Zaɓi Harshe

Ragewa Karkatarwa a Cikin Tsarin Ƙarfin Kalmar Sirri na Ainihi ta Hanyar Koyon Zurfi da Ƙamus Mai Sauƙi

Wata sabuwar hanya ta amfani da cibiyoyin jijiyoyin zurfi da hare-haren ƙamus masu sauri don rage karkatarwa a cikin binciken tsaron kalmar sirri, tare da samar da ingantaccen tsarin abokan gaba.
computationalcoin.com | PDF Size: 1.4 MB
Kima: 4.5/5
Kimarku
Kun riga kun ƙididdige wannan takarda
Murfin Takardar PDF - Ragewa Karkatarwa a Cikin Tsarin Ƙarfin Kalmar Sirri na Ainihi ta Hanyar Koyon Zurfi da Ƙamus Mai Sauƙi
Duba Takardar PDF Zazzage PDF Fassara PDF
Gida » Takaddun » Ragewa Karkatarwa a Cikin Tsarin Ƙarfin Kalmar Sirri na Ainihi ta Hanyar Koyon Zurfi da Ƙamus Mai Sauƙi

1. Gabatarwa

Kalmomin sirri sun ci gaba da zama babbar hanyar tabbatar da ainihi duk da sanannun raunin tsaro. Masu amfani suna son ƙirƙirar kalmomin sirri masu sauƙin tunawa, wanda ke haifar da rabe-raben da za a iya hasasawa waɗanda masu kai hari za su iya amfani da su. Tsarin tsarin da ya dogara da kalmar sirri ba za a iya bayyana shi da sauƙiƙan ma'auni kamar girman maɓalli ba; a maimakon haka, yana buƙatar ingantaccen tsarin halayen abokan gaba. Wannan takarda tana magance wani babban aibi a cikin binciken tsaron kalmar sirri na yanzu: babbar karkatarwar aunawa da hare-haren ƙamus da ba a daidaita su ba ke haifarwa, wanda ke haifar da ƙima mai yawa na ƙarfin kalmar sirri da kuma ƙarshen tsaro maras aminci.

2. Bayanan Baya & Bayanin Matsala

Sama da shekaru talatin na bincike sun samar da ingantattun samfuran yuwuwar kalmar sirri. Duk da haka, tsarin masu kai hari na ainihi da dabarunsu na zato masu ma'ana sun ga ƙaramin ci gaba. Masu fasa kalmar sirri na ainihi sau da yawa suna amfani da hare-haren ƙamus tare da ƙa'idodin ɓarna, waɗanda ke da sassauƙa amma suna buƙatar daidaitawa da daidaitawa na matakin ƙwararru—wani tsari ne da ya dogara da ilimin yanki da aka inganta tsawon shekaru na aiki.

2.1 Karkatarwar Auna a Tsaron Kalmar Sirri

Yawancin masu binciken tsaro da masu aiki ba su da ƙwarewar yanki na ƙwararrun masu kai hari. Saboda haka, sun dogara da "kasancewa a kan shinge" na ƙamus da saitunan ƙa'idodi don bincikensu. Kamar yadda aka nuna a cikin aikin da ya gabata (misali, [41]), waɗannan saitunan tsoho suna haifar da ƙima mai yawa na ƙarfin kalmar sirri, sun kasa kusantar ƙwarewar abokan gaba na ainihi daidai. Wannan yana haifar da mummunan karkatarwar aunawa wanda ke karkatar da sakamakon kimanta tsaro gaba ɗaya, yana mai da su maras aminci don sanar da manufofi ko ƙirar tsarin.

