The robustness of a new CAPTCHA

Authors:
Ahmad Salah El Ahmad;Jeff Yan;Lindsay Marshall
Affiliations:
Newcastle University, UK;Newcastle University, UK;Newcastle University, UK
Venue:
Proceedings of the Third European Workshop on System Security
Year:
2010

Citing 7
Cited 6

Telling humans and computers apart automatically

Communications of the ACM - Information cities
Designing human friendly human interaction proofs (HIPs)

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Usability of CAPTCHAs or usability issues in CAPTCHA design

Proceedings of the 4th symposium on Usable privacy and security
A low-cost attack on a Microsoft captcha

Proceedings of the 15th ACM conference on Computer and communications security
Recognizing objects in adversarial clutter: breaking a visual captcha

CVPR'03 Proceedings of the 2003 IEEE computer society conference on Computer vision and pattern recognition
Building segmentation based human-friendly human interaction proofs (HIPs)

HIP'05 Proceedings of the Second international conference on Human Interactive Proofs
A highly legible CAPTCHA that resists segmentation attacks

HIP'05 Proceedings of the Second international conference on Human Interactive Proofs

On the necessity of user-friendly CAPTCHA

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
SEMAGE: a new image-based two-factor CAPTCHA

Proceedings of the 27th Annual Computer Security Applications Conference
AniCAP: an animated 3d CAPTCHA scheme based on motion parallax

CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Breaking reCAPTCHAs with unpredictable collapse: heuristic character segmentation and recognition

MCPR'12 Proceedings of the 4th Mexican conference on Pattern Recognition
The robustness of hollow CAPTCHAs

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
FaceDCAPTCHA: Face detection based color image CAPTCHA

Future Generation Computer Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

CAPTCHA is a standard security technology that presents tests to tell computers and humans apart. In this paper, we examine the security of a new CAPTCHA that was deployed until very recently by Megaupload, a leading online storage and delivery website. The security of this scheme relies on a novel segmentation resistance mechanism. However, we show that this CAPTCHA can be segmented using a simple but new automated attack with a success rate of 78%. It takes about 120 ms on average to segment each challenge on a standard desktop computer.