IDENTIFYING PASSWORDS STORED ON DISK
| العنوان: | IDENTIFYING PASSWORDS STORED ON DISK |
|---|---|
| المؤلفون: | Shiva Houshmand, Sudhir Aggarwal, Umit Karabiyik |
| المساهمون: | Florida State University [Tallahassee] (FSU), Gilbert Peterson, Sujeet Shenoi, TC 11, WG 11.9 |
| المصدر: | IFIP Advances in Information and Communication Technology 11th IFIP International Conference on Digital Forensics (DF) 11th IFIP International Conference on Digital Forensics (DF), Jan 2015, Orlando, FL, United States. pp.195-213, ⟨10.1007/978-3-319-24123-4_12⟩ IFIP Advances in Information and Communication Technology ISBN: 9783319241227 IFIP Int. Conf. Digital Forensics |
| بيانات النشر: | HAL CCSD, 2015. |
| سنة النشر: | 2015 |
| مصطلحات موضوعية: | Winnow, Password, Information retrieval, Computer science, Disk examination, Rank (computer programming), Digital forensics, password identification, Probabilistic logic, 16. Peace & justice, Small set, Set (abstract data type), stored passwords, Identification (information), [INFO]Computer Science [cs] |
| الوصف: | Part 3: FORENSIC TECHNIQUES; International audience; This chapter presents a solution to the problem of identifying passwords on storage media. Because of the proliferation of websites for finance, commerce and entertainment, the typical user today often has to store passwords on a computer hard drive. The identification problem is to find strings on the disk that are likely to be passwords. Automated identification is very useful to digital forensic investigators who need to recover potential passwords when working on cases. The problem is nontrivial because a hard disk typically contains numerous strings. The chapter describes a novel approach that determines a good set of candidate strings in which stored passwords are very likely to be found. This is accomplished by first examining the disk for tokens (potential password strings) and applying filtering algorithms to winnow down the tokens to a more manageable set. Next, a probabilistic context-free grammar is used to assign probabilities to the remaining tokens. The context-free grammar is derived via training with a set of revealed passwords. Three algorithms are used to rank the tokens after filtering. Experiments reveal that one of the algorithms, the one-by-one algorithm, returns a password-rich set of 2,000 tokens culled from more than 49 million tokens on a large-capacity drive. Thus, a forensic investigator would only have to test a small set of tokens that would likely contain many of the stored passwords. |
| اللغة: | English |
| ردمك: | 978-3-319-24122-7 |
| DOI: | 10.1007/978-3-319-24123-4_12⟩ |
| URL الوصول: | https://explore.openaire.eu/search/publication?articleId=doi_dedup___::7231d2958d118156c8d19840d34b8b33 https://hal.inria.fr/hal-01449059/file/978-3-319-24123-4_12_Chapter.pdf |
| Rights: | OPEN |
| رقم الانضمام: | edsair.doi.dedup.....7231d2958d118156c8d19840d34b8b33 |
| قاعدة البيانات: | OpenAIRE |
| ردمك: | 9783319241227 |
|---|---|
| DOI: | 10.1007/978-3-319-24123-4_12⟩ |