Using Character Recognition and Segmentation to Tell Computer from Humans
ICDAR '03 Proceedings of the Seventh International Conference on Document Analysis and Recognition - Volume 1
Best Practices for Convolutional Neural Networks Applied to Visual Document Analysis
ICDAR '03 Proceedings of the Seventh International Conference on Document Analysis and Recognition - Volume 2
Telling humans and computers apart automatically
Communications of the ACM - Information cities
Designing human friendly human interaction proofs (HIPs)
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Is It Human or Computer? Defending E-Commerce with Captchas
IT Professional
Asirra: a CAPTCHA that exploits interest-aligned manual image categorization
Proceedings of the 14th ACM conference on Computer and communications security
Usability of CAPTCHAs or usability issues in CAPTCHA design
Proceedings of the 4th symposium on Usable privacy and security
A low-cost attack on a Microsoft captcha
Proceedings of the 15th ACM conference on Computer and communications security
Distortion estimation techniques in solving visual CAPTCHAs
CVPR'04 Proceedings of the 2004 IEEE computer society conference on Computer vision and pattern recognition
Recognizing objects in adversarial clutter: breaking a visual captcha
CVPR'03 Proceedings of the 2003 IEEE computer society conference on Computer vision and pattern recognition
Building segmentation based human-friendly human interaction proofs (HIPs)
HIP'05 Proceedings of the Second international conference on Human Interactive Proofs
Machine learning attacks against the Asirra CAPTCHA
Proceedings of the 15th ACM conference on Computer and communications security
A low-cost attack on a Microsoft captcha
Proceedings of the 15th ACM conference on Computer and communications security
Balancing usability and security in a video CAPTCHA
Proceedings of the 5th Symposium on Usable Privacy and Security
ACM SIGGRAPH Asia 2009 papers
Streamlining attacks on CAPTCHAs with a computer game
IJCAI'09 Proceedings of the 21st international jont conference on Artifical intelligence
The robustness of a new CAPTCHA
Proceedings of the Third European Workshop on System Security
Scene tagging: image-based CAPTCHA using image composition and object relationships
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
An efficient segmentation algorithm for CAPTCHAs with line cluttering and character warping
Multimedia Tools and Applications
CAPTCHA smuggling: hijacking web browsing sessions to create CAPTCHA farms
Proceedings of the 2010 ACM Symposium on Applied Computing
Towards A Universally Usable Human Interaction Proof: Evaluation of Task Completion Strategies
ACM Transactions on Accessible Computing (TACCESS)
Leveraging cognitive factors in securing WWW with CAPTCHA
WebApps'10 Proceedings of the 2010 USENIX conference on Web application development
Attacks and design of image recognition CAPTCHAs
Proceedings of the 17th ACM conference on Computer and communications security
Abusing social networks for automated user profiling
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Attacking image recognition CAPTCHAS: a naive but effective approach
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
Proceedings of the 26th Annual Computer Security Applications Conference
Re: CAPTCHAs: understanding CAPTCHA-solving services in an economic context
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
A study of CAPTCHA and its application to user authentication
ICCCI'10 Proceedings of the Second international conference on Computational collective intelligence: technologies and applications - Volume Part II
CAPTCHA phishing: a practical attack on human interaction proofing
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
An efficient password authentication method using CAPTCHA
ICHIT'11 Proceedings of the 5th international conference on Convergence and hybrid information technology
Detecting fraudulent use of cloud resources
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Text-based CAPTCHA strengths and weaknesses
Proceedings of the 18th ACM conference on Computer and communications security
SEMAGE: a new image-based two-factor CAPTCHA
Proceedings of the 27th Annual Computer Security Applications Conference
A survey of emerging approaches to spam filtering
ACM Computing Surveys (CSUR)
CMS'10 Proceedings of the 11th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security
AniCAP: an animated 3d CAPTCHA scheme based on motion parallax
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
The SoundsRight CAPTCHA: an improved approach to audio human interaction proofs for blind users
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Enhanced STE3D-CAP: a novel 3d CAPTCHA family
ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
Review: Analyzing well-known countermeasures against distributed denial of service attacks
Computer Communications
Breaking an animated CAPTCHA scheme
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Security and usability challenges of moving-object CAPTCHAs: decoding codewords in motion
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Breaking a 3d-based CAPTCHA scheme
ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Breaking reCAPTCHAs with unpredictable collapse: heuristic character segmentation and recognition
MCPR'12 Proceedings of the 4th Mexican conference on Pattern Recognition
For human eyes only: security and usability evaluation
Proceedings of the 2012 ACM workshop on Privacy in the electronic society
Segmentation of CAPTCHAs based on complex networks
AICI'12 Proceedings of the 4th international conference on Artificial Intelligence and Computational Intelligence
Fluxing botnet command and control channels with URL shortening services
Computer Communications
Blog or block: Detecting blog bots through behavioral biometrics
Computer Networks: The International Journal of Computer and Telecommunications Networking
A survey and analysis of current CAPTCHA approaches
Journal of Web Engineering
Framework for evaluation of text captchas
Proceedings of the 22nd international conference on World Wide Web companion
The robustness of hollow CAPTCHAs
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
FaceDCAPTCHA: Face detection based color image CAPTCHA
Future Generation Computer Systems
A novel gesture-based CAPTCHA design for smart devices
BCS-HCI '13 Proceedings of the 27th International BCS Human Computer Interaction Conference
Hi-index | 0.00 |
CAPTCHA is now almost a standard security technology. The most widely deployed CAPTCHAs are text-based schemes, which typically require users to solve a text recognition task. The state of the art of CAPTCHA design suggests that such text-based schemes should rely on segmentation resistance to provide security guarantee, as individual character recognition after segmentation can be solved with a high success rate by standard methods such as neural networks. In this paper, we present new character segmentation techniques of general value to attack a number of text CAPTCHAs, including the schemes designed and deployed by Microsoft, Yahoo and Google. In particular, the Microsoft CAPTCHA has been deployed since 2002 at many of their online services including Hotmail, MSN and Windows Live. Designed to be segmentation-resistant, this scheme has been studied and tuned by its designers over the years. However, our simple attack has achieved a segmentation success rate of higher than 90% against this scheme. It took on average ~80 ms for the attack to completely segment a challenge on an ordinary desktop computer. As a result, we estimate that this CAPTCHA could be instantly broken by a malicious bot with an overall (segmentation and then recognition) success rate of more than 60%. On the contrary, the design goal was that automated attacks should not achieve a success rate of higher than 0.01%. For the first time, this paper shows that CAPTCHAs that are carefully designed to be segmentation-resistant are vulnerable to novel but simple attacks.