2.2 Iyakokin Hare-haren ƙamus na Al'ada

Hare-haren ƙamus na al'ada suna tsaye. Suna amfani da ƙamus mai ƙayyadaddun ƙa'idodi da ƙayyadaddun saitin ƙa'idodin ɓarna (misali, canje-canjen leet kamar a->@, ƙara lambobi) don samar da ƴan takarar kalmomin sirri. Tasirinsu ya dogara da ƙwarai akan saitunan farko. Ƙwararrun masu aiki na ainihi, duk da haka, suna daidaita dabarunsu na zato bisa ga bayanan musamman na manufa (misali, sunan kamfani, ƙididdigar masu amfani), wata ƙwarewa da ba ta cikin kayan aikin ilimi da masana'antu na yau da kullun.

3. Hanyar da aka Tsara

Wannan aikin ya gabatar da sabon tsarin hare-haren ƙamus da aka ƙera don zama mai juriya ga mummunan saitunan kuma don kusantar dabarun masu kai hari masu ci gaba ba tare da buƙatar kulawa da hannu ko zurfin ilimin yanki ba.

3.1 Cibiyar Jijiyoyin Zurfi don Tsarin Ƙwarewar Abokan Gaba

Bangare na farko yana amfani da cibiyoyin jijiyoyin zurfi (DNNs) don tsara ƙwarewar ƙwararrun masu kai hari wajen gina ingantattun saitunan kai hari. An horar da DNN akan bayanan da aka samo daga nasarar saitunan kai hari ko ɓarkewar kalmomin sirri don koyon rikitattun alaƙa, waɗanda ba su da layi tsakanin halayen kalmar sirri (misali, tsayi, azuzuwan haruffa, tsari) da yuwuwar wata ƙa'ida ta ɓarna ko kalmar ƙamus ta zama mai tasiri. Wannan samfurin ya ɗauki "hazaka" na ƙwararre wajen zaɓar da ba da fifiko ga dabarun zato.

3.2 Dabarun Zato Masu Sauƙi

Sabon abu na biyu shine gabatar da dabarun zato masu sauri a cikin tsarin hare-haren ƙamus. Maimakon aiwatar da duk ƙa'idodin a tsaye, tsarin yana amfani da hasashen DNN don daidaita harin da sauri. Misali, idan saitin kalmar sirri na manufa ya bayyana yana ɗauke da yawancin musanyawar leet-speak, tsarin zai iya ba da fifiko ga waɗannan ƙa'idodin ɓarna. Wannan yana kwaikwayon ikon ƙwararre na daidaita hanyarsu cikin ainihin lokaci bisa ga ra'ayi ko ilimin da ya gabata game da manufa.

3.3 Tsarin Fasaha & Tsarin Lissafi

Ginshiƙin samfurin ya ƙunshi koyon aiki $f_{\theta}(x)$ wanda ke nuna kalmar sirri (ko fasalinta) $x$ zuwa rarraba yuwuwar ƙa'idodin ɓarna da kalmomin ƙamus. Manufar ita ce rage bambanci tsakanin rarraba zato na samfurin da mafi kyawun dabarun kai hari da aka samo daga bayanan ƙwararru. Ana iya tsara wannan azaman inganta sigogi $\theta$ don rage aikin asara $\mathcal{L}$:

$\theta^* = \arg\min_{\theta} \mathcal{L}(f_{\theta}(X), Y_{expert})$

inda $X$ ke wakiltar fasalolin kalmomin sirri a cikin saitin horo, kuma $Y_{expert}$ yana wakiltar mafi kyawun tsari na zato ko zaɓin ƙa'ida da aka samo daga saitunan ƙwararru ko bayanan fasa na gaskiya.

4. Sakamakon Gwaji & Bincike

4.1 Bayanan Gwaji & Saitin Gwaji

An gudanar da gwaje-gwaje akan manyan bayanan kalmomin sirri na ainihi (misali, daga ɓarkewar da suka gabata). An kwatanta harin Ƙamus Mai Sauƙi na Koyon Zurfi (DLDD) da aka tsara da ingantattun samfuran yuwuwar kalmar sirri (misali, samfuran Markov, PCFGs) da hare-haren ƙamus na al'ada tare da saitunan ƙa'idodi na yau da kullun (misali, ƙa'idodin "best64" na JtR).

