1. Gabatarwa & Bayyani

Wannan takarda ta gabatar da wata hanya mai ban mamaki ga tsaron kalmar sirri: Na'urorin Cire Sirrin Kwamfuta Na Duniya. Babban ƙirƙira shine tsarin kalmar sirri wanda zai iya daidaita dabarar zato ta kansa zuwa takamaiman tsarin da aka yi niyya ba tare da buƙatar samun damar kalmar sirri daga waɗannan tsare-tsaren ba. A maimakon haka, tsarin yana amfani da bayanan mai amfani na taimako—kamar adiresoshin imel—a matsayin siginonin wakili don hasashen rarraba kalmar sirri na asali.

Tsarin yana amfani da koyo mai zurfi don ɗaukar alaƙa tsakanin bayanan taimako da kalmomin sirri a cikin al'ummomin masu amfani. Da zarar an riga an horar da shi, tsarin zai iya samar da tsarin kalmar sirri da aka keɓance don kowane tsarin da aka yi niyya a lokacin hukunce-hukuncen, yana kawar da buƙatar ƙarin horo, tattara bayanan da aka yi niyya, ko sanin al'adun kalmar sirri na al'umma a baya.

Mahimman Bayanai

  • Yana kawar da dogaro ga samun damar kalmar sirri don daidaita tsarin
  • Yana amfani da bayanan taimako (imel, sunayen masu amfani) a matsayin siginonin hasashe
  • Yana ba da damar yin amfani da kayan aikin tsaron kalmar sirri ga kowa
  • Ya fi hanyoyin ƙididdigar ƙarfin kalmar sirri na gargajiya aiki

2. Hanyar Aiki ta Asali

Tsarin kalmar sirri na duniya yana aiki ta hanyar matakai uku: horo a baya akan bayanai daban-daban, koyon alaƙa tsakanin bayanan taimako da tsarin kalmar sirri, da daidaitawa na musamman ga tsarin a lokacin hukunce-hukuncen.

2.1 Tsarin Tsari

Tsarin ya haɗa masu ɓoyayyen bayanai na tushen transformer don sarrafa bayanan taimako tare da cibiyoyin sadarwa na jijiya masu maimaituwa (RNNs) don samar da jerin kalmar sirri. Tsarin yana koyon haɗakar haɗakarwa inda maki bayanan taimako masu kama suka yi daidai da halayen samar da kalmar sirri masu kama.

2.2 Tsarin Horarwa

Horo yana faruwa akan manyan bayanan karya kalmar sirri waɗanda ke ɗauke da kalmomin sirri da bayanan taimako masu alaƙa. Ayyukan manufa yana haɓaka yuwuwar samar da kalmomin sirri daidai idan aka ba da shigarwar taimako yayin da yake kiyaye ƙaddarawa a cikin al'ummomin masu amfani daban-daban.

2.3 Hukunce-hukuncen & Daidaitawa

Yayin hukunce-hukuncen, tsarin yana karɓar bayanan taimako kawai daga tsarin da aka yi niyya (misali, adiresoshin imel na masu amfani da aikace-aikacen). Yana daidaita yuwuwar samar da kalmar sirri bisa tsarin da aka gano a cikin wannan bayanan taimako, yana ƙirƙirar tsarin kalmar sirri da aka keɓance ba tare da taɓa ganin kalmomin sirri da aka yi niyya ba.

3. Aiwatar da Fasaha

3.1 Tsarin Lissafi

Tsarin ƙididdiga na asali yana ƙididdige $P(\text{kalmar sirri} \mid \text{bayanan taimako})$. Idan aka ba da bayanan taimako $A$ da kalmar sirri $P$, tsarin yana koyon:

$$\theta^* = \arg\max_\theta \sum_{(A_i, P_i) \in \mathcal{D}} \log P_\theta(P_i \mid A_i)$$

inda $\theta$ ke wakiltar sigogin tsari kuma $\mathcal{D}$ shine bayanan horo. Hanyar daidaitawa tana amfani da ka'idojin Bayesian don sabunta abubuwan da aka riga aka sani bisa rarraba bayanan taimako da aka yi niyya.

