윤지원, 김호원, Thi-Thu-Huong Le, 황연정,

Vol. 34, No. 6, pp. 1557-1566, 12월. 2024
10.13089/JKIISC.2024.34.6.1557, Full Text:
Keywords: Password Guessing, password security, Generative AI, LLMs
Abstract

In cybersecurity, sophisticated guessing attacks continually challenge the effectiveness of password security measures. This paper investigates the potential of generative artificial intelligence models for large-scale password generation and their implications for guessing attacks. We introduce PassGPT+LLaMa3.2, a hybrid model that combines the strengths of transformer-based architectures with advanced linguistic modeling capabilities to generate highly realistic passwords. Our experiments were conducted on a private dataset, comprising a diverse array of password structures to evaluate the performance of our model in terms of training and testing efficiency. Our findings demonstrate that PassGPT+Llama3.2 significantly enhances the diversity and realism of generated passwords, achieving a training time of 1h 45min and a testing time of 22min. Moreover, our model exhibits higher Hit Rate compare to existing models, indicating its effectiveness in mimicking real-world password patterns. This research underscores the impact of generative AI on password security, highlighting the need for advanced defenses against AI-driven guessing attacks.

Statistics
Cite this article