Visible to the public aaeCAPTCHA: The Design and Implementation of Audio Adversarial CAPTCHA

TitleaaeCAPTCHA: The Design and Implementation of Audio Adversarial CAPTCHA
Publication TypeConference Paper
Year of Publication2022
AuthorsHossen, Imran, Hei, Xiali
Conference Name2022 IEEE 7th European Symposium on Security and Privacy (EuroS&P)
KeywordsASR system, audio adversarial CAPTCHA, automatic speech recognition, CAPTCHA, captchas, composability, Costs, Human Behavior, pubcrawl, Robustness, security, Speech-to-Text service, usability
AbstractCAPTCHAs are designed to prevent malicious bot programs from abusing websites. Most online service providers deploy audio CAPTCHAs as an alternative to text and image CAPTCHAs for visually impaired users. However, prior research investigating the security of audio CAPTCHAs found them highly vulnerable to automated attacks using Automatic Speech Recognition (ASR) systems. To improve the robustness of audio CAPTCHAs against automated abuses, we present the design and implementation of an audio adversarial CAPTCHA (aaeCAPTCHA) system in this paper. The aaeCAPTCHA system exploits audio adversarial examples as CAPTCHAs to prevent the ASR systems from automatically solving them. Furthermore, we conducted a rigorous security evaluation of our new audio CAPTCHA design against five state-of-the-art DNN-based ASR systems and three commercial Speech-to-Text (STT) services. Our experimental evaluations demonstrate that aaeCAPTCHA is highly secure against these speech recognition technologies, even when the attacker has complete knowledge of the current attacks against audio adversarial examples. We also conducted a usability evaluation of the proof-of-concept implementation of the aaeCAPTCHA scheme. Our results show that it achieves high robustness at a moderate usability cost compared to normal audio CAPTCHAs. Finally, our extensive analysis highlights that aaeCAPTCHA can significantly enhance the security and robustness of traditional audio CAPTCHA systems while maintaining similar usability.
DOI10.1109/EuroSP53844.2022.00034
Citation Keyhossen_aaecaptcha_2022