CN110807476B - Password security level classification method and device and electronic equipment - Google Patents

Password security level classification method and device and electronic equipment Download PDF

Info

Publication number
CN110807476B
CN110807476B CN201910986882.6A CN201910986882A CN110807476B CN 110807476 B CN110807476 B CN 110807476B CN 201910986882 A CN201910986882 A CN 201910986882A CN 110807476 B CN110807476 B CN 110807476B
Authority
CN
China
Prior art keywords
password
neural network
processed
classification
security level
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910986882.6A
Other languages
Chinese (zh)
Other versions
CN110807476A (en
Inventor
孙尚勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Security Technologies Co Ltd
Original Assignee
New H3C Security Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Security Technologies Co Ltd filed Critical New H3C Security Technologies Co Ltd
Priority to CN201910986882.6A priority Critical patent/CN110807476B/en
Publication of CN110807476A publication Critical patent/CN110807476A/en
Application granted granted Critical
Publication of CN110807476B publication Critical patent/CN110807476B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/24Classification techniques
    • G06F18/241Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • G06N3/084Backpropagation, e.g. using gradient descent

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Artificial Intelligence (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Molecular Biology (AREA)
  • Computing Systems (AREA)
  • Biophysics (AREA)
  • Biomedical Technology (AREA)
  • Mathematical Physics (AREA)
  • Computational Linguistics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Biology (AREA)
  • Document Processing Apparatus (AREA)

Abstract

The embodiment of the invention provides a password security level classification method and device and electronic equipment. The method comprises the following steps: acquiring a password to be processed; inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed; the neural network model is obtained by training based on a preset training set, and the preset training set comprises a sample password marked with a safety level. The neural network model is trained in advance in the following way: inputting a sample password into a neural network with a preset structure for classification to obtain a safety level output by the neural network; determining a loss value based on the security level output by the neural network and the security level labeled by the sample password; and adjusting the network parameters of the neural network through back propagation based on the loss value until the neural network converges to obtain a neural network model. The accuracy of password security level classification can be effectively improved.

