Abstract
Today, it is difficult to find an adequate Web site with a registration form that is not protected with some automated human proof test. One of the oldest concepts in Artificial Intelligence as a security mechanism based on the Turing Test is CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart). This test was designed to make a difference between the real users and bots and provide security against malicious attacks. The PROMETHEE-GAIA method was employed for ranking different image-based CAPTCHAs according to their usability in this paper. The aim of this study is a comparative analysis of seven image-based CAPTCHAs based on three different criteria: time to find a solution, a number of attempts, and task difficulty. The weights of the considered criteria were calculated objectively by the entropy method, and for the subjective weights, Analytical Hierarchy Process (AHP) was used. A defined research model was applied through four phases. The survey included 320 randomly selected Internet users and experts in computer science who were familiar with CAPTCHA tests. The proposed model suggested which CAPTCHA offered better human accuracy and lower machine attack rates compared to the existing approaches. The obtained results were very helpful to the web administrators because they indicated that this approach could provide useful insights for the decision-makers about the appropriate mechanisms to protect users against cyber-criminal activities and Internet threats.
Similar content being viewed by others
References
Abdel-Basset M (2019) A neutrosophic theory-based security approach for fog and mobile-edge computing. Comput Netw 157:122–132
Abdullah L, Chan W, Afshari A (2019) Application of PROMETHEE method for green supplier selection: a comparative result based on preference functions. J Ind Eng Int 15(2):271–285
Agha SR, Nofal LG, Nassar HA (2012) Multi-criteria governmental crop planning problem based on an integrated AHP-PROMETHEE approach. Int J Appl Manag Sci 4(4):385–406
Aherwar A, Singh T, Singh A, Patnaik A, Fekete G (2019) Optimum selection of novel developed implant material using hybrid entropy-PROMETHEE approach. Mater Werkst 50(10):1232–1241
Alqahtani FH, Alsulaiman FA (2020) Is image-based CAPTCHA secure against attacks based on machine learning? An experimental study. Comput Secur 88:101635
Beheshti SMRS, Liatsis P, Rajarajan M (2017) A CAPTCHA model based on visual psychophysics: using the brain to distinguish between human users and automated computer bots. Comput Secur 70:596–617
Behzadian M, Kazemzadeh RB, Albadvi A, Aghdasi M (2010) PROMETHEE: a comprehensive literature review on methodologies and applications. Eur J Oper Res 200(1):198–215
Belk M, Fidas C, Germanakos P, Samaras G (2015) Do human cognitive differences in information processing affect preference and performance of CAPTCHA? Int J Hum Comput Stud 84:1–18
Ben-Abdallah E, Boukadi K, Lloret J, Hammami M (2019) CROSA: context-aware cloud service ranking approach using online reviews based on sentiment analysis. Concurr Comput 1–16
Bennani A, Bahi L, Amgaad S (2017) Using a combined approach AHP PROMETHEE to make a decision about roads alternative project: a case study. Int J Civ Eng Technol 8(5):856–868
Brans J, Mareschal B (2005) PROMETHEE methods. Multiple Criteria Decision Analysis: State of the Art Surveys, pp 163–186
Brans JP (1982) Lingenierie de la decision, elaboration dinstruments daide a la decision. Methode PROMETHEE. In: Nadeau R, Landry M (eds) Laide a la decision: nature, instruments et perspectives Davenir. Presses de Universite Laval, Quebec, pp 183–214
Brans JP, Mareschal B, Vincke PH (1984) PROMETHEE: a new family of outranking methods in multi-criteria analysis. In: Brans JP (ed) Operational research ‘84. North-Holland, Amsterdam, pp 477–490
Bursztein, E, Moscicki, A, Fabry, C, Bethard, S, Mitchell, JC, Jurafsky, D. (2014). Easy does it: more usable captchas. In: Proceedings of the 32nd Annual ACM Conference on Human Factors in Computing Systems, ACM, pp 2637–46
