A weak password scanning scheme of power system based on hot words

Konferenz: ECITech 2022 - The 2022 International Conference on Electrical, Control and Information Technology
25.03.2022 - 27.03.2022 in Kunming, China

Tagungsband: ECITech 2022

Seiten: 8Sprache: EnglischTyp: PDF

Autoren:
Wang, Qi; Zhang, Xiaojian (Global Energy Interconnection Research Institute Co. Ltd, Nanjing, Jiangsu, China & State Grid Key Laboratory of Information & Network Security, Nanjing, Jiangsu, China)
Peng, Jianing; Zheng, Tiejun (State Grid Ningxia Electric Power Co. Ltd, Yinchuan, Ningxia, China)
Yong, Shaohua (State Grid Zhongwei Electric Power Supply Company, Zhongwei, Ningxia, China)

Inhalt:
Passwords play an important role in power system security protection. But the existence of weak passwords poses a great threat to the security of the power system. However, the current password management methods of power industrial control systems have loopholes in which some weak passwords are not detected. This paper reference the design method of the PCFG algorithm and proposes a weak password scanning scheme. Hot words and personal information are introduced into the construction of a weak password dictionary for the first time, and the weak password dictionary is expanded based on machine learning technology. Passwords are stored as ciphertext in the power system. According to this characteristic, this scheme calculates the hash value of the weak password dictionary and compares that stored in the target system. This scheme can scan weak password ciphertext and is more suitable for the power system.