Description

Password security level classification method and device and electronic equipment
Technical Field
The invention relates to the technical field of information security, in particular to a password security level classification method and device and electronic equipment.
Background
In the technical field of information security, a user can set a password so that irrelevant people who do not know the password cannot access specified user equipment and user resources, and therefore the security of the user equipment and the user resources is improved. If the password setting is too simple, the password is easily acquired by an abnormal means such as guessing, cracking by a cracking tool and the like by an irrelevant person, so that the security risk of user equipment and user resources is higher.
In view of this, in the related art, the security level of the password may be classified, where the security level may be used to indicate the possibility that the password is obtained by an unrelated person through an abnormal means, and a higher security level indicates a lower possibility that the password is obtained by an unrelated person through an abnormal means. For example, in the related art, a password rule may be set according to actual experience, and if a password complies with the password rule, the password is determined to be a password with a high security level, and if the password does not comply with the password rule, the password is determined to be a password with a low security level. For example, the password rule may be set such that the password contains characters of at least three of the following four character types: capital letters, lowercase letters, numbers, and symbols, the password "123456" does not comply with the rules and thus can be determined as a low security level password, password "A!123456 "complies with the rules and can therefore be determined as a high security level password.
However, user experience is often limited and it is difficult to set accurate rules, resulting in some passwords that should belong to a low security level being incorrectly determined as a high security level, e.g., "A!123456 "belongs to a password that is easier to guess, but is determined to be a high security level password. Namely, in the related art, the security level classification of the password is not accurate enough.
Disclosure of Invention
The embodiment of the invention aims to provide a full-grade classification method and device for passwords and electronic equipment, so as to realize more accurate classification of the security levels of the passwords. The specific technical scheme is as follows:
in a first aspect of the present invention, there is provided a method for classifying a security level of a password, the method comprising:
acquiring a password to be processed;
inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed;
the neural network model is obtained by training based on a preset training set, and the preset training set comprises a sample password marked with a safety level;
the neural network model is trained in advance in the following way:
inputting a sample password into a neural network with a preset structure for classification to obtain a safety level output by the neural network;
determining a loss value based on the security level output by the neural network and the security level labeled by the sample password;
and adjusting the network parameters of the neural network through back propagation based on the loss value until the neural network converges to obtain a neural network model.
With reference to the first aspect, in a first possible implementation manner, after the obtaining the to-be-processed password, the method further includes:
determining whether the password to be processed is matched with a preset character string rule or not;
if the password to be processed is not matched with the preset character string rule, determining the security level of the password to be processed as a preset lowest level;
the step of inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed comprises the following steps:
and if the password to be processed is matched with the preset character string rule, inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed.
With reference to the first aspect, in a second possible implementation manner, the neural network model includes a character vector sub-model, a coding sub-model, and a classification sub-model;
the character vector submodel is used for vectorizing each character in the input password to obtain a character vector of each character and inputting the obtained character vector to the encoding submodel;
the coding submodel is used for coding the input character vector to obtain coding characteristics and inputting the obtained coding characteristics into the classification submodel, wherein the coding characteristics are used for expressing the characteristics of characters in the password to be processed and the context relationship among the characters;
and the classification submodel is used for classifying the input coding features through a full-connection network to obtain the security level corresponding to the coding features.
With reference to the second possible implementation manner of the first aspect, in a third possible implementation manner, the encoding sub-model is specifically configured to perform encoding processing on each input character vector in sequence to obtain the encoding characteristics of the character vector, where the input of each encoding processing is the targeted character vector and the encoding characteristics output by the last encoding processing, and the encoding characteristics output by the last encoding processing are input to the classification sub-model.
In a second aspect of the present invention, there is provided a cryptographic security level classification apparatus, the apparatus comprising:
the password acquisition module is used for acquiring a password to be processed;
the password classification module is used for inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed;
the neural network model is obtained by training based on a preset training set, wherein the preset training set comprises a sample password marked with a safety level;
the neural network model is trained in advance in the following way:
inputting the sample password into a neural network with a preset structure for classification to obtain the safety level output by the neural network;
determining a loss value based on the security level output by the neural network and the security level labeled by the sample password;
