Identification of Exploited Unreliable Account Passwords in the Information Infrastructure Using Machine Learning Methods
Accounts are an integral part of most modern information systems and provide their owners with the ability to authenticate within the system. This paper presents an analysis of existing methods for detecting simple account passwords in automated systems. Their advantages and disadvantages are listed...
Сохранить в:
| Главные авторы: | , , , |
|---|---|
| Формат: | Статья |
| Язык: | English |
| Опубликовано: |
Multidisciplinary Digital Publishing Institute (MDPI)
2024
|
| Темы: | |
| Online-ссылка: | https://dspace.ncfu.ru/handle/123456789/29405 |
| Метки: |
Добавить метку
Нет меток, Требуется 1-ая метка записи!
|
| id |
ir-123456789-29405 |
|---|---|
| record_format |
dspace |
| spelling |
ir-123456789-294052024-12-13T12:08:10Z Identification of Exploited Unreliable Account Passwords in the Information Infrastructure Using Machine Learning Methods Babenko, M. G. Бабенко, М. Г. Lapina, M. A. Лапина, М. А. Information security Machine Learning Password Password policy Accounts are an integral part of most modern information systems and provide their owners with the ability to authenticate within the system. This paper presents an analysis of existing methods for detecting simple account passwords in automated systems. Their advantages and disadvantages are listed. A method was developed to detect simple exploitable passwords that administrators can use to supplement other existing methods to increase the overall security of automated systems against threats from accounts potentially compromised by attackers. The method was based on the analysis of commands executed in automated or manual modes with the indication of credentials in plain text. Minimum password strength requirements are provided based on the security level. A special case was considered in which all passwords analyzed in this way were found explicitly in the system logs. We developed a unified definition of the classification of passwords into simple and strong, and also developed machine learning technology for their classification. The method offers a flexible adaptation to a specific system, taking into account the level of significance of the information being processed and the password policy adopted, expressed in the possibility of retraining the machine learning model. The experimental method using machine learning algorithms, namely the ensemble of decision trees, for classifying passwords into strong and potentially compromised by attackers based on flexible password strength criteria, showed high results. The performance of the method is also compared against other machine learning algorithms, specifically XGBoost, Random Forest, and Naive Bayes. The presented approach also solves the problem of detecting events related to the use and storage of credentials in plain text. We used the dataset of approximately 770,000 passwords, allowing the machine learning model to accurately classify 98% of the passwords by their significance levels. 2024-12-13T12:05:51Z 2024-12-13T12:05:51Z 2024 Статья Rusanov M., Babenko M., Lapina M., Sajid M. Identification of Exploited Unreliable Account Passwords in the Information Infrastructure Using Machine Learning Methods // Big Data and Cognitive Computing. - 2024. - 8 (11). - art. no. 159. - DOI: 10.3390/bdcc8110159 https://dspace.ncfu.ru/handle/123456789/29405 en Big Data and Cognitive Computing application/pdf application/pdf Multidisciplinary Digital Publishing Institute (MDPI) |
| institution |
СКФУ |
| collection |
Репозиторий |
| language |
English |
| topic |
Information security Machine Learning Password Password policy |
| spellingShingle |
Information security Machine Learning Password Password policy Babenko, M. G. Бабенко, М. Г. Lapina, M. A. Лапина, М. А. Identification of Exploited Unreliable Account Passwords in the Information Infrastructure Using Machine Learning Methods |
| description |
Accounts are an integral part of most modern information systems and provide their owners with the ability to authenticate within the system. This paper presents an analysis of existing methods for detecting simple account passwords in automated systems. Their advantages and disadvantages are listed. A method was developed to detect simple exploitable passwords that administrators can use to supplement other existing methods to increase the overall security of automated systems against threats from accounts potentially compromised by attackers. The method was based on the analysis of commands executed in automated or manual modes with the indication of credentials in plain text. Minimum password strength requirements are provided based on the security level. A special case was considered in which all passwords analyzed in this way were found explicitly in the system logs. We developed a unified definition of the classification of passwords into simple and strong, and also developed machine learning technology for their classification. The method offers a flexible adaptation to a specific system, taking into account the level of significance of the information being processed and the password policy adopted, expressed in the possibility of retraining the machine learning model. The experimental method using machine learning algorithms, namely the ensemble of decision trees, for classifying passwords into strong and potentially compromised by attackers based on flexible password strength criteria, showed high results. The performance of the method is also compared against other machine learning algorithms, specifically XGBoost, Random Forest, and Naive Bayes. The presented approach also solves the problem of detecting events related to the use and storage of credentials in plain text. We used the dataset of approximately 770,000 passwords, allowing the machine learning model to accurately classify 98% of the passwords by their significance levels. |
| format |
Статья |
| author |
Babenko, M. G. Бабенко, М. Г. Lapina, M. A. Лапина, М. А. |
| author_facet |
Babenko, M. G. Бабенко, М. Г. Lapina, M. A. Лапина, М. А. |
| author_sort |
Babenko, M. G. |
| title |
Identification of Exploited Unreliable Account Passwords in the Information Infrastructure Using Machine Learning Methods |
| title_short |
Identification of Exploited Unreliable Account Passwords in the Information Infrastructure Using Machine Learning Methods |
| title_full |
Identification of Exploited Unreliable Account Passwords in the Information Infrastructure Using Machine Learning Methods |
| title_fullStr |
Identification of Exploited Unreliable Account Passwords in the Information Infrastructure Using Machine Learning Methods |
| title_full_unstemmed |
Identification of Exploited Unreliable Account Passwords in the Information Infrastructure Using Machine Learning Methods |
| title_sort |
identification of exploited unreliable account passwords in the information infrastructure using machine learning methods |
| publisher |
Multidisciplinary Digital Publishing Institute (MDPI) |
| publishDate |
2024 |
| url |
https://dspace.ncfu.ru/handle/123456789/29405 |
| work_keys_str_mv |
AT babenkomg identificationofexploitedunreliableaccountpasswordsintheinformationinfrastructureusingmachinelearningmethods AT babenkomg identificationofexploitedunreliableaccountpasswordsintheinformationinfrastructureusingmachinelearningmethods AT lapinama identificationofexploitedunreliableaccountpasswordsintheinformationinfrastructureusingmachinelearningmethods AT lapinama identificationofexploitedunreliableaccountpasswordsintheinformationinfrastructureusingmachinelearningmethods |
| _version_ |
1842245401601638400 |