1. Gabatarwa

Kalmomin sirri sun kasance mafi yawan hanyar tabbatar da mai amfani saboda sauƙinsu da sassauci. Saboda haka, zato na kalmar sirri wani muhimmin sashi ne na binciken tsaron yanar gizo, mai mahimmanci ga duka gwajin tsaro na kai hari (misali, gwajin shiga, dawo da kalmar sirri) da kuma kimanta ƙarfin tsaro. Hanyoyin al'ada, daga ƙamus na tushen ƙa'ida zuwa ƙirar ƙididdiga kamar sarƙoƙin Markov da PCFG, suna da iyakoki na asali a cikin iyawa da daidaitawa. Zuwan koyo mai zurfi, musamman cibiyoyin jijiyoyi na autoregressive, sun yi alƙawarin canjin tsari ta hanyar koyon rarraba kalmomin sirri masu rikitarwa kai tsaye daga bayanai. Duk da haka, wani babban matsalar toshewa ya ci gaba: daidaitaccen hanyar samfurin bazuwar da ake amfani da ita tare da waɗannan ƙirar ba ta da inganci sosai, tana haifar da kwafi kuma ba ta da wani tsari mafi kyau, wanda ke rage saurin hare-haren kalmar sirri na zahiri. Wannan takarda ta gabatar da SOPG (Samar da Kalmar Sirri Mai Tsari Tushen Bincike), wata sabuwar hanya da aka ƙera don samar da kalmomin sirri daga ƙirar autoregressive a cikin kusan tsari mai saukowa na yuwuwar, ta haka ne ya kawo juyin juya hali ga ingantaccen zato na kalmar sirri ta hanyar jijiyoyi.

2. Bayan Fage & Ayyukan Da Suka Danganci

2.1 Hanyoyin Zato na Kalmar Sirri na Al'ada

Hanyoyin farko sun dogara ne akan hare-haren ƙamus da ƙirar ƙa'idodin ɓarna da hannu (misali, John the Ripper). Duk da cewa suna da sauƙi, waɗannan hanyoyin ba su da tushen ka'idar kuma ingancinsu ya dogara sosai da ilimin ƙwararru. Yaduwar ɓarkewar kalmomin sirri masu girma (misali, RockYou a 2009) ya ba da damar hanyoyin yuwuwar tushen bayanai. Ƙirar Markov (misali, OMEN) da Nahawu Mai Yuwuwar Ba tare da Mahallin Ba (PCFG) sun wakilci ci gaba mai mahimmanci, suna ƙirar tsarin kalmomin sirri da yuwuwar bisa tsari. Duk da haka, sau da yawa suna fama da wuce gona da iri kuma suna fama da samar da nau'ikan kalmomin sirri masu yawa, masu ma'ana, wanda ke iyakance ƙimar ɗaukar hoto.

2.2 Hanyoyin Tushen Cibiyar Jijiyoyi

Ƙirar koyo mai zurfi, gami da Cibiyoyin Jijiyoyi Masu Adawa (GANs) kamar PassGAN da Masu Rarraba Kansa (VAEs) kamar VAEPass, suna koyon rarraba asali na tarin bayanan kalmar sirri. Kwanan nan, ƙirar autoregressive, musamman waɗanda suka dogara da tsarin Transformer (misali, PassGPT), sun nuna aiki mafi girma ta hanyar ƙirar kalmomin sirri a matsayin jerin abubuwa da kuma hasashen alamar gaba idan aka ba da na baya. Waɗannan ƙirar suna ɗaukar dogon lokaci na dogaro yadda ya kamata. Babban aibi a cikin duk waɗannan hanyoyin jijiyoyi shine amfani da samfurin bazuwar (misali, samfurin tsakiya, samfurin saman-k) don samar da kalmar sirri, wanda ba shi da tsari kuma mai maimaitawa.

3. Hanyar SOPG

3.1 Babban Ra'ayi & Dalili

Babban fahimtar SOPG shine cewa don hare-haren zato na kalmar sirri ya zama mai inganci, jerin kalmomin sirri da aka samar ya kamata ya zama ba tare da maimaitawa ba kuma an tsara su daga mafi yuwuwar zuwa mafi ƙarancin yuwuwar. Samfurin bazuwar ya kasa a kan duka ƙidaya. SOPG yana magance wannan ta hanyar ɗaukar ƙirar autoregressive a matsayin jagorar yuwuwar don algorithm na bincike na tsari, kama da binciken katako amma an inganta shi don samar da cikakken, tsararrun ɗalibai na musamman maimakon mafi kyawun jerin guda.

3.2 Algorithm na Bincike & Samarwa Mai Tsari

SOPG yana amfani da dabarar bincike mai fifiko akan sararin samun yuwuwar kalmar sirri. Ya fara ne daga alamar farko (misali, farkon jerin) kuma a jere yana faɗaɗa kalmomin sirri na ɓangare. A kowane mataki, yana amfani da cibiyar jijiyoyi don hasashen yuwuwar ga harafi mai zuwa mai yuwuwa. Maimakon yin samfurin bazuwar, yana binciken rassan da dabara, yana ba da fifikon faɗaɗawa waɗanda ke haifar da cikakkun kalmomin sirri mafi yuwuwar. Wannan tsari yana ƙididdige kalmomin sirri bisa tsari a cikin kusan mafi kyawun tsari, yana aiwatar da jagorar zagayawa na rarraba yuwuwar ƙirar.

3.3 Tsarin Ginin Model na SOPGesGPT

Marubutan sun fara aikinsu a cikin SOPGesGPT, ƙirar zato na kalmar sirri da aka gina akan tsarin GPT (Transformer da aka Horar da Samarwa). An horar da ƙirar akan ɓarkewar kalmomin sirri na gaske don koyon haɗin rarraba yuwuwar $P(x_1, x_2, ..., x_T)$ na alamun kalmar sirri. Yanayin autoregressive na GPT, inda $P(x_t | x_{

4. Cikakkun Bayanai na Fasaha & Tsarin Lissafi

Idan aka ba da ƙirar autoregressive wacce ke ayyana yuwuwar kalmar sirri $\mathbf{x} = (x_1, x_2, ..., x_T)$ kamar haka: $$P(\mathbf{x}) = \prod_{t=1}^{T} P(x_t | x_1, ..., x_{t-1})$$ Manufar SOPG ita ce samar da jerin $\mathbf{x}^{(1)}, \mathbf{x}^{(2)}, ...$ kamar haka $P(\mathbf{x}^{(1)}) \geq P(\mathbf{x}^{(2)}) \geq ...$ kuma $\mathbf{x}^{(i)} \neq \mathbf{x}^{(j)}$ don $i \neq j$.

Ana iya tunanin algorithm a matsayin binciken bishiya inda kowane kulli ya zama kalmar sirri na ɓangare. Jerin fifiko yana sarrafa kulluka, an jera su ta hanyar ƙimar iyaka na sama na yuwuwar kowane cikakken kalmar sirri da ke saukowa daga wannan kulli. An samo wannan ƙima daga yuwuwar sharuɗɗan ƙirar. Algorithm yana maimaita cire kullin tare da mafi girman iyaka na sama, yana faɗaɗa shi da alama ɗaya (samar da ƴan kulluka), yana ƙididdige sabbin iyakoki na sama, kuma ya saka su cikin jerin. Lokacin da aka ciro kullin ganye (cikakken kalmar sirri), ana fitar da shi a matsayin kalmar sirri ta gaba a cikin jerin da aka tsara. Wannan yana tabbatar da binciken mafi kyau na farko na sararin yuwuwar.

5. Sakamakon Gwaji & Bincike

Ƙimar ɗaukar hoto

35.06%

Aikin SOPGesGPT akan saitin gwaji

Ci gaba akan PassGPT

81%

Mafi girman ƙimar ɗaukar hoto

Ingantaccen Ƙaddamarwa

Ƙananan Da Yawa

Kalmomin sirri da ake buƙata idan aka kwatanta da Samfurin Bazuwar

5.1 Kwatanta da Samfurin Bazuwar

Takardar ta fara nuna fa'idar asali ta SOPG akan samfurin bazuwar akan tushen ƙirar GPT iri ɗaya. Don cimma irin wannan ƙimar ɗaukar hoto (kashi na kalmomin sirri na gwaji da aka fasa), SOPG yana buƙatar matakan ƙidaya ƙananan kalmomin sirri da aka samar da ƙaddamarwar ƙira. Wannan saboda kowane kalmar sirri da SOPG ya samar na musamman ne kuma mai yuwuwar yayin da samfurin bazuwar yana ɓata lissafi akan kwafi da ƙananan zato na yuwuwar. Wannan yana fassara kai tsaye zuwa saurin lokutan hari da ƙaramin farashin lissafi.

5.2 Kwatantawa da Mafi Kyawun Yanayi

A cikin gwajin wuri ɗaya, an kwatanta SOPGesGPT da manyan ma'auni: OMEN (Markov), FLA, PassGAN (GAN), VAEPass (VAE), da PassGPT na zamani (Transformer tare da samfurin bazuwar). Sakamakon yana da yanke hukunci. SOPGesGPT ya cimma ƙimar ɗaukar hoto na 35.06%, ya zarce PassGPT da 81%, VAEPass da 380%, PassGAN da 421%, FLA da 298%, da OMEN da 254%. Wannan ya kafa sabon yanayi na zamani, yana nuna cewa hanyar samarwa (SOPG) tana da mahimmanci kamar tsarin ginin ƙira.

5.3 Ma'auni Mafi Muhimmanci na Aiki

Ingantacciyar Ƙimar: Yawan kalmomin sirri da aka samar waɗanda suke na gaske (sun yi daidai da kalmar sirri a cikin saitin gwaji). SOPGesGPT shima yana jagorantar wannan ma'auni, yana nuna cewa yana samar da ba kawai mafi yawa ba, amma zato mafi inganci.
Ingantaccen Samarwa: Ana auna shi ta adadin kiran ƙira/ƙaddamarwa da ake buƙata don fasa kashi na musamman na kalmomin sirri. Hanyar tsari ta SOPG tana ba da lanƙwasa mai inganci, tana fasa kalmomin sirri da yawa tare da ƙananan ƙaddamarwa.
Bayanin Ginshiƙi: Zane na hasashe zai nuna layi biyu: ɗaya don "Ƙimar ɗaukar hoto na Samfurin Bazuwar vs. #Kalmomin Sirri da aka Samar" yana tashi a hankali kuma bisa al'ada, tare da dogon wutsiya na kwafi. Layin "Ƙimar ɗaukar hoto na SOPG vs. #Kalmomin Sirri da aka Samar" zai tashi da sauri kuma kusan a layi daya a farkon, yana daɗaɗawa daga baya, yana nuna kusan mafi kyawun tsarin zato.

6. Tsarin Bincike & Misalin Lamari

Tsari: Kwandon Ingantaccen Zato na Kalmar Sirri. Za mu iya bincika kowane tsarin zato na kalmar sirri tare da ginshiƙai biyu: (1) Ingancin Ƙira (iyawar koyon rarraba kalmar sirri na gaskiya), da (2) Mafi Kyawun Samarwa (iyawar fitar da zato a cikin tsari mai saukowa na yuwuwar ba tare da ɓata lokaci ba).

  • Kwandon I (Ƙananan Ƙira, Ƙananan Mafi Kyau): Hare-haren tushen ƙa'ida na al'ada.
  • Kwandon II (Babban Ƙira, Ƙananan Mafi Kyau): PassGPT, PassGAN – ƙirar ƙarfi da samfurin bazuwar ya hana su.
  • Kwandon III (Ƙananan Ƙira, Babban Mafi Kyau): Markov/PCFG Mai Tsari – ƙirar iyaka amma ingantaccen samarwa.
  • Kwandon IV (Babban Ƙira, Babban Mafi Kyau): SOPGesGPT – yanayin manufa, haɗa ƙirar jijiyoyi mai iyawa tare da algorithm mafi kyawun samarwa na SOPG.

Misalin Lamari (Babu Lamba): Yi la'akari da ƙirar da ta san kalmar sirri "password123" tana da yuwuwar $10^{-3}$ kuma "xq7!kLp2" tana da yuwuwar $10^{-9}$. Mai samfurin bazuwar zai iya ɗaukar zato miliyan don buga "password123". SOPG, ta amfani da bincikensa, zai gano kuma ya fitar da "password123" a matsayin ɗaya daga cikin zato na farko sosai, nan da nan yana ba da gudummawa ga ɗaukar hoto. Wannan manufa mai tsari ita ce tushen babban ribar ingancinsa.

7. Duban Aikace-aikace & Hanyoyin Gaba

Masu Duba Ƙarfin Kalmar Sirri na Gaggawa: SOPG zai iya ƙarfafa ƙarni na gaba na mitocin ƙarfin kalmar sirri na ainihin lokacin waɗanda ba kawai suna duba ƙamus ba amma suna kwaikwayon ingantaccen hari na zamani, mai inganci, suna ba masu amfani ƙarin kimanta haɗari na gaske.
Binciken Dijital & Dawo da Doka: Haɓaka dawo da kalmar sirri don binciken da aka ba da izini akan na'urorin da aka kama.
Horon Adawa don Tsarin Tabbatarwa: Yin amfani da jerin da SOPG ya samar don gwadawa da ƙarfafa tsarin tabbatarwa daga hare-haren hankali.
Hanyoyin Bincike na Gaba:

  • Ƙirar Haɗin kai: Haɗa samarwa mai tsari na SOPG tare da sauran gine-ginen samarwa (misali, ƙirar yaduwa) don kalmomin sirri.
  • SOPG Mai Daidaitawa/Kan layi: Canza binciken a ainihin lokaci bisa amsa daga tsarin manufa (misali, amsoshi masu iyakance ƙima).
  • Bayyan Kalmomin Sirri: Aiwatar da tsarin samarwa mai tsari zuwa wasu fagagen tsaro kamar samar da URL na yaudara ko bambance-bambancen malware.
  • Maganganun Tsaro: Bincike cikin gano da rage hare-haren da ke amfani da dabarun samarwa mai tsari.

8. Nassoshi

  1. J. Bonneau, "Kimiyyar Zato: Bincike a cikin Tarin Bayanan Sirri na Kalmomin Sirri Miliyan 70," IEEE Symposium on Security and Privacy, 2012.
  2. M. Weir, S. Aggarwal, B. de Medeiros, da B. Glodek, "Fasa Kalmar Sirri Ta Amfani da Nahawu Mai Yuwuwar Ba tare da Mahallin Ba," IEEE Symposium on Security and Privacy, 2009.
  3. A. Radford, K. Narasimhan, T. Salimans, da I. Sutskever, "Inganta Fahimtar Harshe ta Horar da Samarwa," OpenAI, 2018. (Tushen takardar GPT)
  4. B. Hitaj, P. Gasti, G. Ateniese, da F. Perez-Cruz, "PassGAN: Hanyar Koyo Mai Zurfi don Zato Kalmar Sirri," International Conference on Applied Cryptography and Network Security (ACNS), 2019.
  5. D. Pasquini, G. Ateniese, da M. Bernaschi, "Saki Tiger: Hare-haren Ƙaddamarwa akan Rarraba Koyo," ACM SIGSAC Conference on Computer and Communications Security (CCS), 2021. (Ya haɗa da tattaunawa akan ƙaddamarwar kalmar sirri).
  6. M. J. H. Almeida, I. M. de Sousa, da N. Neves, "Yin Amfani da Koyo Mai Zurfi don Zato Kalmar Sirri: Bincike na Tsari," Computers & Security, 2023.

9. Bincike na Asali & Sharhin Kwararru

Babban Fahimta

Nasarar takardar ba sabon tsarin jijiyoyi ba ne, amma sake tsara matsalar asali. Shekaru da yawa, al'ummar zato na kalmar sirri, suna kwaikwayon yanayin NLP, sun kasance cikin sha'awar gina mafi girma, mafi kyawun masu ƙididdige yawa (sashin GPT). SOPG ya gano daidai cewa don aikin ƙasa na fasa, dabarar warwarewa ita ce mafi mahimmanci. Bambanci ne tsakanin samun cikakken taswira na filin nakiyoyi (ƙirar) da sanin yadda ake tafiya a cikinta ba tare da ɓata mataki ba (SOPG). Wannan yana canza fifikon bincike daga iyawar ƙira mai tsabta zuwa algorithm masu inganci na ƙaddamarwa a saman waɗannan ƙirar—darasi da sauran fagagen AI na samarwa suka koya a baya (misali, binciken katako a cikin fassarar inji).

Kwararar Hankali

Hujja tana da gamsarwa: 1) Ingantaccen hari na kalmar sirri an ayyana shi ta hanyar lanƙwasa ƙimar bugu vs. lambar zato. 2) Ƙirar autoregressive suna ba da yuwuwar kowane alama. 3) Samfurin bazuwar daga wannan rarraba ba shi da inganci sosai don ƙirƙirar jerin zato mai tsari. 4) Saboda haka, muna buƙatar algorithm na bincike wanda ke amfani da ƙirar a matsayin magana don gina jerin mafi yuwuwar da farko. Tsalle daga gane matsalar (3) zuwa injiniyan magani (4) shine inda sabon abu yake. Haɗin kai zuwa tsoffin algorithm na binciken kimiyyar kwamfuta (A*, katako) a bayyane yake, amma daidaitawarsa zuwa babban sararin fitarwa na kalmomin sirri, mai tsari, ba abu ne mai sauƙi ba.

Ƙarfi & Aibobi

Ƙarfi: Sakamakon gwaji yana ban mamaki kuma yana barin ɗan ƙaramin sarari don shakku game da fifikon SOPG a cikin daidaitaccen gwaji na kashe wuta, wuri ɗaya. Hujjar inganci tana da inganci a ka'ida kuma an tabbatar da ita a aikace. Hanya ce ta gama gari da ta dace da kowane ƙirar autoregressive, ba kawai aiwatar da GPT ba.
Aibobi & Tambayoyi: Kimantawa, duk da cewa yana da ban sha'awa, har yanzu saitin dakin gwaji ne. Hare-haren duniyar gaske suna fuskantar tsare-tsaren tsaro masu daidaitawa (iyaka ƙima, kulle-kulle, kalmomin zuma), kuma takardar ba ta gwada juriyar SOPG a cikin waɗannan yanayi ba. Ƙarin lissafin algorithm na bincike da kansa a kowane kalmar sirri da aka samar yana da yuwuwar ya fi girma fiye da samfurin bazuwar guda, ko da yake gabaɗayan ribar inganci ta kasance mai kyau. Akwai kuma giwar ɗabi'a a cikin ɗaki: duk da yake marubutan sun sanya shi don amfani na tsaro, wannan kayan aiki yana rage ƙofar hare-hare masu inganci sosai. Dole ne fagen ya yi fama da yanayin amfani biyu na irin waɗannan ci gaba, kamar yadda aka yi tattaunawa game da ƙirar AI na samarwa kamar CycleGAN ko manyan ƙirar harshe.

Fahimta Mai Aiki

Ga Masu Aikin Tsaro: Wannan takarda kiran farkawa ce. Dole ne manufofin kalmar sirri su ci gaba bayan toshe kalmomin ƙamus masu sauƙi. Masu tsaro suna buƙatar fara gwadawa da tsarin su akan hare-haren tsari kamar SOPG, waɗanda suka zama sabon ma'auni. Kayan aiki kamar Have I Been Pwned ko zxcvbn suna buƙatar haɗa waɗannan dabarun samarwa na ci gaba don ƙarin kimanta ƙarfi na gaske.
Ga Masu Bincike: An mika sandar. Gibin gaba ba ƙirar kawai ba ne, amma samarwa mai daidaitawa da mai inganci. Shin za mu iya gina ƙirar da ke koyo daga amsoshin hari na ɓangare? Shin za mu iya haɓaka ƙirar tsaro waɗanda ke gano da rikitar da samarwa mai tsari? Bugu da ƙari, kamar yadda cibiyoyi kamar NIST suka lura a cikin jagororin asalin dijital su, maganin dogon lokaci yana cikin motsawa bayan kalmomin sirri. Wannan binciken a lokaci guda yana nuna kololuwar fasa kalmar sirri kuma yana jaddada iyakokinsa na asali, yana tura mu zuwa ga tabbatarwa mara kalmar sirri. SOPG duka ne babban motsi na ƙarshe don zato na kalmar sirri da kuma hujja mai ƙarfi don ritayarsa.