Visible to the public CAPTCHAs 2015Conflict Detection Enabled

SoS Newsletter- Advanced Book Block

 

 
SoS Logo

CAPTCHAs 2015

 

 CAPTCHA (acronym for Completely Automated Public Turing test to tell Computers and Humans Apart) technology has become a standard security tool.  In the research presented here, some novel uses are presented, including use of Captchas as graphical passwords, motion-based captchas, and defeating a captcha using a gaming technique.  These works were presented or published in 2015.


Salas Avila, W.G.; Osorio Angarita, M.A.; Moreno Canadas, A., "Matrix Problems to Generate Mosaic-based CAPTCHAs," in Imaging for Crime Prevention and Detection (ICDP-15), 6th International Conference on, pp. 1-5, 15-17 July 2015. doi: 10.1049/ic.2015.0114

Abstract: Matrix problems and in particular matrix representations of partially ordered sets (posets) are used to formally define and generate emerging and multistable images. Images induced by such representations are mosaics which can be used to design different types of Human Interaction Proofs.

Keywords: image representation; image segmentation; matrix algebra; security of data; human interaction proofs; matrix representations; mosaic-based CAPTCHA; multistable images; partially ordered sets; Authentication; CAPTCHA; emerging image; gestalt; matrix representation; module; multistable image; poset representation (ID#: 15-8252)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7318002&isnumber=7244054

 

Ramaiah, C.; Plamondon, R.; Govindaraju, V., "A Sigma-Lognormal Model For Character Level CAPTCHA Generation," in Document Analysis and Recognition (ICDAR), 2015 13th International Conference on, vol., no., pp. 966-970, 23-26 Aug. 2015. doi: 10.1109/ICDAR.2015.7333905

Abstract: Word level handwritten CAPTCHA generation involves picking a handwritten word from a pre-existing database and cumulatively applying distortions and noise models. In principle, the addition of distortion and noise makes the CAPTCHA robust to automated attacks. However, the primary drawback of the word level CAPTCHA generation is that it limits us to words that already exist in our data set. If the primary building block of this approach was a character, we could move away from a lexicon based CAPTCHA generation and generate CAPTCHAs which are resistant to a dictionary based attack. In this paper, we propose a Sigma-Lognormal based approach to generate character level CAPTCHAs. Next, we increase the robustness of the model by applying ideas from accents in handwriting to our problem. Finally, we demonstrate the efficacy of our approach by simulating an attack by an automated word recognizer.

Keywords: handwritten character recognition; security of data; automated word recognizer; character level CAPTCHA generation; completely automated public turing test-to-tell computer-and-human apart; dictionary based attack; lexicon-based CAPTCHA generation; sigma-lognormal model; sigma-lognormal-based approach; word level handwritten CAPTCHA generation; CAPTCHAs; Computers; Handwriting recognition; Image recognition; Robustness (ID#: 15-8253)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7333905&isnumber=7333702

 

Singhal, Sarthak; Sharma, Ashish; Garg, Shivam; Jatana, Nishtha, "Vulnerabilities of CAPTCHA used by IRCTC and an Alternative Approach of Split Motion Text (SMT) CAPTCHA," in Reliability, Infocom Technologies and Optimization (ICRITO) (Trends and Future Directions), 2015 4th International Conference on, pp. 1-6, 2-4 Sept. 2015. doi: 10.1109/ICRITO.2015.7359287

Abstract: Online web services are commonly protected through CAPTCHAs and they are regarded as a class of Human-Interactive Proof (HIP). Numerous CAPTCHA schemes have been proposed in the past to prevent spam and brute-force attacks by automated scripts but many of such CAPTCHAs have been subjected to be broken by decoders. Our paper breaks one such CAPTCHA system used by one of the India's most visited e-commerce website IRCTC.co.in using modern OCRs and list out its vulnerabilities as well. We also propose an alternative scheme called Split Motion Text CAPTCHA (SMT-CAPTCHA) which capitalizes on gestalt perception of vision to read broken animated text. SMT-CAPTCHA focuses on working against the segmentation part of the decoding by splitting and animating each character randomly, making it difficult for decoders to segment and extract text from the CAPTCHA. On experimentation, it was observed that modern OCRs and decoding methodologies fail to break our SMT-CAPTCHA system, whereas, the average computer success of decoding IRCTC's CAPTCHA is significantly high.

