{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T08:02:24Z","timestamp":1767772944318,"version":"3.40.3"},"publisher-location":"Cham","reference-count":38,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030553036"},{"type":"electronic","value":"9783030553043"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-55304-3_18","type":"book-chapter","created":{"date-parts":[[2020,8,7]],"date-time":"2020-08-07T16:04:03Z","timestamp":1596816243000},"page":"350-368","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["A New Targeted Password Guessing Model"],"prefix":"10.1007","author":[{"given":"Zhijie","family":"Xie","sequence":"first","affiliation":[]},{"given":"Min","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Anqi","family":"Yin","sequence":"additional","affiliation":[]},{"given":"Zhenhan","family":"Li","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,8,6]]},"reference":[{"issue":"7","key":"18_CR1","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1145\/2699390","volume":"58","author":"J Bonneau","year":"2015","unstructured":"Bonneau, J., Herley, C., Van Oorschot, P.C., Stajano, F.: Passwords and the evolution of imperfect authentication. Commun. ACM 58(7), 78\u201387 (2015)","journal-title":"Commun. ACM"},{"key":"18_CR2","unstructured":"Wang, D.: Research on key issues in password security. PhD Dissertation, Peking University (2017). http:\/\/wangdingg.weebly.com\/uploads\/2\/0\/3\/6\/20366987\/phd_thesis0103.pdf"},{"key":"18_CR3","doi-asserted-by":"crossref","unstructured":"Ma, J., Yang, W., Luo, M. and Li, N.: A study of probabilistic password models. In: 2014 IEEE Symposium on Security and Privacy, pp. 689\u2013704. IEEE (2014)","DOI":"10.1109\/SP.2014.50"},{"key":"18_CR4","doi-asserted-by":"crossref","unstructured":"Narayanan, A., Shmatikov, V.: Fast dictionary attacks on passwords using time-space tradeoff. In: Proceedings of the 12th ACM conference on Computer and communications security, pp. 364\u2013372 (2005)","DOI":"10.1145\/1102120.1102168"},{"key":"18_CR5","doi-asserted-by":"crossref","unstructured":"Weir, M., Aggarwal, S., De Medeiros, B., Glodek, B.: Password cracking using probabilistic context-free grammars. In: 2009 30th IEEE Symposium on Security and Privacy, pp. 391\u2013405. IEEE (2009)","DOI":"10.1109\/SP.2009.8"},{"key":"18_CR6","doi-asserted-by":"crossref","unstructured":"Veras, R., Collins, C., Thorpe, J.: On semantic patterns of passwords and their security impact. In: NDSS (2014)","DOI":"10.14722\/ndss.2014.23103"},{"key":"18_CR7","unstructured":"Melicher, W., et al.: Fast, lean, and accurate: modeling password guessability using neural networks. In: 25th USENIX Security Symposium (USENIX Security 16), pp. 175\u2013191 (2016)"},{"key":"18_CR8","series-title":"Intelligent Systems, Control and Automation: Science and Engineering","doi-asserted-by":"publisher","first-page":"179","DOI":"10.1007\/978-3-319-75307-2_11","volume-title":"Cyber Security: Power and Technology","author":"S Aggarwal","year":"2018","unstructured":"Aggarwal, S., Houshmand, S., Weir, M.: New technologies in password cracking techniques. In: Lehto, M., Neittaanm\u00e4ki, P. (eds.) Cyber Security: Power and Technology. ISCASE, vol. 93, pp. 179\u2013198. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-75307-2_11"},{"key":"18_CR9","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"117","DOI":"10.1007\/978-3-319-94421-0_9","volume-title":"Future Network Systems and Security","author":"E Tirado","year":"2018","unstructured":"Tirado, E., Turpin, B., Beltz, C., Roshon, P., Judge, R., Gagneja, K.: A new distributed brute-force password cracking technique. In: Doss, R., Piramuthu, S., Zhou, W. (eds.) FNSS 2018. CCIS, vol. 878, pp. 117\u2013127. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-94421-0_9"},{"key":"18_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"217","DOI":"10.1007\/978-3-030-21568-2_11","volume-title":"Applied Cryptography and Network Security","author":"B Hitaj","year":"2019","unstructured":"Hitaj, B., Gasti, P., Ateniese, G., Perez-Cruz, F.: PassGAN: a deep learning approach for password guessing. In: Deng, R.H., Gauthier-Uma\u00f1a, V., Ochoa, M., Yung, M. (eds.) ACNS 2019. LNCS, vol. 11464, pp. 217\u2013237. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-21568-2_11"},{"issue":"5","key":"18_CR11","doi-asserted-by":"publisher","first-page":"550","DOI":"10.1109\/TDSC.2015.2481884","volume":"14","author":"S Ji","year":"2015","unstructured":"Ji, S., Yang, S., Xin, H., Han, W., Li, Z., Beyah, R.: Zero-sum password cracking game: a large-scale empirical study on the crackability, correlation, and security of passwords. IEEE Trans. Dependable Secure Comput. 