1. Gabatarwa da Dalili
Tabatar da asali ta hanyar kalmar sirri na ci gaba da zama ruwan dare saboda saukinsa da sanin mai amfani. Duk da haka, kalmomin sirri da masu amfani suka zaɓa sanannen abu ne na tsinkaya, suna fifita gajerun kalmomi, bayanan sirri, da sake amfani da su a duk faɗin dandamali. Wannan yanayin na asali yana haifar da wata muhimmiyar tambaya: shin za a iya kwaikwayi da amfani da waɗannan tsarin ƙirƙirar kalmar sirri na ɗan adam? Takardar ta tsaya a wannan mahadar, tana binciken ko fasahohin koyon zurfi na zamani, waɗanda ke dogaro da bayanai, za su iya fi ƙwarewar hanyoyin tsinkayar kalmar sirri na al'ada ta hanyar koyon rarraba ainihin kalmomin sirri na ainihi.
2. Bayanan Baya da Ayyukan Da Suka Gabata
2.1 Tsinkayar Kalmar Sirri Ta Al'ada
A tarihi, tsinkayar kalmar sirri ta dogara ne akan nazarin ƙididdiga na bayanan kalmomin sirri da aka fallasa (misali, RockYou) don ƙirƙirar algorithms na ƙirƙira waɗanda suka dogara da ƙa'ida kamar John the Ripper ko dokokin Hashcat. Waɗannan hanyoyin sun dogara sosai akan ƙa'idodin ƙwararru (canzawa, tsarin musanya) kuma suna iyakancewa da cikakken bayanan da aka fallasa.
2.2 Koyon Zurfi a cikin Ƙirƙirar Rubutu
An kawo sauyi a fannin ta hanyar tsare-tsaren da ke koyon kai tsaye daga bayanai. Manyan ci gaba sun haɗa da Hanyoyin Hankali (misali, Transformers, BERT) don ƙirar mahallin, Tsare-tsaren Tsari na Ci-gaba (CNNs, RNNs, Masu Rufe Kai) don koyon wakilci, da Hanyoyin Horarwa Masu Sarƙaƙiya (misali, ƙididdiga na bambance-bambance, horo na gaba da juna). Wannan takarda tana amfani da waɗannan tsare-tsare zuwa takamaiman yanki na kalmomin sirri.
3. Hanyoyin Bincike da Tsare-tsare
Binciken ya gudanar da nazari kwatance na tsare-tsare masu ƙirƙira masu zurfi da yawa, yana tsara ƙirƙirar kalmar sirri a matsayin aikin ƙirƙira jerin abubuwa.
3.1 Cibiyoyin Hankali na Cibiyoyin Jijiyoyi Masu Zurfi
Ana amfani da tsare-tsare kamar masu warwarewa na Transformer don ɗaukar dogon dogon dogaro a cikin tsarin kalmar sirri (misali, "password123" inda "123" sau da yawa yake biye da kalmomin tushe na gama gari).
3.2 Hanyoyin Rufe Kai
Masu rufe kai na al'ada suna koyon matsananciyar wakilci (rufe) na kalmomin sirri kuma suna sake gina su (warwarewa). Suna da amfani don wakilci amma suna iyakancewa a cikin ingancin ƙirƙira kai tsaye.
3.3 Cibiyoyin Jijiyoyi Masu Gaba da Juna (GANs)
Cibiyar ƙirƙira tana ƙirƙira ƴan takarar kalmomin sirri, yayin da cibiyar neman bambanci ke ƙoƙarin bambanta su da ainihin kalmomin sirri. An yi wahayi ta hanyar nasarorin ƙirƙirar hoto kamar CycleGAN (Zhu et al., 2017), amma an daidaita su don jerin rubutu masu rarrabuwa, galibi suna buƙatar fasaha kamar Gumbel-Softmax ko koyo na ƙarfafawa.
