No Arabic abstract
We describe a password generation scheme based on Markov models built from English text (specifically, Charles Dickens *A Tale Of Two Cities*). We show a (linear-running-time) bijection between random bitstrings of any desired length and generated text, ensuring that all passwords are generated with equal probability. We observe that the generated passwords appear to strike a reasonable balance between memorability and security. Using the system, we get 56-bit passwords like The cusay is wither? t, rather than passwords like tQ$%Xc4Ef.
Recent advances in generative machine learning models rekindled research interest in the area of password guessing. Data-driven password guessing approaches based on GANs, language models and deep latent variable models show impressive generalization performance and offer compelling properties for the task of password guessing. In this paper, we propose a flow-based generative model approach to password guessing. Flow-based models allow for precise log-likelihood computation and optimization, which enables exact latent variable inference. Additionally, flow-based models provide meaningful latent space representation, which enables operations such as exploration of specific subspaces of the latent space and interpolation. We demonstrate the applicability of generative flows to the context of password guessing, departing from previous applications of flow networks which are mainly limited to the continuous space of image generation. We show that the above-mentioned properties allow flow-based models to outperform deep latent variable model approaches and remain competitive with state-of-the-art GANs in the password guessing task, while using a training set that is orders of magnitudes smaller than that of previous art. Furthermore, a qualitative analysis of the generated samples shows that flow-based networks are able to accurately model the original passwords distribution, with even non-matched samples closely resembling human-like passwords.
With the growing amount of cyber threats, the need for development of high-assurance cyber systems is becoming increasingly important. The objective of this paper is to address the challenges of modeling and detecting sophisticated network attacks, such as multiple interleaved attacks. We present the interleaving concept and investigate how interleaving multiple attacks can deceive intrusion detection systems. Using one of the important statistical machine learning (ML) techniques, Hidden Markov Models (HMM), we develop two architectures that take into account the stealth nature of the interleaving attacks, and that can detect and track the progress of these attacks. These architectures deploy a database of HMM templates of known attacks and exhibit varying performance and complexity. For performance evaluation, in the presence of multiple multi-stage attack scenarios, various metrics are proposed which include (1) attack risk probability, (2) detection error rate, and (3) the number of correctly detected stages. Extensive simulation experiments are used to demonstrate the efficacy of the proposed architectures.
This paper gives the definition and property of a bit-pair shadow, and devises the three algorithms of a public key cryptoscheme called JUOAN that is based on a multivariate permutation problem and an anomalous subset product problem to which no subexponential time solutions are found so far, and regards a bit-pair as a manipulation unit. The authors demonstrate that the decryption algorithm is correct, deduce the probability that a plaintext solution is nonunique is nearly zero, analyze the security of the new cryptoscheme against extracting a private key from a public key and recovering a plaintext from a ciphertext on the assumption that an integer factorization problem, a discrete logarithm problem, and a low-density subset sum problem can be solved efficiently, and prove that the new cryptoscheme using random padding and random permutation is semantically secure. The analysis shows that the bit-pair method increases the density D of a related knapsack to a number more than 1, and decreases the modulus length lgM of the new cryptoscheme to 464, 544, or 640.
Intrusion detection is only a starting step in securing IT infrastructure. Prediction of intrusions is the next step to provide an active defense against incoming attacks. Current intrusion prediction methods focus mainly on prediction of either intrusion type or intrusion category and do not use or provide contextual information such as source and target IP address. In addition most of them are dependant on domain knowledge and specific scenario knowledge. The proposed algorithm employs a bag-of-words model together with a hidden Markov model which not depend on specific domain knowledge. Since this algorithm depends on a training process it is adaptable to different conditions. A key advantage of the proposed algorithm is the inclusion of contextual data such as source IP address, destination IP range, alert type and alert category in its prediction, which is crucial for an eventual response. Experiments conducted using a public data set generated over 2500 alert predictions and achieved accuracy of 81% and 77% for single step and five step predictions respectively for prediction of the next alert cluster. It also achieved an accuracy of prediction of 95% and 92% for single step and five step predictions respectively for prediction of the next alert category. The proposed methods achieved a prediction accuracy improvement of 5% for alert category over existing variable length Markov chain intrusion prediction methods, while providing more information for a possible defense.
In string bit models, the superstring emerges as a very long chain of bits, in which s fermionic degrees of freedom contribute positively to the ground state energy in a way to exactly cancel the destabilizing negative contributions of d=s bosonic degrees of freedom. We propose that the physics of string formation be studied nonperturbatively in the class of string bit models in which s>d, so that a long chain is stable, in contrast to the marginally stable (s=d=8) superstring chain. We focus on the simplest of these models with s=1 and d=0, in which the string bits live in zero space dimensions. The string bit creation operators are N X N matrices. We choose a Hamiltonian such that the large N limit produces string moving in one space dimension, with excitations corresponding to one Grassmann lightcone worldsheet field (s=1) and no bosonic worldsheet field (d=0). We study this model at finite N to assess the role of the large N limit in the emergence of the spatial dimension. Our results suggest that string-like states with large bit number M may not exist for N<(M-1)/2. If this is correct, one can have finite chains of string bits, but not continuous string, at finite N. Only for extremely large N can such chains behave approximately like continuous string, in which case there will also be the (approximate) emergence of a new spatial dimension. In string bit models designed to produce critical superstring at N=infinity, we can then expect only approximate Lorentz invariance at finite N, with violations of order 1/N^2.