Abstract
When conducting a criminal investigation, accessing mobile phone data is crucial for law enforcement. However, encryption mechanisms and user locks are becoming increasingly complex and more challenging for forensic examiners. Although there are tools that can perform brute-force attacks to crack passwords on mobile phones, it becomes difficult when faced with alphanumeric passwords. The challenge is not only the algorithm but also the use of a customized dictionary. It is impractical to use a complete dictionary with all possible combinations as the attack conditions are very restrictive, and the time it takes to crack the password becomes too long depending on its length. In this article, we present a learning framework based on a set of dictionaries, variation rules, and fragment permutations. Dictionaries are organized from different perspectives of personal data, open sources, and groups of contexts. The naming and ordering of the dictionary help digital forensics examiners strategize and improve their chances of success in cracking alphanumeric passwords.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Sathe, S.C., Dongre, N.M.: Data acquisition techniques in mobile forensics. In: 2018 2nd International Conference on Inventive Systems and Control (ICISC), Coimbatore, India, pp. 280–286 (2018). https://doi.org/10.1109/ICISC.2018.8399079
Kanta, A., Coray, S., Coisel, I., Scanlon, M.: How viable is password cracking in digital forensic investigation? Analyzing the guessability of over 3.9 billion real-world accounts. Forensic Sci. Int.: Digit. Invest. 37 (2021)
Brown, A.S., Bracken, E., Zoccoli, S., Douglas, K.: Generating and remembering passwords. Appl. Cognit. Psychol.: Off. J. Soc. Appl. Res. Mem. Cogn. 18(6), 641–651 (2004)
Hunt, T.: The science of password selections. TroyHunt.com blog (2011). https://www.troyhunt.com/science-of-password-selection/
Fukami, A., Stoykova, R., Geradts, Z.: A new model for forensic data extraction from encrypted mobile devices. Forensic Sci. Int.: Digit. Invest. 38, 301169 (2021). https://doi.org/10.1016/j.fsidi.2021.301169. ISSN 2666-2817
Bielska, A., Kurs, N., Baumgartner, Y., Benetis, V.: OpenSource intelligence tools and resources handbook. I-Intelligence (2020). https://i-intelligence.eu/uploads/public-documents/OSINT_Handbook_2020.pdf
Kanta, A., Coisel, I., Scanlon, M.: A survey exploring open source intelligence for smarter password cracking. Forensic Sci. Int.: Digit. Invest. 35, 301075 (2020). https://doi.org/10.1016/j.fsidi.2020.301075
Quick, D., Choo, K.: Digital forensic intelligence: data subsets and open source intelligence (DFINT+OSINT): a timely and cohesive mix. Future Gener. Comput. Syst. 78(Part 2), 558–567 (2018). https://doi.org/10.1016/j.future.2016.12.032. ISSN 0167-739X
Bang, Y., Lee, D., Bae, Y., Ahn, J.: Improving information security management: an analysis of ID–password usage and a new login vulnerability measure. Int. J. Inf. Manage. 32(5), 409–418 (2012). https://doi.org/10.1016/j.ijinfomgt.2012.01.001. ISSN 0268-4012
Vo, N.: How long does it take to crack a password? A brief explanation. Locker (2022). https://locker.io/blog/time-to-crack-a-password
Jiang, X., Sun, X., Liu, Q.: Password guessing attack based on probabilistic context free algorithm. In: 2022 IEEE 8th International Conference on Computer and Communications (ICCC), Chengdu, China, pp. 1234–1238 (2022). https://doi.org/10.1109/ICCC56324.2022.10065766
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Nassif, L.N., de Oliveira, J.S. (2024). Learning Framework for Guessing Alphanumeric Passwords on Mobile Phones Based on User Context and Fragment Semantics. In: Goel, S., Nunes de Souza, P.R. (eds) Digital Forensics and Cyber Crime. ICDF2C 2023. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 571. Springer, Cham. https://doi.org/10.1007/978-3-031-56583-0_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-56583-0_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-56582-3
Online ISBN: 978-3-031-56583-0
eBook Packages: Computer ScienceComputer Science (R0)