• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.531-539
• /
• 2017

CAPTCHA is a verification scheme whether or not a human user has made a service request. Most CAPTCHAs that are based on text, image, or simple game suffer from vulnerability that can be compromised by automated attacks and stream relay attacks. To resist such attacks, CAPTCHA that utilizes human recognition as been suggested but it show poor usability for deploying in the Internet. We propose an Emerging Image Cue CAPTCHA that offers improved usability and resists stream relay attacks, as well. We also examine the usability of the proposed CAPTCHA and investigate the attack resistance by conducting user study and experiments on simulated network environment.

• Journal of Information Technology Applications and Management
• /
• v.17 no.3
• /
• pp.43-56
• /
• 2010

Completely Automated Public Turing test to tell Computers and Humans Apart or CAPTCHA has received remarkable attention. Deciphering distorted texts is still a human task. The current CAPTCHA mainly requires users to read English alphabets. As such, Thai CAPTCHA may be the choice for Thai online practitioners. However, no published work has examined how Thai online practitioners perceive CAPTCHA. This study thus attempts to fill this void. Based on the 112 number of usable online questionnaire submission, Thai online practitioners are all aware of CAPTCHA. Also, nine out of ten samples identified correctly the prime benefits of CAPTCHA. Using exploratory factor analysis, their attitude towards CAPTCHA was classified into two dimensions. They perceived (1) drawback of general CAPTCHA and (2) feasibility of Thai CAPTCHA. In addition to extending our insight into application of CAPTCHA, policy-makers responsible for electronic commerce in Thailand could initiate plans in response to Thai online practitioners' perception.

• Journal of Information Technology Applications and Management
• /
• v.22 no.3
• /
• pp.55-64
• /
• 2015

We propose statistical methods for evaluating the efficiency of CAPTCHA. Most people unfairly assumed that machines are not capable at reading precisely. This fact leads to the invention of CAPTCHA, a distorted word or short phase, which is designed to thwart computers and separate human from machines. However, advances in image recognition technologies mean that machines are constantly getting better at recognizing CAPTCHA. This forces CAPTCHA designers to design even more difficult CAPTCHAs to prevent their systems from being gamed by malicious bots. However, this arm race has an unintended side effect on the common users. Many CAPTCHAs are now so hard that many people are unable to read them. This obviously conflicts with the original purpose that CAPTCHA was invented in the first place. Our analysis shows that some CAPTCHAs are more users friendly. In particular, Yahoo-style CAPTCHA is the most friendliness. This suggests that a good CAPTCHA could be a simple text with some distortion that prevents machines from correctly segmenting characters.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.8
• /
• pp.873-877
• /
• 2010

CAPTCHA is a security tool that prevents the automatic sign-up by a spam or a robot. This CAPTCHA usually depends on the smart readability of humans. However, the common and plain CAPTCHA with text-based system is not difficult to be solved by intelligent web-bot and machine learning tools. In this paper, we propose a new sub-image based CAPTCHA system totally different from the text based system. Our system offers a set of cropped sub-image from a whole digital picture and asks user to identify the correct orientation. Though there are some nice machine learning tools for this job, but they are useless for a cropped sub-images, which was clearly revealed by our experiment. Experiment showed that our sub-image based CAPTCHA is easy to human solver, but very hard to all kinds of machine learning or AI tools. Also our CAPTCHA is easy to be generated automatical without any human intervention.

• The KIPS Transactions:PartC
• /
• v.17C no.1
• /
• pp.27-36
• /
• 2010

In Web registration pages and online polling applications, CAPTCHA(Completely Automated Public Turing Test To Tell Computers and Human Apart) is used for distinguishing human users from automated programs. Text-based CAPTCHAs have been widely used in many popular Web sites in which distorted text is used. However, because the advanced optical character recognition techniques can recognize the distorted texts, the reliability becomes low. Image-based CAPTCHAs have been proposed to improve the reliability of the text-based CAPTCHAs. However, these systems also are known as having some drawbacks. First, some image-based CAPTCHA systems with small number of image files in their image dictionary is not so reliable since attacker can recognize images by repeated executions of machine learning programs. Second, users may feel uncomfortable since they have to try CAPTCHA tests repeatedly when they fail to input a correct keyword. Third, some image-base CAPTCHAs require high communication cost since they should send several image files for one CAPTCHA. To solve these problems of image-based CAPTCHA, this paper proposes a new CAPTCHA based on both image and text. In this system, an image and keywords are integrated into one CAPTCHA image to give user a hint for the answer keyword. The proposed CAPTCHA can help users to input easily the answer keyword with the hint in the fused image. Also, the proposed system can reduce the communication costs since it uses only a fused image file for one CAPTCHA. To improve the reliability of the image-text fusion CAPTCHA, we also propose a dynamic building method of large image dictionary from gathering huge amount of images from theinternet with filtering phase for preserving the correctness of CAPTCHA images. In this paper, we proved that the proposed image-text fusion CAPTCHA provides users more convenience and high reliability than the image-based CAPTCHA through experiments.

• Review of KIISC
• /
• v.27 no.1
• /
• pp.47-54
• /
• 2017

웹 사이트에서 자동화 공격 도구를 이용한 다양한 종류의 공격을 방지하기 위한 보안 솔루션으로 CAPTCHA가 널리 이용되고 있다. 그러나 동시에 CAPTCHA를 해결하는 자동화 도구에 대한 연구가 진행되면서 CAPTCHA에 사용되는 텍스트 이미지(예: 숫자, 글자)를 더욱 어렵게 만들게 되었다. 그 결과 사용자도 CAPTCHA를 해결하는데 어려움을 겪게 되었고, 결론적으로 보안성을 높이기 위해 사용성을 감소시킨 결과를 초래 하였다. 본 논문에서는 텍스트, 오디오 및 이미지 기반 CAPTCHA로 분류하여 보안성과 사용성 측면에서 분석하고자 한다.

• International Journal of Contents
• /
• v.5 no.3
• /
• pp.50-56
• /
• 2009

Internet is being used for several activities by a great range of users. These activities include communication, e-commerce, education, and entertainment. Users are required to register regarding website in order to enroll web activities. However, registration can be done by automated hacking software. That software make false enrollments which occupy the resources of the website by reducing the performance and efficiency of servers, even stop the entire web service. It is crucial for the websites to have a system which has the capability of differing human users and computer programs in reading images of text. Completely Automated Public Turing Test to Tell Computers and Human Apart (CAPTCHA) is such a defense system against Optical Character Recognition (OCR) software. OCR can be defined as software which work for defeating CAPTCHA images and make countless number of registrations on the websites. This study proposes a new CAPTCHA context that is Korean CAPTCHA by means of the method which is splitting CAPTCHA images into several parts with random rotation values, and drawing random lines on a grid background by using Korean characters only. Lines are in the same color with the CAPTCHA text and they provide a distortion of image with grid background. Experimental results show that Korean CAPTCHA is a more secure and effective CAPTCHA type for Korean users rather than current CAPTCHA types due to the structure of Korean letters and the algorithm we are using: rotation and splitting. In this paper, the algorithm of our method is introduced in detail.

• Journal of Smart Tourism
• /
• v.2 no.4
• /
• pp.5-10
• /
• 2022

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is everywhere. This research explores whether and how travelers' upfront exposure to a CAPTCHA influences their subsequent behaviors. In the travel decision-making context, we investigated the relationship between CAPTCHA and travelers' hotel preferences and intent to use cryptocurrency during the trip. In two experimental studies, we found that travelers exposed to a CAPTCHA (vs. not) preferred a robot-staffed to a human-staffed hotel (Study 1) and a pro-environmental to a quality hotel (Study 2). Exposure to a CAPTCHA also influences travelers' intent to use cryptocurrency during travel (Study 2). Preference for a pro-environmental hotel does not depend on the formats of CAPTCHA ("I am not a robot" or "I am human") while intent to use cryptocurrency is higher when travelers were exposed to the "I am not a robot" than "I am human" CAPTCHA. The results of two exploratory studies suggest several potential mechanisms by which CAPTCHAs affect travelers' behaviors and call for more research on this topic.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1129-1138
• /
• 2014

CAPTCHA is a technique which distinguishes human and machine using what human can judge easily but machine can't. Though Text-based-CAPTCHA has been widely used and can be implemented easily, it is less security than other CAPTCHAs such as image-based, or audio-based CAPTCHAs. To enhance the security of text-based CAPTCHA, many techniques have been developed. One of them is making CAPTCHA recognized hard using complex background or noise. In this paper, we introduce how to apply convolution filtering effectively to attack CAPTCHA and actually analyze Naver's CAPTCHA which has been used for joining a cafe with this method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1011-1019
• /
• 2015

CAPTCHA(Completely Automated Public Turing test to tell Computers and Humans Apart) is a test used in computing to distinguish whether or not the user is computer or human. Many web sites mostly use the character-based CAPTCHA consisting of digits and characters. Recently, with the development of OCR technology, simple character-based CAPTCHA are broken quite easily. As an alternative, many web sites add noise to make it harder for recognition. In this paper, we analyzed the most recent CAPTCHA, which incorporates the addition of the natural images to obfuscate the characters. We proposed an efficient method using support vector machine to separate the characters from the background image and use convolutional neural network to recognize each characters. As a result, 368 out of 1000 CAPTCHAs were correctly identified, it was demonstrated that the current CAPTCHA is not safe.