Abstract
CAPTCHA stands for Completely Automated Public Turing test to distinguish Computers and Humans apart. CAPTCHA is a program which can generate and grade the tests that it itself cannot pass. The security aspect of CAPTCHA should be such that none of the computer program should be able to pass the tests generated by it even if the knowledge of the exact working of the CAPTCHA is known. The effectiveness of CAPTCHA of a given strength is determined by how frequently the guesses of CAPTCHA can be tested by an attacker. This paper proposes a simple and uniform framework for the assessment of security and usability of CAPTCHA that arbitrary compositions of security measures can provide”. In this sentence instead of ”a simple and uniform framework”, use ”parameters”. This paper proposes parameters for the assessment of security and usability of CAPTCHA that arbitrary compositions of security measures can provide.The pre-processing attack on targeted CAPTCHA is demonstrated having success rate of approximately 97% which in turn helps to build more robust and human friendly CAPTCHA. The universal structure for segmentation attack is framed to analyze security of CAPTCHA.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Kato, N., Suzuki, M., Omachi, S., Aso, H., Nemoto, Y.: A handwritten character recognition system using directional element feature and asymmetric Mahalanobis distance. IEEE Trans. on Pattern Analysis and Machine Intelligence 21(3), 258–262 (1999)
Lu, Y.: Machine Printed Character Segmentation-An Overview. Pattern Recognition 28(1), 67–80 (1995)
von Ahn, L., Blum, M., Langford, J.: Telling humans and computers apart (automatically), CMU Tech. Report CMUCS-02-117 (2002)
von Ahn, L., Blum, M., Hopper, N.J.: CAPTCHA: Using Hard AI Problems for Security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003)
Mori, G., Malik, J.: Recognizing Objects in Adversarial Clutter: Breaking a Visual CAPTCHA. In: Proc. IEEE Conf. Computer Vision and Pattern Recognition, vol. 1, pp. 134–141 (2003)
Moy, G., Jones, N., Harkless, C., Potter, R.: Distortion Estimation Techniques in Solving Visual CAPTCHAs. In: IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR 2004), vol. 2, pp. 23–28 (2004)
Chellapilla, K., Larson, K., Simard, P.Y., Czerwinski, M.: Building Segmentation Based Human-Friendly Human Interaction Proofs (HIPs). In: Baird, H.S., Lopresti, D.P. (eds.) HIP 2005. LNCS, vol. 3517, pp. 1–26. Springer, Heidelberg (2005)
Yan, J., Ahmad, A.E.: A Low-cost Attack on a Microsoft CAPTCHA. Technical report, School of Computing Science, Newcastle University, UK (2008)
Rabkin, A.: Personal knowledge questions for fallback authentication: Security questions in the era of Face book. In: IEEE Symposium on Usable Privacy and Security, SOUPS 2008 (July 2008)
Chandavale, A.A., Sapkal, A.M., Jalnekar, R.M.: A framework to analyze security of Text based CAPTCHA. International Journal of Forensics and Computer Application (February 2010)
Converse, T.: CAPTCHA Generation as a Web Service. In: Baird, H.S., Lopresti, D.P. (eds.) HIP 2005. LNCS, vol. 3517, pp. 82–96. Springer, Heidelberg (2005)
Ahmad, A.E., Yan, J.: Colour, Usability and Security: A Case Study. Tech. report CS-TR 1203, School of Computing Science, Newcastle Univ. (May 2010), www.cs.ncl.ac.uk/publications/trs/papers/1203.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chandavale, A.A., Sapkal, A. (2012). Security Analysis of CAPTCHA. In: Thampi, S.M., Zomaya, A.Y., Strufe, T., Alcaraz Calero, J.M., Thomas, T. (eds) Recent Trends in Computer Networks and Distributed Systems Security. SNDS 2012. Communications in Computer and Information Science, vol 335. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34135-9_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-34135-9_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34134-2
Online ISBN: 978-3-642-34135-9
eBook Packages: Computer ScienceComputer Science (R0)