3.2 Ƙirar Cibiyar Sadarwa ta Jijiya

Cibiyar sadarwa tana amfani da tsarin mai ɓoyayyen bayanai biyu: ɗaya don bayanan taimako (ta amfani da CNNs na matakin haruffa da transformers) da ɗaya don samar da kalmar sirri (ta amfani da hanyoyin sadarwa na LSTM/GRU). Hanyoyin kulawa suna haɗa masu ɓoyayyun bayanai biyu, suna ba wa mai samar da kalmar sirri damar mai da hankali kan abubuwan da suka dace na bayanan taimako yayin samar da jerin gwano.

Aikin asara ya haɗa da giciye-entropy don hasashen kalmar sirri tare da sharuɗɗan daidaitawa waɗanda ke hana wuce gona da iri ga takamaiman al'ummomin horo:

$$\mathcal{L} = \mathcal{L}_{\text{CE}} + \lambda_1 \mathcal{L}_{\text{reg}} + \lambda_2 \mathcal{L}_{\text{div}}$$

4. Sakamakon Gwaji

4.1 Bayanin Bayanan Gwaji

Gwaje-gwaje sun yi amfani da manyan bayanan karya kalmar sirri 5 waɗanda ke ɗauke da nau'i-nau'i na shaidar miliyan 150+ tare da imel/sunayen masu amfani masu alaƙa. An raba bayanan ta hanyar tushe (kafofin watsa labarun, wasan kwaikwayo, kamfani) don gwada daidaitawar duk faɗin yanki.

4.2 Ma'aunin Aiki

An kimanta tsarin ta amfani da:

  • Lambar Zato: Matsakaicin matsayi inda kalmar sirri daidai ta bayyana a cikin jerin da aka samar
  • Yadudduka@K: Kashi na kalmomin sirri da aka karye a cikin zato na farko K
  • Saurin Daidaitawa: Adadin samfuran taimako da ake buƙata don daidaitawa mai tasiri

Taƙaitaccen Aiki

Yadudduka@10^6: 45.2% (sabanin 32.1% na mafi kyawun ma'auni)

Matsakaicin Lambar Zato: 1.2×10^5 (sabanin 3.8×10^5 na ma'auni)

Samfuran Daidaitawa: ~1,000 maki bayanan taimako don aiki mafi kyau na 80%

4.3 Kwatantawa da Ma'auni

Tsarin na duniya ya ci gaba da fi:

  • Tsarin Markov: Inganta 28% a cikin Yadudduka@10^6
  • Hanyoyin Tushen PCFG: Rage 35% a cikin matsakaicin lambar zato
  • Tsarin Jijiya Na Tsaye: Aiki mai kyau 42% a duk faɗin yanki
  • PSMs na Gargajiya: Ƙididdigar ƙarfi mafi daidai 3.2×

Fassarar Ginshiƙi: Fa'idar aiki tana girma tare da takamaiman al'ummar da aka yi niyya. Don aikace-aikacen da ke da bambancin alƙaluma na masu amfani, tsarin na duniya yana samun aiki mai kyau 50-60% fiye da hanyoyin da suka dace da kowa.

5. Misalin Tsarin Bincike

Yanayi: Sabon dandalin wasan kwaikwayo yana son tantance buƙatun ƙarfin kalmar sirri ba tare da tattara kalmomin sirri na masu amfani yayin gwajin beta ba.

Mataki na 1 - Tattara Bayanai: Tattara adiresoshin imel na masu gwajin beta 2,000 (misali, gamer123@email.com, pro_player@email.com).

Mataki na 2 - Cire Fasalin Taimako:

  • Cire sassan sunan mai amfani ("gamer123", "pro_player")
  • Gano yankunan imel da masu bayarwa
  • Bincika tsarin suna da tsari

Mataki na 3 - Daidaita Tsarin: Ciyar da fasali na taimako cikin tsarin duniya da aka riga aka horar. Tsarin yana gano tsarin da aka saba da al'ummomin wasan kwaikwayo (gajerun kalmomin sirri, haɗa kalmomin wasa, maimaita sunayen masu amfani a cikin kalmomin sirri akai-akai).

Mataki na 4 - Samar da Tsarin Kalmar Sirri: Tsarin da aka daidaita yana samar da rarraba yuwuwar kalmar sirri da aka keɓance ga tsarin al'ummar wasan kwaikwayo, yana ba da damar ƙididdigar ƙarfi daidai da shawarwarin manufa ba tare da samun damar kalmar sirri ɗaya ba.

Mataki na 5 - Aiwatar da Manufa: Bisa sakamakon tsarin, dandalin yana aiwatar da buƙatu: mafi ƙarancin haruffa 12, yana toshe kalmomin sirri da ke ɗauke da sunayen masu amfani, yana ba da shawarar kalmomin sirri marasa alaƙa da wasan kwaikwayo.

6. Bincike Mai Zurfi & Ra'ayi na Kwararru

Bayanin Asali

Wannan ba wani takarda ne kawai na karya kalmar sirri ba—canji ne na asali a yadda muke tunkarar tsaron tabbatar da asali. A haƙiƙa, marubutan sun raba ƙirar kalmar sirri daga samun damar kalmar sirri, suna mai da bayanan taimako daga amo zuwa sigina. Wannan yayi daidai da ci gaban koyo mai sarrafa kansa da aka gani a hangen nesa na kwamfuta (kamar koyon kwatankwacin a SimCLR) amma an yi amfani da shi a yankunan tsaro. Babban nasara shine ɗaukar halayen kalmar sirri a matsayin masu canji masu ɓoyewa waɗanda za a iya gano su daga sawun dijital.

Ci gaban Hankali

Ci gaban fasaha yana da kyau: (1) Yardar cewa rarraba kalmar sirri na musamman ne ga al'umma, (2) Gane cewa tattara kalmomin sirri da aka yi niyya ba shi da amfani/ba shi da aminci, (3) Gano cewa bayanan taimako yana aiki a matsayin wakili don ainihin al'umma, (4) Amfani da ikon gano tsarin koyo mai zurfi don koyon taswira, (5) Ba da damar daidaitawa ba tare da harbi ba. Wannan kwarara yana magance matsalar kaji da kwai a cikin tura kayan aikin tsaro.

Ƙarfi & Kurakurai

Ƙarfi: Kusurwar yin amfani da kowa yana da ban sha'awa—a ƙarshe yana kawo ingantaccen binciken kalmar sirri ga ƙungiyoyi ba tare da ƙwarewar ML ba. Bangaren kiyaye sirri (ba a buƙatar bayanan sirri) yana magance manyan matsalolin bin ka'ida. Ingantaccen aiki yana da mahimmanci, musamman ga al'ummomi masu zaman kansu.

Kurakurai: Tsarin ya gaji son zuciya daga bayanan horo (da farko Yammacin Turai, karya na Ingilishi). Yana ɗauka cewa akwai bayanan taimako—menene game da tsare-tsare tare da ƙaramin bayanin mai amfani? Yanayin akwatin baƙar fata yana ɗaga matsalolin bayyana don duba tsaro. Mafi mahimmanci, yana iya rage shingen maharan ma, yana haifar da tseren makamai a cikin karya kalmar sirri mai daidaitawa.

Bayanai Masu Aiki

Ƙungiyoyin tsaro yakamata nan da nan: (1) Bincika abin da bayanan taimako suka fallasa (ko da a cikin metadata), (2) Ɗauka cewa maharan za su yi amfani da waɗannan dabarun a cikin watanni 18-24, (3) Haɓaka matakan magance kamar ƙara amo ga bayanan taimako ko amfani da sirri daban-daban. Ga masu bincike: Gaba gaba shine bayanan taimako na adawa—ƙirƙira shigarwar da ke ɓatar da waɗannan tsare-tsare. Ga masu tsara manufofi: Wannan fasahar tana ɓata layi tsakanin tattara bayanai da haɗarin tsaro, yana buƙatar sabunta dokoki.