and adjusting the network parameters of the neural network through back propagation based on the loss value until the neural network converges to obtain a neural network model.
With reference to the second aspect, in a first possible implementation manner, the apparatus further includes a rule matching module, configured to determine whether the password to be processed matches a preset string rule;
if the password to be processed is not matched with the preset character string rule, determining the security level of the password to be processed as a preset lowest level;
the password classification module is specifically used for inputting the password to be processed into a pre-established neural network model for classification if the password to be processed is matched with the preset character string rule, so as to obtain the security level of the password to be processed.
With reference to the second aspect, in a second possible implementation manner, the neural network model includes a character vector sub-model, an encoding sub-model, and a classification sub-model;
the character vector submodel is used for vectorizing each character in the input password to obtain a character vector of each character and inputting the obtained character vector to the coding submodel;
the encoding submodel is used for encoding the input character vector to obtain encoding characteristics and inputting the obtained encoding characteristics into the classification submodel, wherein the encoding characteristics are used for expressing the characteristics of characters in the password to be processed and the context relationship among the characters;
and the classification submodel is used for classifying the input coding features through a full-connection network to obtain the security level corresponding to the coding features.
With reference to the second possible implementation manner of the second aspect, in a third possible implementation manner, the encoding sub-model is specifically configured to perform encoding processing on each input character vector in sequence to obtain the encoding characteristics of the character vector, where the input of each encoding processing is the corresponding character vector and the encoding characteristics output by the last encoding processing, and the encoding characteristics output by the last encoding processing are input into the classification sub-model.
In a third aspect of the invention, there is provided an electronic device comprising:
a memory for storing a computer program;
a processor adapted to perform the method steps of any of the above first aspects when executing a program stored in the memory.
In a fourth aspect of the present invention, a computer-readable storage medium is provided, having stored thereon a computer program which, when being executed by a processor, carries out the method steps of any one of the above-mentioned first aspects.
According to the password security level classification method, the password security level classification device and the electronic equipment, the mapping relation from the password to the security level can be learned more comprehensively through the neural network model obtained based on deep learning, and therefore the accuracy of password security level classification can be effectively improved. Of course, not all of the advantages described above need to be achieved at the same time in the practice of any one product or method of the invention.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flowchart of a method for classifying security levels of passwords according to an embodiment of the present invention;
FIG. 2a is a schematic diagram of a neural network model according to an embodiment of the present invention;
FIG. 2b is an expanded view of a neural network model according to an embodiment of the present invention;
FIG. 2c is another expanded schematic view of a neural network model provided in an embodiment of the present invention;
fig. 3 is another schematic flowchart of a method for classifying security levels of passwords according to an embodiment of the present invention;
FIG. 4 is a schematic flow chart illustrating a neural network model training method according to an embodiment of the present invention;
fig. 5a is a schematic structural diagram of a password security level classification apparatus according to an embodiment of the present invention;
fig. 5b is a schematic structural diagram of a password security level classification apparatus according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, fig. 1 is a schematic flow chart of a method for classifying a security level of a password according to an embodiment of the present invention, where the method may include:
s101, obtaining a password to be processed.
The password is a character string formed by a plurality of characters, and the password may include characters of different character types according to different application scenarios, for example, symbols such as%,% and Rc may not appear in the password in some application scenarios, and Chinese characters may not appear in the password in other application scenarios. And the length of the password may or may not be fixed, for example, in some application scenarios, the length of the password may be fixed to 8 characters, and in other application scenarios, the length of the password may be 8-24 characters according to actual requirements.
And S102, inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed.
The neural network model is obtained by training based on a preset training set, and the training set comprises a sample password marked with a safety level. The training process will be described in detail in the following embodiments, and will not be described herein.
The division of the security level may be different according to different application scenarios, but at least 2 different security levels should be divided. For example, in some application scenarios, a total of 3 different security levels may be partitioned, and in other application scenarios, a total of 5 different security levels may be partitioned. For convenience of description, the following description will take an example of dividing 5 different security levels altogether, and distinguishing the 5 different security levels as security levels 1, 2, 3, 4, 5, where the security level 5 is the highest security level and the security level 1 is the lowest security level. For application scenarios involving other numbers of security levels, the principle is the same and therefore will not be described in detail.