3.4 Masu Rufe Kai na Bambance-bambance (VAEs)
Babban gudunmawar takardar. VAEs sun gabatar da jujjuyawar yiwuwa: mai rufewa yana tsara kalmar sirri zuwa rarraba a cikin sararin ɓoye (misali, Gaussian), wanda aka ƙayyade ta hanyar ma'ana $\mu$ da bambanci $\sigma^2$. Ana ƙirƙirar kalmar sirri ta hanyar samfurin vector ɓoye $z \sim \mathcal{N}(\mu, \sigma^2)$ da warware shi. Wannan yana ba da damar sassauƙa da samfurin da aka yi niyya a cikin sararin ɓoye.
4. Tsarin Gwaji
4.1 Bayanan Gwaji
An gudanar da gwaje-gwaje akan bayanan kalmomin sirri da aka fallasa da yawa da aka sani don tabbatar da ƙarfi:
- RockYou:
- LinkedIn:
- Youku/Zomato/Pwnd:
4.2 Ma'aunin Kimantawa
Ana auna aiki ba kawai ta adadin kalmomin sirri da aka yi daidai (yawan bugu) ba, amma mahimmanci ta hanyar:
- Bambance-bambancen Ƙirƙira:
- Keɓancewar Samfurin:
5. Sakamako da Bincike
5.1 Kwatancen Aiki
Binciken ƙididdiga na takardar ya bayyana wani yanayi mai zurfi. Yayin da tsare-tsare masu dogaro da hankali da GANs suka nuna aiki mai ƙarfi, tsare-tsaren Masu Rufe Kai na Bambance-bambance (VAE) sun fito a matsayin masu tasiri musamman, galibi suna cimma matsayi na zamani ko kwatankwacin aikin samfurin. Sararin ɓoyayyensu na tsari ya tabbatar da fa'ida ga yankin kalmar sirri.
5.2 Bambance-bambancen Ƙirƙira da Keɓancewa
Wani muhimmin bincike shine ciniki tsakanin tsare-tsare daban-daban:
- GANs na iya ƙirƙirar samfuran da suka dace da gaske amma wani lokacin suna fama da "rushewar yanayi," suna samar da iyakacin iri-iri.
- VAEs suna yawan samar da abubuwan fitarwa masu banbanta kuma suna ƙware wajen ƙirƙirar sabbin kalmomin sirri masu ma'ana waɗanda ba a gani yayin horo ba, godiya ga ci gaba, sararin ɓoye na yau da kullun.
6. Zurfin Fasaha
Ƙarfin VAEs yana cikin aikin su na manufa, Ƙananan Ƙididdiga na Shaida (ELBO): $$\mathcal{L}_{VAE} = \mathbb{E}_{q_{\phi}(z|x)}[\log p_{\theta}(x|z)] - D_{KL}(q_{\phi}(z|x) \parallel p(z))$$ Inda:
- $x$ shine kalmar sirrin shigarwa.
- $z$ shine maɓalli mai ɓoyayye.
- $q_{\phi}(z|x)$ shine mai rufewa (cibiyar ƙididdiga).
- $p_{\theta}(x|z)$ shine mai warwarewa (cibiyar ƙirƙira).
- Kalmar farko ita ce asara sake gini, tana tabbatar da cewa kalmomin sirri da aka warware sun dace da shigarwa.
- Kalmar ta biyu ita ce bambanci na Kullback-Leibler, tana aiki azaman mai daidaitawa wanda ke tilasta rarraba ɓoyayye ya kasance kusa da na farko (misali, Gaussian na al'ada $\mathcal{N}(0, I)$). Wannan daidaitawa yana da mahimmanci don ƙirƙirar sararin ɓoye mai santsi, mai tsari inda tsaka-tsaki da samfurin ke da ma'ana.
7. Tsarin Bincike & Nazarin Hali
Tsari: Tsarin kimantawa na tsari don kowane tsarin ƙirƙirar kalmar sirri ya kamata ya haɗa da: 1) Shirye-shiryen Bayanai (sarrafa saitin haruffa, daidaita tsayi), 2) Horo da Daidaita Tsari (inganta don ELBO ko asarar gaba da juna), 3) Samfurin Sarrafawa (ƙirƙirar jerin ƴan takara masu ƙayyadaddun girma), da 4) Kimantawa Mai Faɗi akan gwajin gwaji da aka ajiye ta amfani da yawan bugu, keɓancewa, da ma'auni masu sarƙaƙi.
Nazarin Hali (Misali Ba tare da Lamba ba): Ka yi tunanin ƙungiyar tsaro tana son bincika manufar kalmar sirri ta kamfaninsu. Ta amfani da tsarin VAE da aka horar akan babban bayanai kamar RockYou:
- Sun ƙirƙiri ƴan takarar kalmomin sirri miliyan 10.
- Sun kwatanta waɗannan ƴan takara da (hash) tarin kalmomin sirri na kansu na masu amfani (tare da izini daidai da kariyar ɗa'a).
- Yawan bugu yana bayyana yawan ainihin kalmomin sirri na masu amfani waɗanda ke cikin haɗari ga wannan ci-gaba, harin da AI ke tafiyar da shi.
- Ta hanyar nazarin halayen kalmomin sirri da aka yi daidai (misali, kalmomin tushe na yau da kullun, tsarin ƙari), za su iya inganta manufar kalmar sirri (misali, haramta kalmomin tushe na gama gari, tilasta tsayin mafi ƙarancin tsayi).
8. Ayyuka na Gaba & Jagorori
- Gwajin Ƙarfin Kalmar Sirri Mai Himma: Haɗa waɗannan tsare-tsare cikin musaya ƙirƙirar kalmar sirri don ba da ra'ayi na ainihi game da yiwuwar tsinkayar sabuwar kalmar sirri ta AI.
- Tsare-tsare Masu Haɗaka & Yanayi: Haɓaka tsare-tsare waɗanda za su iya ƙirƙirar kalmomin sirri da aka daidaita akan bayanan masu amfani (misali, shekaru, harshe) ko nau'in sabis (misali, banki da zamantakewa), kamar yadda aka nuna ta hanyar amfani da bayanai daban-daban.
- Horo na Gaba da Juna don Tsaro: Amfani da waɗannan tsare-tsare masu ƙirƙira don ƙirƙirar babban, "tarwatsewar bayanai na roba" masu sarƙaƙi don horar da tsarin gano sabani mai ƙarfi da ayyukan hash na kalmar sirri na gaba (kamar Argon2 ko scrypt) don zama masu juriya ga fashewar AI.
- Bayan Kalmomin Sirri: Fasahohin suna aiki ga wasu yankunan tsaro kamar ƙirƙirar URL na yaudara masu dacewa, bambance-bambancen malware, ko tsarin zirga-zirgar hanyar sadarwa don gwajin tsarin gano kutsawa.
- Tsare-tsare na ɗa'a da Ka'idoji: Yayin da fasahar ta girma, ana buƙatar bayyanannun jagorori don amfani da ita cikin ɗa'a a cikin gwajin shiga da bincike don hana amfani mara kyau.
9. Nassoshi
- Biesner, D., Cvejoski, K., Georgiev, B., Sifa, R., & Krupicka, E. (2020). Generative Deep Learning Techniques for Password Generation. arXiv preprint arXiv:2012.05685.
- Kingma, D. P., & Welling, M. (2013). Auto-Encoding Variational Bayes. arXiv preprint arXiv:1312.6114.
- Goodfellow, I., Pouget-Abadie, J., Mirza, M., Xu, B., Warde-Farley, D., Ozair, S., ... & Bengio, Y. (2014). Generative adversarial nets. Advances in neural information processing systems, 27.
- Zhu, J. Y., Park, T., Isola, P., & Efros, A. A. (2017). Unpaired image-to-image translation using cycle-consistent adversarial networks. In Proceedings of the IEEE international conference on computer vision (pp. 2223-2232).
- Vaswani, A., Shazeer, N., Parmar, N., Uszkoreit, J., Jones, L., Gomez, A. N., ... & Polosukhin, I. (2017). Attention is all you need. Advances in neural information processing systems, 30.
- Weir, M., Aggarwal, S., Medeiros, B. D., & Glodek, B. (2009). Password cracking using probabilistic context-free grammars. In 2009 30th IEEE Symposium on Security and Privacy (pp. 391-405). IEEE.
