Home > Research > Publications & Outputs > The robustness of hollow CAPTCHAs

Research

Links

Text available via DOI:

Keywords

View graph of relations

The robustness of hollow CAPTCHAs

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published

Standard

The robustness of hollow CAPTCHAs. / Gao, Haichang; Wang, Wei; Qi, Jiao et al.
CCS '13 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. New York: ACM, 2013. p. 1075-1086.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Harvard

Gao, H, Wang, W, Qi, J, Wang, X, Liu, X & Yan, J 2013, The robustness of hollow CAPTCHAs. in CCS '13 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM, New York, pp. 1075-1086, 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, Berlin, Germany, 4/11/13. https://doi.org/10.1145/2508859.2516732

APA

Gao, H., Wang, W., Qi, J., Wang, X., Liu, X., & Yan, J. (2013). The robustness of hollow CAPTCHAs. In CCS '13 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (pp. 1075-1086). ACM. https://doi.org/10.1145/2508859.2516732

Vancouver

Gao H, Wang W, Qi J, Wang X, Liu X, Yan J. The robustness of hollow CAPTCHAs. In CCS '13 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. New York: ACM. 2013. p. 1075-1086 doi: 10.1145/2508859.2516732

Author

Gao, Haichang ; Wang, Wei ; Qi, Jiao et al. / The robustness of hollow CAPTCHAs. CCS '13 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. New York : ACM, 2013. pp. 1075-1086

Bibtex

@inproceedings{16ea134c64bf48f5b2e0ad65e2600256,
title = "The robustness of hollow CAPTCHAs",
abstract = "CAPTCHA is now a standard security technology for differentiating between computers and humans, and the most widely deployed schemes are text-based. While many text schemes have been broken, hollow CAPTCHAs have emerged as one of the latest designs, and they have been deployed by major companies such as Yahoo!, Tencent, Sina, China Mobile and Baidu. A main feature of such schemes is to use contour lines to form connected hollow characters with the aim of improving security and usability simultaneously, as it is hard for standard techniques to segment and recognize such connected characters, which are however easy to human eyes. In this paper, we provide the first analysis of hollow CAPTCHAs' robustness. We show that with a simple but novel attack, we can successfully break a whole family of hollow CAPTCHAs, including those deployed by all the major companies. While our attack casts serious doubt on the viability of current designs, we offer lessons and guidelines for designing better hollow CAPTCHAs.",
keywords = "captcha, convolutional neural network, graph search, security",
author = "Haichang Gao and Wei Wang and Jiao Qi and Xuqin Wang and Xiyang Liu and Jeff Yan",
year = "2013",
month = nov,
doi = "10.1145/2508859.2516732",
language = "English",
isbn = "9781450324779",
pages = "1075--1086",
booktitle = "CCS '13 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security",
publisher = "ACM",
note = "2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013 ; Conference date: 04-11-2013 Through 08-11-2013",

}

RIS

TY - GEN

T1 - The robustness of hollow CAPTCHAs

AU - Gao, Haichang

AU - Wang, Wei

AU - Qi, Jiao

AU - Wang, Xuqin

AU - Liu, Xiyang

AU - Yan, Jeff

PY - 2013/11

Y1 - 2013/11

N2 - CAPTCHA is now a standard security technology for differentiating between computers and humans, and the most widely deployed schemes are text-based. While many text schemes have been broken, hollow CAPTCHAs have emerged as one of the latest designs, and they have been deployed by major companies such as Yahoo!, Tencent, Sina, China Mobile and Baidu. A main feature of such schemes is to use contour lines to form connected hollow characters with the aim of improving security and usability simultaneously, as it is hard for standard techniques to segment and recognize such connected characters, which are however easy to human eyes. In this paper, we provide the first analysis of hollow CAPTCHAs' robustness. We show that with a simple but novel attack, we can successfully break a whole family of hollow CAPTCHAs, including those deployed by all the major companies. While our attack casts serious doubt on the viability of current designs, we offer lessons and guidelines for designing better hollow CAPTCHAs.

AB - CAPTCHA is now a standard security technology for differentiating between computers and humans, and the most widely deployed schemes are text-based. While many text schemes have been broken, hollow CAPTCHAs have emerged as one of the latest designs, and they have been deployed by major companies such as Yahoo!, Tencent, Sina, China Mobile and Baidu. A main feature of such schemes is to use contour lines to form connected hollow characters with the aim of improving security and usability simultaneously, as it is hard for standard techniques to segment and recognize such connected characters, which are however easy to human eyes. In this paper, we provide the first analysis of hollow CAPTCHAs' robustness. We show that with a simple but novel attack, we can successfully break a whole family of hollow CAPTCHAs, including those deployed by all the major companies. While our attack casts serious doubt on the viability of current designs, we offer lessons and guidelines for designing better hollow CAPTCHAs.

KW - captcha

KW - convolutional neural network

KW - graph search

KW - security

U2 - 10.1145/2508859.2516732

DO - 10.1145/2508859.2516732

M3 - Conference contribution/Paper

AN - SCOPUS:84889069302

SN - 9781450324779

SP - 1075

EP - 1086

BT - CCS '13 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

PB - ACM

CY - New York

T2 - 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013

Y2 - 4 November 2013 through 8 November 2013

ER -