Abstract
CAPTCHA is a type of challenge response test used to distinguish human users from malicious computer programs such as bots, and is used to protect email, blogs, and other web services from bot attacks. So far, research on enhance of CAPTCHA’s resistance to bot attacks has been proceeded to counter advanced automated attacks method. However, an attack technique known as a relay attack has been devised to circumvent CAPTCHA. In this attack, since human solves CAPTCHA, the existing measures assuming bots have no effect on this attack. We designed a new CAPTCHA scheme for relay attacks tolerance and automated attacks tolerance. In this paper, we tested the robustness of the proposed method against several types of automated attacks. We constructed an experimental environment in which a relay attack can be simulated, and designed a series of experiments to evaluate the performance of the proposed method. As a result, we found that the proposed CAPTCHA scheme offers some of level of resistance to automated attacks and relay attacks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: CAPTCHA: telling humans and computers apart automatically. In: Advances in Cryptology, Eurocrypt 2003, Lecture Notes in Computer Science, vol. 2656, pp. 294–311 (2003)
Mohamed, M., Sachdeva, N., Georgescu, M., Gao, S., Zhang, C.: A three-way investigation of a game-CAPTCHA: automated attacks, relay attacks and usability. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, pp. 195–206. ACM (2014)
Mohamed, M., Gao, S., Saxena, N., Zhang, C.: Dynamic cognitive game CAPTCHA usability and detection of streaming-based farming. In: The Workshop on Usable Security (USEC), Co-located with NDSS (2014)
Khan, I.R., Farbiz, F.: A back projection scheme for accurate mean shift based tracking. In: 2010 17th IEEE International Conference on Image Processing (ICIP), pp. 33–36. IEEE (2010)
Index of /software/vyos/iso/release/1.1.7 (2016). ftp.tsukuba.wide.ad.jp. http://ftp.tsukuba.wide.ad.jp/software/vyos/iso/release/1.1.7/. Accessed Oct 2016
Yan, J., EI Ahmad, A.S.: Usability of CAPTCHAs or usability issues in CAPTCHA design. In: Proceedings of the 4th Symposium on Usable Privacy and Security, pp. 44–52. ACM (2008)
Motoyama, M., Levchenko, K., Kanich, C., McCoy, D., Coelker, G.M., Savage, S.: Re: CAPTCHAs-Understanding CAPTCHA-Solving Services in an Economic Context. In: USENIX Security Symposium, Washington, pp. 1–18 (2010)
Bohan, M., Chaparro, A.: Age-related differences in performance using a mouse and trackball. Proc. Hum. Factors Ergon. Soc. Ann. Meet. 42(2), 152–155 (1998)
Zende, S., Tambile, V., Thakur, A., Schendge, M., Rathi, S.: Mouse pointer movement using Gaze tracking system. Int. J. Comput. Appl. 140(11), 1–4 (2016)
Acknowledgments
This work was supported by JSPS KAKENHI Grant Numbers JP17H01736, JP17K00139.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Tatsuda, R. et al. (2018). An Examination of CAPTCHA for Tolerance of Relay Attacks and Automated Attacks. In: Barolli, L., Xhafa, F., Javaid, N., Spaho, E., Kolici, V. (eds) Advances in Internet, Data & Web Technologies. EIDWT 2018. Lecture Notes on Data Engineering and Communications Technologies, vol 17. Springer, Cham. https://doi.org/10.1007/978-3-319-75928-9_80
Download citation
DOI: https://doi.org/10.1007/978-3-319-75928-9_80
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-75927-2
Online ISBN: 978-3-319-75928-9
eBook Packages: EngineeringEngineering (R0)