Sudhir Aggarwal

Testing metrics for password creation policies by attacking large sets of revealed passwords

In this paper we attempt to determine the effectiveness of using entropy, as defined in NIST SP800-63, as a measurement of the security provided by various password creation policies. This is accomplished by modeling the success rate of current password cracking techniques against real user passwords. These data sets were collected from several different websites, the largest one containing over 32 million passwords. This focus on actual attack methodologies and real user passwords quite possibly makes this one of the largest studies on password security to date. In addition we examine what these results mean for standard password creation policies, such as minimum password length, and character set requirements.

Password Cracking Using Probabilistic Context-Free Grammars

Choosing the most effective word-mangling rules to use when performing a dictionary-based password cracking attack can be a difficult task. In this paper we discuss a new method that generates password structures in highest probability order. We first automatically create a probabilistic context-free grammar based upon a training set of previously disclosed passwords. This grammar then allows us to generate word-mangling rules, and from them, password guesses to be used in password cracking. We will also show that this approach seems to provide a more effective way to crack passwords as compared to traditional methods by testing our tools and techniques on real password sets. In one series of experiments, training on a set of disclosed passwords, our approach was able to crack 28% to 129% more passwords than John the Ripper, a publicly available standard password cracking program.

Adding liveness properties to coupled finite-state machines

Informal specifications of protocols are often imprecise and incomplete and are usually not sufficient to ensure the correctness of even very simple protocols. Consequently, formal specification methods, such as finite-state models, are increasingly being used. The selection/resolution (S/R) model is a finite-state model with a powerful communication mechanism that makes it easy to describe complex protocols as a collection of simple finite-state machines. A software environment, called SPANNER, has been developed to specify and analyze protocols specified with the S/R model. SPANNER provides the facility to compute the joint behavior of a number of finite-state machines and to check if the “product” machine has inaccessible states, states corresponding to deadlocks, and loops corresponding to livelocks. So far, however, SPANNER has had no facility to systematically deal with liveness conditions. For example, one might wish to specify that, although a communication channel is unreliable, a message will get through if it is sent infinitely often, and to check that the infinite behavior of the protocol viewed as an infinite sequence will always be in some ω-regular set (possibly specified in terms of a formula in temporal logic or as an ω-automata). In this paper we show that with very minor modifications to the implemented system it is possible to substantially extend the type of properties that can be specified and checked by SPANNER. This is done by extending the S/R model to include acceptance conditions found in automatons on infinite words, which permits the incorporation of arbitrary liveness conditions into the model. We show how these extensions can be easily incorporated into SPANNER (and into essentially any finite-state verification system) and how the resulting system is used to automatically verify the correctness of protocols.

Spanner: A Tool for the Specification, Analysis, and Evaluation of Protocols

SPANNER is a software package for the specification, analysis, and evaluation of protocols. It is based on a mathematical model of coordinating processes called the selection/resolution model.

Building better passwords using probabilistic techniques

Password creation policies attempt to help users generate strong passwords but are generally not very effective and tend to frustrate users. The most popular policies are rule based which have been shown to have clear limitations. In this paper we consider a new approach that we term analyze-modify that ensures strong user passwords while maintaining usability. In our approach we develop a software system called AMP that first analyzes whether a user proposed password is weak or strong by estimating the probability of the password being cracked. AMP then modifies the password slightly (to maintain usability) if it is weak to create a strengthened password. We are able to estimate the strength of the password appropriately since we use a probabilistic password cracking system and associated probabilistic context-free grammar to model a realistic distribution of user passwords. In our experiments we were able to distinguish strong passwords from weak ones with an error rate of 1.43%. In one of a series of experiments, our analyze-modify system was able to strengthen a set of weak passwords, of which 53% could be easily cracked to a set of strong passwords of which only 0.27% could be cracked with only a slight modification to the passwords. In our work, we also show how to compute and use various entropy measures from the grammar and show that our system remains effective with continued use through a dynamic updating capability.

A software environment for the specification and analysis of problems of coordination and concurrency

The SPANNER software environment for the specification and analysis of concurrent process coordination and resource sharing coordination is described. In the SPANNER environment, one can formally produce a specification of a distributed computing problem, and then verify its validity through reachability analysis and simulation. SPANNER is based on a finite-state machine model called the selection/resolution model. The capabilities of SPANNER are illustrated by the analysis of two classical coordination problems: (1) the dining philosophers; and (2) Dijkstras concurrent programming problem. In addition, some of the more recently implemented capabilities of the SPANNER system are discussed, such as process types and cluster variables. >

DUALCAST: a scheme for reliable multicasting

With the rapid deployment of high speed networks and the increased use of applications that blend voice, data, and video traffic, protocols have to be looked at anew. The problem of trying to conserve bandwidth is being replaced by the problems of overcoming latency and processing bottlenecks. In this paper, we introduce the conflicting demands in implementing reliable multicast and then present a new heuristic that balances the tradeoffs by using redundancy while not loading the network excessively.<<ETX>>

WIRE-a WWW-based information retrieval and extraction system

Locating and retrieving specific data from the World Wide Web (WWW) is an important problem. Existing search engines often return too much useless data and are generally incapable of automatically extracting specific information such as names and email addresses. We describe WIRE, a WWW-based information retrieval and extraction system whose goal is to accurately retrieve and organize specific information from the World Wide Web. WIRE employs several innovative techniques. First, queries of WIRE are tree structured. This not only provides an order in which Web pages are to be searched/retrieved but also provides a context for more accurate retrieval. Second, WIRE employs a library of search templates based on the structure of HTML files to extract specific information. These templates can be complemented by user-provided search examples and patterns for better results. Third, WIRE has a filter mechanism to filter our undesired information to further improve retrieval accuracy.

Software approach to hazard detection using on-line analysis of safety constraints

Hazard situations in safety-critical systems are typically complex, so there is a need for means to detect complex hazards and react in a timely and meaningful way. This paper addresses the problem of hazard detection through the development of an online analysis tool. The approach allows the user to specify complex multi-source hazards using a query-like language, uses both synchronous and asynchronous online checking approaches to balance efficiency and expressiveness, accommodates dynamic applications through dynamic constraint addition, and supports distributed and parallel applications running in heterogeneous environments.

Anti-cyberstalking: the Predator and Prey Alert (PAPA) system

Stalking is a crime typified by repeated harassment of another person and intrusion upon his or her privacy. Cyberstalking extends stalking into the realm of cyberspace wherein a predator stalks a victim or prey through Internet technologies such as emails, chat rooms, and instant messaging. This paper describes the Predator and Prey Alert (PAPA) system. PAPA consists of a set of integrated software and hardware modules and tools designed to support law enforcement in helping victims of cyberstalking, facilitate the investigation of such crimes, and maintain evidence for the potential prosecution of the cyberstalker.