Idan aka kwatanta, wannan aikin yana tsaye tare da takardu na asali kamar "Kimiyyar Zato" (Klein, 1990) da "Mai Sauri, Sirara, da Daidai" (Weir et al., 2009) a cikin yuwuwar sake fasalin fagen. Duk da haka, ba kamar hanyoyin gargajiya waɗanda ke ɗaukar kalmomin sirri a keɓe ba, yana karɓar gaskiyar mahallin ainihin dijital—hangen nesa wanda ya fi dacewa da binciken halayen halayen zamani daga cibiyoyi kamar Laburaren Tsaro na Stanford.

7. Aikace-aikace na Gaba & Jagorori

Aikace-aikace Nan da Nan (shekaru 1-2):

  • Inganta manufar kalmar sirri na kamfani ba tare da duba kalmar sirri ba
  • Mita ƙarfin kalmar sirri masu motsi waɗanda suka dace da al'adun ƙungiya
  • Tsarin gano karya da ke gano hare-haren cushe shaidar
  • Shawarwarin mai sarrafa kalmar sirri da aka keɓance ga alƙaluman masu amfani

Ci gaba na Tsaka-tsaki (shekaru 3-5):

  • Haɗawa da tsarin Gudanar da Asali da Samun dama (IAM)
  • Siffofin koyon tarayya don haɗin gwiwar tsaro mai kiyaye sirri
  • Daidaitawa na ainihin lokaci yayin hare-haren shaidar
  • Daidaitawar duk faɗin yanayi (daga tsarin rubutu zuwa halayen halayen halayen)

Jagororin Bincike na Dogon Lokaci:

  • Ƙarfin gaba ga adawa da bayanan taimako da aka sarrafa
  • Ƙaddamarwa zuwa wasu abubuwan tabbatar da asali (tambayoyin tsaro, tsari)
  • Haɗawa da tsarin canjin tabbatar da asali ba tare da kalmar sirri ba
  • Tsarin ɗa'a don amfani da kariya da na kai hari

Tasirin Masana'antu: Wannan fasahar za ta haifar da sabon nau'in kayan aikin tsaro—dandamali na "Hankalin Tabbatar da Asali Mai Daidaitawa". Kamfanoni masu farawa za su fito suna ba da waɗannan a matsayin mafita na SaaS, yayin da masu siyar da tsaro na yanzu za su haɗa irin wannan iyawa cikin samfuran da suke da su. Masana'antar inshorar tsaro ta cyber na iya haɗa waɗannan tsare-tsare cikin algorithms na tantance haɗari.

8. Nassoshi

  1. Pasquini, D., Ateniese, G., & Troncoso, C. (2024). Universal Neural-Cracking Machines: Self-Configurable Password Models from Auxiliary Data. IEEE Symposium on Security and Privacy (S&P).
  2. Weir, M., Aggarwal, S., Medeiros, B. D., & Glodek, B. (2009). Password cracking using probabilistic context-free grammars. IEEE Symposium on Security and Privacy.
  3. Klein, D. V. (1990). Foiling the cracker: A survey of, and improvements to, password security. USENIX Security Symposium.
  4. Wang, D., Cheng, H., Wang, P., Huang, X., & Jian, G. (2017). A security analysis of honeywords. NDSS.
  5. Ur, B., et al. (2016). Design and evaluation of a data-driven password meter. CHI.
  6. Veras, R., Collins, C., & Thorpe, J. (2014). On the semantic patterns of passwords and their security impact. NDSS.
  7. Chen, T., Kornblith, S., Norouzi, M., & Hinton, G. (2020). A simple framework for contrastive learning of visual representations. ICML.
  8. Bonneau, J. (2012). The science of guessing: Analyzing an anonymized corpus of 70 million passwords. IEEE Symposium on Security and Privacy.
  9. Florencio, D., & Herley, C. (2007). A large-scale study of web password habits. WWW.
  10. Stanford Security Lab. (2023). Behavioral Biometrics and Authentication Patterns. Stanford University Technical Report.