Abstract
Most of current text-based CAPTCHAs have been shown to be easily breakable. In this work, we present two novel 3D CAPTCHA designs, which are more secure than current 2D text CAPTCHAs, against automated attacks. Our approach is to display CAPTCHA characters onto 3D objects to improve security. We exploit difficulty for machines in rotating 3D objects to find a correct view point and in further recognizing characters in 3D, both tasks that humans can easily perform. Using an offline automated computer vision attack, we found that 82% of the new text reCAPTCHA characters were successfully detected, while approximately 60% of our 3D CAPTCHAs were detected only if characters were focused and zoomed from the direct view point. When CAPTCHAs are presented in slightly different views, the attack success rates against our approaches are reduced to almost 0%.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alpha compositing. http://en.wikipedia.org/wiki/Alpha_compositing
reCAPTCHA. https://www.google.com/recaptcha/intro/index.html
Unity. http://unity3d.com/
Unity 3D obfuscator. http://en.unity3d.netobf.com/unity3d_decompiler
UV mapping. http://en.wikipedia.org/wiki/UV_mapping
AABBYY OCR software. http://www.abbyy.com/
Aldoma, A., Tombari, F., Stefano, L., Vincze, M.: A global hypotheses verification method for 3D object recognition. In: Fitzgibbon, A., Lazebnik, S., Perona, P., Sato, Y., Schmid, C. (eds.) ECCV 2012. LNCS, vol. 7574, pp. 511–524. Springer, Heidelberg (2012). doi:10.1007/978-3-642-33712-3_37
Bursztein, E., Martin, M., Mitchell, J.: Text-based CAPTCHA strengths and weaknesses. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 125–138. ACM (2011)
Bursztein, E., Moscicki, A., Fabry, C., Bethard, S., Mitchell, J.C., Jurafsky, D.: Easy does it: more usable CAPTCHAs. In: Proceedings of the 32nd Annual ACM Conference on Human Factors in Computing Systems, pp. 2637–2646. ACM (2014)
Canny, J.: A computational approach to edge detection. IEEE Trans. Pattern Anal. Mach. Intell. 6, 679–698 (1986)
Chen, H., Tsai, S.S., Schroth, G., Chen, D.M., Grzeszczuk, R., Girod, B.: Robust text detection in natural images with edge-enhanced maximally stable extremal regions. In: 2011 18th IEEE International Conference on Image Processing (ICIP), pp. 2609–2612. IEEE (2011)
Cui, J.-S., Mei, J.-T., Zhang, W.-Z., Wang, X., Zhang, D.: A CAPTCHA implementation based on moving objects recognition problem. In: 2010 International Conference on e-Business and e-Government (ICEE), pp. 1277–1280. IEEE (2010)
Elson, J., Douceur, J.R., Howell, J., Saul, J.: Asirra: a CAPTCHA that exploits interest-aligned manual image categorization. In: ACM Conference on Computer and Communications Security, pp. 366–374 (2007)
Gao, H., Wang, W., Qi, J., Wang, X., Liu, X., Yan, J.: The robustness of hollow CAPTCHAs. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 1075–1086. ACM (2013)
Golle, P.: Machine learning attacks against the asirra CAPTCHA. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 535–542. ACM (2008)
Lowe, D.G.: Object recognition from local scale-invariant features. In: The Proceedings of the Seventh IEEE International Conference on Computer Vision 1999, vol. 2, pp. 1150–1157. IEEE (1999)
Marrin, C.: WebGL specification. Khronos WebGL Working Group (2011)
Meutzner, H., Nguyen, V.-H., Holz, T., Kolossa, D.: Using automatic speech recognition for attacking acoustic CAPTCHAs: the trade-off between usability and security. In: Proceedings of the 30th Annual Computer Security Applications Conference, pp. 276–285. ACM (2014)
Mitra, N.J., Chu, H.-K., Lee, T.-Y., Wolf, L., Yeshurun, H., Cohen-Or, D.: Emerging images. ACM Trans. Graph. (TOG) 28, 163 (2009). ACM
Mori, G., Malik., J.: Recognizing objects in adversarial clutter: breaking a visual CAPTCHA. In: 2003 IEEE Computer Society Conference on Computer Vision and Pattern Recognition, 2003, Proceedings, vol. 1, pp. 1–134. IEEE (2003)
Nguyen, V.D., Chow, Y.-W., Susilo, W.: Breaking a 3D-based CAPTCHA scheme. In: Kim, H. (ed.) ICISC 2011. LNCS, vol. 7259, pp. 391–405. Springer, Heidelberg (2012). doi:10.1007/978-3-642-31912-9_26
NuCaptcha - most secure and usable CAPTCHA. http://www.nucaptcha.com/
Ross, S.A., Halderman, J.A., Finkelstein, A.: Sketcha: a CAPTCHA based on line drawings of 3D models. In: Proceedings of the 19th International Conference on World Wide Web, pp. 821–830. ACM (2010)
Shirali-Shahreza, M., Shirali-Shahreza, S.: Motion CAPTCHA. In: 2008 Conference on Human System Interactions, pp. 1042–1044. IEEE (2008)
Sivakorn, S., Polakis, I., Keromytis, A.D.: I am robot: (deep) learning to break semantic image CAPTCHAs. In: IEEE European Symposium on Security and Privacy (EuroS&P) (2016)
Vedaldi, A., Fulkerson, B.: VLFeat: an open and portable library of computer vision algorithms (2008). http://www.vlfeat.org/
Ahn, L., Blum, M., Hopper, N.J., Langford, J.: CAPTCHA: using hard AI problems for security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003). doi:10.1007/3-540-39200-9_18
Xu, Y., Reynaga, G., Chiasson, S., Frahm, J.-M., Monrose, F., van Oorschot, P.C.: Security and usability challenges of moving-object CAPTCHAs: decoding codewords in motion. In: USENIX Security Symposium, pp. 49–64 (2012)
Acknowledgements
We would like to thank Ulrich Neumann, Michael Zyda, and Jelena Mirkovic for providing helpful comments and feedback.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Woo, S.S., Kim, J., Yu, D., Kim, B. (2017). Exploration of 3D Texture and Projection for New CAPTCHA Design. In: Choi, D., Guilley, S. (eds) Information Security Applications. WISA 2016. Lecture Notes in Computer Science(), vol 10144. Springer, Cham. https://doi.org/10.1007/978-3-319-56549-1_30
Download citation
DOI: https://doi.org/10.1007/978-3-319-56549-1_30
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-56548-4
Online ISBN: 978-3-319-56549-1
eBook Packages: Computer ScienceComputer Science (R0)