A fast parallel algorithm for thinning digital patterns
Communications of the ACM
Best Practices for Convolutional Neural Networks Applied to Visual Document Analysis
ICDAR '03 Proceedings of the Seventh International Conference on Document Analysis and Recognition - Volume 2
Telling humans and computers apart automatically
Communications of the ACM - Information cities
Usability of CAPTCHAs or usability issues in CAPTCHA design
Proceedings of the 4th symposium on Usable privacy and security
A low-cost attack on a Microsoft captcha
Proceedings of the 15th ACM conference on Computer and communications security
Some Variations of Lee's Algorithm
IEEE Transactions on Computers
The robustness of a new CAPTCHA
Proceedings of the Third European Workshop on System Security
Attacks and design of image recognition CAPTCHAs
Proceedings of the 17th ACM conference on Computer and communications security
Distortion estimation techniques in solving visual CAPTCHAs
CVPR'04 Proceedings of the 2004 IEEE computer society conference on Computer vision and pattern recognition
Recognizing objects in adversarial clutter: breaking a visual captcha
CVPR'03 Proceedings of the 2003 IEEE computer society conference on Computer vision and pattern recognition
Text-based CAPTCHA strengths and weaknesses
Proceedings of the 18th ACM conference on Computer and communications security
Security and usability challenges of moving-object CAPTCHAs: decoding codewords in motion
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Hi-index | 0.00 |
CAPTCHA is now a standard security technology for differentiating between computers and humans, and the most widely deployed schemes are text-based. While many text schemes have been broken, hollow CAPTCHAs have emerged as one of the latest designs, and they have been deployed by major companies such as Yahoo!, Tencent, Sina, China Mobile and Baidu. A main feature of such schemes is to use contour lines to form connected hollow characters with the aim of improving security and usability simultaneously, as it is hard for standard techniques to segment and recognize such connected characters, which are however easy to human eyes. In this paper, we provide the first analysis of hollow CAPTCHAs' robustness. We show that with a simple but novel attack, we can successfully break a whole family of hollow CAPTCHAs, including those deployed by all the major companies. While our attack casts serious doubt on the viability of current designs, we offer lessons and guidelines for designing better hollow CAPTCHAs.