Password cracking is the term commonly used to describe the illegal action of gaining access to clear text versions of user passwords. Hackers are notorious for stealing encrypted passwords and cracking them. The same action of password cracking can be used by system administrators to protect their systems from weak user passwords. By applying a password cracker to user passwords, weak or easy to crack passwords can be identified. Through the design of a password cracker system administrators can prevent weak passwords from being saved onto their systems. Users can also be made aware of the strength of the passwords they are currently employing. A manner in which password cracking can be made more effective is to produce a few guess words with a high probability of cracking a large number of passwords. Research has revealed the successful use of grammars to generate effective password guess words. In order to generate password grammars, genetic programming is applied to grammar induction for the purpose of inducing grammars that will be used as input to a password cracking tool. To achieve this goal the current paper looks at the performance of genetic programming in the induction of regular and context-free languages. The results of the experiments conducted are promising, with the genetic programming algorithm managing to induce twenty three of the twenty six context-free languages it was tested on. The value of this paper lies in the evaluation of the genetic programming technique for grammar induction. The output of the research will be used to build a genetic programming system which can evolve grammars to generate password guess words to crack user created passwords.
Reference:
Mashiane, T. and Pillay, N. 2014. Genetic programming for password cracking, phase one: Grammar induction. Pattern Recognition Association of South Africa 2014 Conference, University of Cape Town, Cape Town, 27-28 November 2014
Mashiane, T., & Pillay, N. (2014). Genetic programming for password cracking, phase one: Grammar induction. http://hdl.handle.net/10204/10865
Mashiane, T, and N Pillay. "Genetic programming for password cracking, phase one: Grammar induction." (2014): http://hdl.handle.net/10204/10865
Mashiane T, Pillay N, Genetic programming for password cracking, phase one: Grammar induction; 2014. http://hdl.handle.net/10204/10865 .