Ra'ayin Manazarcin: Gasar Makamai ta Kalmar Sirri Mai Ƙarfin AI
Fahimta ta Asali: Wannan takarda ba wani ƙarin ci gaba ne kawai a cikin fashewar kalmar sirri ba; sauyin tsari ne. Ya nuna cewa tsare-tsare masu ƙirƙira masu zurfi, musamman Masu Rufe Kai na Bambance-bambance (VAEs), sun girma har zuwa matakin da za su iya koyon kai tsaye da kuma kwaikwayi sarƙaƙun tsarin ƙirƙirar kalmar sirri na ɗan adam, waɗanda sau da yawa ba a san su ba a sikeli. Wannan yana motsa barazanar daga ƙarfin ƙa'ida (guduma) zuwa ƙirƙirar halayen tunani ta AI (wuka). Aikin Biesner et al. ya tabbatar da cewa tsare-tsare iri ɗaya waɗanda ke kawo sauyi a yankunan ƙirƙira (kamar ƙirƙirar hoto tare da CycleGAN ko rubutu tare da GPT) suna da ƙarfi daidai a cikin yankin tsaro na gaba da juna.
Kwararar Hankali & Tasirin Dabarun: Hankalin binciken yana da inganci: 1) Kalmomin sirri na ɗan adam ba bazuwar ba ne kuma suna da tsari, 2) Koyon zurfi na zamani yana ƙware wajen ƙirar rarraba masu sarƙaƙi, 3) Don haka, DL ya kamata ya ƙirƙira kalmomin sirri yadda ya kamata. Hujja tana cikin ƙididdiga a duk bayanan daban-daban kamar RockYou da LinkedIn. Tasirin dabarun yana da ban mamaki: zato na tsaro cewa "masu amfani za su zaɓi kalmomin sirri masu rikitarwa da ba za a iya tsinkaya ba" gaba ɗaya kuskure ne. Dole ne tsaro yanzu ya ɗauka cewa mai kai hari yana da mataimakin AI wanda zai iya ƙirƙirar biliyoyin ƴan takara masu ma'ana a mahallin, ba kalmomin ƙamus kawai tare da ƙara lambobi ba.
Ƙarfi & Kurakurai: Babban ƙarfin takardar shine cikakken kwatancensa, mai sarrafawa a duk iyalan tsare-tsare—wani abu da ba a saba gani ba wanda ke ba da jagora mai amfani na gaske. Bayyana fa'idodin VAE a cikin sarrafa sararin ɓoye (tsaka-tsaki, samfurin da aka yi niyya) fahimta ce mai hankali, tana ba da sarrafawa fiye da ƙirƙirar GANs' sau da yawa baƙar fata. Duk da haka, kuskure mai mahimmanci, gama gari ga yawancin binciken tsaro na ML, shine mayar da hankali kan iyawar kai hari tare da ƙaramin fifiko akan matakan tsaro. An yi ishara da tsarin ɗa'a don turawa amma ba a bincika shi sosai ba. Bugu da ƙari, yayin da tsare-tsare suke koyo daga fallasa, har yanzu suna iya fama da kalmomin sirri da aka ƙirƙira a ƙarƙashin manufofin ƙirƙira na zamani, masu tsauri waɗanda ke tilasta ƙarin bazuwar—wata yuwuwar makafin ido.
Fahimta Mai Aiki: Ga CISOs da masu gine-ginen tsaro, lokacin gamsuwa ya ƙare. Aiki 1: Dole ne manufofin kalmar sirri su ci gaba fiye da sauƙaƙan dokokin haruffa don haramta tsarin da AI za ta iya koyon su (misali, kalmar tushe ta gama gari + shekara). Aiki 2: Saka hannun jari da tilasta amfani da masu sarrafa kalmar sirri don ƙirƙira da adana ainihin kalmomin sirri na bazuwar, cire zaɓin ɗan adam daga lissafin. Aiki 3: Haɓaka saurin canzawa zuwa tabbatar da asali mai yawa (MFA) mara yaudara da fasahohin marasa kalmar sirri (WebAuthn/FIDO2). Dogaro kawai akan kirtani na sirri, komai yadda yake da rikitarwa ga ɗan adam, yana zama haɗari mara iyaka a gaban ƙirƙirar AI. Wannan binciken kira ne na gargaɗi: babi na ƙarshe na kalmar sirri ana rubuta shi, ba ta masu amfani ba, amma ta algorithms.