How viable is password cracking in digital forensic investigation? Analyzing the guessability of over 3.9 billion real-world accounts

Kanta, Aikaterini; Coray, Sein; Coisel, Iwen; Scanlon, Mark

doi:10.1016/j.fsidi.2021.301186

Cited by 15 publications

(11 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Owing to the failure of many users in adhering to best practices of password usage, the method of password spraying attacks are often successful. As reported in 2019, recognizable number arrangements like "12345", typical names of females like Jennifer, and the word "password" are among the most commonly used passwords among users [59,60]. These, and other reported 200 easily guessed passwords have contributed to data breaches [59,60].…”

Section: Cyber Attacksmentioning

confidence: 94%

“…As reported in 2019, recognizable number arrangements like "12345", typical names of females like Jennifer, and the word "password" are among the most commonly used passwords among users [59,60]. These, and other reported 200 easily guessed passwords have contributed to data breaches [59,60]. Hence, attackers targeting a reasonably large number of usernames and utilizing a sufficiently large array of common passwords are likely to succeed in gaining access to some accounts [40,43,44,59,60].…”

Section: Cyber Attacksmentioning

confidence: 98%

“…These, and other reported 200 easily guessed passwords have contributed to data breaches [59,60]. Hence, attackers targeting a reasonably large number of usernames and utilizing a sufficiently large array of common passwords are likely to succeed in gaining access to some accounts [40,43,44,59,60].…”

Section: Cyber Attacksmentioning

confidence: 99%

See 2 more Smart Citations

Predictions of Cybersecurity Experts on Future Cyber-Attacks and Related Cybersecurity Measures

AL-Hawamleh¹

2023

IJACSA

View full text Add to dashboard Cite

The Internet interconnections' exponential growth has resulted in an increase in cyber-attack occurrences with mostly devastating consequences. Malware is a common tool for performing these attacks in cyberspace. The malefactors would either exploit the present weaknesses or employ the distinctive characteristics of the developing technologies. The cybersecurity community should increase their knowledge on the types and arsenals of cyber-attacks, and security measures against cyberattacks should be in place as well. Also, advanced and effective malware defense mechanisms should be established. Hence, this study reviews cyber-attack types, measures and security precautions, and professional extrapolations on cyber-attacks future and the associated security measures. Semi-structured interviews were performed, involving five IT managers and nine Cybersecurity Consultants, to obtain the data. The study findings demonstrate prevention as key for data breach risk prevention. Knowledge of common attack methods and the use of cybersecurity software can facilitate individuals and organizations in thwarting hackers and in preserving their data privacy. Two-factor authorization by consumers and new back-end security protocols and security methods, including Artificial intelligence (AI) application, will encumber hacking attempts.

show abstract

Section: Cyber Attacksmentioning

confidence: 94%

Section: Cyber Attacksmentioning

confidence: 98%

See 1 more Smart Citation

Predictions of Cybersecurity Experts on Future Cyber-Attacks and Related Cybersecurity Measures

AL-Hawamleh¹

2023

IJACSA

View full text Add to dashboard Cite

show abstract

“…Password or key retrieval: Cloud forensic investigations encounter distinct challenges, especially in accessing encrypted data without cooperation from involved parties. Advanced tools, such as John the Ripper and Hashcat [ 127 ], provide critical support by enabling password retrieval. Additionally, analyzing memory dumps offers avenues for retrieving encryption keys, enhancing investigators’ capabilities to overcome challenges posed by encrypted data in cloud forensic examinations.…”

Section: Cloud Forensic Challengesmentioning

confidence: 99%

Cloud Digital Forensics: Beyond Tools, Techniques, and Challenges

Malik,

Bhatti,

Park

et al. 2024

Sensors

View full text Add to dashboard Cite

Cloud computing technology is rapidly becoming ubiquitous and indispensable. However, its widespread adoption also exposes organizations and individuals to a broad spectrum of potential threats. Despite the multiple advantages the cloud offers, organizations remain cautious about migrating their data and applications to the cloud due to fears of data breaches and security compromises. In light of these concerns, this study has conducted an in-depth examination of a variety of articles to enhance the comprehension of the challenges related to safeguarding and fortifying data within the cloud environment. Furthermore, the research has scrutinized several well-documented data breaches, analyzing the financial consequences they inflicted. Additionally, it scrutinizes the distinctions between conventional digital forensics and the forensic procedures specific to cloud computing. As a result of this investigation, the study has concluded by proposing potential opportunities for further research in this critical domain. By doing so, it contributes to our collective understanding of the complex panorama of cloud data protection and security, while acknowledging the evolving nature of technology and the need for ongoing exploration and innovation in this field. This study also helps in understanding the compound annual growth rate (CAGR) of cloud digital forensics, which is found to be quite high at ≈16.53% from 2023 to 2031. Moreover, its market is expected to reach ≈USD 36.9 billion by the year 2031; presently, it is ≈USD 11.21 billion, which shows that there are great opportunities for investment in this area. This study also strategically addresses emerging challenges in cloud digital forensics, providing a comprehensive approach to navigating and overcoming the complexities associated with the evolving landscape of cloud computing.

show abstract

“…However, determining the probability distribution over such data sets is not a straightforward task and is outside the scope of this research. It is different from assessing word-list quality [34], [35], or individual password strength [36], [37], [38], [39], as both are a separate line of research. As Aggarwal et al shows [32], PCFG parse trees are usually ambiguous which means, there can be multiple ways to produce a single word.…”

Section: Related Literaturementioning

confidence: 99%

The Theory and Practice of Magic Hash Based Attacks on Lightweight Cryptographic Hash Functions in Complex IoT Environments

Tihanyi

Borsos

2021

Security, Privacy, and Anonymity in Computation, Communication, and Storage

View full text Add to dashboard Cite

How viable is password cracking in digital forensic investigation? Analyzing the guessability of over 3.9 billion real-world accounts

Cited by 15 publications

References 12 publications

Predictions of Cybersecurity Experts on Future Cyber-Attacks and Related Cybersecurity Measures

Predictions of Cybersecurity Experts on Future Cyber-Attacks and Related Cybersecurity Measures

Cloud Digital Forensics: Beyond Tools, Techniques, and Challenges

The Theory and Practice of Magic Hash Based Attacks on Lightweight Cryptographic Hash Functions in Complex IoT Environments

Contact Info

Product

Resources

About