HoneySpam 2.0: Profiling Web Spambot Behaviour
PRIMA '09 Proceedings of the 12th International Conference on Principles of Practice in Multi-Agent Systems
Proceedings of the 26th Annual Computer Security Applications Conference
Re: CAPTCHAs: understanding CAPTCHA-solving services in an economic context
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Behaviour-Based web spambot detection by utilising action time and action frequency
ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part II
Proceedings of the 6th International Conference on Rehabilitation Engineering & Assistive Technology
Hi-index | 0.00 |
CAPTCHAs are automated Turing tests used to determine if the end-user is human and not an automated program. Users are asked to read and answer Visual CAPTCHAs, which often appear as bitmaps of text characters, in order to gain access to a low-cost resource such as webmail or a blog. CAPTCHAs are generated by software and the structure of a CAPTCHA gives hints to its implementation. Thus due to these properties of image processing and image composition, the process that creates CAPTCHAs can often be reverse engineered. Once the implementation strategy of a family of CAPTCHAs has been reverse engineered the CAPTCHA instances may be solved automatically by leveraging weaknesses in the creation process or by comparing a CAPTCHA's output against itself. In this paper, we present a case study where we reverse engineer and solve real-world CAPTCHAs using simple image processing techniques such as bitmap comparison, thresholding, fill-flood segmentation, dilation, and erosion. We present black-box and white-box methodologies for reverse engineering and solving CAPTCHAs. As well we provide an open source toolkit for solving CAPTCHAs that we have used with a success rates of 99, 95, 61, 30%, and 27% on hundreds of CAPTCHAs from five real-world examples.