A security analysis of automated chinese turing tests

Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI:10.1145/2991079.2991083

Abdalnaser Algwil, D. Ciresan, Bei-Bei Liu, Jeff Yan

{"title":"A security analysis of automated chinese turing tests","authors":"Abdalnaser Algwil, D. Ciresan, Bei-Bei Liu, Jeff Yan","doi":"10.1145/2991079.2991083","DOIUrl":null,"url":null,"abstract":"Text-based Captchas have been widely used to deter misuse of services on the Internet. However, many designs have been broken. It is intellectually interesting and practically relevant to look for alternative designs, which are currently a topic of active research. We motivate the study of Chinese Captchas as an interesting alternative design - co-unterintuitively, it is possible to design Chinese Captchas that are universally usable, even to those who have never studied Chinese language. More importantly, we ask a fundamental question: is the segmentation-resistance principle established for Roman-character based Captchas applicable to Chinese based designs? With deep learning techniques, we offer the first evidence that computers do recognize individual Chinese characters well, regardless of distortion levels. This suggests that many real-world Chinese schemes are insecure, in contrast to common beliefs. Our result offers an essential guideline to the design of secure Chinese Captchas, and it is also applicable to Captchas using other large-alphabet languages such as Japanese.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"51 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 32nd Annual Conference on Computer Security Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2991079.2991083","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 19

Abstract

Text-based Captchas have been widely used to deter misuse of services on the Internet. However, many designs have been broken. It is intellectually interesting and practically relevant to look for alternative designs, which are currently a topic of active research. We motivate the study of Chinese Captchas as an interesting alternative design - co-unterintuitively, it is possible to design Chinese Captchas that are universally usable, even to those who have never studied Chinese language. More importantly, we ask a fundamental question: is the segmentation-resistance principle established for Roman-character based Captchas applicable to Chinese based designs? With deep learning techniques, we offer the first evidence that computers do recognize individual Chinese characters well, regardless of distortion levels. This suggests that many real-world Chinese schemes are insecure, in contrast to common beliefs. Our result offers an essential guideline to the design of secure Chinese Captchas, and it is also applicable to Captchas using other large-alphabet languages such as Japanese.

查看原文本刊更多论文

自动化中文图灵测试的安全性分析

基于文本的验证码已被广泛用于防止滥用互联网上的服务。然而，许多设计都被打破了。寻找替代设计在智力上是有趣的，在实践上是相关的，这是目前积极研究的一个主题。我们鼓励将中文验证码作为一种有趣的替代设计进行研究——从直觉上讲，可以设计出普遍可用的中文验证码，甚至对那些从未学习过中文的人也是如此。更重要的是，我们提出了一个基本问题:基于罗马字符的验证码的抗分割原则是否适用于基于中文的验证码设计?通过深度学习技术，我们提供了第一个证据，证明计算机确实可以很好地识别单个汉字，而不管其失真程度如何。这表明，与普遍看法相反，现实世界中的许多中国计划是不安全的。我们的结果为安全的中文验证码的设计提供了重要的指导，也适用于使用其他大字母语言(如日语)的验证码。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 32nd Annual Conference on Computer Security Applications

自引率

0.00%

发文量