{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T02:06:38Z","timestamp":1740103598608,"version":"3.37.3"},"reference-count":42,"publisher":"Wiley","license":[{"start":{"date-parts":[[2020,12,1]],"date-time":"2020-12-01T00:00:00Z","timestamp":1606780800000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61971473"],"award-info":[{"award-number":["61971473"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Wireless Communications and Mobile Computing"],"published-print":{"date-parts":[[2020,12,1]]},"abstract":"\n \n \n TarGuess<\/a:mtext>\n \u2212<\/a:mo>\n I<\/a:mtext>\n <\/a:math>\n <\/jats:inline-formula> is a leading online targeted password guessing model using users\u2019 personally identifiable information (PII) proposed at ACM CCS 2016 by Wang et al. It has attracted widespread attention in password security owing to its superior guessing performance. Yet, after analyzing the users\u2019 vulnerable behaviors of using popular passwords and constructing passwords with users\u2019 PII, we find that this model does not take into account popular passwords, keyboard patterns, and the special strings. The special strings are the strings related to users but do not appear in the users\u2019 demographic information. Thus, we propose \n \n TarGuess<\/c:mtext>\n \u2212<\/c:mo>\n \n \n I<\/c:mtext>\n <\/c:mrow>\n \n +<\/c:mo>\n K<\/c:mi>\n P<\/c:mi>\n X<\/c:mi>\n <\/c:mrow>\n <\/c:msup>\n <\/c:math>\n <\/jats:inline-formula>, a modified password guessing model with three semantic methods, including (1) identifying popular passwords by generating top-300 lists from similar websites, (2) recognizing keyboard patterns by relative position, and (3) catching the special strings by extracting continuous characters from user-generated PII. We conduct a series of evaluations on six large-scale real-world leaked password datasets. The experimental results show that our modified model outperforms \n \n TarGuess<\/e:mtext>\n \u2212<\/e:mo>\n I<\/e:mtext>\n <\/e:math>\n <\/jats:inline-formula> by 2.62% within \n \n 100<\/g:mn>\n <\/g:math>\n <\/jats:inline-formula> guesses.<\/jats:p>","DOI":"10.1155\/2020\/8837210","type":"journal-article","created":{"date-parts":[[2020,12,3]],"date-time":"2020-12-03T02:07:56Z","timestamp":1606961276000},"page":"1-22","source":"Crossref","is-referenced-by-count":4,"title":["Modified Password Guessing Methods Based on TarGuess-I"],"prefix":"10.1155","volume":"2020","author":[{"given":"Zhijie","family":"Xie","sequence":"first","affiliation":[{"name":"College of Electronic Engineering, National University of Defense Technology, Hefei 230037, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6654-7610","authenticated-orcid":true,"given":"Min","family":"Zhang","sequence":"additional","affiliation":[{"name":"College of Electronic Engineering, National University of Defense Technology, Hefei 230037, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8864-3606","authenticated-orcid":true,"given":"Yuqi","family":"Guo","sequence":"additional","affiliation":[{"name":"School of Electronic and Computer Science, Peking University, Beijing 100871, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhenhan","family":"Li","sequence":"additional","affiliation":[{"name":"College of Electronic Engineering, National University of Defense Technology, Hefei 230037, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hongjun","family":"Wang","sequence":"additional","affiliation":[{"name":"College of Electronic Engineering, National University of Defense Technology, Hefei 230037, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"311","reference":[{"key":"1","doi-asserted-by":"publisher","DOI":"10.1145\/2699390"},{"key":"2","unstructured":"WangD.Research on Key Issues in Password Security, [Ph.D. thesis]2017Peking Universityhttp:\/\/wangdingg.weebly.com\/uploads\/2\/0\/3\/6\/20366987\/phd_thesis0103.pdf"},{"key":"3","doi-asserted-by":"publisher","DOI":"10.1109\/sp.2014.50"},{"key":"4","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102168"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1109\/sp.2009.8"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23103"},{"first-page":"175","article-title":"Fast, lean, and accurate: modeling password guessability using neural networks","author":"W. Melicher","key":"7"},{"key":"8","doi-asserted-by":"crossref","first-page":"179","DOI":"10.1007\/978-3-319-75307-2_11","article-title":"New