The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.02 - February (2011 vol.44)
pp: 54-60
Jeff Yan , Newcastle Univ, Newcastle upon Tyne
Ahmad Salah El Ahmad , Newcastle University,
ABSTRACT
Captchas are a standard defense on commercial websites against undesirable or malicious Internet bot programs, but widely deployed schemes can be broken with simple but novel attacks. Applying security engineering expertise to the design of Captchas can significantly improve their robustness.
INDEX TERMS
Captchas, Robustness, Segmentation, Internet security, Security engineering
CITATION
Jeff Yan, Ahmad Salah El Ahmad, "Captcha Robustness: A Security Engineering Perspective", Computer, vol.44, no. 2, pp. 54-60, February 2011, doi:10.1109/MC.2010.275
REFERENCES
1. L. von Ahn, M. Blum, and J. Langford, "Telling Humans and Computer Apart Automatically: How Lazy Cryptographers Do AI," Comm. ACM, vol. 47, no. 2, 2004, pp. 57-60.
2. M. Naor, "Verification of a Human in the Loop, or Identification via the Turing Test," unpublished manuscript, 1996; www.wisdom.weizmann.ac.il/~naor/PAPERShuman.pdf .
3. H. Yeend, "Breaking CAPTCHAs without Using OCR," blog entry, 2005; www.puremango.co.ukcm_breaking_captcha_115.php .
4. G. Mori and J. Malik, "Recognising Objects in Adversarial Clutter: Breaking a Visual CAPTCHA," Proc. 2003 IEEE Conf. Computer Vision and Pattern Recognition (CVPR 03), vol. 1, IEEE CS Press, 2003, pp. 134-141.
5. G. Moy et al., "Distortion Estimation Techniques in Solving Visual CAPTCHAs," Proc. 2004 IEEE Conf. Computer Vision and Pattern Recognition (CVPR 04), vol. 2, IEEE CS Press, 2004, pp. 23-28.
6. K. Chellapilla and P.Y. Simard, "Using Machine Learning to Break Visual Human Interaction Proofs (HIPs)," Advances in Neural Processing Systems 17 (NIPS 04), MIT Press, 2004, pp. 265-272.
7. K. Chellapilla et al., "Building Segmentation Based Human-Friendly Human Interaction Proofs (HIPs)," Proc. 2nd Int'l Workshop Human Interaction Proofs (HIP 05), LNCS 3517, Springer, 2005, pp. 1-26.
8. P.Y. Simard et al., "Using Character Recognition and Segmentation to Tell Computers from Humans," Proc. 7th Int'l Conf. Document Analysis and Recognition (ICDAR 03), vol. 1, IEEE CS Press, 2003, pp. 418-423.
9. J. Yan and A.S. El Ahmad, "Usability of CAPTCHAs, Or Usability Issues in CAPTCHA Design," Proc. 4th Symp. Usable Privacy and Security (SOUPS 08), ACM Press, 2008, pp. 44-52.
10. T. Converse, "CAPTCHA Generation as a Web Service," Proc. 2nd Int'l Workshop Human Interactive Proofs (HIP 05), LNCS 3517, Springer, 2005, pp. 82-96.
11. J. Yan and A.S. El Ahmad, "Breaking Visual CAPTCHAs with Naïve Pattern Recognition Algorithms," Proc. 23rd Ann. Computer Security Applications Conf. (ACSAC 07), IEEE CS Press, 2007, pp. 279-291.
12. J. Yan and A.S. El Ahmad, "A Low-Cost Attack on a Microsoft CAPTCHA," Proc. 15th ACM Conf. Computer and Comm. Security (CCS 08), ACM Press, 2008, pp. 543-554.
13. E. Biham and A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer, 1993.
5 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool