Symmetric Frame Cracking: A Powerful Dynamic Textual CAPTCHAs Cracking Policy
暂无分享,去创建一个
In this work, we analyze the vulnerability of the dynamic textual CAPTCHA (http://fexteam.gz01.bdysite.com/blog/2014/07/captcha-gif/.) and propose a new method to automatically identify the CAPTCHA, which is based on Basic Vector Space Search Engine (BVSSE) and Convolutional Neural Network (CNN). Specifically, by exploiting the specific “Symmetric Frame Vulnerability”, we can remove most of the noise, therefore greatly reducing the difficulty of cracking. In the process of cracking, we first use the BVSSE to identify the CAPTCHA . The method is simple and fast, but there are problems such as a low recognition rate. Then we choose the CNN to identify the CAPTCHA, and finally get a recognition rate of 99.98% with the average speed of 0.092 s/gif. To have a deeper understanding of the internal recognition process, we visualize the intermediate output of the CNN model. In general, by comparing the two identification methods and visualizing the model, the entire recognition process becomes easier to understand. Based on the above experimental results and analyses, we finally summarize a new and general CAPTCHA attack method and discuss the security of the dynamic textual CAPTCHA .
[1] John Langford,et al. CAPTCHA: Using Hard AI Problems for Security , 2003, EUROCRYPT.
[2] Ting Wang,et al. Towards Evaluating the Security of Real-World Deployed Image CAPTCHAs , 2018, AISec@CCS.
[3] Jyoti,et al. Security Enhancement in Captcha Recognition using Animated GIF Images , 2016 .
[4] Yang-Wai Chow,et al. Breaking an Animated CAPTCHA Scheme , 2012, ACNS.