Keywords: Animation; Artificial intelligence; CAPTCHAs; Computers; Decoding; Noise measurement; Optical character recognition software; CAPTCHA; Human Interactive Proof; IRCTC; OCR; Segmentation (ID#: 15-8254)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7359287&isnumber=7359191

 

Beheshti, S.M.R.S.; Liatsis, P., "How Humans Can Help Computers to Solve an Artificial Problem?," in Systems, Signals and Image Processing (IWSSIP), 2015 International Conference on, pp. 291-294, 10-12 Sept. 2015. doi: 10.1109/IWSSIP.2015.7314233

Abstract: The idea of using CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) was to protect websites from attacks initiated by the automated computer scripts or computer robots (bots). One of the most important issues about CAPTCHAs is that the test has to be designed in a way that makes it too hard or almost impossible for the computer programs to break the test however, at the same time it should be fairly easy for human users to solve. ReCAPTCHA is known as one of the most popular CAPTCHA models which is being used by the majority of well-known websites such as Yahoo!, Google, Facebook and etc. ReCAPTCHA is being used in order to help digitizing old text books and notes. In this paper we investigate the algorithm behind reCAPTCHA more in depth and find out how basically a simple script-based computer program can get use of real human users in order to solve an artificial problem for the machines. We also review some of the most important security accepts of the reCAPTCHA model.

Keywords: Web sites; artificial intelligence; data protection; optical character recognition; problem solving; security of data; CAPTCHA; OCR; Web site protection; artificial problem solving; completely automated public Turing test to tell computers and humans apart; optical character recognition; script-based computer program; CAPTCHAs; Character recognition; Computers; Image recognition; Optical character recognition software; Text recognition; CAPTCHA; Game with a Purpose (GWAP); HIPs; Human Interactive Proofs; reCAPTCHA (ID#: 15-8255)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7314233&isnumber=7313917

 

Srihari, V.; Kalpana, P.; Anitha, R., "Spam over IP Telephony Prevention using Dendritic Cell Algorithm," in Signal Processing, Communication and Networking (ICSCN), 2015 3rd International Conference on, pp. 1-7, 26-28 March 2015. doi: 10.1109/ICSCN.2015.7219895

Abstract: Spam over IP Telephony (SPIT) is an emerging threat in the telecom era of Voice over IP Networks (VoIP). Though evolved from email spam, SPIT is more obstructive and intrusive in nature as they require response from the callee. Contemplating the behavior of SPIT, a provider based system is contributed with the proposed mechanism installed on the SIP proxy server. In this work, a biologically inspired Dendritic Cell Algorithm (DCA) is proposed to prevent the spam callers from penetrating the network. The algorithm uses Dendritic Cells (DCs) to collect signals from multiple inputs and perform data fusion with them. To study the behavior of spam calls and the impact of proposed mechanism, experimental testbed is formed in the research lab and the performance evaluation is accomplished. Results obtained are convincing and hence validating the performance and accuracy of the system.

Keywords: Internet telephony; VoIP; dendritic cell algorithm; spam callers; spam over IP telephony; voice over IP networks; CAPTCHAs; Servers; Telephony; Unsolicited electronic mail; Dendritic Cell Algorithm (DCA); Spam over IP Telephony (SPIT); Voice over IP (VoIP) (ID#: 15-8256)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7219895&isnumber=7219823

 

Nanglae, N.; Bhattarakosol, P., "Attitudes Towards Text-based CAPTCHA from Developing Countries," in Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON), 2015 12th International Conference on, pp. 1-4, 24-27 June 2015. doi: 10.1109/ECTICon.2015.7207116

Abstract: CAPTCHA, especially Text-based CAPTCHA, is the most widely used for security over the online environment in the present. That was used for identification automatic program computer and real human users. This technology was introduced by IBM that is a very high-end company in a very high-end country when comparing with countries in this study. This research was performed using a questionnaire to samples in three countries and found that the nationality of users also has impact in using Text-based CAPTCHA. The used attitudes of users in different countries are also dissimilar according to the education background and economic ranking.

