On the security of text-based 3D CAPTCHAs
Identifieur interne : 000125 ( Main/Exploration ); précédent : 000124; suivant : 000126On the security of text-based 3D CAPTCHAs
Auteurs : VU DUC NGUYEN [Australie] ; Yang-Wai Chow [Australie] ; Willy Susilo [Australie]Source :
- Computers & security [ 0167-4048 ] ; 2014.
Descripteurs français
- Pascal (Inist)
English descriptors
- KwdEn :
Abstract
CAPTCHAs have become a standard security mechanism that are used to deter automated abuse of online services intended for humans. However, many existing CAPTCHA schemes to date have been successfully broken. As such, a number of CAPTCHA developers have explored alternative methods of designing CAPTCHAs. 3D CAPTCHAs is a design alternative that has been proposed to overcome the limitations of traditional CAPTCHAs. These CAPTCHAs are designed to capitalize on the human visual system's natural ability to perceive 3D objects from an image. The underlying security assumption is that it is difficult for a computer program to identify the 3D content. This paper investigates the robustness of text-based 3D CAPTCHAs. In particular, we examine three existing text-based 3D CAPTCHA schemes that are currently deployed on a number of websites. While the direct use of Optical Character Recognition (OCR) software is unable to correctly solve these text-based 3D CAPTCHA challenges, we highlight certain patterns in the 3D CAPTCHAs can be exploited to identify important information within the CAPTCHA. By extracting this information, this paper demonstrates that automated attacks can be used to solve these 3D CAPTCHAs with a high degree of success.
Affiliations:
Links toward previous steps (curation, corpus...)
- to stream PascalFrancis, to step Corpus: 000003
- to stream PascalFrancis, to step Curation: 000762
- to stream PascalFrancis, to step Checkpoint: 000008
- to stream Main, to step Merge: 000126
- to stream Main, to step Curation: 000125
Le document en format XML
<record><TEI><teiHeader><fileDesc><titleStmt><title xml:lang="en" level="a">On the security of text-based 3D CAPTCHAs</title><author><name sortKey="Vu Duc Nguyen" sort="Vu Duc Nguyen" uniqKey="Vu Duc Nguyen" last="Vu Duc Nguyen">VU DUC NGUYEN</name><affiliation wicri:level="1"><inist:fA14 i1="01"><s1>School of Computer Science and Software Engineering, University of Wollongong</s1><s2>NSW 2522</s2><s3>AUS</s3><sZ>1 aut.</sZ><sZ>2 aut.</sZ><sZ>3 aut.</sZ></inist:fA14><country>Australie</country><wicri:noRegion>NSW 2522</wicri:noRegion></affiliation></author><author><name sortKey="Chow, Yang Wai" sort="Chow, Yang Wai" uniqKey="Chow Y" first="Yang-Wai" last="Chow">Yang-Wai Chow</name><affiliation wicri:level="1"><inist:fA14 i1="01"><s1>School of Computer Science and Software Engineering, University of Wollongong</s1><s2>NSW 2522</s2><s3>AUS</s3><sZ>1 aut.</sZ><sZ>2 aut.</sZ><sZ>3 aut.</sZ></inist:fA14><country>Australie</country><wicri:noRegion>NSW 2522</wicri:noRegion></affiliation></author><author><name sortKey="Susilo, Willy" sort="Susilo, Willy" uniqKey="Susilo W" first="Willy" last="Susilo">Willy Susilo</name><affiliation wicri:level="1"><inist:fA14 i1="01"><s1>School of Computer Science and Software Engineering, University of Wollongong</s1><s2>NSW 2522</s2><s3>AUS</s3><sZ>1 aut.</sZ><sZ>2 aut.</sZ><sZ>3 aut.</sZ></inist:fA14><country>Australie</country><wicri:noRegion>NSW 2522</wicri:noRegion></affiliation></author></titleStmt><publicationStmt><idno type="wicri:source">INIST</idno><idno type="inist">14-0258072</idno><date when="2014">2014</date><idno type="stanalyst">PASCAL 14-0258072 INIST</idno><idno type="RBID">Pascal:14-0258072</idno><idno type="wicri:Area/PascalFrancis/Corpus">000003</idno><idno type="wicri:Area/PascalFrancis/Curation">000762</idno><idno type="wicri:Area/PascalFrancis/Checkpoint">000008</idno><idno type="wicri:doubleKey">0167-4048:2014:Vu Duc Nguyen:on:the:security</idno><idno type="wicri:Area/Main/Merge">000126</idno><idno type="wicri:Area/Main/Curation">000125</idno><idno type="wicri:Area/Main/Exploration">000125</idno></publicationStmt><sourceDesc><biblStruct><analytic><title xml:lang="en" level="a">On the security of text-based 3D CAPTCHAs</title><author><name sortKey="Vu Duc Nguyen" sort="Vu Duc Nguyen" uniqKey="Vu Duc Nguyen" last="Vu Duc Nguyen">VU DUC NGUYEN</name><affiliation wicri:level="1"><inist:fA14 i1="01"><s1>School of Computer Science and Software Engineering, University of Wollongong</s1><s2>NSW 2522</s2><s3>AUS</s3><sZ>1 aut.</sZ><sZ>2 aut.</sZ><sZ>3 aut.</sZ></inist:fA14><country>Australie</country><wicri:noRegion>NSW 2522</wicri:noRegion></affiliation></author><author><name sortKey="Chow, Yang Wai" sort="Chow, Yang Wai" uniqKey="Chow Y" first="Yang-Wai" last="Chow">Yang-Wai Chow</name><affiliation wicri:level="1"><inist:fA14 i1="01"><s1>School of Computer Science and Software Engineering, University of Wollongong</s1><s2>NSW 2522</s2><s3>AUS</s3><sZ>1 aut.</sZ><sZ>2 aut.</sZ><sZ>3 aut.</sZ></inist:fA14><country>Australie</country><wicri:noRegion>NSW 2522</wicri:noRegion></affiliation></author><author><name sortKey="Susilo, Willy" sort="Susilo, Willy" uniqKey="Susilo W" first="Willy" last="Susilo">Willy Susilo</name><affiliation wicri:level="1"><inist:fA14 i1="01"><s1>School of Computer Science and Software Engineering, University of Wollongong</s1><s2>NSW 2522</s2><s3>AUS</s3><sZ>1 aut.</sZ><sZ>2 aut.</sZ><sZ>3 aut.</sZ></inist:fA14><country>Australie</country><wicri:noRegion>NSW 2522</wicri:noRegion></affiliation></author></analytic><series><title level="j" type="main">Computers & security</title><title level="j" type="abbreviated">Comput. secur.</title><idno type="ISSN">0167-4048</idno><imprint><date when="2014">2014</date></imprint></series></biblStruct></sourceDesc><seriesStmt><title level="j" type="main">Computers & security</title><title level="j" type="abbreviated">Comput. secur.</title><idno type="ISSN">0167-4048</idno></seriesStmt></fileDesc><profileDesc><textClass><keywords scheme="KwdEn" xml:lang="en"><term>Abuse</term><term>Authentication</term><term>Character recognition</term><term>Computer security</term><term>Content management</term><term>Optical character recognition</term><term>Robustness</term><term>Text</term><term>Tridimensional image</term><term>User interface</term><term>Visual system</term><term>Web service</term><term>Web site</term><term>completely automated public Turing test to tell computers and humans apart</term></keywords><keywords scheme="Pascal" xml:lang="fr"><term>Texte</term><term>Authentification</term><term>Interface utilisateur</term><term>Sécurité informatique</term><term>Service web</term><term>Image tridimensionnelle</term><term>Gestion contenu</term><term>Reconnaissance optique caractère</term><term>Reconnaissance caractère</term><term>Abus</term><term>Appareil visuel</term><term>Site Web</term><term>Robustesse</term><term>.</term><term>CAPTCHA</term></keywords></textClass></profileDesc></teiHeader><front><div type="abstract" xml:lang="en">CAPTCHAs have become a standard security mechanism that are used to deter automated abuse of online services intended for humans. However, many existing CAPTCHA schemes to date have been successfully broken. As such, a number of CAPTCHA developers have explored alternative methods of designing CAPTCHAs. 3D CAPTCHAs is a design alternative that has been proposed to overcome the limitations of traditional CAPTCHAs. These CAPTCHAs are designed to capitalize on the human visual system's natural ability to perceive 3D objects from an image. The underlying security assumption is that it is difficult for a computer program to identify the 3D content. This paper investigates the robustness of text-based 3D CAPTCHAs. In particular, we examine three existing text-based 3D CAPTCHA schemes that are currently deployed on a number of websites. While the direct use of Optical Character Recognition (OCR) software is unable to correctly solve these text-based 3D CAPTCHA challenges, we highlight certain patterns in the 3D CAPTCHAs can be exploited to identify important information within the CAPTCHA. By extracting this information, this paper demonstrates that automated attacks can be used to solve these 3D CAPTCHAs with a high degree of success.</div></front></TEI><affiliations><list><country><li>Australie</li></country></list><tree><country name="Australie"><noRegion><name sortKey="Vu Duc Nguyen" sort="Vu Duc Nguyen" uniqKey="Vu Duc Nguyen" last="Vu Duc Nguyen">VU DUC NGUYEN</name></noRegion><name sortKey="Chow, Yang Wai" sort="Chow, Yang Wai" uniqKey="Chow Y" first="Yang-Wai" last="Chow">Yang-Wai Chow</name><name sortKey="Susilo, Willy" sort="Susilo, Willy" uniqKey="Susilo W" first="Willy" last="Susilo">Willy Susilo</name></country></tree></affiliations></record>Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Ticri/CIDE/explor/OcrV1/Data/Main/Exploration
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 000125 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Main/Exploration/biblio.hfd -nk 000125 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien
|wiki= Ticri/CIDE
|area= OcrV1
|flux= Main
|étape= Exploration
|type= RBID
|clé= Pascal:14-0258072
|texte= On the security of text-based 3D CAPTCHAs
}}
| This area was generated with Dilib version V0.6.32. |  |