Directcha-maze: A Study of CAPTCHA Configuration with Machine Learning and Brute-Force Attack Defensibility Along with User Convenience Consideration

Sano, Ayane; Fujita, Masahiro; Nishigaki, Masakatsu

doi:10.1007/978-3-319-69811-3_45

Ayane Sano⁵,
Masahiro Fujita⁵ &
Masakatsu Nishigaki⁵

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 12))

Included in the following conference series:

International Conference on Broadband and Wireless Computing, Communication and Applications

1022 Accesses

Abstract

The Turing test plays an important role in discriminating humans from malicious automated programs and the Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) has been widely used. A simple and very effective way to enhance CAPTCHA is to repeat the same kind of CAPTCHA tasks multiple times. However, the repetition of CAPTCHA tasks surely increases users’ psychological burden. This motivated us to study a new CAPTCHA configuration with the machine learning and brute-force attack defensibility without increasing users’ psychological burden. We propose “Directcha-maze” in which multiple CAPTCHA tasks are implicitly embedded in a maze. What users are conscious of is a maze solving task, and thus it is expected that users do not feel psychological burden on CAPTCHA tasks hidden in the maze; rather, solving a maze should be an enjoyable task for users. We developed a prototype Directcha-maze system and conducted a basic experiment. The results showed the effectiveness of our Directcha-maze system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 169.00; Price excludes VAT (USA)

Softcover Book: USD 219.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
This is almost the same value as the five characters’ text-based CAPTCHA. A text-based CAPTCHA used by Google uses 5–7 lower-case alphabetic characters.

References

The Official CAPTCHA Site. http://www.captcha.net/
Elson, J., Douceur, J., Howela, J., Saul, J.: Asirra: a CAPTCHA that exploit interest aligned manual image categorization. In: 2007 ACM CSS, pp. 366–374 (2007)
Google Scholar
Yan, J., Ahmad, A.S.E.: Breaking visual CAPTCHAs with naïve pattern recognition algorithms. In: 2007 Computer Security Applications Conference, pp. 279–291 (2007)
Google Scholar
Golle, P.: Machine learning attacks against the ASIRRA CAPTCHA. In: 2008 ACM CSS, pp. 535–542 (2008)
Google Scholar
Yamamoto, T., Tygar, J.D., Nishigaki, M.: CAPTCHA using strangeness in machine translation. In: The 24th International Conference on Advanced Information Networking and Applications, pp. 430–437 (2010)
Google Scholar
Ross, S., Halderman, J., Finkelstein, A.: Sketcha: a Captcha based on line drawings of 3D models. In: The 19th International Conference on World Wide Web, pp. 821–830 (2010)
Google Scholar
Sano, A., Fujita, M., Nishigaki, M.: Directcha: A Proposal of Spatiometric Mental Rotation CAPTCHA. In: The 14th International Conference on Privacy, Security and Trust, pp. 585–592 (2016)
Google Scholar
Fujita, M., Ikeya, Y., Kani, J., Nishigaki, M.: Chimera CAPTCHA: a proposal of CAPTCHA using strangeness in merged objects. In: The 17th International Conference on Human-Computer Interaction, pp. 48–58 (2015)
Google Scholar
Fujita, M., Ikeya, Y., Kani, J., Nishigaki, M.: An unrealistic image CAPTCHA: A 3DCG CAPTCHA using something different from common sense. IPSJ J. 56(12), 2324–2336 (2015). (in Japanese)
Google Scholar
Shepard, R., Cooper, L.: Mental Images and Their Transformations. MIT Press, Cambridge (1982)
Google Scholar
Shepard, R., Metzler, J.: Mental rotation of three dimensional objects. Sci. New Ser. 171(3972), 701–703 (1971)
Google Scholar

Download references

Acknowledgements

In this study, we used free 3D models published on Metaseko-Sozai (http://sakura.hippy.jp/meta/) and TurboSquid (http://www.turbosquid.com/). We would like to thank Prof. Yugo Takeuchi of Shizuoka University for his valuable advice regarding to cognitive science. We also would like to thank Mr. Hiroaki Matsuno of Shizuoka University for his support regarding to a part of the implementation of Directcha-maze system.

Author information

Authors and Affiliations

Shizuoka University, Hamamatsu, Japan
Ayane Sano, Masahiro Fujita & Masakatsu Nishigaki

Authors

Ayane Sano
View author publications
You can also search for this author in PubMed Google Scholar
Masahiro Fujita
View author publications
You can also search for this author in PubMed Google Scholar
Masakatsu Nishigaki
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Masakatsu Nishigaki .

Editor information

Editors and Affiliations

Faculty of Information Engineering, Department of Information and Communication Engineering, Fukuoka Institute of Technology, Fukuoka, Japan
Leonard Barolli
Technical University of Catalonia, Barcelona, Spain
Fatos Xhafa
Open University of Catalonia, Barcelona, Spain
Jordi Conesa

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Sano, A., Fujita, M., Nishigaki, M. (2018). Directcha-maze: A Study of CAPTCHA Configuration with Machine Learning and Brute-Force Attack Defensibility Along with User Convenience Consideration. In: Barolli, L., Xhafa, F., Conesa, J. (eds) Advances on Broad-Band Wireless Computing, Communication and Applications. BWCCA 2017. Lecture Notes on Data Engineering and Communications Technologies, vol 12. Springer, Cham. https://doi.org/10.1007/978-3-319-69811-3_45

Download citation

DOI: https://doi.org/10.1007/978-3-319-69811-3_45
Published: 02 November 2017
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-69810-6
Online ISBN: 978-3-319-69811-3
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics