{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,9]],"date-time":"2025-05-09T16:34:19Z","timestamp":1746808459985,"version":"3.40.5"},"publisher-location":"Singapore","reference-count":21,"publisher":"Springer Singapore","isbn-type":[{"type":"print","value":"9789813349216"},{"type":"electronic","value":"9789813349223"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2021,1,19]],"date-time":"2021-01-19T00:00:00Z","timestamp":1611014400000},"content-version":"vor","delay-in-days":384,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Passwords are the most widely used method for user authentication in HTTP websites. Password sniffing attacks are considered a common way to steal password. However, most existing methods have many deficiencies in versatility and automation, such as manual analysis, keyword matching, regular expression and SniffPass. In this paper, to better describe the problem, we propose a HTTP Sessions Password Sniffing (HSPS) attack model which is more suitable in HTTP environment. Furthermore, we propose PassEye, a novel deep neural networkbased implementation of HSPS attack. PassEye is a binary neural network classifier that learns features from the HTTP sessions and identifies Password Authentication Session (PAS). We collected 979,681 HTTP sessions from the HTTP and HTTPS websites for training the binary classifier. The results show that PassEye is effective in sniffing the passwords with an accuracy of 99.38%. In addition, several measures are provided to prevent HSPS attacks in the end.<\/jats:p>","DOI":"10.1007\/978-981-33-4922-3_1","type":"book-chapter","created":{"date-parts":[[2021,1,18]],"date-time":"2021-01-18T11:21:04Z","timestamp":1610968864000},"page":"3-15","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["PassEye: Sniffing Your Password from HTTP Sessions by Deep Neural Network"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9444-0845","authenticated-orcid":false,"given":"Zhiqing","family":"Rui","sequence":"first","affiliation":[]},{"given":"Jingzheng","family":"Wu","sequence":"additional","affiliation":[]},{"given":"Yanjie","family":"Shao","sequence":"additional","affiliation":[]},{"given":"Tianyue","family":"Luo","sequence":"additional","affiliation":[]},{"given":"Mutian","family":"Yang","sequence":"additional","affiliation":[]},{"given":"Yanjun","family":"Wu","sequence":"additional","affiliation":[]},{"given":"Bin","family":"Wu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,1,19]]},"reference":[{"key":"1_CR1","unstructured":"Wang, D., Wang, P., He, D., Tian, Y.: Birthday, name and bifacial-security: understanding passwords of Chinese web users. In: 28th USENIX Security Symposium (USENIX Security 19), pp. 1537\u20131555. USENIX Association, Santa Clara (2019)"},{"key":"1_CR2","doi-asserted-by":"crossref","unstructured":"Jammalamadaka, R.C., Van Der Horst, T.W., Mehrotra, S., Seamons, K.E., Venkasubramanian, N.: Delegate: a proxy based architecture for secure website access from an untrusted machine. In: 2006 22nd Annual Computer Security Applications Conference (ACSAC 2006), pp. 57\u201366. IEEE, Miami Beach (2006)","DOI":"10.1109\/ACSAC.2006.23"},{"key":"1_CR3","unstructured":"Password Sniffing Attack. In: SSH.COM (2020). https:\/\/www.ssh.com\/attack\/password-sniffing. Accessed 3 Dec 2019"},{"key":"1_CR4","unstructured":"Mozilla: a typical HTTP session. In: MDN Web Docs (2019). https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Session. Accessed 20 Oct 2019"},{"key":"1_CR5","unstructured":"SniffPass Password Sniffer - Capture POP3\/IMAP\/SMTP\/FTP\/HTTP passwords. In: NirSoft. https:\/\/www.nirsoft.net\/utils\/password_sniffer.html. Accessed 22 Oct 2019"},{"key":"1_CR6","unstructured":"SecurityXploded: Password Sniffer Spy\u202f: Free Tool to Sniff and Capture HTTP\/FTP\/POP3\/SMTP\/IMAP Passwords (2020). https:\/\/www.SecurityXploded.com. Accessed 1 Jan 2020"},{"key":"1_CR7","doi-asserted-by":"crossref","unstructured":"Chen, T., Guestrin, C.: XGBoost: a scalable tree boosting system. In: Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining - KDD 2016, pp. 785\u2013794. ACM Press, San Francisco (2016)","DOI":"10.1145\/2939672.2939785"},{"key":"1_CR8","unstructured":"Melicher, W., et al.: Fast, lean, and accurate: modeling password guessability using neural networks. In: 25th USENIX Security Symposium (USENIX Security 16), pp. 175\u2013191. USENIX Association, Austin (2016)"},{"key":"1_CR9","unstructured":"Hitaj, B., Gasti, P., Ateniese, G., Perez-Cruz, F.: PassGAN: A Deep Learning Approach for Password Guessing. arXiv:170900440 [cs, stat] (2017)"},{"key":"1_CR10","doi-asserted-by":"crossref","unstructured":"Pal, B., Daniel, T., Chatterjee, R., Ristenpart, T.: Beyond credential stuffing: password similarity models using neural networks. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 417\u2013434. IEEE, San Francisco (2019)","DOI":"10.1109\/SP.2019.00056"},{"key":"1_CR11","doi-asserted-by":"crossref","unstructured":"Liu, Y., et al.: GENPass: a general deep learning model for password guessing with PCFG rules and adversarial generation. In: 2018 IEEE International Conference on Communications, ICC 2018, May 20, 2018\u2013May 24, 2018. Institute of Electrical and Electronics Engineers Inc., p Cisco; et al.; Huawei; National Instruments; Qualcomm; Sprint (2018)","DOI":"10.1109\/ICC.2018.8422243"},{"key":"1_CR12","doi-asserted-by":"publisher","first-page":"564","DOI":"10.1016\/j.procs.2018.08.209","volume":"135","author":"Y Muliono","year":"2018","unstructured":"Muliono, Y., Ham, H., Darmawan, D.: Keystroke dynamic classification using machine learning for password authorization. Proc. Comput. Sci. 135, 564\u2013569 (2018). https:\/\/doi.org\/10.1016\/j.procs.2018.08.209","journal-title":"Proc. Comput. Sci."},{"key":"1_CR13","doi-asserted-by":"crossref","unstructured":"Duan, X., et al.: VulSniper: focus your attention to shoot fine-grained vulnerabilities. In: Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence. International Joint Conferences on Artificial Intelligence Organization, Macao, China, pp. 4665\u20134671 (2019)","DOI":"10.24963\/ijcai.2019\/648"},{"key":"1_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"48","DOI":"10.1007\/978-3-319-94472-2_4","volume-title":"Services \u2013 SERVICES 2018","author":"M Yang","year":"2018","unstructured":"Yang, M., Wu, J., Ji, S., Luo, T., Wu, Y.: Pre-Patch: find hidden threats in open software based on machine learning method. In: Yang, A., et al. (eds.) SERVICES 2018. LNCS, vol. 10975, pp. 48\u201365. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-94472-2_4"},{"key":"1_CR15","doi-asserted-by":"publisher","first-page":"205","DOI":"10.1109\/SPW.2017.8","volume-title":"2017 IEEE Security and Privacy Workshops (SPW)","author":"P Prasse","year":"2017","unstructured":"Prasse, P., Machlica, L., Pevny, T., Havelka, J., Scheffer, T.: Malware detection by analysing network traffic with neural networks. 2017 IEEE Security and Privacy Workshops (SPW), pp. 205\u2013210. IEEE, San Jose (2017)"},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Liu, T., Qi, Y., Shi, L., Yan, J.: Locate-then-detect: real-time web attack detection via attention-based deep neural networks. In: Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence. International Joint Conferences on Artificial Intelligence Organization, Macao, China, pp. 4725\u20134731 (2019)","DOI":"10.24963\/ijcai.2019\/656"},{"key":"1_CR17","unstructured":"Yao, Z., et al.: Research review on traffic obfuscation and its corresponding identification and tracking technologies. Ruan Jian Xue Bao\/J. Softw. 29(10), 3205\u20133222 (2018). (in Chinese). http:\/\/www.jos.org.cn\/1000-9825\/5620.htm"},{"key":"1_CR18","doi-asserted-by":"crossref","unstructured":"Lotfollahi, M., Zade, R.S.H., Siavoshani, M.J., Saberian, M.: Deep packet: a novel approach for encrypted traffic classification using deep learning. arXiv:170902656 [cs] (2018)","DOI":"10.1007\/s00500-019-04030-2"},{"key":"1_CR19","doi-asserted-by":"crossref","unstructured":"Mi, X., et al.: Resident evil: understanding residential IP proxy as a dark service. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 1185\u20131201. IEEE, San Francisco (2019)","DOI":"10.1109\/SP.2019.00011"},{"key":"1_CR20","doi-asserted-by":"crossref","unstructured":"Krombholz, K., Busse, K., Pfeffer, K., Smith, M., von Zezschwitz, E.: \u201cIf HTTPS were secure, i wouldn\u2019t need 2FA\u201d - end user and administrator mental models of HTTPS. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 246\u2013263. IEEE, San Francisco (2019)","DOI":"10.1109\/SP.2019.00060"},{"key":"1_CR21","unstructured":"Alexa China Siterank. http:\/\/www.alexa.cn\/siterank. Accessed 28 Nov 2019"}],"container-title":["Communications in Computer and Information Science","Cyber Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-33-4922-3_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,1,18]],"date-time":"2021-01-18T11:24:02Z","timestamp":1610969042000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-981-33-4922-3_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9789813349216","9789813349223"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-981-33-4922-3_1","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"19 January 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CNCERT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China Cyber Security Annual Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Beijing","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 August 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 August 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cncert2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/conf.cert.org.cn","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}