Shaun-inn Wu
ABSTRACT
Many websites use CAPTCHA to defend against malicious automated programs from performing abusive tasks such as illegitimate account registration. CAPTCHA is widely used on commercial websites as a HIP system due to its simplicity of use and effectiveness against attacks. Over the years advances in Optical Character Recognition (OCR) software and techniques developed to break CAPTCHA began to expose flaws and vulnerabilities of these CAPTCHA implementations. CAPTCHA can be improved by adding several levels of complexity but still retain the purpose of CAPTCHA by making it simple for human users but difficult for bots to break. In our system different challenge phrases were displayed instead of one like traditional methods. To pass our CAPTCHA challenge questions, users have to graphically interpret the displayed image to determine which challenge phrase to decipher. Several schemes have been designed and implemented. A particular design was chosen based on the result of surveys conducted on human subjects for the user-friendliness. The result of the surveys shows that our design is preferred by users and helps preventing automated attacks from bots using known methods.
- Ahn, L., Blum, M., Hopper, N. and Langford, J. CAPTCHA: Telling Humans and Computers Apart Automatically. DOI=http://www.captcha.net/, 2014. Google Scholar
Digital Library
- Gossweiler, R, Kamvar, M., and Baluja, S., What's Up CAPTCHA?: a CAPTCHA Based on Image Orientation, Proceedings of the 18th International Conference on World Wide Web, New York, NY, 2009, pp. 841--850. Google ScholarDigital Library
- Grossman, L., Computer Literacy Tests: Are You Human? The Time Magazine, June 5, 2008.Google Scholar
- Nguyen, V., Chow, Y., and Susilo, W., Breaking a 3D-based CHAPCHA, Proceedings of the 14th International Conference on Information Security and Cryptology, Heidelberg, Germany, 2012, pp. 391--405. Google ScholarDigital Library
- Rusu, A. and Govindaraju, V., Handwritten CAPTCHA: Using the difference in the abilities of humans and machines in reading handwritten words, Proceedings of the Ninth International Workshop on Frontiers in Handwriting Recognition, Washington, DC, 2004, pp. 226--231. Google ScholarDigital Library
- Rusu, A. and Govindaraju, V., Leveraging Cognitive Factors in Securing WWW with CAPTCHA, Proceedings of the 2010 USENIX conference on Web Application, Boston, NY, 2010, pp. 1--60. Google ScholarDigital Library
- Yan, J. and. Ahmad, A., Breaking Visual CAPTCHAs with Naïve Pattern Recognition Algorithms, Proceedings of 23rd Annual Computer Security Applications Conference, 2007, Miami Beach, FL., Dec 2007, pp. 279--291.Google Scholar
- Yan, J. and. Ahmad, A., A Low-cost Attack on a Microsoft CAPTCHA, Proceedings of the 15th ACM Conference on Computer and Communications Security, New York, NY, 2008, pp. 543--554. Google ScholarDigital Library
Index Terms
- Image enhanced CAPTCHA for web security
Recommendations
Balancing usability and security in a video CAPTCHA
SOUPS '09: Proceedings of the 5th Symposium on Usable Privacy and SecurityWe present a technique for using content-based video labeling as a CAPTCHA task. Our CAPTCHAs are generated from YouTube videos, which contain labels (tags) supplied by the person that uploaded the video. They are graded using a video's tags, as well as ...
Recent advances of Captcha security analysis: a short literature review
AbstractCAPTCHA has long been used to keep bots from misusing web services. Various CAPTCHA schemes have been proposed over the years, principally to increase usability and security against emerging bots and hackers performing malicious operations. ...
CAPTCHA: Impact of Website Security on User Experience
ICIIT '19: Proceedings of the 2019 4th International Conference on Intelligent Information TechnologyAs currently many people use the Internet to access websites, Internet security becomes an important topic. One popular security mechanism is Captcha or Completely Automated Public Turing Computer and Humans Apart, which determine whether or not the ...
Comments