A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf
.
Filters
Zipf's Law in Passwords
2017
IEEE Transactions on Information Forensics and Security
By conducting linear regressions on a corpus of 97.2 million passwords (a mass of chaotic data), we for the first time show that Zipf's law perfectly exists in user-generated passwords, figure out the ...
As one specific application of this law of nature, we propose the number of unique passwords used in regression and the absolute value of slope of the regression line together as a metric for assessing ...
Fig. 1 .Fig. 2 . 12 Zipf Zipf's law in Dodonew (R 2 = 0.996)
R 2 Fig. 3 . 23 ) R 2 =0.974; N =242, s=0.486348 =0.985; N =57715, s=0.894307 Zipf's law in real-life passwords plotted on a log-log scale ...
doi:10.1109/tifs.2017.2721359
fatcat:enjpsga34rd7hpvzel6uozysym
On the Implications of Zipf's Law in Passwords
[chapter]
2016
Lecture Notes in Computer Science
Fortunately, researchers recently reveal that user-chosen passwords generally follow the Zipf's law, a distribution which is vastly different from the uniform one. ...
Despite the fact that humanbeings generally select passwords in a highly skewed way, it has long been assumed in the password research literature that users choose passwords randomly and uniformly. ...
Zipf's law in PWs of English and Russian. (b) Zipf's law in PWs of Chinese and German. ...
doi:10.1007/978-3-319-45744-4_6
fatcat:yoyegbjcpvcyjnwbclv6grk6r4
On the Economics of Offline Password Cracking
[article]
2020
arXiv
pre-print
In particular, we present strong evidence that most user passwords follow a Zipf's law distribution, and characterize the behavior of a rational attacker when user passwords are selected from a Zipf's ...
from the Zipf's law distribution (i.e., most user passwords). ...
Passwords follow Zipf's Law Zipf's law states that the frequency of an element in a distribution is related to its rank in the distribution. ...
arXiv:2006.05023v1
fatcat:3ofyms2rw5bpnnm7zpnnlxp7ra
On the Economics of Offline Password Cracking
2018
2018 IEEE Symposium on Security and Privacy (SP)
from the Zipf's law distribution (i.e., most user passwords). ...
In particular, we present strong evidence that most user passwords follow a Zipf's law distribution, and characterize the behavior of a rational attacker when user passwords are selected from a Zipf's ...
The opinions expressed in this paper are those of the authors and do not necessarily reflect those of the National Science Foundation or Intel. ...
doi:10.1109/sp.2018.00009
dblp:conf/sp/BlockiHZ18
fatcat:6jsv32mzdvdsfc4mmqpnnzmqoq
Investigating the distribution of password choices
2012
Proceedings of the 21st international conference on World Wide Web - WWW '12
In this paper we will look at the distribution with which passwords are chosen. Zipf's Law is commonly observed in lists of chosen words. ...
Using password lists from four different on-line sources, we will investigate if Zipf's law is a good candidate for describing the frequency with which passwords are chosen. ...
Results in paper for % passwords. Dell'Amico'10 review smart generators. This looks ×10! If users select passwords 'randomly', can we make them a better generator? ...
doi:10.1145/2187836.2187878
dblp:conf/www/MaloneM12
fatcat:jxayqr2eejfqxnnzjaszis6s2m
Do Cells use Passwords in Cell-State Transitions? Is Cell Signaling sometimes Encrypted?
[article]
2018
bioRxiv
pre-print
First, I consider whether cells use passwords, i.e., initiation sequences that are required for subsequent signals to have effects, by analyzing the concept of pioneer transcription factors in chromatin ...
By using numerous molecules cells may gain a security advantage in particular against viruses, whose genome sizes are typically under selection pressure. ...
Frequency ∝ 1 Rank
(2) A large number of explanations has been proposed for why Zipf's law exists, which are reviewed by Piantadosi 58 . Purely random texts do not follow Zipf's law 59
. ...
doi:10.1101/432120
fatcat:6jni75jx6nes3kh62q3nyfk5om
Passlab: A Password Security Tool for the Blue Team
[article]
2020
arXiv
pre-print
In this research abstract, we present our work to date on Passlab, a password security tool designed to help system administrators take advantage of formal methods in order to make sensible and evidence-based ...
If we wish to compromise some password-protected system as an attacker (i.e. a member of the red team), we have a large number of popular and actively-maintained tools to choose from in helping us to realise ...
This draws on previous research, which finds that userchosen passwords tend to follow Zipf's law in the general case [11, 12] . ...
arXiv:2003.07208v1
fatcat:6do75emymfajnhjfjbg6l5tr6e
Understanding Human-Chosen PINs
2017
Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17
We, for the first time, reveal that Zipf's law is likely to exist in PINs. ...
