Skip to main content
SpringerLink
Log in

Attacking Animated CAPTCHAs via Character Extraction

  • Conference paper
Cryptology and Network Security (CANS 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7712))

Included in the following conference series:

Abstract

It is widely accepted that one of the principles in state-of-the-art text-based CAPTCHA design, requires that a robust CAPTCHA scheme be segmentation-resistant. This paper establishes the fact that the segmentation-resistant principle does not only apply to traditional single image CAPTCHAs, but is very much relevant to the design of animated CAPTCHAs. In this paper, we show that animated CAPTCHAs not designed with this principle in mind can be easily be broken using simple techniques to extract individual characters from the animation frames. We present our experimental results on attacking 13 existing animated CAPTCHAs.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ABBYY. ABBYY FineReader, http://finereader.abbyy.com/

  2. Ahmad, A.S.E., Yan, J., Marshall, L.: The Robustness of a New CAPTCHA. In: Costa, M., Kirda, E. (eds.) EUROSEC, pp. 36–41. ACM (2010)

    Google Scholar 

  3. Baecher, P., Büscher, N., Fischlin, M., Milde, B.: Breaking reCAPTCHA: A Holistic Approach via Shape Recognition. In: Camenisch, J., Fischer-Hübner, S., Murayama, Y., Portmann, A., Rieder, C. (eds.) SEC 2011. IFIP AICT, vol. 354, pp. 56–67. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  4. Bursztein, E.: Elie Bursztein’s Blog, http://elie.im/blog/security/how-we-broke-the-nucaptcha-video-scheme-and-what-we-propose-to-fix-it/

  5. Bursztein, E., Martin, M., Mitchell, J.C.: Text-based CAPTCHA Strengths and Weaknesses. In: Chen, Y., Danezis, G., Shmatikov, V. (eds.) ACM Conference on Computer and Communications Security, pp. 125–138. ACM (2011)

    Google Scholar 

  6. Chellapilla, K., Larson, K., Simard, P.Y., Czerwinski, M.: Building Segmentation Based Human-Friendly Human Interaction Proofs (HIPs). In: Baird, H.S., Lopresti, D.P. (eds.) HIP 2005. LNCS, vol. 3517, pp. 1–26. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  7. Chellapilla, K., Larson, K., Simard, P.Y., Czerwinski, M.: Computers beat Humans at Single Character Recognition in Reading based Human Interaction Proofs (HIPs). In: CEAS (2005)

    Google Scholar 

  8. Chellapilla, K., Simard, P.Y.: Using Machine Learning to Break Visual Human Interaction Proofs (HIPs). In: NIPS (2004)

    Google Scholar 

  9. Cui, J.-S., Mei, J.-T., Zhang, W.-Z., Wang, X., Zhang, D.: A CAPTCHA Implementation Based on Moving Objects Recognition Problem. In: ICEE, pp. 1277–1280. IEEE (2010)

    Google Scholar 

  10. Li, S., Shah, S.A.H., Khan, M.A.U., Khayam, S.A., Sadeghi, A.-R., Schmitz, R.: Breaking e-Banking CAPTCHAs. In: Proceedings of the 26th Annual Computer Security Applications Conference, ACSAC 2010, pp. 171–180. ACM, New York (2010)

    Chapter  Google Scholar 

  11. Mori, G., Malik, J.: Recognizing Objects in Adversarial Clutter: Breaking a Visual CAPTCHA. In: CVPR (1), pp. 134–144 (2003)

    Google Scholar 

  12. Moy, G., Jones, N., Harkless, C., Potter, R.: Distortion Estimation Techniques in Solving Visual CAPTCHAs. In: CVPR (2), pp. 23–28 (2004)

    Google Scholar 

  13. Nguyen, V.D., Chow, Y.-W., Susilo, W.: Breaking an Animated CAPTCHA Scheme. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 12–29. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  14. NuCaptcha Inc. NuCaptcha, http://www.nucaptcha.com/

  15. von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: CAPTCHA: Using Hard AI Problems for Security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  16. Yan, J., Ahmad, A.S.E.: Breaking Visual CAPTCHAs with Naive Pattern Recognition Algorithms. In: ACSAC, pp. 279–291. IEEE Computer Society (2007)

    Google Scholar 

  17. Yan, J., Ahmad, A.S.E.: A Low-Cost Attack on a Microsoft CAPTCHA. In: Ning, P., Syverson, P.F., Jha, S. (eds.) ACM Conference on Computer and Communications Security, pp. 543–554. ACM (2008)

    Google Scholar 

  18. Yan, J., Ahmad, A.S.E.: CAPTCHA Security: A Case Study. IEEE Security & Privacy 7(4), 22–28 (2009)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Centre for Computer and Information Security Research, University of Wollongong, Australia

    Vu Duc Nguyen & Willy Susilo

  2. Advanced Multimedia Research Laboratory, School of Computer Science and Software Engineering, University of Wollongong, Australia

    Yang-Wai Chow

Authors
  1. Vu Duc Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yang-Wai Chow
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Willy Susilo
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computing, Macquarie University, 2109, Sydney, NSW, Australia

    Josef Pieprzyk

  2. System Security Lab., Technische Universität Darmstadt, Darmstadt, Germany

    Ahmad-Reza Sadeghi

  3. Department of Computing, University of Surrey, GU2 7XH, Guildford, UK

    Mark Manulis

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Nguyen, V.D., Chow, YW., Susilo, W. (2012). Attacking Animated CAPTCHAs via Character Extraction. In: Pieprzyk, J., Sadeghi, AR., Manulis, M. (eds) Cryptology and Network Security. CANS 2012. Lecture Notes in Computer Science, vol 7712. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35404-5_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35404-5_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35403-8

  • Online ISBN: 978-3-642-35404-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation