On the security and usability of dynamic cognitive game CAPTCHAs

@article{Mohamed2017OnTS,
  title={On the security and usability of dynamic cognitive game CAPTCHAs},
  author={Manar Mohamed and Song Gao and Niharika Sachdeva and Nitesh Saxena and Chengcui Zhang and Ponnurangam Kumaraguru and Paul C. van Oorschot},
  journal={J. Comput. Secur.},
  year={2017},
  volume={25},
  pages={205-230}
}
Existing CAPTCHA solutions are a major source of user frustration on the Internet today, frequently forcing companies to lose customers and business. Game CAPTCHAs are a promising approach which may make CAPTCHA solving a fun activity for the user. One category of such CAPTCHAs – called Dynamic Cognitive Game (DCG) CAPTCHA – challenges the user to perform a game-like cognitive (or recognition) task interacting with a series of dynamic images. Specifically, it takes the form of many objects… 
View via Publisher
info.cs.uab.edu
13 Citations
Background Citations
7
Methods Citations
1

13 Citations

Analysis of Usability for the Dice CAPTCHA

The obtained results are very helpful to analyze the combination of features having an influence on the CAPTCHA solution, and consequently, to find theCAPTCHA mostly complying to the postulate of “ideal” test.

In (Cyber)Space Bots Can Hear You Speak: Breaking Audio CAPTCHAs Using OTS Speech Recognition

An extensive exploration of the audio captcha ecosystem is conducted, and effective low-cost attacks against the audio challenges offered by seven major captcha services are presented, finding that the wide availability of advanced speech recognition services has severely lowered the technical capabilities required by fraudsters for deploying effective attacks.

CAPTCHA Design and Security Issues

This chapter presents an overview of research examining a wide range of issues that have been conducted on different types of CAPTCHAs, an integral part of the internet for providing online services which are intended for humans, with some level of protection against automated abuse.

Yet Another Text Captcha Solver: A Generative Adversarial Network Based Approach

This paper presents a generic, yet effective text captcha solver based on the generative adversarial network and demonstrates that the attack is generally applicable and can bypass the advanced security features employed by most modern text captcha schemes.

Predicting the Usability of the Dice CAPTCHA via Artificial Neural Network

New results of usability of the DiceCAPTCHA and important suggestions for designing new CAPTCHAs which could be closer to an “ideal” CAPTCHA are provided.

Evaluating the accessibility and usability of a universal CAPTCHA based on gestures for smartphones

  • Mrim Alnfiai
  • Computer Science
    Universal Access in the Information Society
  • 2020
New Gesture-based HearAct and SeeAct CAPTCHAs have a higher success rate, are more accessible, require less solving time, and are preferred by all users over the traditional CAPTCHA method.

Evaluating the accessibility and usability of a universal CAPTCHA based on gestures for smartphones

New Gesture-based HearAct and SeeAct CAPTCHAs have a higher success rate, are more accessible, require less solving time, and are preferred by all users over the traditional CAPTCHA method.

Captcha Solver : A Generative Adversarial Network Based Approach

A generic, yet effective text captcha solver based on the generative adversarial network that outperforms four state-of-the-art text-captcha solvers by not only delivering a significantly higher accuracy on all testing schemes, but also successfully attacking schemes where others have zero chance.

Using Generative Adversarial Networks to Break and Protect Text Captchas

This article presents a novel genetic text captcha solver based on the generative adversarial network that significantly outperforms four prior captcha solvers and can solve captcha schemes where others fail.

Detecting human attacks on text-based CAPTCHAs using the keystroke dynamic approach

A novel defence system using the keystroke dynamic approach is proposed and it is shown that the proposed system is able to detect human ‐ based attackson text ‐based CAPTCHAs effectively with a 100% detection rate.

References

SHOWING 1-10 OF 41 REFERENCES

A three-way investigation of a game-CAPTCHA: automated attacks, relay attacks and usability

This work formalize, design and implement a representative category of DCG captchas, and dissect them across: (1) fully automated attacks, (2) human-solver relay attacks, and (3) usability.

Dynamic Cognitive Game CAPTCHA Usability and Detection of Streaming-Based Farming

DCG CAPTCHAs appear to be one of the first CAPTCHA schemes that enable reliable detection of relay attacks, and a mechanism for detecting such a streaming-enabled game captcha farming based on real- time game statistics, fed to machine learning detection algorithms.

Gaming the game: Defeating a game captcha with efficient and robust hybrid attacks

A new DCG object tracking algorithm is designed, based on color code histogram, and it is shown that it is simpler, more efficient and more robust compared to several known tracking approaches.

The Usability of Captchas on Mobile Devices

This research developed, refined and tested a set of domain specific heuristics to evaluate captcha schemes on smartphones, and identified design strategies for the development of new captcha schemes for smartphones.

CAPTCHA smuggling: hijacking web browsing sessions to create CAPTCHA farms

A key point of this attack is that the CAPTCHAs are surreptitiously injected into interactions with benign web applications, and are perceived as a normal part of the application and raise no suspicion.

Implicit CAPTCHAs

A design methodology for "implicit" CAPTCHAs is proposed to relieve drawbacks of present technology and shows how these tests can be woven into the expected sequence of browsing using cues tailored to the site.

Collage CAPTCHA

A method has been presented for telling the human users and computer softwares apart on the basis of choice of an object shown on the screen, implemented by the Java programming language.

Security and Usability Challenges of Moving-Object CAPTCHAs: Decoding Codewords in Motion

This work presents an attack that defeats instances of such a captcha (NuCaptcha) representing the state-of-the-art, involving dynamic text strings called codewords, and considers design modifications to mitigate the attacks (e.g., overlapping characters more closely).

A low-cost attack on a Microsoft captcha

It is shown that CAPTCHAs that are carefully designed to be segmentation-resistant are vulnerable to novel but simple attacks, including the schemes designed and deployed by Microsoft, Yahoo and Google.

Online Collage CAPTCHA

A method for telling the human users and computer softwares apart on the basis of choice of an object shown on the screen and the main advantage of this method is its simplicity because the user does not have to type anything.