini; Coisel, Iwen; Scanlon, Mark

doi:10.1016/j.fsidi.2020.301075

Cited by 20 publications

(9 citation statements)

References 44 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Furthermore, it facilitates the identification of potential security vulnerabilities and enables timely interventions to mitigate such risks. Moreover, the use of honeywords leads to the prompt suspension of the relevant user account, while the incorporation of system segmentation offers an extra advantage [11]. The honeychecker functions independently of the central system and is responsible for the generation of honeywords.…”

Section: Honeywordsmentioning

confidence: 99%

Honeywords Generation Technique based on Meerkat Clan Algorithm and WordNet

A.Ahmed

2023

wjps

View full text Add to dashboard Cite

The efficiency of the Honeywords approach has been proven to be a significant tool for boosting password security. The suggested system utilizes the Meerkat Clan Algorithm (MCA) in conjunction with WordNet to produce honeywords, thereby enhancing the level of password security. The technique of generating honeywords involves data sources from WordNet, which contributes to the improvement of authenticity and diversity in the honeywords. The method encompasses a series of consecutive stages, which include the tokenization of passwords, the formation of alphabet tokens using the Meerkat Clan Algorithm (MCA), the handling of digit tokens, the creation of unique character tokens, and the consolidation of honeywords. The optimization of the performance of the Meerkat Clan Algorithm (MCA) involves the careful selection of parameters. The experimental findings have exhibited noteworthy levels of precision and optimum efficacy, particularly in tasks such as proposing words with similar meanings, forecasting numerical values, and producing distinctive symbols. The attainment of this achievement is facilitated by a confluence of factors, encompassing the caliber of data, the judicious use of algorithms or models, and the ongoing process of iterative improvement to consistently enhance outcomes. In order to achieve the appropriate levels of accuracy and functionality, it is crucial to engage in the process of conducting experiments, thoroughly testing the system, and making necessary improvements. The empirical findings provide confirmation of the effectiveness of the MCA in producing a varied and protected collection of honeywords. This is especially evident in the case of alphabet tokens, which are distinguished by their autonomous creation and strong security characteristics. The analysis of correction rates, specifically in relation to the password "Lion1999*," demonstrates the aforementioned results. This study reveals an average accuracy of honeyword production up to 0.729847632111541. In the same manner, the accuracy of the password "house2000" is determined to be 0.761325846711256. Additionally, when considering a sample of 100 passwords, the mean accuracy of honeyword creation is calculated to be 0.7073897168887518. The findings collectively highlight the effectiveness of the MCA in generating honeywords that possess improved security characteristics.

show abstract

Section: Honeywordsmentioning

confidence: 99%

Honeywords Generation Technique based on Meerkat Clan Algorithm and WordNet

A.Ahmed

2023

wjps

View full text Add to dashboard Cite

show abstract

“…ey include all source data that indicate the accuracy of data to give credibility to the data for the argument and evidence. As a result, much of the general data is processed into data that meets the criteria set by the investigator, resulting in meaningful data [2,8,9].…”

Section: Definition Andmentioning

confidence: 99%

Current Status and Security Trend of OSINT

Hwang

Lee

Kim

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Recently, users have used open-source intelligence (OSINT) to gather and obtain information regarding the data of interest. The advantage of using data gathered by OSINT is that security threats arising in cyberspace can be addressed. However, if a user uses data collected by OSINT for malicious purposes, information regarding the target of an attack can be gathered, which may lead to various cybercrimes, such as hacking, malware, and a denial-of-service attack. Therefore, from a cybersecurity point of view, it is important to positively use the data gathered by OSINT in a positive manner. If exploited in a negative manner, it is important to prepare countermeasures that can minimize the damage caused by cybercrimes. In this paper, the current status and security trends of OSINT will be explained. Specifically, we present security threats and cybercrimes that may occur if data gathered by OSINT are exploited by malicious users. Furthermore, to solve this problem, we propose security requirements that can be applied to the OSINT environment. The proposed security requirements are necessary for securely gathering and storing data in the OSINT environment and for securely accessing and using the data collected by OSINT. The goal of the proposed security requirements is to minimize the damage when cybercrimes occur in the OSINT environment.

show abstract

“…During the SLR presented here, the search strings returned seven surveys [Ahmad et al 2022;Al-Dhaqm et al 2020b;Kanta et al 2020;Liu et al 2022;Mahapatra and Khan 2012;Prajapati and Shah 2020;Sikos 2020]. However, their main focus is different, as they address: cyber security in IoT-based cloud computing [Ahmad et al 2022], database forensic investigation process models [Al-Dhaqm et al 2020b], open source intelligence for smarter password cracking [Kanta et al 2020], intrusion detection systems in the cloud computing [Liu et al 2022], existing techniques against SQL injection attacks • Seufitelli, Brandão and Moro [Mahapatra and Khan 2012], secure data deduplication [Prajapati and Shah 2020], and packet for network forensics [Sikos 2020].…”

Section: Related Workmentioning

confidence: 99%

Exploring the Intersection between Databases and Digital Forensics

Seufitelli

Brandão²,

Moro³

2022

jidm

View full text Add to dashboard Cite

Digital forensics has attracted attention from assorted researchers, who primarily work on predicting and solving digital hacks and crimes. In turn, the number and types of digital crimes have increased considerably, mainly due to the growing use of digital media to perform daily personal and professional tasks. Like most computer-related activities, data is at the center of such hacks and crimes. Hence, this work presents a systematic literature review of publications at the intersection between Digital Forensics and Databases. We discuss problems and trends of two main categories: Data Building and Database Management Systems. Overall, this research opens the doors for the communication between databases and an area with several exciting and concrete challenges, with great potential for social, economic, and technical-scientific contributions.

show abstract

A survey exploring open source Intelligence for smarter password cracking

Cited by 20 publications

References 44 publications

Honeywords Generation Technique based on Meerkat Clan Algorithm and WordNet

Honeywords Generation Technique based on Meerkat Clan Algorithm and WordNet

Current Status and Security Trend of OSINT

Exploring the Intersection between Databases and Digital Forensics

Contact Info

Product

Resources

About