Abstract
The concept of reverse Turing tests, or more commonly known as CAPTCHAs, for distinguishing between humans and computers has been around for many years. The widespread use of CAPTCHAs these days has made them an integral part of the internet for providing online services, which are intended for humans, with some level of protection against automated abuse. Since their inception, much research has focused on investigating various issues surrounding the design and security of CAPTCHAs. A fundamental requirement of CAPTCHAs necessitates that they must be designed to be easy for humans but difficult for computers. However, it is well recognized that the trade-off between usability and security is difficult to balance. In addition, numerous attacks have been developed to defeat CAPTCHAs. In response to this, many different CAPTCHA design variants have been proposed over the years. Despite the fact that CAPTCHAs have been around for more than two decades, the future of CAPTCHAs remains an open question. This chapter presents an overview of research examining a wide range of issues that have been conducted on different types of CAPTCHAs.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Ahmad, A. S. E., Yan, J., & Marshall, L. (2010). The robustness of a new CAPTCHA. In M. Costa & E. Kirda (Eds.), Proceedings of the Third European Workshop on System Security, EUROSEC 2010, Paris, France, April 13, 2010 (pp. 36–41). ACM.
Ahmad, A. S. E., Yan, J., & Tayara, M. (2011). The robustness of Google CAPTCHAs. University of Newcastle, UK, Technical Report (Vol. 1278, pp. 1–15).
Athanasopoulos, E., Antonatos, S., & Markatos, E. P. (2006). Enhanced CAPTCHAs: Using animation to tell humans and computers apart. In H. Leitold (Ed.), Communications and Multimedia Security, 10th IFIP TC-6 TC-11 International Conference, CMS 2006, Heraklion, Crete, Greece, October 19–21, 2006, Proceedings (Vol. 4237, pp. 97–108)., Lecture notes in computer science. Berlin: Springer.
Baecher, P., Büscher, N., Fischlin, M., & Milde, B. (2011). Breaking recaptcha: A holistic approach via shape recognition. In J. Camenisch, S. Fischer-Hübner, Y. Murayama, A. Portmann, & C. Rieder (Eds.), Future Challenges in Security and Privacy for Academia and Industry - 26th IFIP TC 11 International Information Security Conference, SEC 2011, Lucerne, Switzerland, June 7–9, 2011. Proceedings (Vol. 354, pp. 56–67)., IFIP advances in information and communication technology. Berlin: Springer.
Baird, H. S., Coates, A. L., & Fateman, R. J. (2003). Pessimal print: A reverse turing test. International Journal on Document Analysis and Recognition, 5(2–3), 158–163.
Baird, H. S., & Popat, K. (2002). Human interactive proofs and document image analysis. In D. P. Lopresti, J. Hu, & R. S. Kashi (Eds.), Document Analysis Systems V, 5th International Workshop, DAS 2002, Princeton, NJ, USA, August 19–21, 2002, Proceedings (Vol. 2423, pp. 507–518)., Lecture notes in computer science. Berlin: Springer.
Bigham, J. P., & Cavender, A. (2009). Evaluating existing audio CAPTCHAs and an interface optimized for non-visual use. In D. R. O. Jr, R. B. Arthur, K. Hinckley, M. R. Morris, S .E. Hudson, & S. Greenberg (Eds.), Proceedings of the 27th International Conference on Human Factors in Computing Systems, CHI 2009, Boston, MA, USA, April 4–9, 2009 (pp. 1829–1838). ACM.
Bock, K., Patel, D., Hughey, G., & Levin, D. (2017). unCaptcha: A low-resource defeat of reCaptcha’s audio challenge. In W. Enck & C. Mulliner (Eds.), 11th USENIX Workshop on Offensive Technologies, WOOT 2017, Vancouver, BC, Canada, August 14–15, 2017. USENIX Association.
