A Simple Generic Attack on Text Captchas

被引:37
作者
Gao, Haichang [1 ]
Yan, Jeff [2 ,3 ]
Cao, Fang [1 ]
Zhang, Zhengya [1 ]
Lei, Lei [1 ]
Tang, Mengyun [1 ]
Zhang, Ping [1 ]
Zhou, Xin [1 ]
Wang, Xuqin [1 ]
Li, Jiawei [1 ]
机构
[1] Xidian Univ, Inst Software Engn, Xian 710071, Shaanxi, Peoples R China
[2] Univ Lancaster, Secur Lancaster, Lancaster, England
[3] Univ Lancaster, Sch Comp & Commun, Lancaster, England
来源
23RD ANNUAL NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM (NDSS 2016) | 2016年
基金
中国国家自然科学基金;
关键词
D O I
10.14722/ndss.2016.23154
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Text-based Captchas have been widely deployed across the Internet to defend against undesirable or malicious bot programs. Many attacks have been proposed; these fine prior art advanced the scientific understanding of Captcha robustness, but most of them have a limited applicability. In this paper, we report a simple, low-cost but powerful attack that effectively breaks a wide range of text Captchas with distinct design features, including those deployed by Google, Microsoft, Yahoo!, Amazon and other Internet giants. For all the schemes, our attack achieved a success rate ranging from 5% to 77%, and achieved an average speed of solving a puzzle in less than 15 seconds on a standard desktop computer (with a 3.3GHz Intel Core i3 CPU and 2 GB RAM). This is to date the simplest generic attack on text Captchas. Our attack is based on Log-Gabor filters; a famed application of Gabor filters in computer security is John Daugman's iris recognition algorithm. Our work is the first to apply Gabor filters for breaking Captchas.
引用
收藏
页数:14
相关论文
共 26 条
[1]  
Ahmad A S El, 2011, COMPUTING SCI
[2]  
[Anonymous], 2014, P 9 ACM S INF COMP C, DOI [10.1145, DOI 10.1145/2590296.2590298]
[3]  
[Anonymous], 2014, 8 USENIX WORKSH OFF
[4]  
[Anonymous], AL TOP 500 GLOB SIT
[5]   Easy Does It: More Usable CAPTCHAs [J].
Bursztein, Elie ;
Moscicki, Angelique ;
Fabry, Celine ;
Bethard, Steven ;
Mitchell, John C. ;
Jurafsky, Dan .
32ND ANNUAL ACM CONFERENCE ON HUMAN FACTORS IN COMPUTING SYSTEMS (CHI 2014), 2014, :2637-2646
[6]  
Bursztein E, 2011, PROCEEDINGS OF THE 18TH ACM CONFERENCE ON COMPUTER & COMMUNICATIONS SECURITY (CCS 11), P125
[7]  
Chellapilla K, 2005, BUILDING SEGMENTATIO
[8]  
Dang Z, 2013, J COMPUTATIONAL INFO, V9, P3093
[9]   UNCERTAINTY RELATION FOR RESOLUTION IN SPACE, SPATIAL-FREQUENCY, AND ORIENTATION OPTIMIZED BY TWO-DIMENSIONAL VISUAL CORTICAL FILTERS [J].
DAUGMAN, JG .
JOURNAL OF THE OPTICAL SOCIETY OF AMERICA A-OPTICS IMAGE SCIENCE AND VISION, 1985, 2 (07) :1160-1169
[10]   Probing the uniqueness and randomness of IrisCodes: Results from 200 billion iris pair comparisons [J].
Daugman, John .
PROCEEDINGS OF THE IEEE, 2006, 94 (11) :1927-1935