A Captcha is a puzzle that is easy for humans but hard to solve for computers. A formal framework, modelling Captcha puzzles (as hard AI problems), was introduced by Ahn, Blum, Hopper, and Langford ([ABHL03], Eurocrypt 2003). Despite their attractive features and wide adoption in practice, the use of Captcha puzzles for general cryptographic applications has been limited. In this work, we explo...

A Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA) is a simple test that used on websites differentiate between human users automated attacks indulge in spamming other fraudulent activities. text-based CAPTCHA the most popular security technique by many Internet, such as Microsoft, Google eBay, secure their sites from attacks. By design, however, unable legit...

Currently, it is unavoidable of typing CAPTCHA (Completely Automated Public Turing test to tell Computer and Human Apart) before accessing to the Internet. This technique mostly can distinguish bots from human being. Thus, the system is protected from any unwanted persons or programs. There are various researches proposed several of CAPTCHA techniques to protect bots. These are such as Text-bas...

Most of current text-based CAPTCHAs have been shown to be easily breakable. In this work, we present two novel 3D CAPTCHA designs, which are more secure than current 2D text CAPTCHAs, against automated attacks. Our approach is to display CAPTCHA characters onto 3D objects to improve security. We exploit difficulty for machines in rotating 3D objects to find a correct view point and in further r...

This paper studies reverse Turing tests to distinguish humans and computers, called CAPTCHA. Contrary to classical Turing tests, in this case the judge is not a human but a computer. The main purpose of such tests is securing user logins against the dictionary or brute force password guessing, avoiding automated usage of various services, preventing bots from spamming on forums and many others....

Smartphones play an important role in the information-communication society and accesses from smartphones to the Internet services increase more and more with the advent of cloud computing. Smartphones have comparatively small displays and it is possible for users to input data through touchscreens. The techniques such as a CAPTCHA (Completely Automated Public Turing test to tell Computers and ...

We propose a new scheme of attack on the Microsoft’s ASIRRA CAPTCHA which represents a significant shortcut to the intended attacking path, as it is not based in any advance in the state of the art on the field of image recognition. After studying the ASIRRA Public Corpus, we conclude that the security margin as stated by their authors seems to be quite optimistic. Then, we analyze which of the...

We present a black-box attack against an already deployed CAPTCHA that aims to protect a free service delivered using the Internet. This CAPTCHA, referred to as ‘‘Math CAPTCHA’’ or ‘‘QRBGS CAPTCHA’’, requests the user to solve a mathematical problem in order to prove human. We study significant problems both in its design and its implementation, and how those flaws can be used to completely sol...

Recently, with the spread of online services involving websites, attackers have opportunity to expose these malicious actions. To protect services, A Completely Automated Public Turing Test Tell Computers and Humans Apart (CAPTCHA) is a proposed technique. Since many Arabic countries developed their in Arabic, text-based CAPTCHA has been introduced improve usability for users. Moreover, there e...

This paper studies the effect of individual differences on user performance related to text-recognition CAPTCHA challenges. In particular, a text-recognition CAPTCHA mechanism was deployed in a three-month user study to investigate the effect of individuals’ different cognitive processing abilities, targeting on speed of processing, controlled attention and working memory capacity toward effici...