Breaking visual CAPTCHAs with naive pattern recognition algorithms

Computing and Communications

Text available via DOI:

https://doi.org/10.1109/ACSAC.2007.47
Final published version

View graph of relations

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Chapter

Published

Standard

Breaking visual CAPTCHAs with naive pattern recognition algorithms. / Yan, Jeff; El Ahmad, A. S. .

Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007). IEEE, 2007. p. 279-291.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Chapter

Harvard

Yan, J & El Ahmad, AS 2007, Breaking visual CAPTCHAs with naive pattern recognition algorithms. in Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007). IEEE, pp. 279-291. https://doi.org/10.1109/ACSAC.2007.47

APA

Yan, J., & El Ahmad, A. S. (2007). Breaking visual CAPTCHAs with naive pattern recognition algorithms. In Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007) (pp. 279-291). IEEE. https://doi.org/10.1109/ACSAC.2007.47

Vancouver

Yan J, El Ahmad AS. Breaking visual CAPTCHAs with naive pattern recognition algorithms. In Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007). IEEE. 2007. p. 279-291 doi: 10.1109/ACSAC.2007.47

Author

Yan, Jeff ; El Ahmad, A. S. . / Breaking visual CAPTCHAs with naive pattern recognition algorithms. Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007). IEEE, 2007. pp. 279-291

Bibtex

@inbook{dcb0b10ba55f4c6abde99001a7d2b536,

title = "Breaking visual CAPTCHAs with naive pattern recognition algorithms",

abstract = "Visual CAPTCHAs have been widely used across the Internet to defend against undesirable or malicious bot programs. In this paper, we document how we have broken most such visual schemes provided at Captchaservice.org, a publicly available web service for CAPTCHA generation. These schemes were effectively resistant to attacks conducted using a high-quality Optical Character Recognition program, but were broken with a near 100% success rate by our novel attacks. In contrast to early work that relied on sophisticated computer vision or machine learning algorithms, we used simple pattern recognition algorithms but exploited fatal design errors that we discovered in each scheme. Surprisingly, our simple attacks can also break many other schemes deployed on the Internet at the time of writing: their design had similar errors. We also discuss defence against our attacks and new insights on the design of visual CAPTCHA schemes.",

author = "Jeff Yan and {El Ahmad}, {A. S.}",

year = "2007",

month = dec,

doi = "10.1109/ACSAC.2007.47",

language = "English",

isbn = "0769530605",

pages = "279--291",

booktitle = "Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007)",

publisher = "IEEE",

}

RIS

TY - CHAP

T1 - Breaking visual CAPTCHAs with naive pattern recognition algorithms

AU - Yan, Jeff

AU - El Ahmad, A. S.

PY - 2007/12

Y1 - 2007/12

N2 - Visual CAPTCHAs have been widely used across the Internet to defend against undesirable or malicious bot programs. In this paper, we document how we have broken most such visual schemes provided at Captchaservice.org, a publicly available web service for CAPTCHA generation. These schemes were effectively resistant to attacks conducted using a high-quality Optical Character Recognition program, but were broken with a near 100% success rate by our novel attacks. In contrast to early work that relied on sophisticated computer vision or machine learning algorithms, we used simple pattern recognition algorithms but exploited fatal design errors that we discovered in each scheme. Surprisingly, our simple attacks can also break many other schemes deployed on the Internet at the time of writing: their design had similar errors. We also discuss defence against our attacks and new insights on the design of visual CAPTCHA schemes.

AB - Visual CAPTCHAs have been widely used across the Internet to defend against undesirable or malicious bot programs. In this paper, we document how we have broken most such visual schemes provided at Captchaservice.org, a publicly available web service for CAPTCHA generation. These schemes were effectively resistant to attacks conducted using a high-quality Optical Character Recognition program, but were broken with a near 100% success rate by our novel attacks. In contrast to early work that relied on sophisticated computer vision or machine learning algorithms, we used simple pattern recognition algorithms but exploited fatal design errors that we discovered in each scheme. Surprisingly, our simple attacks can also break many other schemes deployed on the Internet at the time of writing: their design had similar errors. We also discuss defence against our attacks and new insights on the design of visual CAPTCHA schemes.

U2 - 10.1109/ACSAC.2007.47

DO - 10.1109/ACSAC.2007.47

M3 - Chapter

SN - 0769530605

SN - 9780769530604

SP - 279

EP - 291

BT - Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007)

PB - IEEE

ER -

Research

Links

Text available via DOI: