Abstract
It is widely accepted that one of the principles in state-of-the-art text-based CAPTCHA design, requires that a robust CAPTCHA scheme be segmentation-resistant. This paper establishes the fact that the segmentation-resistant principle does not only apply to traditional single image CAPTCHAs, but is very much relevant to the design of animated CAPTCHAs. In this paper, we show that animated CAPTCHAs not designed with this principle in mind can be easily be broken using simple techniques to extract individual characters from the animation frames. We present our experimental results on attacking 13 existing animated CAPTCHAs.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
ABBYY. ABBYY FineReader, http://finereader.abbyy.com/
Ahmad, A.S.E., Yan, J., Marshall, L.: The Robustness of a New CAPTCHA. In: Costa, M., Kirda, E. (eds.) EUROSEC, pp. 36–41. ACM (2010)
Baecher, P., Büscher, N., Fischlin, M., Milde, B.: Breaking reCAPTCHA: A Holistic Approach via Shape Recognition. In: Camenisch, J., Fischer-Hübner, S., Murayama, Y., Portmann, A., Rieder, C. (eds.) SEC 2011. IFIP AICT, vol. 354, pp. 56–67. Springer, Heidelberg (2011)
Bursztein, E.: Elie Bursztein’s Blog, http://elie.im/blog/security/how-we-broke-the-nucaptcha-video-scheme-and-what-we-propose-to-fix-it/
Bursztein, E., Martin, M., Mitchell, J.C.: Text-based CAPTCHA Strengths and Weaknesses. In: Chen, Y., Danezis, G., Shmatikov, V. (eds.) ACM Conference on Computer and Communications Security, pp. 125–138. ACM (2011)
Chellapilla, K., Larson, K., Simard, P.Y., Czerwinski, M.: Building Segmentation Based Human-Friendly Human Interaction Proofs (HIPs). In: Baird, H.S., Lopresti, D.P. (eds.) HIP 2005. LNCS, vol. 3517, pp. 1–26. Springer, Heidelberg (2005)
Chellapilla, K., Larson, K., Simard, P.Y., Czerwinski, M.: Computers beat Humans at Single Character Recognition in Reading based Human Interaction Proofs (HIPs). In: CEAS (2005)
Chellapilla, K., Simard, P.Y.: Using Machine Learning to Break Visual Human Interaction Proofs (HIPs). In: NIPS (2004)
Cui, J.-S., Mei, J.-T., Zhang, W.-Z., Wang, X., Zhang, D.: A CAPTCHA Implementation Based on Moving Objects Recognition Problem. In: ICEE, pp. 1277–1280. IEEE (2010)
Li, S., Shah, S.A.H., Khan, M.A.U., Khayam, S.A., Sadeghi, A.-R., Schmitz, R.: Breaking e-Banking CAPTCHAs. In: Proceedings of the 26th Annual Computer Security Applications Conference, ACSAC 2010, pp. 171–180. ACM, New York (2010)
Mori, G., Malik, J.: Recognizing Objects in Adversarial Clutter: Breaking a Visual CAPTCHA. In: CVPR (1), pp. 134–144 (2003)
Moy, G., Jones, N., Harkless, C., Potter, R.: Distortion Estimation Techniques in Solving Visual CAPTCHAs. In: CVPR (2), pp. 23–28 (2004)
Nguyen, V.D., Chow, Y.-W., Susilo, W.: Breaking an Animated CAPTCHA Scheme. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 12–29. Springer, Heidelberg (2012)
NuCaptcha Inc. NuCaptcha, http://www.nucaptcha.com/
von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: CAPTCHA: Using Hard AI Problems for Security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003)
Yan, J., Ahmad, A.S.E.: Breaking Visual CAPTCHAs with Naive Pattern Recognition Algorithms. In: ACSAC, pp. 279–291. IEEE Computer Society (2007)
Yan, J., Ahmad, A.S.E.: A Low-Cost Attack on a Microsoft CAPTCHA. In: Ning, P., Syverson, P.F., Jha, S. (eds.) ACM Conference on Computer and Communications Security, pp. 543–554. ACM (2008)
Yan, J., Ahmad, A.S.E.: CAPTCHA Security: A Case Study. IEEE Security & Privacy 7(4), 22–28 (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Nguyen, V.D., Chow, YW., Susilo, W. (2012). Attacking Animated CAPTCHAs via Character Extraction. In: Pieprzyk, J., Sadeghi, AR., Manulis, M. (eds) Cryptology and Network Security. CANS 2012. Lecture Notes in Computer Science, vol 7712. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35404-5_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-35404-5_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35403-8
Online ISBN: 978-3-642-35404-5
eBook Packages: Computer ScienceComputer Science (R0)