4.2 Kwatancen Aiki & Ragewar Karkatarwa

Ma'auni mai mahimmanci shine rage yawan zato da ake buƙata don fasa wani kaso na kalmomin sirri idan aka kwatanta da hare-haren ƙamus na yau da kullun. Harin DLDD ya nuna ingantaccen ci gaba mai mahimmanci, yana fasa kalmomin sirri da ƙaramin zato. Mafi mahimmanci, ya nuna mafi girman daidaito a cikin bayanan gwaji daban-daban da saitunan farko, yana nuna rage karkatarwar aunawa. Inda harin na yau da kullun zai iya gaza sosai tare da zaɓin ƙamus mara kyau, daidaitawar saurin harin DLDD ya samar da ƙarfi, aikin sama da tushe.

Hotunan Sakamako

Ragewar Karkatarwa: DLDD ta rage bambance-bambance a cikin ƙimar nasarar fasa a cikin saitunan farko daban-daban da sama da 40% idan aka kwatanta da hare-haren ƙamus masu tsaye.

Ribin Ingantacciyar Aiki: An cimma irin wannan ƙimar fasa kamar babban harin tsaye ta amfani da 30-50% ƙaramin zato a matsakaici.

4.3 Muhimman Bayanai daga Sakamako

  • Sarrafa Ƙwarewa: DNN ta yi nasarar shigar da tsarin saitunan ƙwararru, tana tabbatar da cewa ana iya koyon wannan ilimin daga bayanai.
  • Juriya ga Saituna: Hanyar saurin ya sa harin ya zama ƙasa da hankali ga ingancin ƙamus na farawa, babban tushen karkatarwa a cikin karatu.
  • Mafi Kyawun Samfurin Barazana na Ainihi: Halayen harin ya fi kama da dabarun daidaitawa, na manufa na abokan gaba na ainihi fiye da hanyoyin sarrafa kansa na baya.

5. Tsarin Bincike: Misalin Nazarin Hali

Hali: Kimanta ƙarfin kalmomin sirri daga wata kamfani na fasaha ta "AlphaCorp."

Hanyar Al'ada: Mai bincike yana gudanar da Hashcat tare da ƙamus na rockyou.txt da saitin ƙa'idodin best64.rule. Wannan harin tsaye zai iya yin aiki a matsakaici amma zai rasa tsarin musamman na kamfani (misali, kalmomin sirri masu ɗauke da "alpha", "corp", sunayen samfura).

Aikace-aikacen Tsarin DLDD:

  1. Shigar da Mahallin: An shirya tsarin da mahallin "AlphaCorp," kamfani na fasaha. Samfurin DNN, wanda aka horar da shi akan irin wannan ɓarkewar kamfanoni, yana ƙara fifikon ƙa'idodin ɓarna waɗanda suka shafi sunayen kamfanoni da kalmomin fasaha.
  2. Samar da Ƙa'ida Mai Sauƙi: Maimakon ƙayyadaddun jeri, harin yana samar da ƙa'idodi da sauri da tsari. Don "alpha," zai iya gwadawa: alpha, Alpha, @lpha, alpha123, AlphaCorp2023, @lph@C0rp a cikin tsarin da samfurin ya hasasce zai fi tasiri.
  3. Daidaitawa Ci gaba: Yayin da harin ya fasa wasu kalmomin sirri (misali, gano da yawa tare da ƙara shekaru), yana ƙara daidaita dabarunsa don ba da fifikon ƙara shekarun baya-bayan nan ga sauran kalmomin tushe.
Wannan hali yana nuna yadda tsarin ke motsawa daga harin guda ɗaya zuwa gwajin shiga cikin mahalli, mai daidaitawa.

6. Ayyukan Gaba & Jagororin Bincike

  • Mita na Ƙarfin Kalmar Sirri Mai Ƙarfafawa: Haɗa wannan fasaha cikin musanya ƙirƙirar kalmar sirri don samar da ra'ayi na ƙarfi na ainihin lokaci, mai sanin abokan gaba, wanda ya wuce sauƙaƙan ƙa'idodin tsari.
  • Bita na Tsaro ta Atomatik: Kayan aiki ga masu gudanar da tsarin waɗanda ke yin kwaikwaiyon ingantattun hare-hare masu daidaitawa akan hash ɗin kalmar sirri don gano raunin shaidar kafin masu kai hari su yi.
  • Kwaikwaiyon Abokan Gaba don Horar da AI: Amfani da samfurin harin mai sauri a matsayin abokin gaba a cikin mahalli na ƙarfafa koyo don horar da ingantattun tsarin tabbatar da ainihi ko gano sabani.
  • Daidaitawar Yanki Daban-daban: Bincika dabarun koyon canja wuri don ba da damar samfurin da aka horar da shi akan nau'in bayanai ɗaya (misali, kalmomin sirri na masu amfani gabaɗaya) don daidaitawa da sauri zuwa wani (misali, tsoffin kalmomin sirri na router) tare da ƙaramin sabbin bayanai.
  • Horarwa na Da'a & Kiyaye Sirri: Haɓaka hanyoyin horar da waɗannan samfuran masu ƙarfi ta amfani da bayanan roba ko koyo na tarayya don guje wa damuwar sirri da ke tattare da amfani da ɓarkewar kalmar sirri na ainihi.

7. Nassoshi

  1. Weir, M., Aggarwal, S., Medeiros, B., & Glodek, B. (2009). Fasa Kalmar Sirri ta Amfani da Nahawun Mahallin Kyauta. IEEE Symposium on Security and Privacy.
  2. Ma, J., Yang, W., Luo, M., & Li, N. (2014). Nazarin Samfuran Yuwuwar Kalmar Sirri. IEEE Symposium on Security and Privacy.
  3. Ur, B., et al. (2015). Shin Tunanin Masu Amfani game da Tsaron Kalmar Sirri ya dace da Gaskiya? CHI.
  4. Melicher, W., et al. (2016> M, Mai Ƙarfi, da Daidai: Tsarin Yuwuwar Zato Kalmar Sirri ta Amfani da Cibiyoyin Jijiyoyi. USENIX Security Symposium.
  5. Wang, D., Cheng, H., Wang, P., Huang, X., & Jian, G. (2017). Binciken Tsaro na Kalmomin Zuma. NDSS.
  6. Pasquini, D., et al. (2021). Ragewa Karkatarwa a Cikin Tsarin Ƙarfin Kalmar Sirri na Ainihi ta Hanyar Koyon Zurfi da Ƙamus Mai Sauƙi. USENIX Security Symposium.
  7. Goodfellow, I., et al. (2014). Nets na Abokan Gaba Masu Haɓakawa. NeurIPS. (A matsayin ra'ayi na tushen DL).
  8. NIST Special Publication 800-63B: Jagororin Shaidar Dijital - Gudanar da Tabbatar da Ainihi da Tsarin Rayuwa.

8. Binciken Kwararru & Bita Mai Muhimmanci

Mahimman Bayani: Wannan takarda tana ba da harin tiyata akan wani muhimmin rauni, wanda aka yi watsi da shi sau da yawa, a cikin hanyar binciken tsaron sadarwa: tazarar karkatarwar aunawa tsakanin samfuran fasa kalmar sirri na ilimi da gaskiyar gaske na hare-haren jagorancin ƙwararru. Marubutan sun gano daidai cewa "ilimin yanki" na masu kai hari shine guntun da ya ɓace, kuma shawararsu na sarrafa shi ta hanyar koyon zurfi yana da buri kuma yana da mahimmanci. Wannan ba game da fasa ƙarin kalmomin sirri kawai ba ne; yana game da sanya kimanta tsaro ya zama abin dogaro kuma.

Kwararar Ma'ana: Hujja tana da ƙarfi. 1) Hare-haren ainihi sun dogara ne akan ƙamus kuma an daidaita su da ƙwararru. 2) Samfuran masana ilimi/masu aiki suna amfani da saitunan tsaye, kasancewa a kan shinge, suna haifar da karkatarwa (ƙima mai yawa na ƙarfi). 3) Saboda haka, don rage karkatarwa, dole ne mu sarrafa daidaitawar ƙwararre da ƙwarewar daidaitawa. 4) Muna amfani da DNN don tsara ma'anar saitunan ƙwararre kuma mu saka shi cikin tsarin harin mai sauri. 5) Gwaje-gwaje sun nuna wannan yana rage bambance-bambance (karkatarwa) da inganta ingantacciyar aiki. Ma'ana tana da tsabta kuma tana magance tushen dalili, ba alama kawai ba.

Ƙarfi & Aibobi:
Ƙarfi: Mayar da hankali kan karkatarwar aunawa shine babbar gudummawar sa, yana ɗaga aikin daga kayan aikin fasa gaba ɗaya zuwa ci gaban hanyar. Hanyar haɗin gwiwa (DL + ƙa'idodi masu sauri) tana da ma'ana, tana amfani da tsarin gano tsarin cibiyoyin jijiyoyi—kamar yadda CycleGAN ke koyon canja wurin salo ba tare da misalan haɗin gwiwa ba—a cikin tsarin tsari, mai yawan aiki na hare-haren ƙamus. Wannan ya fi girma da fahimta fiye da mai tsabta na ƙarshen-zuwa-ƙarshen na samar da kalmar sirri ta jijiyoyi.

Aibobi & Tambayoyi: "Bayanan ƙwararru" don horar da DNN yana iya zama dugadugan Achilles. Daga ina yake fitowa? An ɓoye fayilolin saitunan ƙwararru? Takardar ta nuna alamar amfani da bayanai daga ɓarkewar da suka gabata, amma wannan yana haifar da haɗa karkatattun ra'ayi na tarihi (misali, tsoffin halayen kalmar sirri). Aikin samfurin yana da inganci kamar yadda wannan bayanan horo ke wakiltar dabarun ƙwararru na yanzu. Bugu da ƙari, yayin da yake rage karkatarwar saituna, yana iya haifar da sabbin karkatattun ra'ayi daga tsarin gine-ginen DNN da tsarin horo. Girman ɗabi'a na buga irin wannan ingantaccen kayan aikin sarrafa kansa shima an yi watsi da shi.

Bayanai Masu Aiki: Ga masu kimanta tsaro: Dakatar da dogaro kawai akan saitunan ƙamus/ƙa'idodi na tsoho nan da nan. Wannan takarda tana ba da tsarin gina ko karɓar ƙarin kayan aikin gwaji masu daidaitawa. Ga masu tsara manufofin kalmar sirri: Ku fahimci cewa ƙa'idodin rikitattun tsaye ba su da amfani a kan hare-hare masu daidaitawa. Dole ne manufofin su ƙarfafa bazuwar da tsayi, kuma dole ne a yi amfani da kayan aikin irin wannan don gwada tasirin manufofin. Ga masu binciken AI: Wannan shine babban misali na amfani da koyon zurfi don tsara ƙwarewar ɗan adam a cikin yankin tsaro—wani tsari wanda ya shafi gano cutar malware ko kariyar sadarwar zamantakewa. Nan gaba yana cikin AI wanda zai iya yin kwaikwaiyon mafi kyawun masu kai hari don kare su, ra'ayi da ke goyan bayan tsarin horo na abokan gaba da aka gani a cikin ayyuka kamar GANs na Goodfellow. Mataki na gaba shine rufe madauki, ta amfani da waɗannan samfuran harin masu daidaitawa don samar da bayanan horo don ƙarin ingantattun tsarin kariya.