1 option
2023 IEEE Symposium on Visualization for Cyber Security (VizSec) / Institute of Electrical and Electronics Engineers.
- Format:
- Book
- Author/Creator:
- Institute of Electrical and Electronics Engineers, issuing body, author.
- Language:
- English
- Subjects (All):
- Computer security--Congresses.
- Computer security.
- Cyberspace--Security measures--Congresses.
- Cyberspace.
- Physical Description:
- 1 online resource
- Place of Publication:
- Piscataway, New Jersey : IEEE, 2023.
- Summary:
- Passwords remain the most widely used form of user authentication, despite advancements in other methods. However, their limitations, such as susceptibility to attacks, especially weak passwords defined by human users, are well-documented. The existence of weak human-defined passwords has led to repeated password leaks from websites, many of which are of large scale. While such password leaks are unfortunate security incidents, they provide security researchers and practitioners with good opportunities to learn valuable insights from such leaked passwords, in order to identify ways to improve password policies and other security controls on passwords. Researchers have proposed different data visualisation techniques to help analyse leaked passwords. However, many approaches rely solely on frequency analysis, with limited exploration of distance-based graphs. This paper reports PassViz, a novel method that combines the edit distance with the t-SNE (t-distributed stochastic neighbour embedding) dimensionality reduction algorithm for visualising and analysing leaked passwords in a 2-D space. We implemented PassViz as an easy-to-use command-line tool for visualising large-scale password databases, and also as a graphical user interface (GUI) to support interactive visual analytics of small password databases. Using the "000webhost" leaked database as an example, we show how PassViz can be used to visually analyse different aspects of leaked passwords and to facilitate the discovery of previously unknown password patterns. Overall, our approach empowers researchers and practitioners to gain valuable insights and improve password security through effective data visualisation and analysis.
- Notes:
- Description based on publisher supplied metadata and other sources.
- ISBN:
- 979-83-503-1793-0
The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.