Bursztein E, Bethard S, Fabry C, Mitchell J, Jurafsky D (2010) How good are humans at solving captchas? A large scale evaluation. In: 2010 IEEE symposium on security and privacy, pp 399–413
Chandavale AA, Sapkal AM (2015) Systematic approach to measure strength of textbased CAPTCHA. In: 2015 International Conference on Information Processing (ICIP), pp 382–387
Cheriet M, Bunke H, Hu J, Kimura F, Suen CY (2009) New Frontiers in handwriting recognition. Pattern Recogn 42(12):3129–3130
Christian AV, Zhang Y, Salifou C (2016) Application of PROMETHEE-GAIA method in the entry mode selection process in international market expansion. Open J Bus Manag 4:238–250
D’Avignon G, Turcotte M, Beaudry L, Duperre Y (1983) Degrt de specialisation des hopitaux de Quebec. Technical report. Universite Laval, Quebec
Dujardin M (1984) Une evaluation multicritere de projets de remediation a l'echec dans I' enseignement secondaire Belge. In XIX Meeting of the European Working Group on Multiple Criteria Decision Aid, Liege, France
Fidas CA, Voyiatzis AG, Avouris NM (2011) On the necessity of user-friendly CAPTCHA. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, ACM, pp 2623–2626
Goswami G, Singh R, Vatsa M, Powell B, Noore A (2012) Face recognition captcha. In: Proceedings of the Fifth IEEE International Conference on Biometrics: Theory, Applications and Systems (BTAS), IEEE, pp 412–17
Herngren L, Goonetilleke A, Ayoko GA (2006) Analysis of heavy metals in roaddeposited sediments. Anal Chim Acta 571(2):270–278
Hidalgo JMG, Alvarez G (2011) Chapter 3 - CAPTCHAs: an artificial intelligence application to web security. Adv Comput 83:109–181
Karpathy A, Fei-Fei L (2015) Deep visual-semantic alignments for generating image descriptions. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp 3128–3137
Keller HR, Massart DL, Brans JP (1991) Multicriteria decision making: a case study. Chemom Intell Lab Syst 11:175–189
Kluever KA (2008) Evaluating the usability and security of a video CAPTCHA. Rochester Institute of Technology. Thesis. Rochester Institute of Technology. Accessed from https://scholarworks.rit.edu/theses/163
Kluever KA, Zanibbi R (2009) Balancing usability and security in a video CAPTCHA. In: Proceedings of the 5th Symposium on Usable Privacy and Security, ACM, pp 11–14
Kocmanova A, Docekalova M, Lunacek J (2013) PROMETHEE-GAIA method as a support of the decision-making process in evaluating technical facilities. IFIP Adv Inf Commun Technol 413:44–53
Kwon S, Cha S (2017) CAPTCHA-based image annotation. Inf Process Lett 128:27–31
Lee YL, Hsu CH (2011) Usability study of text-based CAPTCHAs. Displays 32(2):81–86
Lopes APF, Muñoz MM, Alarcón-Urbistondo P (2018) Regional tourism competitiveness using the PROMETHEE approach. Ann Tour Res 73:1–13
Macharis C, Springael J, De Brucker K, Verbeke A (2004) PROMETHEE and AHP: the design of operational synergies in multicriteria analysis. Strengthening PROMETHEE with ideas of AHP. Eur J Oper Res 153:307–317
Madathil KC, Alapatt GF, Greenstein JS (2010) An investigation of the usability of image-based CAPTCHAs. Proc Hum Factors Ergon Soc Ann Meet 54(16):1249–1253
Madathil KC, Greenstein JS, Horan K (2019) Empirical studies to investigate the usability of text-and image-based CAPTCHAs. Int J Ind Ergon 69:200–208
Meutzner H, Nguyen V-H, Holz T, Kolossa D (2014) Using automatic speech recognition for attacking acoustic captchas: the tradeoff between usability and security. In: Proceedings of the 30th Annual Computer Security Applications Conference, ACM, pp 276–85
Nikolić D, Jovanović I, Mihajlović I, Živković Ž (2009) Multi-criteria ranking of copper concentrates according to their quality – an element of environmental management in the vicinity of copper – smelting complex in Bor, Serbia. J Environ Manag 91:509–515
Ostovare M, Shahraki MR (2019) Evaluation of hotel websites using the multicriteria analysis of PROMETHEE and GAIA: evidence from the five-star hotels of Mashhad. Tour Manag Perspect 30:107–116