Bursztein, E. How we broke the nucaptcha video scheme and what we propose to fix it. https://www.elie.net/blog/security/how-we-broke-the-nucaptcha-video-scheme-and-what-we-propose-to-fix-it
Bursztein, E., Aigrain, J., Moscicki, A., & Mitchell, J. C. (2014). The end is nigh: Generic solving of text-based captchas. In S. Bratus & F. F. X. Lindner (Eds.), 8th USENIX Workshop on Offensive Technologies, WOOT ’14, San Diego, CA, USA, August 19, 2014. USENIX Association.
Bursztein, E., Beauxis, R., Paskov, H. S., Perito, D., Fabry, C., & Mitchell, J. C. (2011). The failure of noise-based non-continuous audio captchas. In 32nd IEEE Symposium on Security and Privacy, S&P 2011, 22–25 May 2011, Berkeley, California, USA (pp. 19–31). IEEE Computer Society.
Bursztein, E., & Bethard, S. (2009). Decaptcha: Breaking 75% of eBay audio CAPTCHAs. In Proceedings of the 3rd USENIX Conference on Offensive Technologies, WOOT’09, pp. 8–8, Berkeley, CA, USA, 2009. USENIX Association.
Bursztein, E., Bethard, S., Fabry, C., Mitchell, J. C., & Jurafsky, D. (2010). How good are humans at solving captchas? A large scale evaluation. In 31st IEEE Symposium on Security and Privacy, S&P 2010, 16-19 May 2010, Berleley/Oakland, California, USA (pp. 399–413). IEEE Computer Society.
Bursztein, E., Martin, M., & Mitchell, J. C. (2011). Text-based CAPTCHA strengths and weaknesses. In Y. Chen, G. Danezis, & V. Shmatikov (Eds.), Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, Chicago, Illinois, USA, October 17–21, 2011 (pp. 125–138). ACM.
C. M. University. The official CAPTCHA site. https://www.captcha.net/
Chaudhari, S. K., Deshpande, A. R., Bendale, S. B., & Kotian, R. V. (2011). 3D drag-n-drop CAPTCHA enhanced security through CAPTCHA. In Proceedings of the International Conference and Workshop on Emerging Trends in Technology, ICWET ’11, pp. 598–601, New York, NY, USA, 2011. ACM.
Chellapilla, K., Larson, K., Simard, P. Y., & Czerwinski, M. (2005). Building segmentation based human-friendly human interaction proofs (HIPs). In H. S. Baird & D. P. Lopresti (Eds.), Human Interactive Proofs, Second International Workshop, HIP 2005, Bethlehem, PA, USA, May 19–20, 2005, Proceedings (Vol. 3517, pp. 1–26)., Lecture notes in computer science. Berlin: Springer.
Chellapilla, K., Larson, K., Simard, P. Y. & Czerwinski, M. (2005). Computers beat humans at single character recognition in reading based human interaction proofs (HIPs). In CEAS 2005 - Second Conference on Email and Anti-Spam, July 21–22, 2005, Stanford University, California, USA.
Chellapilla, K., Larson, K., Simard, P. Y., & Czerwinski, M. (2005). Designing human friendly human interaction proofs (HIPs). In G. C. van der Veer & C. Gale (Eds.), Proceedings of the 2005 Conference on Human Factors in Computing Systems, CHI 2005, Portland, Oregon, USA, April 2–7, 2005 (pp. 711–720). ACM.
Chellapilla, K., & Simard, P. Y. (2004). Using machine learning to break visual human interaction proofs (HIPs). In Advances in Neural Information Processing Systems 17 [Neural Information Processing Systems, NIPS 2004, December 13–18, 2004, Vancouver, British Columbia, Canada] (pp. 265–272).
Chew. M., & Baird, H. S. (2003). BaffleText: a human interactive proof. In T. Kanungo, E. H. B. Smith, J. Hu, & P. B. Kantor (Eds.), Document Recognition and Retrieval X, Santa Clara, California, USA, January 22–23, 2003, Proceedings, (Vol. 5010, pp. 305–316)., SPIE.
Chew, M., & Tygar, J. D. (2004). Image recognition CAPTCHAs. In K. Zhang & Y. Zheng (Eds.), Information Security, 7th International Conference, ISC 2004, Palo Alto, CA, USA, September 27–29, 2004, Proceedings (Vol. 3225, pp. 268–279)., Lecture notes in computer science. Berlin: Springer.
Chow, R., Golle, P., Jakobsson, M., Wang, L., & Wang, X. (2008). Making CAPTCHAs clickable. In M. Spasojevic & M. D. Corner (Eds.), Proceedings of the 9th Workshop on Mobile Computing Systems and Applications, HotMobile 2008, Napa Valley, California, USA, February 25–26, 2008 (pp. 91–94). ACM.
Chow, Y., & Susilo, W. (2011). AniCAP: An animated 3D CAPTCHA scheme based on motion parallax. In D. Lin, G. Tsudik, & X. Wang (Eds.), Cryptology and Network Security - 10th International Conference, CANS 2011, Sanya, China, December 10–12, 2011. Proceedings (Vol. 7092, pp. 255–271)., Lecture notes in computer science. Berlin: Springer.
Chow, Y., Susilo, W., & Zhou, H. (2010). CAPTCHA challenges for massively multiplayer online games: Mini-game CAPTCHAs. In A. Sourin & O. Sourina (Eds.), 2010 International Conference on CyberWorlds, Singapore, October 20–22, 2010 (pp. 254–261). IEEE Computer Society.
Cruz-Perez, C., Starostenko, O., Uceda-Ponga, F., Aquino, V. A., & Reyes-Cabrera, L. (2012). Breaking reCAPTCHAs with unpredictable collapse: Heuristic character segmentation and recognition. In J. A. Carrasco-Ochoa, J. F. M. Trinidad, J. A. Olvera-López, & K. L. Boyer (Eds.), Pattern Recognition - 4th Mexican Conference, MCPR 2012, Huatulco, Mexico, June 27–30, 2012. Proceedings (Vol. 7329, pp. 155–165)., Lecture notes in computer science. Berlin: Springer.
Cui, J. S., Mei, J. T., Zhang, W. Z., Wang, X., & Zhang, D. (2010). A CAPTCHA implementation based on moving objects recognition problem. In 2010 International Conference on E-Business and E-Government (pp. 1277–1280).
Datta, R., Li, J., & Wang, J. Z. (2005). IMAGINATION: A robust image-based CAPTCHA generation system. In H. Zhang, T. Chua, R. Steinmetz, M. S. Kankanhalli, & L. Wilcox (Eds.), Proceedings of the 13th ACM International Conference on Multimedia, Singapore, November 6–11, 2005 (pp. 331–334). ACM.
Egele, M., Bilge, L., Kirda, E., & Kruegel, C. (2010). CAPTCHA smuggling: Hijacking web browsing sessions to create CAPTCHA farms. In S. Y. Shin, S. Ossowski, M. Schumacher, M. J. Palakal, & C. Hung (Eds.), Proceedings of the 2010 ACM Symposium on Applied Computing (SAC), Sierre, Switzerland, March 22–26, 2010 (pp. 1865–1870). ACM.
Elson, J., Douceur, J. R., Howell, J., & Saul, J. (2007). Asirra: A CAPTCHA that exploits interest-aligned manual image categorization. In P. Ning, S. D. C. di Vimercati, & P. F. Syverson (Eds.), Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, Alexandria, Virginia, USA, October 28–31, 2007 (pp. 366–374). ACM.
Fischer, I., & Herfet, T. (2006). Visual CAPTCHAs for document authentication. In 8th IEEE International Workshop on Multimedia Signal Processing (MMSP 2006) (pp. 471–474).
Gao, H., Tang, M., Liu, Y., Zhang, P., & Liu, X. (2017). Research on the security of Microsoft’s two-layer captcha. IEEE Transactions Information Forensics and Security, 12(7), 1671–1685.
Gao, H., Wang, W., Qi, J., Wang, X., Liu, X., & Yan, J. (2013). The robustness of hollow captchas. In A. Sadeghi, V. D. Gligor, & M. Yung (Eds.), 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS’13, Berlin, Germany, November 4–8, 2013 (pp. 1075–1086). ACM.
Gao, H., Yan, J., Cao, F., Zhang, Z., Lei, L., Tang, M., Zhang, P., Zhou, X., Wang, X., & Li, J. (2016). A simple generic attack on text captchas. In 23nd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, February 21–24, 2016. The Internet Society.
Geman, S., & Geman, D. (1984). Stochastic relaxation, Gibbs distributions, and the Bayesian restoration of images. IEEE Transactions on Pattern Analysis and Machine Intelligence, 6, 721–741.
Golle, P. (2008). Machine learning attacks against the Asirra CAPTCHA. In P. Ning, P. F. Syverson, & S. Jha (Eds.), Proceedings of the 2008 ACM Conference on Computer and Communications Security, CCS 2008, Alexandria, Virginia, USA, October 27–31, 2008 (pp. 535–542). ACM.
Google Inc. Google Image Search. https://images.google.com/
Gossweiler, R., Kamvar, M., & Baluja, S. (2009). What’s up CAPTCHA?: A CAPTCHA based on image orientation. In J. Quemada, G. León, Y. S. Maarek, & W. Nejdl, (Eds.), Proceedings of the 18th International Conference on World Wide Web, WWW 2009, Madrid, Spain, April 20–24, 2009 (pp. 841–850). ACM.
Goswami, G., Powell, B. M., Vatsa, M., Singh, R., & Noore, A. (2014). FaceDCAPTCHA: Face detection based color image CAPTCHA. Future Generation Computer Systems, 31, 59–68.
Hernández-Castro, C. J., Moreno, M. D. R.-, Barrero, D. F., Gibson, S., & FunCAPTCHA case analysis. (2017). Using machine learning to identify common flaws in CAPTCHA design. Computers and Security, 70, 744–756.
Hernández-Castro, C. J., & Ribagorda, A. (2010). Pitfalls in CAPTCHA design and implementation: The math CAPTCHA, a case study. Computers and Security, 29(1), 141–157.
Hoque, M. E., Russomanno, D. J., & Yeasin, M. (2006). 2D captchas from 3D models. Proceedings of the IEEE SoutheastCon, 2006, 165–170.
Huang, S., Lee, Y., Bell, G., & Ou, Z. (2010). An efficient segmentation algorithm for CAPTCHAs with line cluttering and character warping. Multimedia Tools Applications, 48(2), 267–289.
Imsamai, M., & Phimoltares, S. (2010). 3D CAPTCHA: A next generation of the CAPTCHA. In Proceedings of the International Conference on Information Science and Applications (ICISA 2010), Seoul, South Korea, 21-23 April, 2010 (pp. 1–8). IEEE Computer Society.
Kim, J., Chung, W., & Cho, H. (2010). A new image-based CAPTCHA using the orientation of the polygonally cropped sub-images. The Visual Computer, 26(6–8), 1135–1143.
Kluever, K. A., & Zanibbi, R. (2009). Balancing usability and security in a video CAPTCHA. In L. F. Cranor (Ed.), Proceedings of the 5th Symposium on Usable Privacy and Security, SOUPS 2009, Mountain View, California, USA, July 15–17, 2009. ACM: ACM International Conference Proceeding Series.
Kochanski, G., Lopresti, D. P., & Shih, C. (2002). A reverse turing test using speech. In J. H. L. Hansen&B. L. Pellom (Eds.), 7th International Conference on Spoken Language Processing, ICSLP2002 - INTERSPEECH 2002, Denver, Colorado, USA, September 16–20, 2002. ISCA.
Li, S., Shah, S. A. H., Khan, M. A. U., Khayam, S. A., Sadeghi, A., & Schmitz, R. (2010). Breaking e-banking captchas. In C. Gates, M. Franz, & J. P. McDermott (Eds.), Twenty-Sixth Annual Computer Security Applications Conference, ACSAC 2010, Austin, Texas, USA, 6–10 December 2010 (pp. 171–180). ACM.
Lillibridge, M., Abadi, M., Bharat, K., & Broder, A. (2001). Method for selectively restricting access to computer systems, Feb. 27 2001. US Patent 6,195,698.
Macias, C. R., & Izquierdo, E. (2009). Visual word-based captcha using 3d characters. In 3rd International Conference on Imaging for Crime Detection and Prevention (ICDP 2009) (pp. 1–5).
Mitra, N. J., Chu, H., Lee, T., Wolf, L., Yeshurun, H., & Cohen-Or, D. (2009). Emerging images. ACM Transactions on Graphics, 28(5), 163:1–163:8.
Mohamed, M., Gao, S., Sachdeva, N., Saxena, N., Zhang, C., Kumaraguru, P., et al. (2017). On the security and usability of dynamic cognitive game CAPTCHAs. Journal of Computer Security, 25(3), 205–230.
Mohamed, M., Sachdeva, N., Georgescu, M., Gao, S., Saxena, N., Zhang, C. et al. (2014). A three-way investigation of a game-captcha: automated attacks, relay attacks and usability. In S. Moriai, T. Jaeger, & K. Sakurai (Eds.), 9th ACM Symposium on Information, Computer and Communications Security, ASIA CCS ’14, Kyoto, Japan - June 03–06, 2014 (pp. 195–206). ACM.
Mori, G., & Malik, J. (2003). Recognizing objects in adversarial clutter: Breaking a visual CAPTCHA. In 2003 IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR 2003), 16–22 June 2003, Madison, WI, USA (pp. 134–144). IEEE Computer Society.
Motoyama, M., Levchenko, K., Kanich, C., McCoy, D., Voelker, G. M., & Savage, S. (2010). Re: CAPTCHAs-understanding CAPTCHA-solving services in an economic context. In 19th USENIX Security Symposium, Washington, DC, USA, August 11–13, 2010, Proceedings (pp. 435–462). USENIX Association
Moy, G., Jones, N., Harkless, C., & Potter, R. (2004). Distortion estimation techniques in solving visual captchas. In 2004 IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR 2004), with CD-ROM, 27 June–2 July 2004, Washington, DC, USA (pp. 23–28). IEEE Computer Society.
Naor, M. (1996). Verification of a Human in the Loop or Identification via the Turing Test. http://www.wisdom.weizmann.ac.il/~naor/PAPERS/human.pdf
Naumann, A. B., Franke, T., & Bauckhage, C. (2009). Investigating CAPTCHAs based on visual phenomena. In T. Gross, J. Gulliksen, P. Kotzé, L. Oestreicher, P. A. Palanque, R. O. Prates, & M. Winckler (Eds.), Human-Computer Interaction - INTERACT 2009, 12th IFIP TC 13 International Conference, Uppsala, Sweden, August 24–28, 2009, Proceedings, Part II, (Vol. 5727, pp. 745–748)., Lecture notes in computer science. Berlin: Springer.
Nguyen, V. D., Chow, Y., & Susilo, W. (2012). Attacking animated CAPTCHAs via character extraction. In J. Pieprzyk, A. Sadeghi, & M. Manulis (Eds.), Cryptology and Network Security, 11th International Conference, CANS 2012, Darmstadt, Germany, December 12–14, 2012. Proceedings (Vol. 7712, pp. 98–113). Berlin: Springer.
Nguyen, V. D., Chow, Y., & Susilo, W. (2012). Breaking an animated CAPTCHA scheme. In F. Bao, P. Samarati, & J. Zhou (Eds.), Applied Cryptography and Network Security - 10th International Conference, ACNS 2012, Singapore, June 26–29, 2012. Proceedings (Vol. 7341, pp. 12–29)., Lecture notes in computer science. Berlin: Springer.
Nguyen, V. D., Chow, Y., & Susilo, W. (2014). A CAPTCHA scheme based on the identification of character locations. In X. Huang & J. Zhou (Eds.), Information Security Practice and Experience - 10th International Conference, ISPEC 2014, Fuzhou, China, May 5–8, 2014. Proceedings (Vol. 8434, pp. 60–74)., Lecture notes in computer science. Berlin: Springer.
Nguyen, V. D., Chow, Y., & Susilo, W. (2014). On the security of text-based 3D CAPTCHAs. Computers and Security, 45, 84–99.
NuCaptcha Inc. NuCaptcha. http://www.nucaptcha.com/
Petfinder. Petfinder. https://www.petfinder.com/
Polakis, I., Ilia, P., Maggi, F., Lancini, M., Kontaxis, G., Zanero, S., Ioannidis, S., & Keromytis, A. D. (2014). Faces in the distorting mirror: Revisiting photo-based social authentication. In G. Ahn, M. Yung, & N. Li (Eds.), Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, November 3–7, 2014 (pp. 501–512). ACM.
Polakis, I., Lancini, M., Kontaxis, G., Maggi, F., Ioannidis, S., Keromytis, A. D., & Zanero, S. (2012). All your face are belong to us: Breaking Facebook’s social authentication. In R. H. Zakon (Ed.), 28th Annual Computer Security Applications Conference, ACSAC 2012, Orlando, FL, USA, 3–7 December 2012 (pp. 399–408). ACM.
Ross, S. A., Halderman, J. A., & Finkelstein, A. (2010). Sketcha: A captcha based on line drawings of 3D models. In M. Rappa, P. Jones, J. Freire, & S. Chakrabarti (Eds.), Proceedings of the 19th International Conference on World Wide Web, WWW 2010, Raleigh, North Carolina, USA, April 26–30, 2010 (pp. 821–830). ACM.
Rui, Y., & Liu, Z. (2004). ARTiFACIAL: Automated reverse Turing test using FACIAL features. Multimedia System, 9(6), 493–502.
Sano, S., Otsuka, T., Itoyama, K., & Okuno, H. G. (2015). HMM-based attacks on Google’s ReCAPTCHA with continuous visual and audio symbols. JIP, 23(6), 814–826.
Sivakorn, S., Polakis, I., & Keromytis, A. D. (2016). I am robot: (deep) learning to break semantic image CAPTCHAs. In IEEE European Symposium on Security and Privacy, EuroS&P 2016, Saarbrücken, Germany, March 21–24, 2016 (pp. 388–403). IEEE.
Solanki, S., Krishnan, G., Sampath, V., & Polakis, J. (2017). In (cyber)space bots can hear you speak: Breaking audio CAPTCHAs using OTS speech recognition. In B. M. Thuraisingham, B. Biggio, D. M. Freeman, B. Miller, & A. Sinha (Eds.), Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, AISec@CCS 2017, Dallas, TX, USA, November 3, 2017. ACM.
Soupionis, Y., & Gritzalis, D. (2010). Audio CAPTCHA: Existing solutions assessment and a new implementation for VoIP telephony. Computers and Security, 29(5), 603–618.
Starostenko, O., Cruz-Perez, C., Uceda-Ponga, F., & Aquino, V. A. (2015). Breaking text-based captchas with variable word and character orientation. Pattern Recognition, 48(4), 1101–1112.
Susilo, W., Chow, Y., & Zhou, H. (2010). STE3D-CAP: stereoscopic 3D CAPTCHA. In S. Heng, R. N. Wright, & B. Goi (Eds.), Cryptology and Network Security - 9th International Conference, CANS 2010, Kuala Lumpur, Malaysia, December 12–14, 2010. Proceedings (Vol. 6467, pp. 221–240)., Lecture notes in computer science. Berlin: Springer.
Tam, J., Simsa, J., Hyde, S., & von Ahn, L. (2008). Breaking audio CAPTCHAs. In D. Koller, D. Schuurmans, Y. Bengio, & L. Bottou (Eds.), Advances in Neural Information Processing Systems 21, Proceedings of the Twenty-Second Annual Conference on Neural Information Processing Systems, Vancouver, British Columbia, Canada, December 8–11, 2008 (pp. 1625–1632). Curran Associates, Inc.
Turing, A. (1950). Computing machinery and intelligence. Mind, 59(236), 433–460.
von Ahn, L., Blum, M., Hopper, N. J., & Langford, J. (2003). CAPTCHA: Using hard AI problems for security. In E. Biham (Ed.), Advances in Cryptology - EUROCRYPT 2003, International Conference on the Theory and Applications of Cryptographic Techniques, Warsaw, Poland, May 4–8, 2003, Proceedings (Vol. 2656, pp. 294–311)., Lecture notes in computer science. Berlin: Springer.
von Ahn, L., & Dabbish, L. (2004). Labeling images with a computer game. In E. Dykstra-Erickson & M. Tscheligi (Eds.), Proceedings of the 2004 Conference on Human Factors in Computing Systems, CHI 2004, Vienna, Austria, April 24–29, 2004 (pp. 319–326). ACM.
von Ahn, L., Maurer, B., McMillen, C., Abraham, D., & Blum, M. (2008). reCAPTCHA: Human-based character recognition via web security measures. Science, 321(5895), 1465–1468.
Wang, S. -Y., Baird, H. S., & Bentley, J. L. (2006). Captcha challenge tradeoffs: Familiarity of strings versus degradation of images. In 18th International Conference on Pattern Recognition (ICPR’06) (Vol. 3, pp. 164–167).
Xu, Y., Reynaga, G., Chiasson, S., Frahm, J., Monrose, F., & van Oorschot, P. C. (2014). Security analysis and related usability of motion-based captchas: Decoding codewords in motion. IEEE Transactions on Dependable and Secure Computing, 11(5), 480–493.
Yan, J., & Ahmad, A. S. E. (2007). Breaking visual captchas with naive pattern recognition algorithms. In 23rd Annual Computer Security Applications Conference (ACSAC 2007), December 10–14, 2007, Miami Beach, Florida, USA (pp. 279–291). IEEE Computer Society.
Yan, J., & Ahmad, A. S. E. (2008). A low-cost attack on a Microsoft captcha. In P. Ning, P. F. Syverson, & S. Jha (Eds.), Proceedings of the 2008 ACM Conference on Computer and Communications Security, CCS 2008, Alexandria, Virginia, USA, October 27–31, 2008 (pp. 543–554). ACM.
Yan, J., & Ahmad, A. S. E. (2008). Usability of captchas or usability issues in CAPTCHA design. In L. F. Cranor (Ed.), Proceedings of the 4th Symposium on Usable Privacy and Security, SOUPS 2008, Pittsburgh, Pennsylvania, USA, July 23–25, 2008 (pp. 44–52). ACM: ACM International Conference Proceeding Series.
Yardi, S., Feamster, N., & Bruckman, A. (2008). Photo-based authentication using social networks. In C. Faloutsos, T. Karagiannis, & P. Rodriguez (Eds.), Proceedings of the first Workshop on Online Social Networks, WOSN 2008, Seattle, WA, USA, August 17–22, 2008 (pp. 55–60). ACM.
Ye, Q., Chen, Y., & Zhu, B. (2014). The robustness of a new 3D CAPTCHA. In J. Ramel, M. Liwicki, J. Ogier, K. Kise, & R. Smith (Eds.), 11th IAPR International Workshop on Document Analysis Systems, DAS 2014, Tours, France, April 7–10, 2014 (pp. 319–323). IEEE Computer Society.
Zhu, B. B., Yan, J., Bao, G., Yang, M., & Xu, N. (2014). Captcha as graphical passwords - a new security primitive based on hard AI problems. IEEE Transactions on Information Forensics and Security, 9(6), 891–904.
Zhu, B. B., Yan, J., Li, Q., Yang, C., Liu, J., Xu, N., Yi, M., & Cai, K. (2010). Attacks and design of image recognition CAPTCHAs. In E. Al-Shaer, A. D. Keromytis, & V. Shmatikov (Eds.), Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, October 4–8, 2010 (pp. 187–200). ACM.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this chapter
Cite this chapter
Chow, YW., Susilo, W., Thorncharoensri, P. (2019). CAPTCHA Design and Security Issues. In: Li, KC., Chen, X., Susilo, W. (eds) Advances in Cyber Security: Principles, Techniques, and Applications. Springer, Singapore. https://doi.org/10.1007/978-981-13-1483-4_4
Download citation
DOI: https://doi.org/10.1007/978-981-13-1483-4_4
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-1482-7
Online ISBN: 978-981-13-1483-4
eBook Packages: Computer ScienceComputer Science (R0)