technologies in password cracking techniques","volume-title":"Cyber Security: Power and Technology","author":"S. Aggarwal","year":"2018"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-94421-0_9"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-21568-2_11"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1109\/tdsc.2015.2481884"},{"first-page":"559","article-title":"A large-scale empirical analysis of chinese web passwords","author":"Z. Li","key":"12"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1109\/ccst.2006.313438"},{"issue":"3","key":"14","first-page":"454","article-title":"Password vulnerability assessment and recovery based on rules mined from large-scale real data","volume":"39","author":"M. K. Liu Gong-Shen","year":"2016","journal-title":"Chinese Journal of Computers"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23357"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1109\/infocom.2016.7524583"},{"key":"17","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978339"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23350"},{"key":"19","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274714"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1109\/sp.2019.00056"},{"key":"21","doi-asserted-by":"crossref","DOI":"10.6028\/NIST.SP.800-63a","article-title":"Nist special publication 800-63b: digital identity guidelines","volume-title":"Enrollment and Identity Proofing Requirements","author":"P. A. Grassi","year":"2017"},{"author":"A. D. Jaggard","key":"22","article-title":"Oft target"},{"key":"23","doi-asserted-by":"publisher","DOI":"10.1109\/eisic.2016.035"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1145\/3176258.3176332"},{"key":"25","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-55304-3_18"},{"key":"26","doi-asserted-by":"publisher","DOI":"10.1145\/322796.322806"},{"key":"27","doi-asserted-by":"publisher","DOI":"10.1145\/359168.359172"},{"key":"28","doi-asserted-by":"publisher","DOI":"10.1109\/sp.2012.49"},{"key":"29","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516726"},{"key":"30","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-10879-7_13"},{"key":"31","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2015.2422259"},{"first-page":"243","article-title":"The password life cycle: user behaviour in managing passwords","author":"E. Stobert","key":"32"},{"key":"33","doi-asserted-by":"publisher","DOI":"10.1109\/sp.2012.38"},{"first-page":"123","article-title":"\u201cI added\u2018!\u2019at the end to make it secure\u201d: observing password creation in the lab","author":"B. Ur","key":"34"},{"key":"35","doi-asserted-by":"publisher","DOI":"10.1145\/2702123.2702586"},{"key":"36","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2721359"},{"first-page":"1537","article-title":"Birthday, name and bifacial-security: understanding passwords of chinese web users","author":"D. Wang","key":"37"},{"author":"D. Wang","key":"38","article-title":"Understanding passwords of Chinese users: characteristics, security and implications"},{"key":"39","doi-asserted-by":"publisher","DOI":"10.1109\/dsn.2016.60"},{"key":"40","doi-asserted-by":"publisher","DOI":"10.1109\/tdsc.2020.2974220"},{"key":"41","doi-asserted-by":"publisher","DOI":"10.1109\/tvt.2020.2971254"},{"key":"42","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2018.2834351"}],"container-title":["Wireless Communications and Mobile Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/wcmc\/2020\/8837210.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/wcmc\/2020\/8837210.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/wcmc\/2020\/8837210.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,12,3]],"date-time":"2020-12-03T02:08:50Z","timestamp":1606961330000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/wcmc\/2020\/8837210\/"}},"subtitle":[],"editor":[{"given":"Ding","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"editor","vocabulary":"crossref"}]}],"short-title":[],"issued":{"date-parts":[[2020,12,1]]},"references-count":42,"alternative-id":["8837210","8837210"],"URL":"https:\/\/doi.org\/10.1155\/2020\/8837210","relation":{},"ISSN":["1530-8677","1530-8669"],"issn-type":[{"type":"electronic","value":"1530-8677"},{"type":"print","value":"1530-8669"}],"subject":[],"published":{"date-parts":[[2020,12,1]]}}}