Peter Matthews
ABSTRACT
In this paper, we propose a new form of image-based CAPTCHA we term "scene tagging". It tests the ability to recognize a relationship between multiple objects in an image that is automatically generated via composition of a background image with multiple irregularly shaped object images, resulting in a large space of possible images and questions without requiring a large object database. This composition process is accompanied by a carefully designed sequence of systematic image distortions that makes it difficult for automated attacks to locate/identify objects present. Automated attacks must recognize all or most objects contained in the image in order to answer a question correctly, thus the proposed approach reduces attack success rates. An experimental study using several widely-used object recognition algorithms (PWD-based template matching, SIFT, SURF) shows that the system is resistant to these attacks with a 2% attack success rate, while a user study shows that the task required can be performed by average users with a 97% success rate.
- L. von Ahn, M. Blum, and J. Langford. Telling Humans and Computers Apart (Automatically) or How Lazy Cryptographers do AI. Comm. of the ACM, 47 (2), 57--60. Google Scholar
Digital Library
- H. S. Baird and J. L. Bentley. Implicit Captchas. In Proceedings of the IST SPIE Document Recognition and Retrieval XII Conference, (San Jose, CA, 2005), vol. 5676.Google Scholar
- Bay, H., Ess, A., Tuytelaars, T., and Van Gool, L. 2008. Speeded-Up Robust Features (SURF). Comput. Vis. Image Underst. 110, 3 (Jun. 2008), 346--359. Google ScholarDigital Library
- Budanitsky, A., Hirst, G. Semantic distance in WordNet: An experimental, application--oriented evaluation of five measures. In Proceedings of the North American Chapter of the Association for Computational Linguistics Workshop (Pittsburgh, PA, USA, 2001), 29--34.Google Scholar
- Chellapilla, K., and Simard, P. Y. Using Machine Learning to Break Visual Human Interaction Proofs (HIPs). Advances in Neural Information Processing Systems 17, 265--272.Google Scholar
- M. Chew and J. D. Tygar. Image Recognition CAPTCHAs. In Proceedings of the 7th Annual Information Security Conference (Palo Alto, CA, USA, 2004), 268--279.Google ScholarCross Ref
- Datta, R., Li, J., and Wang, J. Z. IMAGINATION: a robust image-based CAPTCHA generation system. In Proceedings of the 13th Annual ACM international Conference on Multimedia (Hilton, Singapore, 2005), 331--334. Google ScholarDigital Library
- Datta, R., Li, J., and Wang, J. Z. Exploiting the Human-Machine Gap in Image Recognition for Designing CAPTCHAs. IEEE Transactions on Information Forensics and Security, 4 (3), 504--518. Google ScholarDigital Library
- Elson, J., Douceur, J. R., Howell, J., and Saul, J. Asirra: a CAPTCHA that exploits interest-aligned manual image categorization. In Proceedings of the 14th ACM Conference on Computer and Communications Security (Alexandria, Virginia, USA, 2007), 366--374. Google ScholarDigital Library
- Golle, P. 2008. Machine learning attacks against the Asirra CAPTCHA. In Proceedings of the 15th ACM Conference on Computer and Communications Security (Alexandria, Virginia, USA, 2008), 535--542. Google ScholarDigital Library
- Gossweiler, R., Kamvar, M., and Baluja, S. 2009. What's up CAPTCHA?: a CAPTCHA based on image orientation. In Proceedings of the 18th international Conference on World Wide Web (Madrid, Spain, 2009), 841--850 Google ScholarDigital Library
- Lowe, D. G. 2004. Distinctive Image Features from Scale-Invariant Keypoints. Int. J. Comput. Vision 60, 2 (Nov. 2004), 91--110. Google ScholarDigital Library
- Mikolajczyk, K. and Schmid, C. 2005. A Performance Evaluation of Local Descriptors. IEEE Trans. Pattern Anal. Mach. Intell. 27, 10 (Oct. 2005), 1615--1630. Google ScholarDigital Library
- G. A. Miller. 1990. Wordnet: a lexical database for English. International Journal of Lexicography, 3 (4), 235--244.Google ScholarCross Ref
- Moy, G., Jones, N., Harkless, C., and Potter, R. Distortion Estimation Techniques in Solving Visual CAPTCHAs. In IEEE CVPR, (Washington, D.C., USA, 2004), Vol. 2, 23--28. Google ScholarDigital Library
- Wolberg, G. Digital Image Warping. IEEE Computer Society Press, Los Alamitos, CA, 1990. Google ScholarDigital Library
- Yan, J. and El Ahmad, A. S. 2008. A low-cost attack on a Microsoft captcha. In Proceedings of the 15th ACM Conference on Computer and Communications Security (Alexandria, Virginia, USA, 2008), 543--554. Google ScholarDigital Library
- Yan, J. and El Ahmad, A. S. 2008. Usability of CAPTCHAs or usability issues in CAPTCHA design. In Proceedings of the 4th Symposium on Usable Privacy and Security (Pittsburgh, Pennsylvania, 2008), Vol. 337, 44--52 Google ScholarDigital Library
Index Terms
- Scene tagging: image-based CAPTCHA using image composition and object relationships
Recommendations
Attacks and design of image recognition CAPTCHAs
CCS '10: Proceedings of the 17th ACM conference on Computer and communications securityWe systematically study the design of image recognition CAPTCHAs (IRCs) in this paper. We first review and examine all existing IRCs schemes and evaluate each scheme against the practical requirements in CAPTCHA applications, particularly in large-scale ...
Mitigating DoS Using Sensing Keys
ICCS '12: Proceedings of the 2012 International Conference on Computing SciencesDenial of Service (DoS) attacks has become a major problem for users of computer systems connected to the Internet. DoS attackers hijack secondary victim systems and use them to wage a coordinated large-scale attack against primary victim systems. In ...
Side-Channel Attack against the Capy HIP
EST '14: Proceedings of the 2014 Fifth International Conference on Emerging Security TechnologiesOne of the first approaches to proposed to prevent automated attacks on Internet were the Human Interactive Proofs(HIPs). Since their invention, a variety of designs have been proposed, yet most of them have been successfully attacked. In this paper we ...
Comments