Analysis of tagging variants of Sequenced Tagged Captcha (STC)

CAPTCHAs, a form of Human Interactive Proof (HIP), are means of enforcing security on web systems. The resources of these web systems are misused by automated ‘bot’ programs which indulge in spamming and other unscrupulous activities. The objective of a CAPTCHA is to successfully identify and allow access to human users as against to these bots. To defeat all currently known CAPTCHA breaking techniques, the STC scheme was proposed. In this paper, we expand the STC scheme by identifying its variants based on the nature of ‘Tagging’. These variations occur in Tagging of characters and/or numbers in the CAPTCHA image. An in-depth analysis based on Readability and Security of the variant schemes is performed and concluded with a comparative result.

[1]  J. Doug Tygar,et al.  Image Recognition CAPTCHAs , 2004, ISC.

[2]  Jeff Yan,et al.  Breaking Visual CAPTCHAs with Naive Pattern Recognition Algorithms , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[3]  Jeff Yan,et al.  A low-cost attack on a Microsoft captcha , 2008, CCS.

[4]  Ashish Jain,et al.  Sequenced Tagged Captcha: Generation and its Analysis , 2009, 2009 IEEE International Advance Computing Conference.

[5]  Jitendra Malik,et al.  Recognizing objects in adversarial clutter: breaking a visual CAPTCHA , 2003, 2003 IEEE Computer Society Conference on Computer Vision and Pattern Recognition, 2003. Proceedings..

[6]  Patrice Y. Simard,et al.  Using Machine Learning to Break Visual Human Interaction Proofs (HIPs) , 2004, NIPS.

[7]  Ashish Jain,et al.  Overlapping variants of sequenced tagged captcha (STC): Generation and their comparative analysis , 2009, 2009 First International Conference on Networked Digital Technologies.

[8]  Mikko T. Siponen,et al.  Effective Anti-Spam Strategies in Companies: An International Study , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).

[9]  J. Doug Tygar,et al.  Phish and HIPs: Human Interactive Proofs to Detect Phishing Attacks , 2005, HIP.