14(5), 550\u2013564 (2015)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"18_CR12","unstructured":"Li, Z., Han, W., Xu, W.: A large-scale empirical analysis of Chinese web passwords. In: 23rd USENIX Security Symposium (USENIX Security 14), pp. 559\u2013574 (2014)"},{"key":"18_CR13","doi-asserted-by":"crossref","unstructured":"Yampolskiy, R.V.: Analyzing user password selection behavior for reduction of password space. In: Proceedings 40th Annual 2006 International Carnahan Conference on Security Technology, pp. 109\u2013115. IEEE (2006)","DOI":"10.1109\/CCST.2006.313438"},{"issue":"3","key":"18_CR14","first-page":"454","volume":"39","author":"MKL Gong-Shen","year":"2016","unstructured":"Gong-Shen, M.K.L., Wei-Dong, Q., Jian-Hua, L.: Password vulnerability assessment and recovery based on rules mined from large-scale real data. Chin. J. Comput. 39(3), 454\u2013467 (2016)","journal-title":"Chin. J. Comput."},{"key":"18_CR15","doi-asserted-by":"crossref","unstructured":"Das, A., Bonneau, J., Caesar, M., Borisov, N., Wang, X.: The tangled web of password reuse. In: NDSS Symposium 2014, p. 7 (2014)","DOI":"10.14722\/ndss.2014.23357"},{"key":"18_CR16","doi-asserted-by":"crossref","unstructured":"Li, Y., Wang, H., Sun, K.: A study of personal information in human-chosen passwords and its security implications. In: IEEE INFOCOM 2016-The 35th Annual IEEE International Conference on Computer Communications, pp. 1\u20139. IEEE (2016)","DOI":"10.1109\/INFOCOM.2016.7524583"},{"key":"18_CR17","doi-asserted-by":"crossref","unstructured":"Wang, D., Zhang, Z., Wang, P., Yan, J., Huang, X.: Targeted online password guessing: an underestimated threat. In: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pp. 1242\u20131254 (2016)","DOI":"10.1145\/2976749.2978339"},{"issue":"1","key":"18_CR18","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1109\/TIT.2019.2920538","volume":"66","author":"N Merhav","year":"2020","unstructured":"Merhav, N., Cohen, A.: Universal randomized guessing with application to asynchronous decentralized brute-force attacks. IEEE Trans. Inf. Theory 66(1), 114\u2013129 (2020)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"18_CR19","doi-asserted-by":"crossref","unstructured":"Coby Wang, K., Reiter, M.K.: How to end password reuse on the web. In: Proceedings ACM CCS (2019)","DOI":"10.14722\/ndss.2019.23350"},{"key":"18_CR20","doi-asserted-by":"crossref","unstructured":"Lu, B., Zhang, X., Ling, Z., Zhang, Y., Lin, Z.: A measurement study of authentication rate-limiting mechanisms of modern websites. In: Proceedings of the 34th Annual Computer Security Applications Conference, pp. 89\u2013100 (2018)","DOI":"10.1145\/3274694.3274714"},{"key":"18_CR21","doi-asserted-by":"crossref","unstructured":"Pal, B., Daniel, T., Chatterjee, R., Ristenpart, T.: Beyond credential stuffing: Password similarity models using neural networks. In: 2019 IEEE Symposium on Security and Privacy, SP, pp. 417\u2013434. IEEE (2019)","DOI":"10.1109\/SP.2019.00056"},{"key":"18_CR22","unstructured":"Grassi, P.A., et al.: Nist special publication 800\u201363b: digital identity guidelines. enrollment and identity proofing requirements (2017). https:\/\/pages.nist.gov\/800-63-3\/sp800-63b.html"},{"key":"18_CR23","unstructured":"Jaggard, A.D., Syverson, P.: Oft target. In: Proceedings of the PET (2018)"},{"key":"18_CR24","doi-asserted-by":"crossref","unstructured":"Guri, M., Shemer, E., Shirtz, D., Elovici, Y.: Personal information leakage during password recovery of internet services. In: 2016 European Intelligence and Security Informatics Conference, EISIC, pp. 136\u2013139. IEEE (2016)","DOI":"10.1109\/EISIC.2016.035"},{"issue":"12","key":"18_CR25","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1145\/322796.322806","volume":"42","author":"A Adams","year":"1999","unstructured":"Adams, A., Sasse, M.A.: Users are not the enemy. Commun. ACM 42(12), 40\u201346 (1999)","journal-title":"Commun. ACM"},{"issue":"11","key":"18_CR26","doi-asserted-by":"publisher","first-page":"594","DOI":"10.1145\/359168.359172","volume":"22","author":"R Morris","year":"1979","unstructured":"Morris, R., Thompson, K.: Password security: a case history. Commun. ACM 22(11), 594\u2013597 (1979)","journal-title":"Commun. ACM"},{"key":"18_CR27","doi-asserted-by":"crossref","unstructured":"Bonneau, J.: The science of guessing: analyzing an anonymized corpus of 70 million passwords. In: 2012 IEEE Symposium on Security and Privacy, pp. 538\u2013552. IEEE (2012)","DOI":"10.1109\/SP.2012.49"},{"key":"18_CR28","doi-asserted-by":"crossref","unstructured":"Mazurek, M.L.: Measuring password guessability for an entire university. In: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pp. 173\u2013186 (2013)","DOI":"10.1145\/2508859.2516726"},{"key":"18_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"218","DOI":"10.1007\/978-3-319-10879-7_13","volume-title":"Security and Cryptography for Networks","author":"DV Bailey","year":"2014","unstructured":"Bailey, D.V., D\u00fcrmuth, M., Paar, C.: Statistics on password re-use and adaptive strength for financial accounts. In: Abdalla, M., De Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 218\u2013235. