TY - GEN
T1 - A security analysis of automated Chinese turing tests
AU - Algwil, Abdalnaser
AU - Ciresan, Dan
AU - Liu, Beibei
AU - Yan, Jeff
N1 - Publisher Copyright: © 2016 ACM.
PY - 2016/12/5
Y1 - 2016/12/5
N2 - Text-based Captchas have been widely used to deter misuse of services on the Internet. However, many designs have been broken. It is intellectually interesting and practically relevant to look for alternative designs, which are currently a topic of active research. We motivate the study of Chinese Captchas as an interesting alternative design - counterintuitively, it is possible to design Chinese Captchas that are universally usable, even to those who have never studied Chinese language. More importantly, we ask a fundamental question: is the segmentation-resistance principle established for Roman-character based Captchas applicable to Chinese based designs? With deep learning techniques, we offer the first evidence that computers do recognize individual Chinese characters well, regardless of distortion levels. This suggests that many real-world Chinese schemes are insecure, in contrast to common beliefs. Our result offers an essential guideline to the design of secure Chinese Captchas, and it is also applicable to Captchas using other large alphabet languages such as Japanese.
AB - Text-based Captchas have been widely used to deter misuse of services on the Internet. However, many designs have been broken. It is intellectually interesting and practically relevant to look for alternative designs, which are currently a topic of active research. We motivate the study of Chinese Captchas as an interesting alternative design - counterintuitively, it is possible to design Chinese Captchas that are universally usable, even to those who have never studied Chinese language. More importantly, we ask a fundamental question: is the segmentation-resistance principle established for Roman-character based Captchas applicable to Chinese based designs? With deep learning techniques, we offer the first evidence that computers do recognize individual Chinese characters well, regardless of distortion levels. This suggests that many real-world Chinese schemes are insecure, in contrast to common beliefs. Our result offers an essential guideline to the design of secure Chinese Captchas, and it is also applicable to Captchas using other large alphabet languages such as Japanese.
KW - Chinese captcha
KW - convolutional neural network
KW - deep neural network
KW - security
KW - usability
UR - http://www.scopus.com/inward/record.url?scp=85007557340&partnerID=8YFLogxK
U2 - 10.1145/2991079.2991083
DO - 10.1145/2991079.2991083
M3 - Conference contribution book
AN - SCOPUS:85007557340
T3 - ACM International Conference Proceeding Series
SP - 520
EP - 532
BT - Proceedings - 32nd Annual Computer Security Applications Conference, ACSAC 2016
T2 - 32nd Annual Computer Security Applications Conference, ACSAC 2016
Y2 - 5 December 2016 through 9 December 2016
ER -