Keywords: security of data; text analysis; user interfaces; IBM; automatic program computer identification; online environment; real human users; security; text-based CAPTCHA; Authentication; CAPTCHAs; Computers; Education; Internet; Usability; Biometric information; CAPTCHA; Text-based CAPTCHA (ID#: 15-8257)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7207116&isnumber=7206924

 

Saxena, M.; Khan, P.M., "Spamizer: An Approach to Handle Web Form Spam," in Computing for Sustainable Global Development (INDIACom), 2015 2nd International Conference on, pp. 1095-1100, 11-13 March 2015. Doi:  (not provided)

Abstract: The Spam Emails are regularly causing huge losses to business on a regular basis. The Spam filtering is an automated technique to identity SPAM and HAM (Non-Spam). The Web Spam filters can be categorized as: Content based spam filters and List based spam filters. In this research work, we have studied the spam statistics of a famous Spambot `Srizbi'. We have also discussed different approaches for Spam Filtering and finally proposed a new algorithm which is made on the basis of behavioral approaches of Spammers and to restrict the budding economical growth of Spam generating company's. We have used the hidden Honeypot and a Honeytrap module to minimize the spam generated from Contact and Feedback forms on public and social networking CMS websites.

Keywords: Internet; e-mail filters; information filters; invasive software; social networking (online);unsolicited e-mail; HAM; Honeypot; Honeytrap module; Spambot; Spamizer; Srizbi; Web form; Web spam filter; content based spam filter; list based spam filter; nonspam; social networking CMS Web site; spam email; spam filtering; spam generating company; spam statistics; spammer; CAPTCHAs; IP networks; Information filters; Servers; Unsolicited electronic mail; HoneyTrap; Honeypots; Spam bots; Spamizer; Srizbi; Web Form Comment Spam (ID#: 15-8258)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7100417&isnumber=7100186

 

Guerar, M.; Merlo, A.; Benmohammed, M.; Migliardi, M.; Messabih, B., "A Completely Automatic Public Physical Test to Tell Computers and Humans Apart: A Way to Enhance Authentication Schemes in Mobile Devices," in High Performance Computing & Simulation (HPCS), 2015 International Conference on,  pp 203-210, 20-24 July 2015. doi: 10.1109/HPCSim.2015.7237041

Abstract: Nowadays, data security is one of the most - if not the most important aspects in mobile applications, web and information systems in general. On one hand, this is a result of the vital role of mobile and web applications in our daily life. On the other hand, though, the huge, yet accelerating evolution of computers and software has led to more and more sophisticated forms of threats and attacks which jeopardize user's credentials and privacy. Today's computers are capable of automatically performing authentication attempts replaying recorded data. This fact has brought the challenge of access control to a whole new level, and has urged the researchers to develop new mechanisms in order to prevent software from performing automatic authentication attempts. In this research perspective, the Completely Automatic Public Turing test to tell Computers and Humans Apart (CAPTCHA) has been proposed and widely adopted. However, this mechanism consists of a cognitive intelligence test to reinforce traditional authentication against computerized attempts, thus it puts additional strain on the legitimate user too and, quite often, significantly slows the authentication process. In this paper, we introduce a Completely Automatic Public Physical test to tell Computers and Humans Apart (CAPPCHA) as a way to enhance PIN authentication scheme for mobile devices. This test does not introduce any additional cognitive strain on the user as it leverages only his physical nature. We prove that the scheme is even more secure than CAPTCHA and our experiments show that it is fast and easy for users.

Keywords: Turing machines; authorisation; cognition; data privacy; mobile computing; CAPPCHA; CAPTCHA; Completely Automatic Public Physical test to tell Computers and Humans Apart; PIN authentication scheme; Web systems; authentication schemes; cognitive intelligence test; completely automatic public Turing test to tell computers and humans apart; completely automatic public physical test; information systems; mobile applications; mobile devices; user credentials; user privacy; Authentication; CAPTCHAs; Computers; Sensors; Smart phones (ID#: 15-8259)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7237041&isnumber=7237005

 

Haque, A.; Singh, S., "Anti-Scraping Application Development," in Advances in Computing, Communications and Informatics (ICACCI), 2015 International Conference on, pp. 869-874, 10-13 Aug. 2015. doi: 10.1109/ICACCI.2015.7275720

Abstract: Scraping is the activity of retrieving data from a website, often in an automated manner and without the permission of the owner. This data can further be used by the scraper in whatever way he desires. The activity is deemed illegal, but the change in legality has not stopped people from doing the same. Anti-scraping solutions are being offered as rather expensive services, which although are effective, are also slow. This paper aims to list challenges and proposes mitigations techniques to develop a Software as a Product (SaaP) anti-scraping application for small to medium scale websites.

Keywords: Web sites; information retrieval; SaaP; anti-scraping application development; data retrieval; mitigation techniques; small to medium scale Web sites; software as a product; CAPTCHAs; Databases; IP networks; Loading; Security; Servers; Software (ID#: 15-8260)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7275720&isnumber=7275573

 

Tingre, S.; Mukhopadhyay, D., "An Approach for Segmentation of Characters in CAPTCHA," in Computing, Communication & Automation (ICCCA), 2015 International Conference on, pp. 1054-1059, 15-16 May 2015. doi: 10.1109/CCAA.2015.7148562

Abstract: In the area of image processing and Optical Character Recognition, Segmentation is one of the steps which plays an important role in dealing with offline and online text images. Character segmentation means breaking an image with word into a sequence of characters. A broad perspective of segmentation lies in segmenting the characters in CAPTCHA (Completely Automated Public Turing Tests to Tell Computers and Humans Apart). It is a test that authenticated users have to pass to gain access to their respective mail accounts. Malicious programs like bots, attack the accounts and are a threat to the data integrity, privacy and confidentiality. To avoid this, CAPTCHA was introduced. Segmentation of characters acts as the basis of analyzing the strength of CAPTCHA. Stronger the CAPTCHA, more difficult it is to break. The proposed work is about a CAPTCHA segmenter. It segments the CAPTCHA image with the help of a CAPTCHA Trainer. It is a user created set of pre-processing operations on images which can simply be re-used for segmenting the similar types of images, thus saving time. The operations that can be performed on any image are, gray scale conversion, dot removal, line removal, slant correction, color extraction, thinning.

Keywords: data integrity; data privacy; image segmentation; image sequences; message authentication; optical character recognition; CAPTCHA; Completely Automated Public Turing test to tell Computers and Humans Apart; character segmentation; character sequence; data confidentiality; data integrity; data privacy; image processing; optical character recognition; user authentication; Accuracy; Artificial neural networks; CAPTCHAs; Character recognition; Feature extraction; Image color analysis; Image segmentation; CAPTCHA; Gray Scale; Image Processing; OCR; Segmentation; Thinning; Threshold (ID#: 15-8261)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7148562&isnumber=7148334

 

Ishfaq, H.; Iqbal, W.; Bin Shahid, W., "Attaining Accessibility and Personalization with Socio-Captcha (SCAP)," in Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, pp. 307-311, 13-17 Jan. 2015. doi: 10.1109/IBCAST.2015.7058521

Abstract: Many websites have made use of motions, videos, flash, gif animations and static images to implement Captcha in order to ensure that the entity trying to connect to their website(s) or system is not a Bot, but a human being. A wide variety of Captcha types and solution methods are available and few are described in section II. All of these Captcha systems possess the functionality of distinguishing humans and Bots but lack in providing personalization attribute(s) whilst browsing the internet or using any networking application. This paper has suggested a novel scheme for generation of Captcha by attaining accessibility and personalization through user's social media profile attributes Socio-Captcha (SCAP). This Socio-Captcha Scheme relies on Socio-Captcha application which is discussed in this paper.

Keywords: security of data; social networking (online); Internet; SCAP; Web sites; personalization attribute; social media profile; socio-captcha scheme; CAPTCHAs; Clothing; Electronic publishing; Facebook; Frequency modulation; Information services; Lead; accessibility; bot; captcha; human; personalization; social media; web (ID#: 15-8262)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058521&isnumber=7058466

 

Ranjan, A.K.; Kumar, B., "Directional Captcha: A Novel Approach to Text Based CAPTCHA," in Advances in Computing, Communications and Informatics (ICACCI), 2015 International Conference on, pp.1278-1283, 10-13 Aug. 2015. doi: 10.1109/ICACCI.2015.7275789

Abstract: In this Paper, we have proposed a new captcha based on digits and symbols. It is based on the facts that it is difficult for the machine to interpret symbols and perform the tasks accordingly from two different datasets. We have also pointed out the main anti-recognition and anti-segmentation features from previous works and implemented them on our proposed captcha. We have also presented here the pseudocode of it, have done a security analysis and usability survey to firm our claims regarding it.

Keywords: text analysis; anti-recognition features; anti-segmentation features; directional Captcha; security analysis; text based Captcha; CAPTCHAs; Color; Image color analysis; Optical character recognition software; Security; Time factors; Usability; CAPTCHA; anti- recognition; anti- segmentation; pseudo code; security analysis; usability (ID#: 15-8263)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7275789&isnumber=7275573

 

Gashler, M.S.; Kindle, Z.; Smith, M.R., "A Minimal Architecture for General Cognition," in Neural Networks (IJCNN), 2015 International Joint Conference on, pp. 1-8, 12-17 July 2015. doi: 10.1109/IJCNN.2015.7280749

Abstract: A minimalistic cognitive architecture called MANIC is presented. The MANIC architecture requires only three function approximating models, and one state machine. Even with so few major components, it is theoretically sufficient to achieve functional equivalence with all other cognitive architectures, and can be practically trained. Instead of seeking to trasfer architectural inspiration from biology into artificial intelligence, MANIC seeks to minimize novelty and follow the most well-established constructs that have evolved within various subfields of data science. From this perspective, MANIC offers an alternate approach to a long-standing objective of artificial intelligence. This paper provides a theoretical analysis of the MANIC architecture.

Keywords: cognition; software agents; MANIC architecture; artificial intelligence; function approximating model; functional equivalence; minimalistic cognitive architecture; state machine;Accuracy;Assembly;Automobiles;CAPTCHAs;Decoding;Robots;Service-oriented architecture (ID#: 15-8264)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7280749&isnumber=7280295

 

Singh, K.J.; De, T., "DDOS Attack Detection and Mitigation Technique Based on Http Count and Verification Using CAPTCHA," in Computational Intelligence and Networks (CINE), 2015 International Conference on, pp. 196-197, 12-13 Jan. 2015. doi: 10.1109/CINE.2015.47

Abstract: With the rapid development of internet, the number of people who are online also increases tremendously. But now a day's we find not only growing positive use of internet but also the negative use of it. The misuse and abuse of internet is growing at an alarming rate. There are large cases of virus and worms infecting our systems having the software vulnerability. These systems can even become the clients for the bot herders. These infected system aid in launching the DDoS attack to a target server. In this paper we introduced the concept of IP blacklisting which will blocked the entire blacklisted IP address, http count filter will enable us to detect the normal and the suspected IP addresses and the CAPTCHA technique to counter check whether these suspected IP address are in control by human or botnet.

Keywords: Internet; client-server systems; computer network security; computer viruses; transport protocols; CAPTCHA; DDOS attack detection; DDOS attack mitigation technique; HTTP count filter; HTTP verification; IP address; IP blacklisting; Internet; botnet; software vulnerability; target server; virus; worms; CAPTCHAs; Computer crime; IP networks; Internet; Radiation detectors; Servers; bot; botnets; captcha; filter; http; mitigation (ID#: 15-8265)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7053830&isnumber=7053782

 

Fujita, Masahiro; Yamada, Mako; Arimura, Shiori; Ikeya, Yuki; Nishigaki, Masakatsu, "An Attempt to Memorize Strong Passwords while Playing Games," in Network-Based Information Systems (NBiS), 2015 18th International Conference on, pp. 264-268, 2-4 Sept. 2015. doi: 10.1109/NBiS.2015.41

Abstract: There could be two approaches for combining security with entertainment, (i) an entertainment factor is embedded in security technology and (ii) a security factor is embedded in entertainment technology. Since all previous studies were focused on approach (i), we examined approach (ii). As the first attempt, this paper tried to embed a password enhancement factor into games. We designed a password enhancement scheme which enables users to naturally memorize strong passwords while playing games. We also discuss the effectiveness of our scheme.

Keywords: Authentication; CAPTCHAs; Entertainment industry; Games; Information systems; Libraries; Entertainment; Games; Password Enhancement; Security Awareness (ID#: 15-8266)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7350630&isnumber=7350553

 

Bindu, C.S., "Click Based Graphical CAPTCHA to Thwart Spyware Attack," in Advance Computing Conference (IACC), 2015 IEEE International, pp. 324-328, 12-13 June 2015. doi: 10.1109/IADCC.2015.7154723

Abstract: Software that gathers information regarding the computer's use secretly and conveys that information to a third party is Spyware. This paper proposes a click based Graphical CAPTCHA to overcome the spyware attacks. In case of traditional Text-Based CAPTCHA's user normally enters disorder strings to form a CAPTCHA, the same is stored in the key loggers where spywares can decode it easily. To overcome this, Click-Based Graphical CAPTCHA uses a unique way of verification where user clicks on a sequence of images to form a CAPTCHA, and that sequence is stored in pixels with a random predefined order. This paper also analyzes the proposed scheme in terms of usability, security and performance.

Keywords: image sequences; invasive software; click based graphical CAPTCHA; image sequence; key loggers; spyware attack; text-based CAPTCHA; Barium; CAPTCHAs; Computers; Conferences; Spyware; Usability; CAPTCHA; Spyware; Usability (ID#: 15-8267)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7154723&isnumber=7154658

 

Mohammad Reza Saadat Beheshti, S.; Liatsis, P., "VICAP: Using the Mechanisms of Trans-Saccadic Memory to Distinguish between Humans and Machines," in Systems, Signals and Image Processing (IWSSIP), 2015 International Conference on, pp. 295-298, 10-12 Sept. 2015. doi: 10.1109/IWSSIP.2015.7314234

Abstract: Since demand for using online services are growing rapidly and therefore there are more number of users who prefer to use online based services such as mobile banking, email accounts, online socializing, etc. for their day-to-day needs. Therefore, the number of online threads and automated computer attacks (known as bots) which try to abuse the service provides are increasing as well. For this reason, CAPTCHA challenge was introduced in order to distinguish between real human users and automated computer bots. In this paper, we have proposed a novel human-machine separation technique based on the ability of the human's visual system to remember and superimpose all the seen frames also known as Persistence of Vision. Since this ability is uniquely dedicated to the human's visual system therefore, it is believed to be resistant against different computer recognition techniques.

Keywords: Internet; invasive software; optical character recognition; CAPTCHA challenge; VICAP; automated computer attacks; automated computer bots; computer recognition techniques; human-machine separation technique; online services; online threads ;optical character recognition; persistence of vision; trans-saccadic memory; CAPTCHAs; Computational modeling; Computers; Noise measurement; Optical character recognition software; Visual systems; Visualization; CAPTCHA; Persistence of Vision; Temporal Integration; Trans-Saccadic Memory; Visual Integration (ID#: 15-8268)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7314234&isnumber=7313917

 

Yamaguchi, Michitomo; Okamoto, Takeshi; Hiroaki, Kikuchi, "CAPTCHA System by Differentiating the Awkwardness of Objects," in Network-Based Information Systems (NBiS), 2015 18th International Conference on,  pp. 257-263, 2-4 Sept. 2015. doi: 10.1109/NBiS.2015.114

Abstract: The "Completely Automated Public Turing test to tell Computers and Humans Apart" (CAPTCHA) is a technique that prevents unauthorized access by bots. Most studies of CAPTCHA systems use human cognitive capacities as a countermeasure to facilitate recognition techniques. Differentiating between natural and awkward objects is an approach used to distinguish humans from bots. However, this approach is vulnerable to adversaries who exploit the differences in relative frequency between natural and awkward objects because of the difficulty in collecting natural objects. In this study, we propose a new scheme that does not require the utilization of natural objects, thereby addressing this shortcoming. Our proposed method requires that humans always distinguish awkward objects, which are generated by different parameters. We evaluated our scheme in several experiments.

Keywords: Analytical models; CAPTCHAs; Electronic mail; Markov processes; Search engines; Security; Semantics; CAPTCHA; Markov chain; Security analysis; Word salad (ID#: 15-8269)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7350629&isnumber=7350553

 

Aruna, P.; Kanchana, R., "Face Image Captcha Generation Using Particle Swarm Optimization Approach," in Engineering and Technology (ICETECH), 2015 IEEE International Conference on, pp. 1-5, 20-20 March 2015. doi: 10.1109/ICETECH.2015.7275016

