CAPTCHA security: a case study

Jeff Yan*, Ahmad Salah El Ahmad

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

36 Citations (Scopus)

Abstract

A Case Study on Completely Automated Public Turing Tests to Tell Computers and Humans Apart (CAPTCHA) security systems is presented. CAPTCHA generate and grade tests that most humans can pass but current computer programs are not able to pass and such tests are called as CAPTCHA challenges that are based on hard, open artificial intelligence problems. CAPTCHA creators should consider the simple but powerful attack before deploying a CAPTCHA. CAPTCHA will go through the process of evolutionary development such as cryptography, digital watermarking, and an iterative process in which successful attacks lead to the development of more robust systems. CAPTCHA's robustness that whether it is robust enough to resist adversarial attack should be checked. A toolbox should be created that will be able to not only benchmark CAPTCHA's strength but also prevent designers from making mistakes.

Original languageEnglish
Article number5189558
Pages (from-to)22-28
Number of pages7
JournalIEEE Security and Privacy
Volume7
Issue number4
Early online date4 Aug 2009
DOIs
Publication statusPublished - 31 Aug 2009
Externally publishedYes

Keywords

  • CAPTCHA
  • dictionary attacks
  • pixel count
  • security

Fingerprint

Dive into the research topics of 'CAPTCHA security: a case study'. Together they form a unique fingerprint.

Cite this