The sample password may be marked with the security level manually, or may be marked with the security level by using other password security level classification methods, which is not limited in this embodiment. It can be understood that the sample passwords in the training set are labeled with the security levels, so that the training set reflects the mapping relationship between the passwords and the security levels to a certain extent, and the neural network model can learn the mapping relationship through training and classify the input passwords to be processed by using the learned mapping relationship to obtain the security levels of the passwords to be processed.
The principle of the neural network model will be described in detail in the following embodiments, and will not be described in detail here. It can be understood that the rules are manually set, the set rules are limited by the experience of related personnel, and the neural network model can more comprehensively learn the mapping relation from the passwords to the security levels through training of a large number of sample passwords, so that the accuracy of password security level classification can be effectively improved by deep learning.
On the other hand, the rules of some low-security-level passwords are complex and difficult to manually and accurately summarize into a rule form, and the neural network model can better express the complex rules through a network structure and network parameters so as to obtain a more accurate mapping relation.
The Neural Network model may be implemented by a Recurrent Neural Network (RNN), for example, referring to fig. 2a, fig. 2a is a schematic structural diagram of the Neural Network model provided in the embodiment of the present invention, and the Neural Network model may include a character vector sub-model 210, a coding sub-model 220, and a classification sub-model 230. In other possible embodiments, the neural network model may also be implemented by using a neural network with another structure, which is not limited in this embodiment.
The character vector submodel 210 is configured to perform vectorization processing on each character in the input password to obtain a character vector of each character, and input the obtained character vector to the encoding submodel. A character vector may be considered a digitized representation of a character, e.g., in some application scenarios a character vector corresponding to the character "m" may be [0,1, 0]. The character vector may be in the form of a one-hot representation (one-hot representation) or a distributed representation (distributed representation), which is not limited in this embodiment.
The encoding sub-model 220 is used for encoding the input character vector to obtain encoding characteristics, and inputting the obtained encoding characteristics to the classification sub-model. The encoding characteristics are used for expressing the characteristics of characters in the password to be processed and the context relationship among the characters.
The encoding sub-model 220 may be a character vector input by a character vector sub-model, which performs encoding processing on an input character vector to obtain encoding characteristics, and the input at each encoding processing is the encoding characteristics output by the last encoding processing. The special case is the first encoding process, the character vector input for the character vector submodel is input, and the initial encoding characteristic is preset.
For the convenience of description, the coding characteristics obtained by the ith coding process are recorded as h i Special case by h 0 Representing the initial coding characteristics, and recording the character vector input for the ith time of the input layer as x i The encoding process performed inside the neuron is expressed in the form of a function out = f (in), where in is an input of the encoding process and out is an output of the encoding process. The ith encoding process can be expressed as:
h i =f(h i-1 ,x i )
the classification submodel 230 is configured to classify the input coding features through a fully connected network, so as to obtain a security level corresponding to the coding features. The classification submodel 230 may perform linear regression on the input encoding features to map the encoding features into a mapping value with a value range of [0,1], and determine the security level corresponding to the encoding features according to the value.
For convenience of description, it is assumed that the coding features output by the coding submodel 220 are n-dimensional vectors, and the component of the coding feature in the ith dimension is c i Then the classification submodel may map the coding features to a value range of [0,1] according to the following equation]The mapping value of (2):
Figure BDA0002236968980000081
Figure BDA0002236968980000082
where y is the mapped value, θ 0n For encoding model parameters in submodels, c 0 For the preset component, 1 can be taken in general, that is:
Figure BDA0002236968980000083
in a possible embodiment, the encoding sub-model may output the encoding characteristics obtained from each encoding process to the classification sub-model, in which case, the neural network model may be expanded (unfolded) in the time domain to the form shown in fig. 2b, but since the number of encoding processes is equal to the number of input character vectors, i.e. the number of encoding processes is equal to the length of the password to be processed. In some application scenarios, the length of the password to be processed is not fixed, and thus the number of encoding features output by the encoding submodel is also not fixed. It may be difficult for the classification submodel 230 to efficiently map the encoding characteristics to the security levels.
In view of this, in a possible embodiment, for an application scenario where the length of the to-be-processed password is not fixed, the to-be-processed password with the length smaller than the preset upper limit length threshold may be padded to the upper limit length threshold, so that the number of encoding features output by the encoding sub-model is the same. For example, assuming that the length of the password to be processed is 8-10 characters, the password to be processed with a length of less than ten characters may be padded with the character 0 until 10 characters are reached. However, this scheme requires additional computational resources to process the padded characters, and the characters included after the password-padded characters are processed are changed, thus possibly affecting the accuracy of the security level classification.
