PagPassGPT: Pattern Guided Password Guessing via Generative Pretrained Transformer

Xingyu Su; Xiaojie Zhu; Yang Li; Yong Li; Chi Chen; Paulo Esteves-Verissimo

doi:10.1109/DSN58291.2024.00049

PagPassGPT: Pattern Guided Password Guessing via Generative Pretrained Transformer

Xingyu Su, Xiaojie Zhu^*, Yang Li, Yong Li, Chi Chen, Paulo Esteves-Verissimo

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

2 Scopus citations

Abstract

Amidst the surge in deep learning-based password guessing models, challenges of generating high-quality passwords and reducing duplicate passwords persist. To address these challenges, we present PagPassGPT, a password guessing model constructed on a Generative Pretrained Transformer (GPT). It can perform pattern guided guessing by incorporating pattern structure information as background knowledge, resulting in a significant increase in the hit rate. Furthermore, we propose D&C-GEN to reduce the repeat rate of generated passwords, which adopts the concept of a divide-and-conquer approach. The primary task of guessing passwords is recursively divided into non-overlapping subtasks. Each subtask inherits the knowledge from the parent task and predicts succeeding tokens. In comparison to the state-of-the-art model, our proposed scheme exhibits the capability to correctly guess 12% more passwords while producing 25% fewer duplicates.

Original language	English (US)
Title of host publication	Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	429-442
Number of pages	14
ISBN (Electronic)	9798350341058
DOIs	https://doi.org/10.1109/DSN58291.2024.00049
State	Published - 2024
Event	54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024 - Brisbane, Australia Duration: Jun 24 2024 → Jun 27 2024

Publication series

Name	Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024

Conference

Conference	54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024
Country/Territory	Australia
City	Brisbane
Period	06/24/24 → 06/27/24

Bibliographical note

Publisher Copyright:
© 2024 IEEE.

Keywords

generative pretrained transformer
password guessing
trawling attack

ASJC Scopus subject areas

Computer Networks and Communications
Hardware and Architecture
Information Systems
Safety, Risk, Reliability and Quality

Access to Document

10.1109/DSN58291.2024.00049

Cite this

Su, X., Zhu, X., Li, Y., Li, Y., Chen, C., & Esteves-Verissimo, P. (2024). PagPassGPT: Pattern Guided Password Guessing via Generative Pretrained Transformer. In Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024 (pp. 429-442). (Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/DSN58291.2024.00049

Su, Xingyu ; Zhu, Xiaojie ; Li, Yang et al. / PagPassGPT : Pattern Guided Password Guessing via Generative Pretrained Transformer. Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024. Institute of Electrical and Electronics Engineers Inc., 2024. pp. 429-442 (Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024).

@inproceedings{81763a1614cf4e199707817d7671fc8b,

title = "PagPassGPT: Pattern Guided Password Guessing via Generative Pretrained Transformer",

abstract = "Amidst the surge in deep learning-based password guessing models, challenges of generating high-quality passwords and reducing duplicate passwords persist. To address these challenges, we present PagPassGPT, a password guessing model constructed on a Generative Pretrained Transformer (GPT). It can perform pattern guided guessing by incorporating pattern structure information as background knowledge, resulting in a significant increase in the hit rate. Furthermore, we propose D\&C-GEN to reduce the repeat rate of generated passwords, which adopts the concept of a divide-and-conquer approach. The primary task of guessing passwords is recursively divided into non-overlapping subtasks. Each subtask inherits the knowledge from the parent task and predicts succeeding tokens. In comparison to the state-of-the-art model, our proposed scheme exhibits the capability to correctly guess 12\% more passwords while producing 25\% fewer duplicates.",

keywords = "generative pretrained transformer, password guessing, trawling attack",

author = "Xingyu Su and Xiaojie Zhu and Yang Li and Yong Li and Chi Chen and Paulo Esteves-Verissimo",

note = "Publisher Copyright: {\textcopyright} 2024 IEEE.; 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024 ; Conference date: 24-06-2024 Through 27-06-2024",

year = "2024",

doi = "10.1109/DSN58291.2024.00049",

language = "English (US)",

series = "Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "429--442",

booktitle = "Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024",

address = "United States",

}

Su, X, Zhu, X , Li, Y, Li, Y, Chen, C & Esteves-Verissimo, P 2024, PagPassGPT: Pattern Guided Password Guessing via Generative Pretrained Transformer. in Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024. Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024, Institute of Electrical and Electronics Engineers Inc., pp. 429-442, 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024, Brisbane, Australia, 06/24/24. https://doi.org/10.1109/DSN58291.2024.00049

PagPassGPT: Pattern Guided Password Guessing via Generative Pretrained Transformer. / Su, Xingyu; Zhu, Xiaojie ; Li, Yang et al.
Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024. Institute of Electrical and Electronics Engineers Inc., 2024. p. 429-442 (Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - PagPassGPT

T2 - 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024

AU - Su, Xingyu

AU - Zhu, Xiaojie

AU - Li, Yang

AU - Li, Yong

AU - Chen, Chi

AU - Esteves-Verissimo, Paulo

PY - 2024

Y1 - 2024

N2 - Amidst the surge in deep learning-based password guessing models, challenges of generating high-quality passwords and reducing duplicate passwords persist. To address these challenges, we present PagPassGPT, a password guessing model constructed on a Generative Pretrained Transformer (GPT). It can perform pattern guided guessing by incorporating pattern structure information as background knowledge, resulting in a significant increase in the hit rate. Furthermore, we propose D&C-GEN to reduce the repeat rate of generated passwords, which adopts the concept of a divide-and-conquer approach. The primary task of guessing passwords is recursively divided into non-overlapping subtasks. Each subtask inherits the knowledge from the parent task and predicts succeeding tokens. In comparison to the state-of-the-art model, our proposed scheme exhibits the capability to correctly guess 12% more passwords while producing 25% fewer duplicates.

AB - Amidst the surge in deep learning-based password guessing models, challenges of generating high-quality passwords and reducing duplicate passwords persist. To address these challenges, we present PagPassGPT, a password guessing model constructed on a Generative Pretrained Transformer (GPT). It can perform pattern guided guessing by incorporating pattern structure information as background knowledge, resulting in a significant increase in the hit rate. Furthermore, we propose D&C-GEN to reduce the repeat rate of generated passwords, which adopts the concept of a divide-and-conquer approach. The primary task of guessing passwords is recursively divided into non-overlapping subtasks. Each subtask inherits the knowledge from the parent task and predicts succeeding tokens. In comparison to the state-of-the-art model, our proposed scheme exhibits the capability to correctly guess 12% more passwords while producing 25% fewer duplicates.

KW - generative pretrained transformer

KW - password guessing

KW - trawling attack

UR - http://www.scopus.com/inward/record.url?scp=85203804328&partnerID=8YFLogxK

U2 - 10.1109/DSN58291.2024.00049

DO - 10.1109/DSN58291.2024.00049

M3 - Conference contribution

AN - SCOPUS:85203804328

T3 - Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024

SP - 429

EP - 442

BT - Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 24 June 2024 through 27 June 2024

ER -

Su X, Zhu X , Li Y, Li Y, Chen C, Esteves-Verissimo P. PagPassGPT: Pattern Guided Password Guessing via Generative Pretrained Transformer. In Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024. Institute of Electrical and Electronics Engineers Inc. 2024. p. 429-442. (Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024). doi: 10.1109/DSN58291.2024.00049

PagPassGPT: Pattern Guided Password Guessing via Generative Pretrained Transformer

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this