HomeWinBuzzer NewsMicrosoft AI Helps Detect Password Spray Attacks

Microsoft AI Helps Detect Password Spray Attacks

Microsoft has a new AI that boosts the capabilities of detecting password spray attacks, which are crude but common.


is heavily invested in digital security, so the company has been deeply involved in National Cyber Security Awareness Month (NCSAM) during October. Through the month, Microsoft has made several -related announcements. As the awareness campaign winds to an end, the company has one more tool to discuss

To end NCSAM, Microsoft is announcing a machine learning algorithm that will detect password spray attacks. It is available in AD Identity Protection. Importantly, Redmond says the tool provides significantly better results than the previous algorithm.

Password spray attacks are a common type of digital attack that rely on fairly primitive methods. A bad actor will use thousand of IP addresses through a botnet with common passwords.

This is different to a password attack on a single user where the actor will use many passwords. Instead, a spray attack uses a few common passwords but spread them across thousands of accounts looking for a hit.

While the success rate is poor, these attacks are not easy to detect and when they do work they are dangerous. Researchers have found account users are much more likely to dismiss one or two failed login attempt notifications than they are multiple attempts.

Improving AI

Microsoft's new AI can counter password spray attacks. In fact, the company has been combating these attacks with AI for some time. However, the older heuristic mechanism had some limitations. With the new model, Microsoft says the algorithm is stronger and looks at unfamiliar logins, IP reputation, and general account deviations.

“The results of this research led to this month's release of the new password spray risk detection. This new machine learning detection yields a 100 percent increase in recall over the heuristic algorithm described above meaning it detects twice the number of compromised accounts of the previous algorithm. It does this while maintaining the previous algorithm's amazing 98 percent precision—meaning if this algorithm says an account fell to password spray, it's almost certain that it did.”

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News