HoneyGen: Generating Honeywords Using Representation Learning
- 1. University of Cyprus Nicosia, Cyprus adiony01@cs.ucy.ac.cy
- 2. CYENS Centre of Excellence Nicosia, Cyprus v.vassiliades@cyens.org.cy
- 3. University of Cyprus Nicosia, Cyprus eliasathan@cs.ucy.ac.cy
Description
Honeywords are false passwords injected in a database for detecting
password leakage. Generating honeywords is a challenging problem
due to the various assumptions about the adversary’s knowledge
as well as users’ password-selection behaviour. The success of a
Honeywords Generation Technique (HGT) lies on the resulting
honeywords; the method fails if an adversary can easily distinguish
the real password. In this paper, we propose HoneyGen, a practical
and highly robust HGT that produces realistic looking honeywords.
We do this by leveraging representation learning techniques to
learn useful and explanatory representations from a massive collection
of unstructured data, i.e., each operator’s password database.
We perform both a quantitative and qualitative evaluation of our
framework using the state-of-the-art metrics. Our results suggest
that HoneyGen generates high-quality honeywords that cause sophisticated
attackers to achieve low distinguishing success rates.
Notes
Files
Dionysiou_et_al_2021_HoneyGen.pdf
Files
(1.6 MB)
| Name | Size | Download all |
|---|---|---|
|
md5:2e84a350d40ef2cee654a2aa7edbf5ec
|
1.6 MB | Preview Download |
Additional details
Funding
- SERUMS – Securing Medical Data in Smart Patient-Centric Healthcare Systems 826278
- European Commission
- REACT – REactively Defending against Advanced Cybersecurity Threats 786669
- European Commission
- RISE – Research Center on Interactive Media, Smart System and Emerging Technologies 739578
- European Commission