Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Brute-Force language detection

I need an algorithm (any programming language) to test the vitality with an hill climbing algorithm for breaking a cipher for a crypto challenge. The algorithm should test how likely it is that an random-decryption (has no spaces) is an English text (also giving points for yet incomplete words!) or just a random sequence of characters.

I tried it with several algorithms I developed but they were not so good.

My research:

An enigma M4 crypto project ( http://www.bytereef.org/m4_project.html ) uses the Sinkov statistics, which I want to use, too.

The only thing I found was a document of «quebra -pedra», a Java framework that includes the Sinkov log-weight analysis I am searching for.

http://www.google.com/m?client=ms-android-samsung&source=android-home#q=Quebra-pedra+framework+java

But I have not found where to download the framework. Also I have not found any implementation or description of the Sinkov test.

I would be glad for any hints. Thanks.

like image 911
Daniel Marschall Avatar asked Oct 17 '11 23:10

Daniel Marschall


People also ask

What is brute force detection?

A brute force attack is a trial-and-error technique attackers use to discover valid user credentials by guessing every possible combination of characters until they find the correct combination. Attackers target credentials to steal sensitive information or conduct malicious operations on the targeted systems.

Can brute force be detected?

You can detect hints of an upcoming attack in increased network activity, access violations, and unusual user behavior. Brute force indicators differ slightly depending on the type of attack and toolset a hacker uses. The good news is you can detect all of them with the same set of cybersecurity tools and practices.

Do hackers still use brute force?

While some attackers still perform brute force attacks manually, today almost all brute force attacks today are performed by bots. Attackers have lists of commonly used credentials, or real user credentials, obtained via security breaches or the dark web.

Is brute force still effective?

Today, the vast majority of online login forms prevent too many login attempts from being made in a short space of time. Since brute force attacks rely on being able to make billions of guesses, this renders them ineffective online at the app level.


1 Answers

I don't know about Sinkov statistics, but language models from natural language processing can do exactly what you want, scoring text by how similar it is to English.

I wrote a simple character bigram one here, it should be reasonably easy to follow.

https://github.com/rrenaud/Gibberish-Detector

like image 76
Rob Neuhaus Avatar answered Sep 29 '22 22:09

Rob Neuhaus