Password strength verification based on machine learning algorithms and LSTM recurrent neural networks

Objectives. One of the most commonly used authentication methods in computer systems, password authentication is susceptible to various attacks including brute-force and dictionary attacks. This susceptibility requires not only the strict protection of user credentials, but also the definition of cr...

Full description

Saved in:
Bibliographic Details
Main Authors: V. V. Belikov, I. A. Prokuronov
Format: Article
Language:Russian
Published: MIREA - Russian Technological University 2023-08-01
Series:Российский технологический журнал
Subjects:
Online Access:https://www.rtj-mirea.ru/jour/article/view/730
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1832543346638192640
author V. V. Belikov
I. A. Prokuronov
author_facet V. V. Belikov
I. A. Prokuronov
author_sort V. V. Belikov
collection DOAJ
description Objectives. One of the most commonly used authentication methods in computer systems, password authentication is susceptible to various attacks including brute-force and dictionary attacks. This susceptibility requires not only the strict protection of user credentials, but also the definition of criteria for increasing a password’s strength to minimize the possibility of its exploitation by an attacker. Thus, an important task is the development of a verifier for checking passwords for strength and prohibiting the user from setting passwords that are susceptible to cracking. The use of machine learning methods to construct a verifier involves algorithms for formulating requirements for password complexity based on lists of known passwords available for each strength category.Methods. The proposed supervised machine learning algorithms comprise support vector machines, random forest, boosting, and long short-term memory (LSTM) recurrent neural network types. Embedding and term frequency–inverse document frequency (TF-IDF) methods are used for data preprocessing, while cross-validation is used for selecting hyperparameters.Results. Password strength recommendations and requirements from international and Russian standards are described. The existing methods of password strength verification in various operating systems are analyzed. The experimental results based on existing datasets comprising passwords having an associated level of strength are presented.Conclusions. A LSTM recurrent neural network is highlighted as one of the most promising areas for building a password strength verifier.
format Article
id doaj-art-1ab56e012aba4a7b860ea7f1b9b6f7bd
institution Kabale University
issn 2500-316X
language Russian
publishDate 2023-08-01
publisher MIREA - Russian Technological University
record_format Article
series Российский технологический журнал
spelling doaj-art-1ab56e012aba4a7b860ea7f1b9b6f7bd2025-02-03T11:45:51ZrusMIREA - Russian Technological UniversityРоссийский технологический журнал2500-316X2023-08-0111471510.32362/2500-316X-2023-11-4-7-15378Password strength verification based on machine learning algorithms and LSTM recurrent neural networksV. V. Belikov0I. A. Prokuronov1MIREA – Russian Technological UniversitySFB LaboratoryObjectives. One of the most commonly used authentication methods in computer systems, password authentication is susceptible to various attacks including brute-force and dictionary attacks. This susceptibility requires not only the strict protection of user credentials, but also the definition of criteria for increasing a password’s strength to minimize the possibility of its exploitation by an attacker. Thus, an important task is the development of a verifier for checking passwords for strength and prohibiting the user from setting passwords that are susceptible to cracking. The use of machine learning methods to construct a verifier involves algorithms for formulating requirements for password complexity based on lists of known passwords available for each strength category.Methods. The proposed supervised machine learning algorithms comprise support vector machines, random forest, boosting, and long short-term memory (LSTM) recurrent neural network types. Embedding and term frequency–inverse document frequency (TF-IDF) methods are used for data preprocessing, while cross-validation is used for selecting hyperparameters.Results. Password strength recommendations and requirements from international and Russian standards are described. The existing methods of password strength verification in various operating systems are analyzed. The experimental results based on existing datasets comprising passwords having an associated level of strength are presented.Conclusions. A LSTM recurrent neural network is highlighted as one of the most promising areas for building a password strength verifier.https://www.rtj-mirea.ru/jour/article/view/730cybersecuritypassword strengthsupervised machine learningrecurrent neural networklstm
spellingShingle V. V. Belikov
I. A. Prokuronov
Password strength verification based on machine learning algorithms and LSTM recurrent neural networks
Российский технологический журнал
cybersecurity
password strength
supervised machine learning
recurrent neural network
lstm
title Password strength verification based on machine learning algorithms and LSTM recurrent neural networks
title_full Password strength verification based on machine learning algorithms and LSTM recurrent neural networks
title_fullStr Password strength verification based on machine learning algorithms and LSTM recurrent neural networks
title_full_unstemmed Password strength verification based on machine learning algorithms and LSTM recurrent neural networks
title_short Password strength verification based on machine learning algorithms and LSTM recurrent neural networks
title_sort password strength verification based on machine learning algorithms and lstm recurrent neural networks
topic cybersecurity
password strength
supervised machine learning
recurrent neural network
lstm
url https://www.rtj-mirea.ru/jour/article/view/730
work_keys_str_mv AT vvbelikov passwordstrengthverificationbasedonmachinelearningalgorithmsandlstmrecurrentneuralnetworks
AT iaprokuronov passwordstrengthverificationbasedonmachinelearningalgorithmsandlstmrecurrentneuralnetworks