In another possible embodiment, the coding submodel may only input the coding feature resulting from the last coding process into the value classification submodel, in which case the neural network model may be expanded in time domain (underfold) to the form shown in fig. 2 c. Assuming the length of the cipher to be processed is N, h is defined as above i =f(h i-1 ,x i ) Therefore, the encoding sub-model last encodes the encoding characteristic h output N It can be expressed as:
h N =f(f(…f(h 0 ,x 1 )…x N-1 ),x N )
i.e., the encoding feature hN can reflect the features of all the character vectors and the context relationship between the character vectors. Therefore, the embodiment is selected, even if the length of the password to be processed is not fixed, the number of the coding features input into the classification character model is the same, and therefore the classification sub-model can effectively establish the mapping relation from the coding features to the security level
Referring to fig. 3, fig. 3 is another schematic flow chart of the password security level 1 classification method provided in the embodiment of the present invention, which may include:
s301, obtaining the password to be processed.
The step is the same as S101, and reference may be made to the foregoing description about S101, which is not described herein again.
S302, determining whether the password to be processed is matched with a preset character string rule, if so, executing S303, and if not, executing S304.
The string rules may be set according to the actual experience or needs of the user, and may include both capital letters, lowercase letters, and numbers, for example.
And S303, inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed.
If the password to be processed is matched with the preset character string rule, the password to be processed can be considered to have certain complexity, but as the analysis, the character string rule is limited by the experience of related personnel and may not be accurate enough, so that the password to be processed can be further classified through the neural network obtained through deep learning to obtain an accurate security level.
S304, determining the security level of the password to be processed as a preset lowest level.
Taking the case that the aforementioned security levels are totally divided into 5 security levels as an example, the security level of the password to be processed can be determined as security level 1. It can be understood that if the password to be processed does not match the preset string rule, the password to be processed is considered to be too simple, and therefore the security level of the password to be processed can be directly determined to be the lowest level, and further classification by using a neural network model is not needed.
By selecting the embodiment, the neural network model obtained by rule matching and deep learning can be combined, and the calculation amount consumed by safety level classification is effectively reduced on the premise of improving the accuracy of the safety level classification.
Referring to fig. 4, fig. 4 is a schematic flow chart of a neural network model training method according to an embodiment of the present invention, which may include:
s401, inputting the sample password into a neural network with a preset structure for classification, and obtaining the safety level output by the neural network.
The structure of the neural network is the same as that of the neural network model, and the network parameters can be preset values which are manually set. The principle of the neural network is the same as that of the neural network model, and reference may be made to the foregoing description, which is not repeated herein.
S402, determining a loss value based on the safety level output by the neural network and the safety level marked by the sample password.
The loss value can be obtained by numerically expressing the security level output by the neural network and the security level labeled by the sample password and then inputting the security level and the security level labeled by the sample password into a preset loss function. The form of the loss function may be different according to different actual requirements, and this embodiment does not limit this.
And S403, adjusting network parameters of the neural network through back propagation based on the loss value until the neural network converges to obtain a neural network model.
The convergence condition of the neural network may be that the loss value is smaller than a preset convergence threshold, or that training of a preset number of sample passwords is completed. And the converged neural network is the neural network model.
Referring to fig. 5a, fig. 5a is a schematic structural diagram of a password security level classification apparatus according to an embodiment of the present invention, which may include:
a password obtaining module 501, configured to obtain a password to be processed;
the password classification module 502 is used for inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed;
the neural network model is obtained by training based on a preset training set, and the preset training set comprises a sample password marked with a safety level;
the neural network model is trained in advance in the following way:
inputting the sample password into a neural network with a preset structure for classification to obtain the safety level output by the neural network;
determining a loss value based on the safety level output by the neural network and the safety level marked by the sample password;
and adjusting network parameters of the neural network through back propagation based on the loss value until the neural network converges to obtain the neural network model.
In a possible embodiment, as shown in fig. 5b, the apparatus further includes a rule matching module 503, configured to determine whether the password to be processed matches the preset string rule;
if the password to be processed is not matched with the preset character string rule, determining the security level of the password to be processed as a preset lowest level;
the password classification module 502 is specifically configured to, if the password to be processed matches the preset string rule, input the password to be processed into the pre-established neural network model for classification, so as to obtain the security level of the password to be processed.
In one possible embodiment, the neural network model includes a character vector sub-model, an encoding sub-model, and a classification sub-model;
