An Attack on Hollow CAPTCHA Using Accurate Filling and Nonredundant Merging

Luo, Xiangyang; Hu, Jon-Fan; Ye, Dengpan; Gong, Daofu

doi:10.1080/02564602.2018.1520152

Cited by 10 publications

(5 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this experiment, we compare our method against four state-of-the-art attacks [12], [29], [30], and [31] on QQ CAPTCHA and BotDetect CAPTCHA. From TABLE 5, for QQ CAPTCHA, the attacks in [12], [29], [30], and [31] achieve success rates of 89.0%, 56.0%, 91.0%, and 94.0% respectively. For BotDetect CAPTCHA, the attacks in [12], [29], and [30] achieve success rates of 64.0%, 53.0%, and 75.5% respectively.…”

Section: ) Results Of Different Attack Methodsmentioning

confidence: 99%

“…From TABLE 5, for QQ CAPTCHA, the attacks in [12], [29], [30], and [31] achieve success rates of 89.0%, 56.0%, 91.0%, and 94.0% respectively. For BotDetect CAPTCHA, the attacks in [12], [29], and [30] achieve success rates of 64.0%, 53.0%, and 75.5% respectively. For QQ CAPTCHA and BotDetect CAPTCHA, our method achieves a success rate of 95.4% and 84.7% respectively and boosts the success rate by 1.4%-39.4%.…”

Section: ) Results Of Different Attack Methodsmentioning

confidence: 99%

See 1 more Smart Citation

Selective Learning Confusion Class for Text-Based CAPTCHA Recognition

Chen¹,

Luo²,

Liu

et al. 2019

IEEE Access

Self Cite

View full text Add to dashboard Cite

Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) recognition is one of the most important branches in CAPTCHA research. The existing CAPTCHA recognition methods based on Deep Convolutional Neural Network (DCNN) have low recognition accuracy in confusion class. To solve this problem, a novel method of selective learning confusion class for text-based CAPTCHA recognition is presented. First, a frame with two-stage DCNN is proposed, which integrates all-class DCNN and confusion-class DCNN. Second, a confusion relation matrix is constructed to show confusion relations among classes, which can be used to analyze the output of all-class DCNN. Third, a set partition algorithm is presented, which can be used to divide a confusion class set into multiple subsets, each one corresponding to a new confusion-class DCNN. Fourth, with a view on improving the recognition accuracy of the confusing characters in confusion-class DCNN, training and validating interactive learning algorithm is proposed. Lastly, the outputs of the two stages were combined as the final recognition result. The experimental results based on real CAPTCHA data sets demonstrate that, compared with the four state-ofthe-art attacks, the proposed method could effectively improve text-based CAPTCHA recognition accuracy by 1.4%-39.4%.

show abstract

Section: ) Results Of Different Attack Methodsmentioning

confidence: 99%

Section: ) Results Of Different Attack Methodsmentioning

confidence: 99%

Selective Learning Confusion Class for Text-Based CAPTCHA Recognition

Chen¹,

Luo²,

Liu

et al. 2019

IEEE Access

Self Cite

View full text Add to dashboard Cite

show abstract

“…Chen et al [42] in their work proposed an attack on hollow CAPTCHA with the aid of merging and accurate-filling. The work which can be categorized as CAPTCHA recognition proposes a framework that supports individual character components through character segmentation that aids classification.…”

Section: Issn: 2088-8708 mentioning

confidence: 99%

Research trends on CAPTCHA: A systematic literature

Igbekele

Adebiyi

Marion

et al. 2021

IJECE

View full text Add to dashboard Cite

The advent of technology has crept into virtually all sectors and this has culminated in automated processes making use of the Internet in executing various tasks and actions. Web services have now become the trend when it comes to providing solutions to mundane tasks. However, this development comes with the bottleneck of authenticity and intent of users. Providers of these Web services, whether as a platform, as a software or as an Infrastructure use various human interaction proof’s (HIPs) to validate authenticity and intent of its users. Completely automated public turing test to tell computer and human apart (CAPTCHA), a form of IDS in web services is advantageous. Research into CAPTCHA can be grouped into two -CAPTCHA development and CAPTCH recognition. Selective learning and convolutionary neural networks (CNN) as well as deep convolutionary neural network (DCNN) have become emerging trends in both the development and recognition of CAPTCHAs. This paper reviews critically over fifty article publications that shows the current trends in the area of the CAPTCHA scheme, its development and recognition mechanisms and the way forward in helping to ensure a robust and yet secure CAPTCHA development in guiding future research endeavor in the subject domain.

show abstract

“…The intuition behind the Partial Credit Algorithm (PCA) is that a user-computer interaction is more important than right-or-wrong and user's response contains much more than one bit of information [10]. As many text-based schemes have been cracked, hollow CAPTCHAs and 3D CAPTCHAs emerged and have been deployed by large companies [8,22,23]. 3D CAPTCHAs rely on novel segmentation resistance by combining a crowding-character-together strategy and side surfaces of 3D visual effect.…”

Section: Related Workmentioning

confidence: 99%

“…Claptcha-like CAPTCHAs are widely adopted for Internet service authentications by many profit or non-profit institutions such as Delta Airline and MITBBS. Since the proprietary CAPTCHA schemes were used by well-known companies such as Google and Yahoo, these types of CAPTCHA schemes have drawn more attentions in the security community and many existing CAPTCHA solvers aim to crack these proprietary CAPTCHA schemes [7,8]. It also results in that the proprietary CAPTCHA schemes add more techniques to increase their security.…”

Section: Introductionmentioning

confidence: 99%

A Low-Cost Approach to Crack Python CAPTCHAs Using AI-Based Chosen-Plaintext Attack

Darling

2019

Applied Sciences

View full text Add to dashboard Cite

CAPTCHA authentication has been challenged by recent technology advances in AI. However, many of the AI advances challenging CAPTCHA are either restricted by a limited amount of labeled CAPTCHA data or are constructed in an expensive or complicated way. In contrast, this paper illustrates a low-cost approach that takes advantage of the nature of open source libraries for an AI-based chosen-plaintext attack. The chosen-plaintext attack described here relies on a deep learning model created and trained on a simple personal computer in a low-cost way. It shows an efficient cracking rate over two open-source Python CAPTCHA Libraries, Claptcha and Captcha. This chosen-plaintext attack method has raised a potential security alert in the era of AI, particularly to small-business owners who use the open-source CAPTCHA libraries. The main contributions of this project include: (1) it is the first low-cost method based on chosen-plaintext attack by using the nature of open-source Python CAPTCHA libraries; (2) it is a novel way to combine TensorFlow object detection and our proposed peak segmentation algorithm with convolutional neural network to improve the recognition accuracy.

show abstract

An Attack on Hollow CAPTCHA Using Accurate Filling and Nonredundant Merging

Cited by 10 publications

References 17 publications

Selective Learning Confusion Class for Text-Based CAPTCHA Recognition

Selective Learning Confusion Class for Text-Based CAPTCHA Recognition

Research trends on CAPTCHA: A systematic literature

A Low-Cost Approach to Crack Python CAPTCHAs Using AI-Based Chosen-Plaintext Attack

Contact Info

Product

Resources

About