Loading [MathJax]/extensions/MathMenu.js
A Cognitive Model for the Forensic Recovery of End-User Passwords | IEEE Conference Publication | IEEE Xplore

A Cognitive Model for the Forensic Recovery of End-User Passwords


Abstract:

Despite the existence of a number of advanced authentication mechanisms such as two- factor tokens, biometrics etc., the use of passwords is still the most popular means ...Show More

Abstract:

Despite the existence of a number of advanced authentication mechanisms such as two- factor tokens, biometrics etc., the use of passwords is still the most popular means of authenticating users in a computing system. Consequently, we need to generate and remember a large number of passwords, and these passwords need to be as strong as the assets they protect. During the course of a forensic examination a computer forensics analyst may come across a number of situations where the recovery of passwords is required, either in order to access a particular user account, or to unlock encrypted or otherwise obfuscated digital content. In this paper we create a cognitive model to describe the creation of end-user generated passwords that may be applied particularly during an attempt to forensically recover such passwords. We propose that it may be feasible to recover a password by reversing the logic of its creation, taking into account contextual and other parameters, instead of applying computationally expensive brute force.
Date of Conference: 27-28 August 2007
Date Added to IEEE Xplore: 04 September 2007
ISBN Information:
Conference Location: Karlovassi, Greece
Information Security Research Group Faculty of Advanced Technology, University of Glamorgan, UK
Information Security Research Group Faculty of Advanced Technology, University of Glamorgan, UK

1. Introduction

There are several ways for users to authenticate themselves in computing systems. Besides the standard use of passwords there are many advanced mechanisms or methods for users to login into a system. Those technologies include the use of smartcards, remote frequency identification tags, biometrics, pattern recognition, picture-based authentication (i.e. select a number of pictures using the right sequence, or point out a specific pixel location on a picture) etc. ([1], [2], [3]). Most of these methods however are prone to failure, albeit at a low rate and thus, along with any of the above authentication methods usually comes a password option that will provide an alternative for authenticating the user. This fact makes the recovery of such passwords an important issue, especially for reasons of business continuity and in the context discussed in this paper, for incident investigation.

Information Security Research Group Faculty of Advanced Technology, University of Glamorgan, UK
Information Security Research Group Faculty of Advanced Technology, University of Glamorgan, UK

References

References is not available for this document.