the character vector submodel is used for vectorizing each character in the input password to obtain a character vector of each character and inputting the obtained character vector to the encoding submodel;
the encoding sub-model is used for encoding the input character vector to obtain encoding characteristics and inputting the obtained encoding characteristics into the classification sub-model, wherein the encoding characteristics are used for expressing the characteristics of characters in the password to be processed and the context relationship among the characters;
and the classification submodel is used for classifying the input coding features through the full-connection network to obtain the security level corresponding to the coding features.
In a possible embodiment, the encoding sub-model is specifically configured to perform encoding processing on each input character vector in sequence to obtain encoding characteristics of the character vector, where the input of each encoding processing is the corresponding character vector and the encoding characteristics output by the last encoding processing, and the encoding characteristics output by the last encoding processing are input into the classification sub-model.
In one possible embodiment, the neural network model is trained in advance in the following manner:
inputting the sample password into a neural network with a preset structure for classification to obtain the safety level output by the neural network;
determining a loss value based on the safety level output by the neural network and the safety level marked by the sample password;
and adjusting network parameters of the neural network through back propagation based on the loss value until the neural network converges to obtain the neural network model.
An embodiment of the present invention further provides an electronic device, as shown in fig. 6, including:
a memory 601 for storing a computer program;
the processor 602 is configured to implement the following steps when executing the program stored in the memory 601:
acquiring a password to be processed;
inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed;
the neural network model is obtained by training based on a preset training set, and the preset training set comprises a sample password marked with a safety level;
the neural network model is trained in advance in the following way:
inputting the sample password into a neural network with a preset structure for classification to obtain the safety level output by the neural network;
determining a loss value based on the safety level output by the neural network and the safety level marked by the sample password;
and based on the loss value, adjusting the network parameters of the neural network through back propagation until the neural network converges to obtain the neural network model.
In a possible embodiment, after obtaining the password to be processed, the method further comprises:
determining whether the password to be processed is matched with a preset character string rule;
if the password to be processed is not matched with the preset character string rule, determining the security level of the password to be processed as a preset lowest level;
inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed, and the method comprises the following steps:
and if the password to be processed is matched with the preset character string rule, inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed.
In one possible embodiment, the neural network model includes a character vector sub-model, an encoding sub-model, and a classification sub-model;
the character vector submodel is used for vectorizing each character in the input password to obtain a character vector of each character and inputting the obtained character vector to the coding submodel;
the encoding sub-model is used for encoding the input character vector to obtain encoding characteristics and inputting the obtained encoding characteristics into the classification sub-model, wherein the encoding characteristics are used for expressing the characteristics of characters in the password to be processed and the context relationship among the characters;
and the classification submodel is used for classifying the input coding features through the full-connection network to obtain the security level corresponding to the coding features.
In a possible embodiment, the encoding sub-model is specifically configured to perform encoding processing on each input character vector in sequence to obtain encoding characteristics of the character vector, where the input of each encoding processing is the corresponding character vector and the encoding characteristics output by the last encoding processing, and the encoding characteristics output by the last encoding processing are input to the classification sub-model.
The Memory mentioned in the electronic device may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), for example, at least one disk Memory. Alternatively, the memory may be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), application Specific Integrated Circuits (ASICs), field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.
In yet another embodiment of the present invention, a computer-readable storage medium is further provided, which stores instructions that, when executed on a computer, cause the computer to perform any of the above-described cryptographic security level classification methods.
In yet another embodiment provided by the present invention, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform any of the above described methods of cryptographic security level classification.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, it may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the invention to be performed in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that includes one or more available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid State Disk (SSD)), among others.
It should be noted that, in this document, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on differences from other embodiments. In particular, for the embodiments of the apparatus, the electronic device, the computer-readable storage medium, and the computer program product, since they are substantially similar to the method embodiments, the description is relatively simple, and reference may be made to some descriptions of the method embodiments for relevant points.
The above description is only for the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.

