解码基于动画文本的验证码以验证其对自动攻击的稳健性

IF 0.6 Q3 ENGINEERING, MULTIDISCIPLINARY

Mehran University Research Journal of Engineering and Technology Pub Date : 2023-10-05 DOI:10.22581/muet1982.2304.2906

Rafaqat Hussain Arain, Riaz Ahmed Shaikh, Safdar Ali Shah, Sajjad Ali Shah, Saima Rafique, Ahmed Masood Ansari

{"title":"解码基于动画文本的验证码以验证其对自动攻击的稳健性","authors":"Rafaqat Hussain Arain, Riaz Ahmed Shaikh, Safdar Ali Shah, Sajjad Ali Shah, Saima Rafique, Ahmed Masood Ansari","doi":"10.22581/muet1982.2304.2906","DOIUrl":null,"url":null,"abstract":"In order to protect the web against automated attacks, CAPTCHAs are most widely used mechanism on the internet. Numerous types of CAPTCHAs are introduced due to weaknesses in the earlier designs. Animated CAPTCHAs are one of the design alternatives. Instead of presenting the whole information at once, animated CAPTCHAs present information in various frames over the specific interval of time. As CATPCHAs are ubiquitously used to avoid the serious threats from bots therefore it is important to verify their effectiveness. In this research we have verified their robustness against machine learning attacks. It has been proved that adding the extra time dimension does not necessarily ensure protection against automated attacks. We have attacked the Hello CAPTCHA scheme, which is the most popular animated CAPTCHA scheme available on the internet. By applying novel image processing and machine learning techniques, these CAPTCHAs are decoded with high precision. A pre-trained CNN is used to recognize the extracted characters. In this research, 6 popular types of animated CAPTCHAs along with 41 sub types were successfully deciphered with an overall precision of up to 99.5 %.","PeriodicalId":44836,"journal":{"name":"Mehran University Research Journal of Engineering and Technology","volume":"18 1","pages":"0"},"PeriodicalIF":0.6000,"publicationDate":"2023-10-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Decoding the animated text-based captchas to verify their robustness against automated attacks\",\"authors\":\"Rafaqat Hussain Arain, Riaz Ahmed Shaikh, Safdar Ali Shah, Sajjad Ali Shah, Saima Rafique, Ahmed Masood Ansari\",\"doi\":\"10.22581/muet1982.2304.2906\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In order to protect the web against automated attacks, CAPTCHAs are most widely used mechanism on the internet. Numerous types of CAPTCHAs are introduced due to weaknesses in the earlier designs. Animated CAPTCHAs are one of the design alternatives. Instead of presenting the whole information at once, animated CAPTCHAs present information in various frames over the specific interval of time. As CATPCHAs are ubiquitously used to avoid the serious threats from bots therefore it is important to verify their effectiveness. In this research we have verified their robustness against machine learning attacks. It has been proved that adding the extra time dimension does not necessarily ensure protection against automated attacks. We have attacked the Hello CAPTCHA scheme, which is the most popular animated CAPTCHA scheme available on the internet. By applying novel image processing and machine learning techniques, these CAPTCHAs are decoded with high precision. A pre-trained CNN is used to recognize the extracted characters. In this research, 6 popular types of animated CAPTCHAs along with 41 sub types were successfully deciphered with an overall precision of up to 99.5 %.\",\"PeriodicalId\":44836,\"journal\":{\"name\":\"Mehran University Research Journal of Engineering and Technology\",\"volume\":\"18 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.6000,\"publicationDate\":\"2023-10-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Mehran University Research Journal of Engineering and Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.22581/muet1982.2304.2906\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"ENGINEERING, MULTIDISCIPLINARY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Mehran University Research Journal of Engineering and Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.22581/muet1982.2304.2906","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"ENGINEERING, MULTIDISCIPLINARY","Score":null,"Total":0}

引用次数: 0

摘要

为了保护网络免受自动攻击，验证码是互联网上使用最广泛的机制。由于早期设计的弱点，引入了许多类型的captcha。动画验证码是设计替代方案之一。动画验证码不是一次显示全部信息，而是在特定的时间间隔内以不同的帧显示信息。由于CATPCHAs普遍用于避免机器人的严重威胁，因此验证其有效性非常重要。在这项研究中，我们验证了它们对机器学习攻击的鲁棒性。事实证明，增加额外的时间维度并不一定能确保防止自动攻击。我们攻击了Hello CAPTCHA方案，这是互联网上最流行的动画CAPTCHA方案。通过应用新颖的图像处理和机器学习技术，这些验证码的解码精度很高。使用预训练的CNN来识别提取的字符。在这项研究中，6种流行的动画captcha类型以及41个子类型被成功破译，总体精度高达99.5%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Decoding the animated text-based captchas to verify their robustness against automated attacks

In order to protect the web against automated attacks, CAPTCHAs are most widely used mechanism on the internet. Numerous types of CAPTCHAs are introduced due to weaknesses in the earlier designs. Animated CAPTCHAs are one of the design alternatives. Instead of presenting the whole information at once, animated CAPTCHAs present information in various frames over the specific interval of time. As CATPCHAs are ubiquitously used to avoid the serious threats from bots therefore it is important to verify their effectiveness. In this research we have verified their robustness against machine learning attacks. It has been proved that adding the extra time dimension does not necessarily ensure protection against automated attacks. We have attacked the Hello CAPTCHA scheme, which is the most popular animated CAPTCHA scheme available on the internet. By applying novel image processing and machine learning techniques, these CAPTCHAs are decoded with high precision. A pre-trained CNN is used to recognize the extracted characters. In this research, 6 popular types of animated CAPTCHAs along with 41 sub types were successfully deciphered with an overall precision of up to 99.5 %.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Mehran University Research Journal of Engineering and Technology ENGINEERING, MULTIDISCIPLINARY-

自引率

0.00%

发文量

审稿时长

40 weeks