Human computation Gesture CAPTCHA Jaehoon Kim Committees : Eamonn Keogh, Stefano Lonardi.

Slides:

Advertisements

Similar presentations

Communication Transferring information from one person to another. Communication is used to instruct, clarify interpret, notify, warn, receive feedback,

Advertisements

Advertising with Face Book Guadalupe Perez III October 12, 2010 EDTC 3332 Instructional Technology Practicum.

Marisco Medical Practice Annual Patient Questionnaire 2012.

Protecting children online  How can you protect your child online?  Are you aware of the dangers?  Do you know what you can put in place to protect.

Twitter – what is it? The School District of Haverford Township |

Internet Safety May 2014 – KS3 AIMS  To find out what you know about staying safe online  To improve on your knowledge on internet safety  To be clear.

Internet Online Safety How to have FUN and Stay in Control.

? What is Computer Science and what can you do with it.

Nummenmaa & Thanish: Practical Distributed Commit in Modern Environments PDCS’01 PRACTICAL DISTRIBUTED COMMIT IN MODERN ENVIRONMENTS by Jyrki Nummenmaa.

The popularity of the social networks. The most popular social networks.

1 The Path to the Ph.D. in IS: Part 4, The Dissertation.

Electoral Strategy Memo Project President Obama. Purpose: The purpose of this memo is to assist President Obama in his upcoming election to run for President.

User studies. Why user studies? How do we know security and privacy solutions are really usable? Have to observe users! –you may be surprised by what.

CAPTCHA Prabhakar Verma “08MC30”.

Human Computation CSC4170 Web Intelligence and Social Computing Tutorial 7 Tutor: Tom Chao Zhou

1 Securing Passwords Against Dictionary Attacks Base on an article by Benny Pinkas & Tomas Sander 2002 Presented by Tomer Conforti.

Basics: Getting Started Uploading and Sharing Videos on YouTube. Basics: Getting Started Uploading and Sharing Videos on YouTube. 1.

Census Data Capture Challenge Intelligent Document Capture Solution UNSD Workshop - Minsk Dec 2008 Amir Angel Director of Government Projects.

PROFESSIONAL OUTSOURCED CUSTOMER SUPPORT On your website at affordable price. EU & America– Save up to 30% on your current customer support based Agents.

TEST ANXIETY Techniques for Recognition and Reduction Hannah Yohn, M.S.

WRITING EFFECTIVE S. Before writing the Make a plan! Think about the purpose of the Think about the person who will read the and.

Online Registration Software A Robust, High Quality Web Based Solution that Streamlines your Organization! (612) (866)

Dengktof Lpesnamtim Trogmdsxz Cemgopf Mencap logo.

I have attached a file to this by selecting the paperclip on the bottom of the page.

Campus Internship Assistance System Requirement Business Process Involve Phase by Phase Strategy.

Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.

Testing and Cost / Benefit Tor Stålhane. Why cost / benefit – 1 For most “real” software systems, the number of possible inputs is large. Thus, we can.

Information guide.

Welcome to the wonderful world of……. . A Quick & Easy Guide.  What IS ?  A quick, easy and convenient way to send a letter to friends, family.

Mobile search engine for a smart phone / navigation system can be used to search and compare hundreds of stores and their products in seconds. © 2001 –

Social Implications of ICT HIGHER INFORMATION SYSTEMS.

Payment Automation Network, Inc. Click your mouse to continue. Press to quit

Plan My Move & MilitaryINSTALLATIONS May, 2008 Relocation Personnel Roles and Responsibilities MC&FP.

Lecture 5: Using Computers: Important Ideas Tonga Institute of Higher Education IT 141: Information Systems.

© 2003 Everett Public Schools Information Systems and Technology Department Getting Started with FirstClass October 10, 2015.

Santa’s s By Brandon. Sending an attachment to Santa I attached the by pressing the attachment button above the recipient box I used.

Basics By Bhupendra Ratha, Lecturer School of Library and Information Science Devi Ahilya University, Indore

Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.

How to use ? By Martyna Haliniak. How to log on? In order to log on, you have to type in your username & password in the text boxes, and then click.

Data Mining Algorithms for Large-Scale Distributed Systems Presenter: Ran Wolff Joint work with Assaf Schuster 2003.

How to Use Facebook This guide will help you navigate around the social networking site, Facebook.

Mtivity Client Support System Quick start guide. Mtivity Client Support System We are very pleased to announce the launch of a new Client Support System.

Securing Passwords Against Dictionary Attacks Presented By Chad Frommeyer.

Lecture 18 Page 1 CS 111 Online OS Use of Access Control Operating systems often use both ACLs and capabilities – Sometimes for the same resource E.g.,

MXit is a mobile application that allows people to chat to their friends at a much cheaper rate than normal text messages. You can contact anyone anywhere.

CAREER BALTAZAR PATINO Computer science Information technology September 12, 2013.

The problem that needs to be solved is if a computer career is for me.

Mutual Exclusion Algorithms. Topics r Defining mutual exclusion r A centralized approach r A distributed approach r An approach assuming an organization.

By: Steven Baker.  What is a CAPTCHA?  History of CAPTCHA  Applications of CAPTCHAs  Accessibility  Examples of CAPTCHAs  reCAPTCHA  Vulnerabilities.

Donor's Choose Starter Instructions by Neely Swygert Teacher-Librarian Gadsden Elementary.

Chapter 10 Voting and Elections. Qualifications of Voting 18 years old a US citizen Registered to vote Resident of voting district.

Building Careers, Building Confidence LM10594 Designed by Learning Materials.

How to fix Error code 0x80072ee2 in Windows 8.1? Fix%20%20Update%20Error%200x80072EE2%20in%20Windows%20 8.1,%20Windows%2010!%20-%20Fix%20PC%20Errors.htm.

Usability of CAPTCHAs Or usability issues in CAPTCHA design Authors: Jeff Yan and Ahmad Salah El Ahmad Presented By: Kim Giglia CSC /19/2008.

AN INTRODUCTION TO FACEBOOK. Learning Objectives A brief introduction to the social networking site Facebook. Instructions to create an account. How to.

Downloading and Installing GRASP-AF Workshop Ian Robson Information Analyst, North of England Cardiovascular Network.

Copyright © SkyeyTech, Inc. CRMdesk Power and elegance.

Billy Vivian Dr. Oblitey COSC  What is CAPTCHA?  History  Uses  Artificial Intelligence Relationship  reCAPTCHA  Works Cited.

Cyber security. Malicious Code Social Engineering Detect and prevent.

Challenge/Response Authentication

SECURE MESSAGING Our MU2 Nemesis.

Gosbecks E-Safety Guide

3.6 Fundamentals of cyber security

Password Management Limit login attempts Encrypt your passwords

Evaluation of Research Methods

How to use By Zainab Muman

Setting up an online account

A novel probabilistic language-based CAPTCHA system

Blackboard Committee 2017 Bb Training Program

Presentation transcript:

Human computation Gesture CAPTCHA Jaehoon Kim Committees : Eamonn Keogh, Stefano Lonardi.

Motivation There exists a spectrum of resources. People may be willing to spend from a few seconds up to hours to obtain it. The resources that need to be physically checked by the user having to go somewhere (Expensive)

HUMAN COMPUTATION ON A COMMON NETWORK

Example1: Car tinting violation Assume, your car windows are too dark, a Police officer warn you. The officer said “At least, I want to recognize people’s faces inside of your car.” Now, you need to remove tinting and visit police station on a certain day. Visiting police station may take several hours.

Simple Photo System for Car tinting violation. Take your tinting removed car pictures and send it to the police photo system. This is a very simple example of Human computation. A officer has to judge photos. It is difficult job as image processing. It is simple, but highly confidence system. You need few minutes. What if violators(users) are 1,000 or 10,000…

Example2: Network voting System Assume, there are a lot of users. Each user gets a choice and selects one answer on the voting system. Finally, the system shows the statistic result of the total vote.

