AUTHORS: Eman Omar, Thaer Khdour, Sara Tedmori
Download as PDF
ABSTRACT: Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) is a challenge-response test. CAPTCHAs are typically used by many websites to protect web form parameters against malicious input by verifying that the input is coming from a human and not from an automated program. Existing CAPTCHAs are mainly text-based on a static image and are known to be vulnerable to automated attacks. In this work, a Click based Animation CAPTCHA (CAC) is presented. CAC is designed to make it easy for people to solve CAPTCHA challenges. A small usability test was conducted to see how users respond to the proposed CAC. Results from the small usability evaluation show that CAC is a fun easy to use CAPTCHA. CAC was compared with a classical text based CAPTCHA. Results show that when moderate animation is employed, the proposed scheme achieves a higher accuracy rate than that of the classical text based CAPTCHA. Further directions of research are also discussed.
KEYWORDS: CAPTCHA, Animation CAPTCHA, Usability, CAPTCHA Types, Evaluation
REFERENCES:
[1] Athanasopoulos, E. and Antonatos, S. ‘Enhanced CAPTCHAs: Using Animation to Tell Humans and Computers Apart’. In Proceedings of the 10th IFIP TC-6 TC-11 International Conference on Communications and Multimedia Security, Springer-Verlag, Berlin, Heidelberg, 2006, pp 97-108.
[2] Bursztein, E., Martin, M. and Mitchell J. C. ‘Text-based CAPTCHA Strengths and Weaknesses’ in proceedings of the 18th ACM Conference on Computer and Communications Security, ACM, New York, NY, USA, 2011, pp 125-138.
[3] Elson, J. Douceur, J. R., Howell J., and Saul J. ‘Asirra: A CAPTCHA that Exploits InterestAligned Manual Image Categorization’ in ACM Conference on Computer and Communications Security, Virginia, USA, 2007, pp 366-374.
[4] Guestrin.
[online] http://www.cs.cmu.edu/ guestrin/class/10701/projects.htm (Accessed December 05, 2014)
[5] HelloCAPTCHA.
[online] http://www.hellocaptcha.com/ (Accessed November 8, 2014).
[6] Hindle, A., Godfrey, M. W. and Holt, R. C. ‘Reverse Engineering CAPTCHAs’, 15th Working Conference on Reverse Engineering, Antwerp, Belgium, 2008, pp 59-69.
[7] Hugick, L. and Best, J. ‘Questionnaire Length’, Encyclopedia of Survey Research Methods, SAGE, 2008.
[8] Husser, J.A. and Fernandez, K.E. ‘To Click, Type, or Drag? Evaluating Speed of Survey Data Input Methods’, Survey Practice, Vol. 6, No. 2, 2013.
[9] Lee, Y-L. and Hsu C-H. ‘Usability study of text-based CATCHA’ Displays, Vol. 32, No. 2, 2011, pp 81-86.
[10] Longe, O., Robert, A. B. C. and Onwudebelu, U. ‘Checking Internet Masquerading using Multiple Captcha Challenge-Response Systems’ in 2nd International Conference on Adaptive Science & Technology, IEEE, Accra, 2009, pp 244-249.
[11] NuCaptcha.
[online] http://www.nucaptcha.com. (Accessed November 8, 2014).
[12] reCAPTCHA Blog. Funny recaptchas,
[online] http://blog.recaptcha.net/2008/12/funnyrecaptchas.html (Accessed December 5, 2014).
[13] Roshanbin, N. and Miller J. ‘A survey and analysis of current CAPTCHA approaches’, Journal of Web Engineering, Vol. 12, No. 1-2, 2013, pp 1-40.
[14] Shirali-Shahreza M. and Shirali-Shahreza S. ‘Collage CAPTCHA’ in 20th IEEE International Symposium Signal Processing and Application, Sharjah, United Arab Emirates, 2007, pp 1-4.
[15] Shirali-Shahreza, M. and Shirali-Shahreza, S. ‘Dynamic CAPTCHA’. in International Symposium on Communications and Information Technologies, Vientiane, Lao, 2008, pp 436-440.
[16] SweetCAPTCHA.
[online] http://www.sweetcaptcha.com/ (Accessed October 9, 2014)
[17] Von Ahn, L., Maurer, B., McMillen, C., Abraham, D., and Blum, M. ‘reCaptcha: Human-Based Character Recognition via Web Security Measures’ Science, Vol. 321, No 5895, 2008, pp 465-1468.
[18] Xu, Y., Reynaga, G., Chiasson, S., Frahm, J-M., Monrose, F. and van Oorschot, P. C. ‘Security Analysis and Related Usability of Motion-Based captchas: Decoding codewords in motion’, IEEE Transactions on Dependable and Secure Computing, Vol. 11, No. 5, 2014, pp 480-493.
[19] Yan, J. and El Ahmad. A. S. ‘Breaking Visual CAPTCHAs with Nave Pattern Recognition Algorithms’, in 23rd Annual Computer Security Applications Conference, USA, 2007, pp 279-291.
[20] Yan, J. and El Ahmad. A. S. ‘Low-cost Attack on a Microsoft CAPTCHA’, 15th ACM conference on Computer and Communications Security, Alexandria, VA, USA, 2008a, pp 543- 554.
[21] Yan J. and El Ahmad. A. S. ‘Usability of Captchas or Usability Issues in Captcha Design’ in 4th Symposium on Usable Privacy and Security, New York, USA, 2008b, pp 44-52.