Our results show that there are great differences in PIN choices between these two groups of users, a small number of popular patterns prevail in both groups, and surprisingly, over 50% of every PIN datasets ...
This idea has inspired our finding of Zipf's law in PINs. ...
doi:10.1145/3052973.3053031
dblp:conf/ccs/WangGHW17
fatcat:fb5goexcvjdjrh2lslbqtzndrm
Mitigating the Security Intention-Behavior Gap: The Moderating Role of Required Effort on the Intention-Behavior Relationship
2021
Journal of the AIS
Controlling for this moderating effect substantially increased the explained variance in security policy compliance. ...
In three experiments, we found that high levels of required effort negatively moderated users' intentions to follow security policies. ...
We leverage Zipf's law (Zipf, 1949) to explain how the desire to reduce required effort moderates the intention-behavior relationship in a security setting. ...
doi:10.17705/1jais.00660
fatcat:s4pb7sl6mnas7gkg4vy3wn6vvq
On the Design of Secure and Efficient Three-factor Authentication Protocol Using Honey List for Wireless Sensor Networks
2020
IEEE Access
However, many researchers have pointed out that preventing smartcard stolen and off-line guessing attacks is an important security issue, and guessing identity and password at the same time is still possible ...
They demonstrated that an attacker can conduct attack of simultaneous guessing identity and password through the Zipf's law [25] . Roy et al. ...
[25] demonstrated that the chosen passwords by users conform with the Zipf's law, which differs significantly from uniform distribution. ...
doi:10.1109/access.2020.3000790
fatcat:yvjybzetkrf7jmbmpjlziuakii
Towards a Rigorous Statistical Analysis of Empirical Password Datasets
[article]
2022
arXiv
pre-print
Zipf's Law) overestimates the attacker's success rate. ...
We also apply our techniques to re-examine the empirical password distribution and Zipf's Law. ...
ACKNOWLEDGMENTS This research was supported in part by the National Science Foundation under awards CNS #1755708 and CNS #2047272, a gift from Protocol Labs, and by a Purdue Big Ideas award. ...
arXiv:2105.14170v2
fatcat:b524267ufvemra6xtgjlav2eie
A Dynamic Privacy-Preserving Key Management Protocol for V2G in Social Internet of Things
2019
IEEE Access
The proposed protocol resists several attacks including impersonation, offline password guessing, man-in-the-middle, replay, and trace attacks, ensures anonymity, perfect forward secrecy, session key security ...
In 2018, Shen et al. proposed a privacy-preserving and lightweight key agreement protocol for V2G in SIoT to ensure security. ...
[47] discovered that ''the user-chosen passwords follow the Zipf's law that is a vastly different distribution from the uniform distribution''. ...
doi:10.1109/access.2019.2921399
fatcat:72kiq344b5gxnbd3q5xyesxnfm
An Efficient, Anonymous and Robust Authentication Scheme for Smart Home Environments
2020
Sensors
In recent years, the Internet of Things (IoT) has exploded in popularity. The smart home, as an important facet of IoT, has gained its focus for smart intelligent systems. ...
In this paper, we analyze the recent scheme to highlight its several vulnerabilities. ...
s important findings [30] regarding the Zipf's law on passwords, Theorem 1 defines the "semantic security of the proposed scheme". Theorem 1. ...
doi:10.3390/s20041215
pmid:32098448
pmcid:PMC7070978
fatcat:aui7acrgpzaydpbe6po525w73y
Secure Key Agreement and Authentication Protocol for Message Confirmation in Vehicular Cloud Computing
2020
Applied Sciences
Limbasiya et al. presented a message confirmation scheme for vehicular cloud computing using a realistic TPD in order to prevent these problems. ...
However, VANETs remain vulnerable to attacks such as tracking, masquerade and man-in-the-middle attacks because VANETs communicate via open networks. ...
[28] showed that the password chosen by the user follows the Zipf's law, which is quite different from the uniform distribution. ...
doi:10.3390/app10186268
fatcat:36pwgtwayvevpcmv4iiftijhxq
DALock: Distribution Aware Password Throttling
[article]
2020
arXiv
pre-print
In particular, DALock maintains an extra "hit count" in addition to "strike count" for each user which is based on (estimates of) the cumulative probability of all login attempts for that particular account ...
In comparison with the traditional K-strikes mechanism we find that DALock offers a superior security/usability trade-off. ...
In recent works of Wang et al. [50] [51] [52] argue that password distributions follows Zipf's law i.e., leaked password corpora nicely fit Zipf's law distributions. Blocki et al. ...
arXiv:2005.09039v1
fatcat:ir64x5aw7fhn5i56m5mcuksteu
« Previous
Showing results 1 — 15 out of 180 results