Pashalidis A, Mavrogiannopoulos N, Ferrer X, Bermejo Olaizola B (2012) For human eyes only: security and usability evaluation. In: Proceedings of the 2012 ACM Workshop on Privacy in the Electronic Society, ACM, pp 129–40
Penninger S, Meier S, Federrath H (2012) Usability von CAPTCHA-Systemen. In: GI Sicherheit, Darmstadt, 195:199–208
Plamondon R, Pirlo G, Anquetil É, Rémi C, Teulings H-L, Nakagawa M (2018) Personal digital bodyguards for e-security, e-learning and e-health: a prospective survey. Pattern Recogn 81:633–659
Radulescu M, Fedajev A, Nikolic D (2017) Ranking of EU national banking systems using multi-criteria analysis in the light of BREXIT. Acta Oeconomica 67(4):473–509
Roshanbin N, Miller J (2016) ADAMAS: interweaving unicode and color to enhance CAPTCHA security. Futur Gener Comput Syst 55:289–310
Saaty TL (1980) The analytic Hieararchy process. McGraw-Hill, New York
Sauer G, Hochheiser H (2008) Towards a universally usable CAPTCHA. In: Proceedings of the 4th symposium on usable privacy and security, pp 2–5
Savic M, Nikolic D, Mihajlovic I, Zivkovic Z, Bojanov B, Djordjevic P (2015) Multi-criteria decision support system for optimal blending process in zinc production. Mineral Process Ext Metall Rev Int J 36(4):267–280
Schryen G, Wagner G, Schlegel A (2016) Development of two novel face-recognition CAPTCHAs: a security and usability study. Comput Secur 60:95–116
Shirali-Shahreza S, Penn G, Balakrishnan R, Ganjali Y (2013) Seesay and hearsay captcha for mobile interaction. In: Proceedings of the SIGCHI conference on human factors in computing systems, ACM, pp 2147–56
Starostenko O, Cruz-Perez C, Uceda-Ponga F, Alarcon-Aquino V (2015) Breaking text-based CAPTCHAs with variable word and character orientation. Pattern Recogn 48(4):1101–1112
Thomas AO, Rusu A, Govindaraju V (2009) Synthetic handwritten CAPTCHAs. Pattern Recogn 42(12):3365–3373
Trukenbrod AK, Backhaus N, Thomaschke R (2020) Measuring subjectively experienced time in usability and user experience testing scenarios. Int J Hum Comput Stud 138:102399
Vego G, Kučar-Dragičević S, Koprivanac N (2008) Application of multi-criteria decision-making on strategic municipal solid waste management in Dalmatia, Croatia. Waste Manag 28:2192–2201
Vikram S, Fan Y, Gu G (2011) Semage: a new image-based two-factor CAPTCHA. In: Proceedings of the 27th Annual Computer Security Applications Conference, ACM, pp 237–246
von Ahn LV, Blum M, Hopper NJ, Langford J (2003) CAPTCHA: Using hard AI problems for security. EUROCRYPT'03: Proceedings of the 22nd international conference on theory and applications of cryptographic techniques, pp 294–311. Accessed 13 Jan 2020
Wang JJ, Wei CM, Yang D (2006) Decision method for vendor selection based on AHP/PROMETHEE/GAIA. J Dalian Univ Technol 46(6):926–931
Yan J, El Ahmad AS (2008a) Usability of CAPTCHAs or usability issues in CAPTCHA design. Symposium on usable privacy and security, Pittsburgh
Yan J, El Ahmad AS (2008b) Usability of CAPTCHAs or usability issues in CAPTCHA design. In: Proceedings of the 4th Symposium on Usable Privacy and Security, Pittsburgh, Pennsylvania, USA, pp 44–52
Yu X, Xu Z, Ma Y (2013) Prioritized multi-criteria decision making based on the idea of PROMETHEE. Proc Comput Sci 17:449–456
Zhi-Hong Z, Yi Y, Jing-nan S (2006) Entropy method for determination of weight of evaluating indicators in fuzzy synthetic evaluation for water quality assessment. J Environ Sci 18:1020–1023
Zindani D, Kumar K (2018) Material selection for turbine seal strips using PROMETHEE-GAIA method. Materials Today: Proceedings 5:17533–17539
Acknowledgments
Responsible for the English language in the paper is Sandra Vasković, the English language teacher.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Arsić, S., Nikolic, D. & Jevtic, M. An investigation of the usability of image-based CAPTCHAs using PROMETHEE-GAIA method. Multimed Tools Appl 80, 9393–9409 (2021). https://doi.org/10.1007/s11042-020-10054-w
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-020-10054-w