George is a freelance CTO, IT Consultant, Freelance Senior Software Engineer and Managing Director at Page on Stage from Graz, Austria.
Tailored, Machine Learning-driven Password Guessing Attacks and Mitigation
“When passwords are attacked by password cracking software like John the Ripper or hashcat, the efficiency of this process is significantly affected by the quality of the password lists that are used. Traditionally, tools like these use rule sets or masks along with dictionaries that include leaked passwords gained by previous successful attacks. However, these pre-identified password creation schemes are chosen and converted to attack patterns either by humans or by static automation algorithms which might miss actual human password patterns. Additionally, these tools have limited capabilities in generating password lists of individuals.
This talk is based on the presenter’s recent master’s thesis and hence will deal with the application of machine learning to password list generation to create human-like password dictionaries using character-based Recurrent Neural Networks. Furthermore, it will show that an attacker can facilitate machine learning to generate tailored password lists for specific victims by training a model on password creation schemes of other people in combination with user data of the victim. Additionally, a machine learning classification method will be presented to identify human-generated passwords.
Are you the next cyber security superstar?
Ready for this year's presentations?
By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.
Sponsors & Partners
They help us make this conference possible.
Orange „brings you closer to what matters to you”.
This is our brand promise: to bring our clients closer to what’s essential to them and to keep them always connected and in touch with the latest technologies, by offering them the best and safest communication experience.