Claims (6)

1. A method for classifying a security level of a password, the method comprising:
acquiring a password to be processed;
inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed;
the neural network model is obtained by training based on a preset training set, and the preset training set comprises a sample password marked with a safety level;
the neural network model is trained in advance in the following way:
inputting the sample password into a neural network with a preset structure for classification to obtain the safety level output by the neural network;
determining a loss value based on the security level output by the neural network and the security level labeled by the sample password;
based on the loss value, network parameters of the neural network are adjusted through back propagation until the neural network converges to obtain a neural network model;
the neural network model comprises a character vector sub-model, a coding sub-model and a classification sub-model;
the character vector submodel is used for vectorizing each character in the input password to obtain a character vector of each character and inputting the obtained character vector to the coding submodel;
the encoding submodel is specifically used for sequentially carrying out encoding processing on each input character vector to obtain the encoding characteristics of the character vector, wherein the input of each encoding processing is the corresponding character vector and the encoding characteristics output by the last encoding processing, and the encoding characteristics output by the last encoding processing are input into the classification submodel;
and the classification submodel is used for classifying the input coding features through a full-connection network to obtain the security level corresponding to the coding features.
2. The method of claim 1, wherein after the obtaining the pending password, the method further comprises:
determining whether the password to be processed is matched with a preset character string rule or not;
if the password to be processed is not matched with the preset character string rule, determining the security level of the password to be processed as a preset lowest level;
the step of inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed comprises the following steps:
and if the password to be processed is matched with the preset character string rule, inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed.
3. A cryptographic security level classification apparatus, the apparatus comprising:
the password acquisition module is used for acquiring a password to be processed;
the password classification module is used for inputting the password to be processed into a pre-established neural network model for classification to obtain the security level of the password to be processed;
the neural network model is obtained by training based on a preset training set, and the preset training set comprises a sample password marked with a safety level;
the neural network model is trained in advance in the following way:
inputting a sample password into a neural network with a preset structure for classification to obtain a safety level output by the neural network;
determining a loss value based on the security level output by the neural network and the security level labeled by the sample password;
based on the loss value, network parameters of the neural network are adjusted through back propagation until the neural network converges to obtain a neural network model;
the neural network model comprises a character vector submodel, a coding submodel and a classification submodel;
the character vector submodel is used for vectorizing each character in the input password to obtain a character vector of each character and inputting the obtained character vector to the encoding submodel;
the encoding submodel is specifically used for sequentially carrying out encoding processing on each input character vector to obtain the encoding characteristics of the character vector, wherein the input of each encoding processing is the corresponding character vector and the encoding characteristics output by the last encoding processing, and the encoding characteristics output by the last encoding processing are input into the classification submodel;
and the classification submodel is used for classifying the input coding features through a full-connection network to obtain the security level corresponding to the coding features.
4. The apparatus according to claim 3, further comprising a rule matching module configured to determine whether the password to be processed matches a preset string rule;
if the password to be processed is not matched with the preset character string rule, determining the security level of the password to be processed as a preset lowest level;
the password classification module is specifically used for inputting the password to be processed into a pre-established neural network model for classification if the password to be processed is matched with the preset character string rule, so as to obtain the security level of the password to be processed.
5. An electronic device, comprising:
a memory for storing a computer program;
a processor for implementing the method steps of any of claims 1-2 when executing a program stored in the memory.
6. A computer-readable storage medium, characterized in that a computer program is stored in the computer-readable storage medium, which computer program, when being executed by a processor, carries out the method steps of any one of the claims 1-2.
CN201910986882.6A 2019-10-17 2019-10-17 Password security level classification method and device and electronic equipment Active CN110807476B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910986882.6A CN110807476B (en) 2019-10-17 2019-10-17 Password security level classification method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910986882.6A CN110807476B (en) 2019-10-17 2019-10-17 Password security level classification method and device and electronic equipment

