Skip to main content
SpringerLink
Log in

Attacking Image Recognition Captchas

A Naive but Effective Approach

  • Conference paper
Trust, Privacy and Security in Digital Business (TrustBus 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6264))

Abstract

The landscape of the World Wide Web today consists of a vast amount of services. While most of them are offered for free, the service providers prohibit their malicious usage by automated scripts. To enforce this policy, Captchas have emerged as a reliable method to setup a Turing test to distinguish between human and computers. Image recognition Captchas as one type of Captchas promise high human success rates. In this paper however, we develop an successful approach to attack this type of Captcha. To evaluate our attack we implemented a publicly available tool, which delivers promising results for the HumanAuth Captcha and others. Based upon our findings we propose several techniques for improving future versions of image recognition Captchas.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Banday, M.T., Shah, N.A.: Image flip captcha. ISC International Journal of Information Security (ISeCure) 1(2), 105–123 (2009)

    Google Scholar 

  2. Barnard, K., Duygulu, P., Forsyth, D.A., de Freitas, N., Blei, D.M., Jordan, M.I.: Matching words and pictures. Journal of Machine Learning Research 3, 1107–1135 (2003)

    MATH  Google Scholar 

  3. Chew, M., Tygar, J.D.: Image recognition captchas. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 268–279. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  4. Elson, J., Douceur, J.R., Howell, J., Saul, J.: Asirra: a captcha that exploits interest-aligned manual image categorization. In: Proc. of the 14th ACM Conference on Computer and Communications, CCS ’07 (2007)

    Google Scholar 

  5. Golle, P.: Machine learning attacks against the asirra captcha. In: Proc. of the 15th ACM Conference on Computer and Communications Security, CCS ’08 (2008)

    Google Scholar 

  6. Hernandez-Castro, C.J., Ribagorda, A., Saez, Y.: Side-channel attack on labeling captchas. Computing Research Repository (08/2009)

    Google Scholar 

  7. Mori, G., Malik, J.: Recognizing objects in adversarial clutter: Breaking a visual captcha. In: Proc. of the 16th IEEE Computer Society Conference on Computer Vision and Pattern Recognition, CVPR ’03 (2003)

    Google Scholar 

  8. Moy, G., Jones, N., Harkless, C., Potter, R.: Distortion estimation techniques in solving visual captchas. In: Proc. of the 17th IEEE Computer Society Conference on Computer Vision and Pattern Recognition, CVPR ’04 (2004)

    Google Scholar 

  9. Naor, M.: Verification of a human in the loop or identification via the turing test, available electronically, http://www.wisdom.weizmann.ac.il/~naor/PAPERS/human.ps

  10. Oechslin, P.: Making a faster cryptanalytic time-memory trade-off. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 617–630. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  11. Oliveira, C.J.S., de Albuquerque Araújo, A.: Classifying images collected on the world wide web. In: Proc. of the 15th Brazilian Symposium on Computer Graphics and Image Processing, SIBGRAPI 2002 (2002)

    Google Scholar 

  12. von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: Captcha: Using hard AI problems for security. In: Proc. of the International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2003) (2003)

    Google Scholar 

  13. von Ahn, L., Dabbish, L.: Labeling images with a computer game. In: Proc. of the 22th Conference on Human Factors in Computing Systems, CHI ’04 (2004)

    Google Scholar 

  14. Yan, J., El Ahmad, A.S.: A low-cost attack on a microsoft captcha. In: Proc. of the 15th ACM Conference on Computer and Communications Security, CCS ’08 (2008)

    Google Scholar 

  15. Jeff, Y., Ahmad Salah, E.A.: Usability of captchas or usability issues in captcha design. In: Proc. of the 4th Symposium on Usable Privacy and Security, SOUPS ’08 (2008)

    Google Scholar 

  16. Jeff, Y., Ahmad Salah, E.A.: Captcha security: A case study. IEEE Security & Privacy 7(4), 22–28 (2009)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Systems, University of Regensburg, 93053, Regensburg, Germany

    Christoph Fritsch, Michael Netter, Andreas Reisser & Günther Pernul

Authors
  1. Christoph Fritsch
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Michael Netter
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andreas Reisser
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Günther Pernul
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Digital Systems, University of Piraeus, 18534, Piraeus, Greece

    Sokratis Katsikas

  2. Computer Science Department, University of Malaga, 29071, Malaga, Spain

    Javier Lopez

  3. Department of Telematics Engineering, Technical University of Catalonia, 08034, Barcelona, Spain

    Miguel Soriano

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Fritsch, C., Netter, M., Reisser, A., Pernul, G. (2010). Attacking Image Recognition Captchas. In: Katsikas, S., Lopez, J., Soriano, M. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2010. Lecture Notes in Computer Science, vol 6264. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15152-1_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-15152-1_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-15151-4

  • Online ISBN: 978-3-642-15152-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation