Skip to main content
SpringerLink
Log in

A Machine Learning Attack against the Civil Rights CAPTCHA

  • Conference paper
Intelligent Distributed Computing VIII

Part of the book series: Studies in Computational Intelligence ((SCI,volume 570))

Abstract

Human Interactive Proofs (HIPs) are a basic security measure on the Internet to avoid several types of automatic attacks. Recently, a new HIP has been designed to increase security: the Civil Rights CAPTCHA. It employs the empathy capacity of humans to further strengthen the security of a well known OCR CAPTCHA, Securimage. In this paper, we analyse it from a security perspective, pointing out its design flaws. Then, we create a successful side-channel attack, leveraging some well-known machine learning algorithms.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alsuhibany, S.A.: Optimising captcha generation. In: 2011 Sixth International Conference on Availability, Reliability and Security (ARES), pp. 740–745 (August 2011)

    Google Scholar 

  2. Bird, S., Klein, E., Loper, E.: Natural Language Processing with Python: Analyzing Text with the Natural Language Toolkit. O’Reilly, Beijing (2009)

    Google Scholar 

  3. Bursztein, E., Martin, M., Mitchell, J.: Text-based captcha strengths and weaknesses. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, pp. 125–138. ACM, New York (2011)

    Google Scholar 

  4. D’Souza, D., Polina, P.C., Yampolskiy, R.V.: Avatar captcha: Telling computers and humans apart via face classification. In: 2012 IEEE International Conference on Electro/Information Technology (EIT), pp. 1–6 (May 2012)

    Google Scholar 

  5. Fidas, C.A., Voyiatzis, A.G., Avouris, N.M.: On the necessity of user-friendly captcha. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI 2011, pp. 2623–2626. ACM, New York (2011)

    Chapter  Google Scholar 

  6. Golle, P.: Machine learning attacks against the asirra captcha. In: Proceedings of the 5th Symposium on Usable Privacy and Security, SOUPS 2009, Mountain View, California, USA, July 15-17. ACM International Conference Proceeding Series. ACM (2009)

    Google Scholar 

  7. Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.H.: The weka data mining software: An update (2009)

    Google Scholar 

  8. Kouritzin, M.A., Newton, F., Wu, B.: On random field completely automated public turing test to tell computers and humans apart generation. IEEE Transactions on Image Processing 22(4), 1656–1666 (2013)

    Article  MathSciNet  Google Scholar 

  9. Mohamed, M., Sachdeva, N., Georgescu, M., Gao, S., Saxena, N., Zhang, C., Kumaraguru, P., van Oorschot, P.C., Chen, W.B.: Three-way dissection of a game-captcha: Automated attacks, relay attacks, and usability. CoRR, abs/1310.1540 (2013)

    Google Scholar 

  10. Naor, M.: Verification of a human in the loop or identification via the turing test (1996)

    Google Scholar 

  11. Nielsen, F.Å.: A new anew: Evaluation of a word list for sentiment analysis in microblogs. CoRR, abs/1103.2903 (2011)

    Google Scholar 

  12. Quinlan, J.R.: C4.5: Programs for Machine Learning. Morgan Kaufmann Publishers Inc., San Francisco (1993)

    Google Scholar 

  13. Vikram, S., Fan, Y., Gu, G.: Semage: A new image-based two-factor captcha. In: Proceedings of the 27th Annual Computer Security Applications Conference, ACSAC 2011, pp. 237–246. ACM, New York (2011)

    Google Scholar 

  14. Warner, O.: Kittenauth (2009), http://www.thepcspy.com/kittenauth

  15. Yamamoto, T., Suzuki, T., Nishigaki, M.: A proposal of four-panel cartoon captcha. In: 2011 IEEE International Conference on Advanced Information Networking and Applications (AINA), pp. 159–166 (March 2011)

    Google Scholar 

  16. Zhu, B.B., Yan, J., Li, Q., Yang, C., Liu, J., Xu, N., Yi, M., Cai, K.: Attacks and design of image recognition captchas. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, pp. 187–200. ACM, New York (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Universidad Complutense, Madrid, Spain

    Carlos Javier Hernández-Castro

  2. Computer Engineering Department, Universidad de Alcalá, Madrid, Spain

    David F. Barrero & María D. R-Moreno

Authors
  1. Carlos Javier Hernández-Castro
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David F. Barrero
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. María D. R-Moreno
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Carlos Javier Hernández-Castro .

Editor information

Editors and Affiliations

  1. Computer Science Department, Technical School of Engineering, Universidad Autónoma de Madrid, Madrid, Spain

    David Camacho

  2. University of Hamburg, Hamburg, Germany

    Lars Braubach

  3. Department of Industrial and Information Engineering, Second University of Naples, Aversa, Italy

    Salvatore Venticinque

  4. Software Engineering Department, Faculty of Automatics, Computers and Ele, University of Craiova, Craiova, Romania

    Costin Badica

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Hernández-Castro, C.J., Barrero, D.F., R-Moreno, M.D. (2015). A Machine Learning Attack against the Civil Rights CAPTCHA. In: Camacho, D., Braubach, L., Venticinque, S., Badica, C. (eds) Intelligent Distributed Computing VIII. Studies in Computational Intelligence, vol 570. Springer, Cham. https://doi.org/10.1007/978-3-319-10422-5_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-10422-5_26

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-10421-8

  • Online ISBN: 978-3-319-10422-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation