Show simple item record

dc.contributor.authorTatlı, Emin İslam
dc.date.accessioned10.07.201910:49:13
dc.date.accessioned2019-07-10T19:56:20Z
dc.date.available10.07.201910:49:13
dc.date.available2019-07-10T19:56:20Z
dc.date.issued2015en_US
dc.identifier.citationTatlı, E. İ. (2015). Cracking more password hashes with patterns. IEEE Transactions on Information Forensics and Security, 10(8), 1656-1665. https://dx.doi.org/10.1109/TIFS.2015.2422259en_US
dc.identifier.issn1556-6013
dc.identifier.issn1556-6021
dc.identifier.urihttps://dx.doi.org/10.1109/TIFS.2015.2422259
dc.identifier.urihttps://hdl.handle.net/20.500.12511/2667
dc.descriptionWOS: 000359984600009en_US
dc.description.abstractIt is a common mistake of application developers to store user passwords within databases as plaintext or only as their unsalted hash values. Many real-life successful hacking attempts that enabled attackers to get unauthorized access to sensitive database entries including user passwords have been experienced in the past. Seizing password hashes, attackers perform brute-force, dictionary, or rainbow-table attacks to reveal plaintext passwords from their hashes. Dictionary attacks are very fast for cracking hashes but their success rate is not sufficient. In this paper, we propose a novel method for improving dictionary attacks. Our method exploits several password patterns that are commonly preferred by users when trying to choose a complex and strong password. In order to analyze and show success rates of our developed method, we performed cracking tests on real-life leaked password hashes using both a traditional dictionary and our pattern-based dictionary. We observed that our pattern-based method is superior for cracking password hashes.en_US
dc.language.isoengen_US
dc.publisherInstitute of Electrical and Electronics Engineersen_US
dc.rightsinfo:eu-repo/semantics/embargoedAccessen_US
dc.subjectPassword Securityen_US
dc.subjectAuthenticationen_US
dc.subjectData Securityen_US
dc.subjectDictionary Attacksen_US
dc.subjectHash Crackingen_US
dc.titleCracking more password hashes with patternsen_US
dc.typearticleen_US
dc.relation.ispartofTransactions on Information Forensics and Securityen_US
dc.departmentİstanbul Medipol Üniversitesi, Mühendislik ve Doğa Bilimleri Fakültesi, Elektrik ve Elektronik Mühendisliği Bölümüen_US
dc.authorid0000-0003-4562-8486en_US
dc.identifier.volume10en_US
dc.identifier.issue8en_US
dc.identifier.startpage1656en_US
dc.identifier.endpage1665en_US
dc.relation.publicationcategoryMakale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanıen_US
dc.identifier.doi10.1109/TIFS.2015.2422259en_US
dc.identifier.wosqualityQ1en_US
dc.identifier.scopusqualityQ1en_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record