Date post: | 22-Dec-2015 |
Category: |
Documents |
Upload: | ananta-tyagi |
View: | 252 times |
Download: | 4 times |
CAPTCHACAPTCHA
Presented by: ANANTA TYAGI B.Tech C.S. 3rd year 1135110012
OVERVIEWOVERVIEWDefinitionBackgroundApplicationsTypes of CAPTCHAsBreaking CAPTCHAsRecent Developments
2
Definition:Definition:CAPTCHA is an acronym which stands for
Completely Automated Public Turing test to tell Computers and Humans Apart.
A program that can tell whether its user is a human or a computer.
Invented by Luis von Ahn and Manuel BlumThe challenge: develop a software program
that can create and grade challenges most humans can pass but computers cannot.
3
Background:Background:First used by Altavista in1997
• Reduced SPAM add-url by over 95%CMU/Yahoo!
• Automated the creating and grading of challenges
PARC• Relies on document image degradation
to prevent successful OCR• Made its own meta-CAPTCHA.
4
Background:Background: Generic CAPTCHAs distort letters and
nos.
User has to recognize distorted letters.
5
Applications:Applications:Free email services.Online polls predictionPrevent dictionary attacks.Preventing SPAM.E-ticketing,prevention of scalping.Newsgroups,Blogs,..etc.
6
Turing Test:Turing Test:Proposed by Alan Turing to test a
machine’s level of intelligence.Human judge asks question to 2
participants.The judge does not know which is
which.After listening,if judge fails to
recognize machine,machine passes the test.
7
Turing Test contd…Turing Test contd…CAPTCHA employs REVERSE
TURING TEST.Here,Judge=Captcha,Participant=User.If user answers captcha correctly,he is
human else a machine.
8
Types of CAPTCHAs:Types of CAPTCHAs:Text based
• Gimpy• Ez-Gimpy • MSN Passport Service based• Google’s reCaptcha
Graphic based• Bongo• Pix
Audio based
9
Text Based CAPTCHAs:Text Based CAPTCHAs:Ordinary questions like:
• What is the sum of 72 and 35?• If today is Sunday,what is day after
tomorrow?Effective but requires a large question
bank.Cognitively challenged users may find
it difficult.
10
Gimpy:Gimpy:Designed by Yahoo and
CMU(Carnegie Mellon University.)Picks up 10 random words from the
dictionary,fills them with noise.User has to recognise atleast 3 words.If correct,user is admitted.Prone to dictionary attacks.
11
Ez-Gimpy:Ez-Gimpy:Modified version of GimpyYahoo used this version in
Messenger.A random string of characters is used.Not prone to dictionary attacks.Not very good,has been broken by
OCRs.
12
MSN Passport Service Based:MSN Passport Service Based:
Provided for MSN services.Use of 8 characters.Warping and arcs are used for
distortion.Very strong implementation.Broken by Newcastle University with
92% success.
13
Text Based CAPTCHAs:Text Based CAPTCHAs:
14
Graphic Based CAPTCHAs:Graphic Based CAPTCHAs:BONGO
• Display two series of blocks• User must find the characteristic that sets
the two series apart• User is asked to determine which series
each of four single blocks belongs to.
15
Graphic Based CAPTCHAs:Graphic Based CAPTCHAs:PIX
• Create a large database of labeled images.
• Pick a concrete object.• Pick four images of the object from the
images database.• Distort the images.• Ask the user to pick the object for a list of
words.
16
Graphic Based CAPTCHAs:Graphic Based CAPTCHAs:
17
Audio Based CAPTCHAs:Audio Based CAPTCHAs:Pick a word or a sequence of numbers
at random.Render them into an audio clip using a
TTS software.Distort the audio clip.Ask the user to identify and type the
word or numbers.
18
Google’s reCaptcha:Google’s reCaptcha:Used by Google to verify digitized
books.2 words are shownProgram knows one of the words.If user enters first word correctly,it
assumes that second word will also be entered correctly.
Also replays the word to many users to determine the answer.
19
Google’s reCaptcha:Google’s reCaptcha:
20
Breaking CAPTCHAs:Breaking CAPTCHAs:Most text based CAPTCHAs have
been broken by software• OCR• Segmentation
Greg Mori and Jitendra Malik have broken text captchas.
21
Breaking CAPTCHAs:Breaking CAPTCHAs:Social engineering is used for breaking
CAPTCHAs:Spammer encounters CAPTCHA.CAPTCHA is copied to another site.Humans are baited –free mp3 files, free
wallpapers etc.Users are told to solve copied
CAPTCHA.Solution is then routed back to spammer.
22
Recent Developments:Recent Developments:A site named “hellocaptcha.com” has
introduced a new generation of CAPTCHAs.
They make custom designed CAPTCHAs for various websites.
Highly secure,animated GIF images. Has prestigious clients like the
Austrian Government.
23
Examples:Examples:
24
25