seminar on captcha

25
CAPTCHA CAPTCHA Presented by: ANANTA TYAGI B.Tech C.S. 3 rd year 1135110012

Upload: ananta-tyagi

Post on 22-Dec-2015

266 views

Category:

Documents


4 download

DESCRIPTION

a presentation on captcha

TRANSCRIPT

Page 1: Seminar on Captcha

CAPTCHACAPTCHA

Presented by: ANANTA TYAGI B.Tech C.S. 3rd year 1135110012

Page 2: Seminar on Captcha

OVERVIEWOVERVIEWDefinitionBackgroundApplicationsTypes of CAPTCHAsBreaking CAPTCHAsRecent Developments

2

Page 3: Seminar on Captcha

Definition:Definition:CAPTCHA is an acronym which stands for

Completely Automated Public Turing test to tell Computers and Humans Apart.

A program that can tell whether its user is a human or a computer.

Invented by Luis von Ahn and Manuel BlumThe challenge: develop a software program

that can create and grade challenges most humans can pass but computers cannot.

3

Page 4: Seminar on Captcha

Background:Background:First used by Altavista in1997

• Reduced SPAM add-url by over 95%CMU/Yahoo!

• Automated the creating and grading of challenges

PARC• Relies on document image degradation

to prevent successful OCR• Made its own meta-CAPTCHA.

4

Page 5: Seminar on Captcha

Background:Background: Generic CAPTCHAs distort letters and

nos.

User has to recognize distorted letters.

5

Page 6: Seminar on Captcha

Applications:Applications:Free email services.Online polls predictionPrevent dictionary attacks.Preventing SPAM.E-ticketing,prevention of scalping.Newsgroups,Blogs,..etc.

6

Page 7: Seminar on Captcha

Turing Test:Turing Test:Proposed by Alan Turing to test a

machine’s level of intelligence.Human judge asks question to 2

participants.The judge does not know which is

which.After listening,if judge fails to

recognize machine,machine passes the test.

7

Page 8: Seminar on Captcha

Turing Test contd…Turing Test contd…CAPTCHA employs REVERSE

TURING TEST.Here,Judge=Captcha,Participant=User.If user answers captcha correctly,he is

human else a machine.

8

Page 9: Seminar on Captcha

Types of CAPTCHAs:Types of CAPTCHAs:Text based

• Gimpy• Ez-Gimpy • MSN Passport Service based• Google’s reCaptcha

Graphic based• Bongo• Pix

Audio based

9

Page 10: Seminar on Captcha

Text Based CAPTCHAs:Text Based CAPTCHAs:Ordinary questions like:

• What is the sum of 72 and 35?• If today is Sunday,what is day after

tomorrow?Effective but requires a large question

bank.Cognitively challenged users may find

it difficult.

10

Page 11: Seminar on Captcha

Gimpy:Gimpy:Designed by Yahoo and

CMU(Carnegie Mellon University.)Picks up 10 random words from the

dictionary,fills them with noise.User has to recognise atleast 3 words.If correct,user is admitted.Prone to dictionary attacks.

11

Page 12: Seminar on Captcha

Ez-Gimpy:Ez-Gimpy:Modified version of GimpyYahoo used this version in

Messenger.A random string of characters is used.Not prone to dictionary attacks.Not very good,has been broken by

OCRs.

12

Page 13: Seminar on Captcha

MSN Passport Service Based:MSN Passport Service Based:

Provided for MSN services.Use of 8 characters.Warping and arcs are used for

distortion.Very strong implementation.Broken by Newcastle University with

92% success.

13

Page 14: Seminar on Captcha

Text Based CAPTCHAs:Text Based CAPTCHAs:

14

Page 15: Seminar on Captcha

Graphic Based CAPTCHAs:Graphic Based CAPTCHAs:BONGO

• Display two series of blocks• User must find the characteristic that sets

the two series apart• User is asked to determine which series

each of four single blocks belongs to.

15

Page 16: Seminar on Captcha

Graphic Based CAPTCHAs:Graphic Based CAPTCHAs:PIX

• Create a large database of labeled images.

• Pick a concrete object.• Pick four images of the object from the

images database.• Distort the images.• Ask the user to pick the object for a list of

words.

16

Page 17: Seminar on Captcha

Graphic Based CAPTCHAs:Graphic Based CAPTCHAs:

17

Page 18: Seminar on Captcha

Audio Based CAPTCHAs:Audio Based CAPTCHAs:Pick a word or a sequence of numbers

at random.Render them into an audio clip using a

TTS software.Distort the audio clip.Ask the user to identify and type the

word or numbers.

18

Page 19: Seminar on Captcha

Google’s reCaptcha:Google’s reCaptcha:Used by Google to verify digitized

books.2 words are shownProgram knows one of the words.If user enters first word correctly,it

assumes that second word will also be entered correctly.

Also replays the word to many users to determine the answer.

19

Page 20: Seminar on Captcha

Google’s reCaptcha:Google’s reCaptcha:

20

Page 21: Seminar on Captcha

Breaking CAPTCHAs:Breaking CAPTCHAs:Most text based CAPTCHAs have

been broken by software• OCR• Segmentation

Greg Mori and Jitendra Malik have broken text captchas.

21

Page 22: Seminar on Captcha

Breaking CAPTCHAs:Breaking CAPTCHAs:Social engineering is used for breaking

CAPTCHAs:Spammer encounters CAPTCHA.CAPTCHA is copied to another site.Humans are baited –free mp3 files, free

wallpapers etc.Users are told to solve copied

CAPTCHA.Solution is then routed back to spammer.

22

Page 23: Seminar on Captcha

Recent Developments:Recent Developments:A site named “hellocaptcha.com” has

introduced a new generation of CAPTCHAs.

They make custom designed CAPTCHAs for various websites.

Highly secure,animated GIF images. Has prestigious clients like the

Austrian Government.

23

Page 24: Seminar on Captcha

Examples:Examples:

24

Page 25: Seminar on Captcha

25