Abstract: CAPTCHA is a software programming which is introduced to differentiate the human from the robots. CATCHA intends to generate a code which can only be identified by the human and machines cannot. In the real world, due to the massive increase in the usage of smart phones, tablets and other devices with the touch screen functionality poses a many online security threats. The traditional CAPTCHA requires a help of keyboard input and does dependant of language which will not be efficient in the smart phone devices. The face CAPTCHA is the one which intends to generate a CAPTCHA by using a combination of facial images and the fake images. It is based on generating a CAPTCHA with noised real face images and the fake images which cannot be identified by the machines but humans do. In the existing work, genetic algorithm is used to select the optimized face images by using which the better optimized fpso CAPTCHA can be created. However this work lacks from the local convergence problem where it can only select the best images within the local region. To overcome this problem in this work, the particle swarm optimization method is propose which can generate the globalize solution. Particle Swarm Optimization (PSO) is a popular and bionic algorithm based on the social behavior associated with bird flocking for optimization problems. The experimental tests that were conducted were proved that the proposed methodology improves in accuracy and generates an optimized solution than the existing methodologies.

Keywords: face recognition; genetic algorithms; particle swarm optimisation; security of data; PSO; bionic algorithm; face image captcha generation; fake images; genetic algorithm; local convergence problem; particle swarm optimization approach; social behavior; Authentication; CAPTCHAs; Distortion; Face; Feature extraction; Particle swarm optimization; CAPTCHA; Distorted Image; Face Images; Particle Swarm Optimization (ID#: 15-8270)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7275016&isnumber=7274993

 

Hoyul Choi; Hyunsoo Kwon; Junbeom Hur, "A Secure OTP Algorithm Using a Smartphone Application," in Ubiquitous and Future Networks (ICUFN), 2015 Seventh International Conference on, pp. 476-481, 7-10 July 2015. doi: 10.1109/ICUFN.2015.7182589

Abstract: Recently, several authentication protocols are being used in mobile applications. OTP is one of the most powerful authentication methods among them. However, it has some security vulnerabilities, particularly to MITM (Man-in-the-Middle) attack and MITPC/Phone(Man-in-the-PC/Phone) attack. An adversary could know a valid OTP value and be authenticated with this secret information in the presence of those attacks. To solve these problems, we propose a novel OTP algorithm and compare it with existing algorithms. The proposed scheme is secure against MITM attack and MITPC/Phone attack by using a captcha image, IMSI number embedded in SIM card and limiting available time of an attack.

Keywords: cryptographic protocols; smart phones; MITM attack; MITPC attack; authentication protocols; captcha image; man-in-the-PC-phone attack; man-in-the-middle attack; secure OTP algorithm; smartphone application; Authentication; CAPTCHAs; Mobile communication; Mobile handsets; Servers; Synchronization; MITM; MITPhone; OTP; application; smart phone (ID#: 15-8271)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7182589&isnumber=7182475

 

Pengpeng Lu; Liang Shan; Jun Li; Xunwei Liu, "A New Segmentation Method for Connected Characters in CAPTCHA," in Control, Automation and Information Sciences (ICCAIS), 2015 International Conference on, pp. 128-131, 29-31 Oct. 2015. doi: 10.1109/ICCAIS.2015.7338647

Abstract: In the Completely Automated Public Turing test to tell Computer and Humans Apart recognition systems, character segmentation serves as a connecting link between the preceding and the following. By studying a variety of character segmentation algorithms, the improved method combined vertical projection algorithm, improved drop-falling algorithm and BP neural network classifier is proposed for merged characters. Firstly, this paper judges merged characters by the aspect ratio of connected component extracting from the images. Secondly, the division points are sought by the vertical projection minimums of connected components, and then these points are used as starting point of the improved algorithm to segment connected characters. Finally, BP neural network classifier is applied to select the best dividing line combinations. Experimental results show that this method can effectively solve the problem of merged characters segmentation.

Keywords: backpropagation; character recognition; image classification; image segmentation; neural nets; BP neural network classifier; CAPTCHA; Completely Automated Public Turing test to tell Computer and Humans Apart recognition system; connected characters segmentation; connected component extraction; drop-falling algorithm; merged characters segmentation; vertical projection algorithm; vertical projection minimums; Algorithm design and analysis; CAPTCHAs; Character recognition; Classification algorithms; Image segmentation; Neural networks; Projection algorithms; BP neural network; composite segmentation algorithm; improved drop-falling algorithm; merged CAPTCHA (ID#: 15-8272)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7338647&isnumber=7338636


Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications.