Protection through Intelligent and Multimedia Captchas

ACM Computing Surveys, 2022

A recent study has found that malicious bots generated nearly a quarter of overall website traffic in 2019 [102]. These malicious bots perform activities such as price and content scraping, account creation and takeover, credit card fraud, denial of service, and so on. Thus, they represent a serious threat to all businesses in general, but are especially troublesome for e-commerce, travel, and financial services. One of the most common defense mechanisms against bots abusing online services is the introduction of Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA), so it is extremely important to understand which CAPTCHA schemes have been designed and their actual effectiveness against the ever-evolving bots. To this end, this work provides an overview of the current state-of-the-art in the field of CAPTCHA schemes and defines a new classification that includes all the emerging schemes. In addition, for each identified CAPTCHA category, the most succ...

2011

A "Completely Automated Public Turing test to tell Computers and Humans Apart" (CAPTCHA) is a mechanism widely used nowadays for protection of web applications, interfaces, and services from malicious users. A questionnaire-based survey combined with a real usage scenario of a native-language CAPTCHA mechanism was conducted in order to investigate several aspects that affect end-user perceptions related to the quality of CAPTCHA. A total of 210 participants of age between 19 and 64 participated during May and July 2010. The survey results validate the common belief that CAPTCHAs are still difficult for humans to solve. They also provide insights that can be applied to improve users" experience on interacting with CAPTCHA systems.

2015

automatic filters that are widely used these days to disallow any automated script that can perform the work of a human. CAPTCHAs are built in such a way that it is very difficult for any automated script to break them. In this paper, a novel approach for EZ-Gimpy CAPTCHAs has been proposed that first preprocesses the given CAPTCHA, segments its characters, matches the character’s features with the features in a characteristic table and then uses HMM to recognize the characters of the CAPTCHA. Results verify the effectiveness of the approach.

– Authentication methods are used to tackle a very important issue, the cyber security. It helps to avoid the illegal use or misuse of highly sensitive data. Completely Automated Public Turing Test to Tell Computer and the Humans Apart (CAPTCHA) is the automatic security mechanism which is used to determine whether the user is a human or the robot. It is a program which generates and grades the tests that are human solvable but is beyond the current computer program capability. Unfortunately among several CAPTCHA techniques, the text catpcha can be easily hacked and are not reliable for the data security. Though CAPTCHA's that are robust such as complex image CAPTCHA, graphical CAPTCHA, iCAPTCHA are available, yet most of the websites do not implement as they have to rely on the 3 rd party CAPTCHA service provider and also due to the fact that the size occupancy which loads their database on the server which is of less size and cause slow operation of the website. This paper describes the various categories of the CAPTCHA systems, their applications and the drawbacks of each CAPTCHA techniques.

Journal of emerging technologies and innovative research, 2021

Due to the growth of the internet in our life and its importance in all our everyday activities , including occupational and educational ones .We should also keep in mind that it harbours a negative aspect , as it brings security problems. Hence CAPTCHAs are used for making systems more secure. The major role of CAPTCHA is to prevent robotic bot (spam) form surrender or prove user personality. Using a pattern-matching algorithm is necessary for the user for comparison by receiving signs founded in similar matches. This method makes it difficult to get a forbidden access to data, since malicious bot is to spy out signs in the image. This mechanism implements actions on the attitude of user gesticulation which makes it distinguishable and secure. Human-Computer Interaction i.e. interaction between computer and individual is made to make it easy in understand human language .On other words, Human-computer Interaction focuses on the study of interfaces between computer and human. This paper presents a comprehensive study of various different types of CAPTCHA, the ones good in securing webpages. It also discusses the strengths and weaknesses of each one. Moreover, its importance in discerning the user's individuality, the behavior of humans, and bots and the paper will illustrate some CAPTCHAs mechaniits and impairments which allows hackers to break .In addition, is necessary to take into consideration the approaches of building a good CAPTCHA.

2006

Abstract. Completely Automated Public Turing Test to tell Computers and Humans Apart (CAPTCHA) is a –rather – simple test that can be easily answered by a human but extremely difficult to be answered by computers. CAPTCHAs have been widely used for practical security reasons, like preventing automated registration in Web-based services. However, all deployed CAPTCHAs are based on the static identification of an object or text. All CAPTCHAs, from simple ones, like typing the distorted text, to advanced ones, like recognizing an object in an image, are vulnerable to the Laundry attack. An attacker may post the test to a malicious site and attract its visitors to solve the puzzle for her. This paper focuses on sealing CAPTCHAs against such attacks by adding a dimension not used so far: animation. Animated CAPTCHAs do not have a static answer, thus even when they are exposed to laundering, unsuspected visitors will provide answers that will be useless on the attacker’s side.

International Journal for Research in Applied Science & Engineering Technology (IJRASET), 2022

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a process of identifying whether user is human or robot. It is very important to know the user end because security can be breach. There are different CAPTCHA problems accessible like twisted string, image recognition, math and gaming CAPTCHA. Game based problem is intuitive and profoundly got as contrast with the other CAPTCHA. In this sort of CAPTCHA client needs to tackle an AI problem either by drag and drop technique or click based, contingent upon the game. The paper is expected to audit different carried out CAPTCHA and analyze their shortcoming and security boundaries. A large number of the CAPTCHAs are based on click based strategies where client needs to recognize the photos according to its appearance and snap in like manner. However, this sort of CAPTCHA can be mediated by image processing like object classifier. Dragging an item to the objective region is a successful way however it must be performed or tackled by a scholarly problem. On the off chance that dragging an item to the objective region by object acknowledgment, framework might get broken by relay attacks.

A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is an automatic security mechanism used to determine whether the user is a human or a malicious computer program. It is a program that generates and grades tests that are human solvable, but intends to be beyond the capabilities of current computer programs. CAPTCHA should be designed to be very easy for humans but very hard for machines. Unfortunately, the existing CAPTCHA systems while trying to maximize the difficulty for automated programs to pass tests by increasing distortion or noise have consequently, made it also very difficult for potential users. To address the issue, this paper addresses an alternative form of CAPTCHA that provides a variety of questions from mathematical, logical and general problems which only human can understand and answer correctly in a given time. The proposed framework supports diversity in choosing the questions to be answered and a user-friendly framework to the users. A user-study is also conducted to judge the performance of the developed system with different background. The study shows the efficacy of the implemented system with a good level of user satisfaction over traditional CAPTCHA available today.

On the Move to …, 2006

IT Professional, 2005

Captcha-a completely automatic public Turing test to tell computers and humans apart-is a test that humans can pass but computer programs cannot; such tests are becoming key to defending ecommerce systems.Without them, spammers can, for example, write simple automated scripts to create hundreds of free e-mail accounts with a single command. The e-mail service provider can choose not to validate the information supplied by uses, but ends up with thousands of useless accounts. On the other hand, the provider can assume the extra burden of validating this information, but risks crippling its systems with the extra burden that validation requires. By inserting a Captcha into the login and user creation process, system administrators can defeat these automated scripts and have some assurance that an actual human is associated with the account. Similarly, Captchas are also useful in defending online shopping or auction sites by preventing spammers from posting irrelevant or bogus bids to prevent other buyers from purchasing products. Captchas are a modern implementation of the Turing test, which asks a series of questions of two players: a computer and a human. Both players pretend to be human and try to mislead the judge. Based on the answers given, the judge has to decide which one is human and which is a computer. Captchas are similar to the Turing test in that they distinguish computers from humans, except that, with a Captcha, the judge is also a computer. Captchas also differ from the Turing test because they work on a variety of sensory inputs, whereas the Turing test is conversational. Captchas come in several different types. Most generally, the Captcha is simply an image composed of pseudorandom letters and numbers placed either in front of an obfuscating background or run through some degradation algorithm to make optical character recognition (OCR) of the final image impractical. HISTORY AltaVista was the first to use a simple Captcha that generated images of random text. It used the Captcha to prevent users from abusing its free-URL submission utility.Andrei Broder,AltaVista chief scientist, and his colleagues patented the technology in 2001. The AltaVista Captcha reduced abuse by 95 percent (http://msdn. microsoft.com/library/default.asp?url=/library/ en-us/dnaspp/html/hip_aspnet.asp). In 2000, Udi Mamber of Yahoo was looking for ways to prevent bots from joining the online chat rooms to post advertisements. Researchers at Carnegie Mellon University took up the problem and proceeded to quantify desirable characteristics of Captchas as well as generate several types, including the Gimpy type described later. The Xerox Palo Alto Research Center (PARC) also actively continues to study Captchas. PARC researchers have most recently developed Baffle Captchas can provide an easily programmable way to tell computers from humans and keep spammers and bots away from e-commerce systems.