Browse > Article
http://dx.doi.org/10.13089/JKIISC.2017.27.3.531

Emerging Image Cue CAPTCHA Resisting Automated and Human-Solver-Based Attacks  

Yang, Wonseok (Information Security Lab., Graduation School of Information, Yonsei University)
Kwon, Taekyoung (Information Security Lab., Graduation School of Information, Yonsei University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.27, no.3, 2017 , pp. 531-539 More about this Journal
Abstract
CAPTCHA is a verification scheme whether or not a human user has made a service request. Most CAPTCHAs that are based on text, image, or simple game suffer from vulnerability that can be compromised by automated attacks and stream relay attacks. To resist such attacks, CAPTCHA that utilizes human recognition as been suggested but it show poor usability for deploying in the Internet. We propose an Emerging Image Cue CAPTCHA that offers improved usability and resists stream relay attacks, as well. We also examine the usability of the proposed CAPTCHA and investigate the attack resistance by conducting user study and experiments on simulated network environment.
Keywords
CAPTCHA; Emerging Image; Automated attack; Static Relay Attack; Stream relay attack; Usability test;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Chellapilla, K., & Simard, P. Y. "Using machine learning to break visual human interaction proofs (HIPs)," In NIPS, pp. 265-272, Dec. 2004.
2 Xu, Y., Reynaga, G., Chiasson, S., Frahm, J. M., Monrose, F., & Van Oorschot, P. C. "Security analysis and related usability of motion-based captchas: Decoding codewords in motion," IEEE transactions on dependable and secure computing, 11(5), pp. 480-493, Sep. 2014.   DOI
3 Elson, J., Douceur, J. R., Howell, J., & Saul, J. "Asirra: a CAPTCHA that exploits interest-aligned manual image categorization," In ACM Conference on Computer and Communications Security, Vol. 7, pp. 366-374, Oct. 2007.
4 Golle, P. "Machine learning attacks against the Asirra CAPTCHA," In Proceedings of the 15th ACM conference on Computer and communications security, ACM, pp. 535-542, Oct. 2008.
5 Gao, S., Mohamed, M., Saxena, N., & Zhang, C. "Emerging image game CAPTCHAs for resisting automated and human-solver relay attacks." In Proceedings of the 31st Annual Computer Security Applications Conference, ACM, pp. 11-20, Dec. 2015.
6 Qiujie, L., Yaobin, M., & Zhiquan, W. "A survey of CAPTCHA technology," Journal of Computer Research and Development, Vol.49, no.3, pp. 469-480, Mar. 2012.
7 Ross, S. A., Halderman, J. A., & Finkelstein, A. "Sketcha: a CAPTCHA based on Line Drawings of 3D Models," In Proceedings of the 19th international conference on World wide web, ACM, pp. 821-830, Apr. 2010.
8 Nguyen, V. D., Chow, Y. W., & Susilo, W. "On the security of text-based 3D CAPTCHAs," Computers & Security, Vol.45, pp. 84-99, Sep. 2014.   DOI
9 Mitra, N. J., Chu, H. K., Lee, T. Y., Wolf, L., Yeshurun, H., & Cohen-Or, D. "Emerging images," In ACM Transactions on Graphics (TOG), ACM, Vol. 28, No. 5, pp. 163, Dec. 2009.
10 Mohamed, M., Sachdeva, N., Georgescu, M., Gao, S., Saxena, N., Zhang, C., ... & Chen, W. B. "Three-way dissection of a game-captcha: Automated attacks, relay attacks, and usability," arXiv preprint arXiv:1310.1540, Oct. 2013.
11 Yang, C. H., Kuo, Y. M., & Chu, H. K. "Synthesizing Emerging Images from Photographs," In Proceedings of the 2016 ACM on Multimedia Conference, ACM, pp. 660-664, Oct. 2016.
12 Quarter, Akamai Releases Third. "'State of the Internet Report." 2015.
13 Yan, J., & El Ahmad, A. S. "A Low-cost Attack on a Microsoft CAPTCH," In Proceedings of the 15th ACM conference on Computer and communications security, ACM. pp. 543-554, Oct. 2008.
14 Von Ahn, L., Blum, M., Hopper, N. J., & Langford, J. "CAPTCHA: Using hard AI problems for security," In International Conference on the Theory and Applications of Cryptographic Techniques, Springer Berlin Heidelberg, pp. 294-311, May. 2003.
15 Mori, G., & Malik, J. "Recognizing objects in adversarial clutter: Breaking a visual CAPTCHA," In Computer Vision and Pattern Recognition, 2003. Proceedings. 2003 IEEE Computer Society Conference, IEEE. Vol. 1, pp. I-I, Jun. 2003.
16 Moy, G., Jones, N., Harkless, C., & Potter, R. "Distortion estimation techniques in solving visual CAPTCHAs," In Computer Vision and Pattern Recognition, 2004. CVPR 2004. Proceedings of the 2004 IEEE Computer Society Conference on Vol. 2, IEEE, pp. II-II, Jun. 2004.
17 Bansal, Abhay, et al. "BREAKING A VISUAL CAPTCHA: A NOVEL APPROACH USING HMM."