CAPTCHA challenge strings : problems and improvements
Identifieur interne : 001177 ( Main/Exploration ); précédent : 001176; suivant : 001178CAPTCHA challenge strings : problems and improvements
Auteurs : Jon Bentley [États-Unis] ; Colin Mallows [États-Unis]Source :
- Proceedings of SPIE, the International Society for Optical Engineering [ 0277-786X ] ; 2006.
Descripteurs français
- Pascal (Inist)
- Wicri :
- topic : Dictionnaire, Psychologie.
English descriptors
- KwdEn :
Abstract
A CAPTCHA is a Completely Automated Public Test to tell Computers and Humans Apart. Typical CAPTCHAs present a challenge string consisting of a visually distorted sequence of letters and perhaps numbers, which in theory only a human can read. Attackers of CAPTCHAs have two primary points of leverage: Optical Character Recognition (OCR) can identify some characters, while nonuniform probabilities make other characters relatively easy to guess. This paper uses a mathematical theory of assurance to characterize the probability that a correct answer to a CAPTCHA is not just a lucky guess. We examine the three most common types of challenge strings, dictionary words, Markov text, and random strings, and find substantial weaknesses in each. We therefore propose improvements to Markov text, and new challenges based on the consonant-vowel-consonant (CVC) trigrams of psychology. Theory and experiment together quantify problems in current challenges and the improvements offered by modifications.
Affiliations:
Links toward previous steps (curation, corpus...)
- to stream PascalFrancis, to step Corpus: 000330
- to stream PascalFrancis, to step Curation: 000456
- to stream PascalFrancis, to step Checkpoint: 000347
- to stream Main, to step Merge: 001208
- to stream Main, to step Curation: 001177
Le document en format XML
<record><TEI><teiHeader><fileDesc><titleStmt><title xml:lang="en" level="a">CAPTCHA challenge strings : problems and improvements</title><author><name sortKey="Bentley, Jon" sort="Bentley, Jon" uniqKey="Bentley J" first="Jon" last="Bentley">Jon Bentley</name><affiliation wicri:level="2"><inist:fA14 i1="01"><s1>Avaya Labs, 233 Mt. Airy Road</s1><s2>Basking Ridge, NJ 07920</s2><s3>USA</s3><sZ>1 aut.</sZ><sZ>2 aut.</sZ></inist:fA14><country>États-Unis</country><placeName><region type="state">New Jersey</region></placeName></affiliation></author><author><name sortKey="Mallows, Colin" sort="Mallows, Colin" uniqKey="Mallows C" first="Colin" last="Mallows">Colin Mallows</name><affiliation wicri:level="2"><inist:fA14 i1="01"><s1>Avaya Labs, 233 Mt. Airy Road</s1><s2>Basking Ridge, NJ 07920</s2><s3>USA</s3><sZ>1 aut.</sZ><sZ>2 aut.</sZ></inist:fA14><country>États-Unis</country><placeName><region type="state">New Jersey</region></placeName></affiliation></author></titleStmt><publicationStmt><idno type="wicri:source">INIST</idno><idno type="inist">07-0377977</idno><date when="2006">2006</date><idno type="stanalyst">PASCAL 07-0377977 INIST</idno><idno type="RBID">Pascal:07-0377977</idno><idno type="wicri:Area/PascalFrancis/Corpus">000330</idno><idno type="wicri:Area/PascalFrancis/Curation">000456</idno><idno type="wicri:Area/PascalFrancis/Checkpoint">000347</idno><idno type="wicri:doubleKey">0277-786X:2006:Bentley J:captcha:challenge:strings</idno><idno type="wicri:Area/Main/Merge">001208</idno><idno type="wicri:Area/Main/Curation">001177</idno><idno type="wicri:Area/Main/Exploration">001177</idno></publicationStmt><sourceDesc><biblStruct><analytic><title xml:lang="en" level="a">CAPTCHA challenge strings : problems and improvements</title><author><name sortKey="Bentley, Jon" sort="Bentley, Jon" uniqKey="Bentley J" first="Jon" last="Bentley">Jon Bentley</name><affiliation wicri:level="2"><inist:fA14 i1="01"><s1>Avaya Labs, 233 Mt. Airy Road</s1><s2>Basking Ridge, NJ 07920</s2><s3>USA</s3><sZ>1 aut.