Saul Johnson

Saul Johnson
Stenden University of Applied Sciences · Department of Informatics

Doctor of Philosophy
Working on applications of generative AI to cybersecurity in a maritime context.

About

6
Publications
1,414
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
14
Citations
Additional affiliations
August 2016 - July 2024
Teesside University
Position
  • Graduate Tutor
Description
  • Doctoral researcher focusing on password authentication and the application of formal methods and statistics to human factors in secure computing.

Publications

Publications (6)
Preprint
Full-text available
The choice of password composition policy to enforce on a password-protected system represents a critical security decision, and has been shown to significantly affect the vulnerability of user-chosen passwords to guessing attacks. In practice, however, this choice is not usually rigorous or justifiable, with a tendency for system administrators to...
Preprint
Full-text available
Large-scale password data breaches are becoming increasingly commonplace, which has enabled researchers to produce a substantial body of password security research utilising real-world password datasets, which often contain numbers of records in the tens or even hundreds of millions. While much study has been conducted on how password composition p...
Conference Paper
Full-text available
If we wish to compromise some password-protected system as an attacker (i.e. a member of the red team), we have a large number of popular and actively-maintained tools to choose from in helping us to realise our goal. Password hash cracking hardware and software, online guessing tools, exploit frameworks, and a wealth of tools for helping us to per...
Conference Paper
Full-text available
Large-scale password data breaches are becoming increasingly commonplace, which has enabled researchers to produce a substantial body of password security research utilising real-world password datasets, which often contain numbers of records in the tens or even hundreds of millions. While much study has been conducted on how password composition p...
Conference Paper
Full-text available
We propose the use of modern proof assistants to specify, implement, and verify password quality checkers. We use the proof assistant Coq, focusing on Linux PAM, a widely-used implementation of pluggable authentication modules for Linux. We show how password quality policies can be expressed in Coq and how to use Coq’s code extraction features to a...

Network

Cited By