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-10879-7_13"},{"issue":"8","key":"18_CR30","doi-asserted-by":"publisher","first-page":"1656","DOI":"10.1109\/TIFS.2015.2422259","volume":"10","author":"EI Tatl\u0131","year":"2015","unstructured":"Tatl\u0131, E.I.: Cracking more password hashes with patterns. IEEE Trans. Inf. Forensics Secur. 10(8), 1656\u20131665 (2015)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"18_CR31","unstructured":"Stobert, E., Biddle, R.: The password life cycle: user behaviour in managing passwords. In: 10th Symposium on Usable Privacy and Security, SOUPS 2014, pp. 243\u2013255 (2014)"},{"key":"18_CR32","doi-asserted-by":"crossref","unstructured":"Kelley, P.G.: Guess again (and again and again): measuring password strength by simulating password-cracking algorithms. In: 2012 IEEE symposium on security and privacy, pp. 523\u2013537. IEEE (2012)","DOI":"10.1109\/SP.2012.38"},{"key":"18_CR33","unstructured":"Ur, B.: \u201ci added \u2018!\u2019 at the end to make it secure\u201d: observing password creation in the lab. In: Eleventh Symposium On Usable Privacy and Security, SOUPS 2015, pp. 123\u2013140 (2015)"},{"key":"18_CR34","doi-asserted-by":"crossref","unstructured":"Shay, R.: A spoonful of sugar? The impact of guidance and feedback on password-creation behavior. In: Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, pp. 2903\u20132912 (2015)","DOI":"10.1145\/2702123.2702586"},{"issue":"11","key":"18_CR35","doi-asserted-by":"publisher","first-page":"2776","DOI":"10.1109\/TIFS.2017.2721359","volume":"12","author":"D Wang","year":"2017","unstructured":"Wang, D., Cheng, H., Wang, P., Huang, X., Jian, G.: Zipf\u2019s law in passwords. IEEE Trans. Inf. Forensics Secur. 12(11), 2776\u20132791 (2017)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"18_CR36","unstructured":"Wang, D., Wang, P., He, D., Tian, Y.: Birthday, name and bifacial-security: understanding passwords of Chinese web users. In: 28th USENIX Security Symposium (USENIX Security 19), pp. 1537\u20131555 (2019)"},{"key":"18_CR37","unstructured":"Karapanos, N., Marforio, C., Soriente, C., Capkun, S.: Sound-proof: usable two-factor authentication based on ambient sound. In: 24th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 15), pp. 483\u2013498 (2015)"},{"issue":"4","key":"18_CR38","first-page":"708","volume":"15","author":"D Wang","year":"2016","unstructured":"Wang, D., Wang, P.: Two birds with one stone: two-factor authentication with security beyond conventional bound. IEEE Trans. Dependable Secure Comput. 15(4), 708\u2013722 (2016)","journal-title":"IEEE Trans. Dependable Secure Comput."}],"container-title":["Lecture Notes in Computer Science","Information Security and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-55304-3_18","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,23]],"date-time":"2021-04-23T17:49:34Z","timestamp":1619200174000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-55304-3_18"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030553036","9783030553043"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-55304-3_18","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"6 August 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ACISP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Australasian Conference on Information Security and Privacy","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Perth, WA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Australia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 November 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 December 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"acisp2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/nsclab.org\/acisp2020\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"151","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"31","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,7","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}