</sZ><sZ>2 aut.</sZ></inist:fA14><country>États-Unis</country><placeName><region type="state">New Jersey</region></placeName></affiliation></author><author><name sortKey="Mallows, Colin" sort="Mallows, Colin" uniqKey="Mallows C" first="Colin" last="Mallows">Colin Mallows</name><affiliation wicri:level="2"><inist:fA14 i1="01"><s1>Avaya Labs, 233 Mt. Airy Road</s1><s2>Basking Ridge, NJ 07920</s2><s3>USA</s3><sZ>1 aut.</sZ><sZ>2 aut.</sZ></inist:fA14><country>États-Unis</country><placeName><region type="state">New Jersey</region></placeName></affiliation></author></analytic><series><title level="j" type="main">Proceedings of SPIE, the International Society for Optical Engineering</title><idno type="ISSN">0277-786X</idno><imprint><date when="2006">2006</date></imprint></series></biblStruct></sourceDesc><seriesStmt><title level="j" type="main">Proceedings of SPIE, the International Society for Optical Engineering</title><idno type="ISSN">0277-786X</idno></seriesStmt></fileDesc><profileDesc><textClass><keywords scheme="KwdEn" xml:lang="en"><term>Consonant</term><term>Dictionaries</term><term>Experimental study</term><term>Optical character recognition</term><term>Pattern recognition</term><term>Psychology</term><term>Vowel</term></keywords><keywords scheme="Pascal" xml:lang="fr"><term>Etude expérimentale</term><term>Reconnaissance optique caractère</term><term>Dictionnaire</term><term>Consonne</term><term>Voyelle</term><term>Psychologie</term><term>Reconnaissance forme</term><term>4230S</term></keywords><keywords scheme="Wicri" type="topic" xml:lang="fr"><term>Dictionnaire</term><term>Psychologie</term></keywords></textClass></profileDesc></teiHeader><front><div type="abstract" xml:lang="en">A CAPTCHA is a Completely Automated Public Test to tell Computers and Humans Apart. Typical CAPTCHAs present a challenge string consisting of a visually distorted sequence of letters and perhaps numbers, which in theory only a human can read. Attackers of CAPTCHAs have two primary points of leverage: Optical Character Recognition (OCR) can identify some characters, while nonuniform probabilities make other characters relatively easy to guess. This paper uses a mathematical theory of assurance to characterize the probability that a correct answer to a CAPTCHA is not just a lucky guess. We examine the three most common types of challenge strings, dictionary words, Markov text, and random strings, and find substantial weaknesses in each. We therefore propose improvements to Markov text, and new challenges based on the consonant-vowel-consonant (CVC) trigrams of psychology. Theory and experiment together quantify problems in current challenges and the improvements offered by modifications.</div></front></TEI><affiliations><list><country><li>États-Unis</li></country><region><li>New Jersey</li></region></list><tree><country name="États-Unis"><region name="New Jersey"><name sortKey="Bentley, Jon" sort="Bentley, Jon" uniqKey="Bentley J" first="Jon" last="Bentley">Jon Bentley</name></region><name sortKey="Mallows, Colin" sort="Mallows, Colin" uniqKey="Mallows C" first="Colin" last="Mallows">Colin Mallows</name></country></tree></affiliations></record>Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Ticri/CIDE/explor/OcrV1/Data/Main/Exploration
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 001177 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Main/Exploration/biblio.hfd -nk 001177 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien
|wiki= Ticri/CIDE
|area= OcrV1
|flux= Main
|étape= Exploration
|type= RBID
|clé= Pascal:07-0377977
|texte= CAPTCHA challenge strings : problems and improvements
}}
| This area was generated with Dilib version V0.6.32. |  |