Text-based CAPTCHA strengths and weaknesses

Text-based CAPTCHA strengths and weaknesses
Elie Bursztein, Matthieu Martin, John C. Mitchell

Citation
Elie Bursztein, Matthieu Martin, John C. Mitchell. "Text-based CAPTCHA strengths and weaknesses". Proceedings of the 18th ACM conference on Computer and communications security, 2011.

Abstract
We carry out a systematic study of existing visual CAPTCHAs based on distorted characters that are augmented with anti-segmentation techniques. Applying a systematic evaluation methodology to 15 current CAPTCHA schemes from popular web sites, we find that 13 are vulnerable to automated attacks. Based on this evaluation, we identify a series of recommendations for CAPTCHA designers and attackers, and possible future directions for producing more reliable human/computer distinguishers.

Electronic downloads

http://dl.acm.org/citation.cfm?id=2046724

Citation formats

HTML

Elie Bursztein, Matthieu Martin, John C. Mitchell. <a
href="http://www.truststc.org/pubs/891.html"
>Text-based CAPTCHA strengths and weaknesses</a>,
Proceedings of the 18th ACM conference on Computer and
communications security, 2011.

Plain text

Elie Bursztein, Matthieu Martin, John C. Mitchell.
"Text-based CAPTCHA strengths and weaknesses".
Proceedings of the 18th ACM conference on Computer and
communications security, 2011.

BibTeX

@inproceedings{BurszteinMartinMitchell11_TextbasedCAPTCHAStrengthsWeaknesses,
    author = {Elie Bursztein and Matthieu Martin and John C.
              Mitchell},
    title = {Text-based CAPTCHA strengths and weaknesses},
    booktitle = {Proceedings of the 18th ACM conference on Computer
              and communications security},
    year = {2011},
    abstract = {We carry out a systematic study of existing visual
              CAPTCHAs based on distorted characters that are
              augmented with anti-segmentation techniques.
              Applying a systematic evaluation methodology to 15
              current CAPTCHA schemes from popular web sites, we
              find that 13 are vulnerable to automated attacks.
              Based on this evaluation, we identify a series of
              recommendations for CAPTCHA designers and
              attackers, and possible future directions for
              producing more reliable human/computer
              distinguishers.},
    URL = {http://www.truststc.org/pubs/891.html}
}

Posted by Mary Stewart on 4 Apr 2012.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.