Visible to the public Improving Security Control of Text-Based CAPTCHA Challenges using Honeypot and Timestamping

TitleImproving Security Control of Text-Based CAPTCHA Challenges using Honeypot and Timestamping
Publication TypeConference Paper
Year of Publication2020
AuthorsBanday, M. T., Sheikh, S. A.
Conference Name2020 Fourth International Conference on Computing Methodologies and Communication (ICCMC)
Date PublishedMarch 2020
PublisherIEEE
ISBN Number978-1-7281-4889-2
KeywordsCAPTCHA string, CAPTCHA Usability, captchas, composability, data protection, deformations, hidden text-boxes, Hip, honeypot, honeypot technique, Human Behavior, human computer interaction, Human Interaction Proof, image segmentation, Internet, Multilingual CAPTCHA, optical character recognition, pubcrawl, security mechanism, security of data, segmentation technique, text analysis, text-based CAPTCHA challenge, user-friendliness, Web applications, Web Bots, Web sites
Abstract

The resistance to attacks aimed to break CAPTCHA challenges and the effectiveness, efficiency and satisfaction of human users in solving them called usability are the two major concerns while designing CAPTCHA schemes. User-friendliness, universality, and accessibility are related dimensions of usability, which must also be addressed adequately. With recent advances in segmentation and optical character recognition techniques, complex distortions, degradations and transformations are added to text-based CAPTCHA challenges resulting in their reduced usability. The extent of these deformations can be decreased if some additional security mechanism is incorporated in such challenges. This paper proposes an additional security mechanism that can add an extra layer of protection to any text-based CAPTCHA challenge, making it more challenging for bots and scripts that might be used to attack websites and web applications. It proposes the use of hidden text-boxes for user entry of CAPTCHA string which serves as honeypots for bots and automated scripts. The honeypot technique is used to trick bots and automated scripts into filling up input fields which legitimate human users cannot fill in. The paper reports implementation of honeypot technique and results of tests carried out over three months during which form submissions were logged for analysis. The results demonstrated great effectiveness of honeypots technique to improve security control and usability of text-based CAPTCHA challenges.

URLhttps://ieeexplore.ieee.org/document/9076410
DOI10.1109/ICCMC48092.2020.ICCMC-000131
Citation Keybanday_improving_2020