Publications (2)

Publication Number Publication Date
CN110807476A CN110807476A (en) 2020-02-18
CN110807476B true CN110807476B (en) 2022-11-18

Family

ID=69488725

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910986882.6A Active CN110807476B (en) 2019-10-17 2019-10-17 Password security level classification method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN110807476B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111353147B (en) * 2020-03-11 2023-03-03 鹏城实验室 Password strength evaluation method, device, equipment and readable storage medium
CN112149111A (en) * 2020-08-25 2020-12-29 杭州安恒信息技术股份有限公司 Weak password detection method and device based on deep learning and electronic device
CN117216752A (en) * 2023-11-03 2023-12-12 湖南嘉创信息科技发展有限公司 Account password security system based on artificial intelligence

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103177204A (en) * 2013-03-29 2013-06-26 北京奇虎科技有限公司 Password information tip method and device
CN107579816A (en) * 2017-09-06 2018-01-12 中国科学院半导体研究所 Password dictionary generation method based on recurrent neural network
CN108256317A (en) * 2017-12-05 2018-07-06 西安交大捷普网络科技有限公司 A kind of weak password detection method
CN109685785A (en) * 2018-12-20 2019-04-26 上海众源网络有限公司 A kind of image quality measure method, apparatus and electronic equipment
CN110245488A (en) * 2019-05-21 2019-09-17 平安普惠企业管理有限公司 Cipher Strength detection method, device, terminal and computer readable storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10896370B2 (en) * 2017-03-03 2021-01-19 International Business Machines Corporation Triage of training data for acceleration of large-scale machine learning

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103177204A (en) * 2013-03-29 2013-06-26 北京奇虎科技有限公司 Password information tip method and device
CN107579816A (en) * 2017-09-06 2018-01-12 中国科学院半导体研究所 Password dictionary generation method based on recurrent neural network
CN108256317A (en) * 2017-12-05 2018-07-06 西安交大捷普网络科技有限公司 A kind of weak password detection method
CN109685785A (en) * 2018-12-20 2019-04-26 上海众源网络有限公司 A kind of image quality measure method, apparatus and electronic equipment
CN110245488A (en) * 2019-05-21 2019-09-17 平安普惠企业管理有限公司 Cipher Strength detection method, device, terminal and computer readable storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Adaptive Password-Strength Meters;Claude Castelluccia等;《ResearchGate》;20120228;正文第4-8章 *
基于熵的密码强度估计;严霄凤;《万方学术期刊数据库》;20121130;全文 *

Also Published As

Publication number Publication date
CN110807476A (en) 2020-02-18

Similar Documents

Publication Publication Date Title
TWI677852B (en) A method and apparatus, electronic equipment, computer readable storage medium for extracting image feature
CN110807476B (en) Password security level classification method and device and electronic equipment
US20200195667A1 (en) Url attack detection method and apparatus, and electronic device
KR102204286B1 (en) Batch normalization layers
CN110311902B (en) Abnormal behavior identification method and device and electronic equipment
CN115982765A (en) Data desensitization method, device, equipment and computer readable storage medium
US20170193086A1 (en) Methods, devices, and systems for constructing intelligent knowledge base
CN109978060B (en) Training method and device of natural language element extraction model
CN107240029B (en) Data processing method and device
CN107451106A (en) Text method and device for correcting, electronic equipment
CN112417887B (en) Sensitive word and sentence recognition model processing method and related equipment thereof
JP6172317B2 (en) Method and apparatus for mixed model selection
CN110135681A (en) Risk subscribers recognition methods, device, readable storage medium storing program for executing and terminal device
CN111079186A (en) Data analysis method, device, equipment and storage medium
CN111382403A (en) Training method, device, equipment and storage medium of user behavior recognition model
US11899765B2 (en) Dual-factor identification system and method with adaptive enrollment
CN111984867A (en) Network resource determination method and device
CN113269259B (en) Target information prediction method and device
CN110309285B (en) Automatic question answering method, device, electronic equipment and storage medium
CN113722477A (en) Netizen emotion recognition method and system based on multi-task learning and electronic equipment
CN113987328A (en) Topic recommendation method, equipment, server and storage medium
CN113259369A (en) Data set authentication method and system based on machine learning member inference attack
CN112541446A (en) Biological feature library updating method and device and electronic equipment
CN112463964A (en) Text classification and model training method, device, equipment and storage medium
CN117527444B (en) Method, apparatus and medium for training a model for detecting risk values of login data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant