iCAPTCHA : The Next Generation of CAPTCHA Designed to Defend Against 3 rd Party Human

نویسندگان

  • Luis von Ahn
  • Manuel Blum
  • Nicholas J. Hopper
چکیده

CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) is a simple test that is easy for humans but extremely difficult for computers to solve. CAPTCHA has been widely used in commercial websites such as web-based email providers, TicketMaster, GoDaddy, and Facebook to protect their resources from attacks initiated by automatic scripts. By design, CAPTCHA is unable to distinguish between a human attacker and a legitimate human user. This leaves websites using CAPTCHA vulnerable to 3rd party human CAPTCHA attacks. In order to demonstrate the vulnerabilities in existing CAPTCHA technologies we develop a new streamlined human-based CAPTCHA attack that uses Instant Messenger infrastructure. Facing this serious human-based attack threat, we then present a new defense system called Interactive CAPTCHA (iCAPTCHA), which is the next generation of CAPTCHA technology providing the first steps toward defending against 3rd party human CAPTCHA attacks. iCAPTCHA requires a user to solve a CAPTCHA test via a series of user interactions. The multi-step back-and-forth traffic between client and server amplifies the statistical timing difference between a legitimate user and a human solver, which enables better attack detection performance. A performance and usability study of iCAPTCHA shows the proposed scheme is effective in attack detection, is easy to use, and is a viable replacement of the current text-based CAPTCHA. Index Terms — CAPTCHA, Experimentation, Human Factors, Security

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

BaffleText: a human interactive proof

Internet services designed for human use are being abused by programs. We present a defense against such attacks in the form of a CAPTCHA (completely automatic public Turing test to tell computers and humans apart) that exploits the difference in ability between humans and machines in reading images of text. CAPTCHAs are a special case of ‘human interactive proofs,’ a broad class of security pr...

متن کامل

Image flip CAPTCHA

The massive and automated access to Web resources through robots has made it essential for Web service providers to make some conclusion about whether the "user" is a human or a robot. A Human Interaction Proof (HIP) like Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) offers a way to make such a distinction. CAPTCHA is a reverse Turing test used by Web serv...

متن کامل

Leveraging the CAPTCHA Problem

Efforts to defend against automated attacks on e-commerce services have led to a new security protocol known as a CAPTCHA, a challenge designed to exploit gaps in the perceptual abilities between humans and machines. In this paper, we propose a new paradigm for building CAPTCHA’s which offers simultaneous benefits to both online security and pattern recognition research. We illustrate our discu...

متن کامل

Introducing New Trends for Persian CAPTCHA

To distinguish between human user and computer program to enhance security, a popular test called CAPTCHA is used on Web. CAPTCHA has an important role in preventing Denial Of Service (DOS) attacks in computer networks. There are many different types of CAPTCHA in different languages. Due to the expansion of Persian-language and documents on internet, creating a suitable Persian CAPTCHA seems t...

متن کامل

ScatterType: a reading CAPTCHA resistant to segmentation attack

A reading-based CAPTCHA, called ‘ScatterType,’ designed to resist character–segmentation attacks, is described. Its challenges are pseudorandomly synthesized images of text strings rendered in machine-print typefaces: within each image, characters are fragmented using horizontal and vertical cuts, and the fragments are scattered by vertical and horizontal displacements. This scattering is desig...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2011