TY - JOUR
T1 - Password Guessing Based on GAN with Gumbel-Softmax
AU - Zhou, Tao
AU - Wu, Hao Tian
AU - Lu, Hui
AU - Xu, Peiming
AU - Cheung, Yiu Ming
N1 - Funding information:
This work was supported in part by the Guangdong Province Key Area Research and Development Program of China (2019B010137004), the National Natural Science Foundation of China (61772208), and the Natural Science Foundation of Guangdong Province of China (2021A1515011798).
Publisher Copyright:
© 2022 Tao Zhou et al.
PY - 2022/4/27
Y1 - 2022/4/27
N2 - Password guessing is an important issue in user security and privacy protection. Using generative adversarial network (GAN) to guess passwords is a new strategy emerging in recent years, which exploits the discriminator's evaluation of passwords to guide the update of the generator so that password guessing sets can be produced. However, the sampling process of discrete data from a categorical distribution is not differentiable so that backpropagation does not work well. In this paper, we propose a novel password guessing model named G-Pass, which consists of two main components. The first is a new network structure, which modifies the generator from the convolutional neural network (CNN) to long short-term memory- (LSTM-) based network and employs multiple convolutional layers in the discriminator to provide more informative signals for generator updating. The second is Gumbel-Softmax with temperature control for training GAN on passwords. Experimental results show the proposed G-Pass outperforms PassGAN in password quality and cracking rate. Moreover, by dynamically adjusting one parameter during the training process, a trade-off between sample diversity and quality can be achieved with our proposed model.
AB - Password guessing is an important issue in user security and privacy protection. Using generative adversarial network (GAN) to guess passwords is a new strategy emerging in recent years, which exploits the discriminator's evaluation of passwords to guide the update of the generator so that password guessing sets can be produced. However, the sampling process of discrete data from a categorical distribution is not differentiable so that backpropagation does not work well. In this paper, we propose a novel password guessing model named G-Pass, which consists of two main components. The first is a new network structure, which modifies the generator from the convolutional neural network (CNN) to long short-term memory- (LSTM-) based network and employs multiple convolutional layers in the discriminator to provide more informative signals for generator updating. The second is Gumbel-Softmax with temperature control for training GAN on passwords. Experimental results show the proposed G-Pass outperforms PassGAN in password quality and cracking rate. Moreover, by dynamically adjusting one parameter during the training process, a trade-off between sample diversity and quality can be achieved with our proposed model.
UR - http://www.scopus.com/inward/record.url?scp=85129941904&partnerID=8YFLogxK
U2 - 10.1155/2022/5670629
DO - 10.1155/2022/5670629
M3 - Journal article
AN - SCOPUS:85129941904
SN - 1939-0114
VL - 2022
JO - Security and Communication Networks
JF - Security and Communication Networks
M1 - 5670629
ER -