The sever counts yours selection. The System does not need human computation because a server automatically counts each user’s choice. A lot of voters A Typical Network System

Existence of Black Sheep A naive server. It cannot recognize who are the White or Black sheep. Often, network Systems have Black Sheep users. Black sheep

Who are Black sheep? People who do not want to follow the Network system rules. First, commercial hackers. If they penetrate The Network system, they are able to get enough benefit. e.g.) Password hackers and Advertisement broadcasters. Second, fabricators who want to archive a certain voting result. e.g.) Assume there is a TV show voting network system. Someone may be capable of fabricating voting results by multiple voting. They may vote 1,000 or 10,000 times for a certain candidate.

How do Black sheep attack They commonly use Robot programs. Robots Robots are not special Artificial intelligence programs. They are extremely diligent and capable of attacking multiple times within a short period endlessly. For each attack, robots can cost money or time. The costs are relatively cheaper than a resource on online.

Why do Back sheep use Robots? Because the cost for one system penetration is cheaper than the wealth of resource on the system. Even if a Robot has to try a million times to successfully penetrate the system just once, if the resource is worth persisting, then it will continue to attack. Cost of onepenetration Value of a resource Good Cost for Black Sheep Too expensive for Back Sheep Profit horizon each penetration A Robot need 1$ for a attack The Robot penetrate once after 10 attacks. Cost of one penetration is 10$ Value of one penetration.

How to make penetrations expensive Make robots spend more time or money on attacks penetrations. Servers have to successfully judge whether user is a human or a Robot. An ideal server would judge correctly 100% of the time, thus a Robot could never penetrate the system. Cost of onepenetration Value of a resource Good Cost for Black Sheep Too expensive for Back Sheep Profit horizon Too expensive for Back Sheep

Cost of onepenetration Value of a resource Good Cost for Black Sheep Too expensive for Back Sheep Cost of onepenetration Value of a resource Good Cost for Black Sheep If A server judge correctly 50% of the time. If A server does not have a judgment function.

Our Aim Cost of onepenetration Value of a resource Good Cost for Black Sheep Too expensive for Back Sheep A Practically possible judgment server. The more a robot attacks, the more money is lost.

COMPLETELY AUTOMATED PUBLIC TURING TEST TO TELL COMPUTERS AND HUMANS APART CAPTCHA

CAPTCHA Example1 Simple Question CAPTCHA. “What is the biggest country in the world.” “What is the first month of the year.” “When do you go to church?” ……….. This system expects that robots do not have general knowledge but people do, and that robots cannot understand English grammar.

Positive Very simple. Negative Updated Robots collect every question from the system and respond with correct answers. Whenever the system updates new questions, the robot collects them all. * A problem is the limited number of question sources.

The system anticipates that robots cannot understand the warped words but humans do. CAPTCHA Example2

Positive Endless questions can be created. Negative Updated Robots have image analysis function. Current Robots are capable of recognizing twisted words quiet well. * Questions become easier for robots.

Recently suggested upgraded Word CAPTCHA. Twists more * Even humans cannot understand.

CAPTCHA Example3 Find a dog(s). (Object Recognition)

CAPTCHA Example4 Which picture is positive? (Emotional question) Subject : “Futures”

Positive Object and Emotion analyses are nearly impossible questions for modern robots. Negative There might be enough image sources but someone has to mine image data. Additional labor costs are required. * It can not be a completely automated system.

What is an Ideal CAPTCHA? It has endless sources. The source should be collected automatically with almost zero labor costs. Created questions must be difficult enough for modern robots but easy for humans. Most importantly, Ideal CAPTCHA must provide high rate correction. It is… Having automatically collectable cheap cost questions and providing highly correct results.

GESTURE CAPTCHA SYSTEM Project

Why did we think the Simple Photo System is highly confidential? Most importantly, we assumed the officer is not a poor judger. The Network System never lost photos

IDEA OF GESTURE CAPTCHA The System does not judge. However, users who want to pass this system have to judge each other. Users take their photos and check each other. Each user creates one CAPTCHA question. There is a tiny cost for each user but zero cost for the system * Automatically collectable zero cost questions

Assumptions for the prototype gesture CAPTCHA The valuable resource is on Mobile networks. We cannot expect most computers have a camera. We can expect most Mobile phones have a camera. Users use Android Smart phone clients. All android Smart phones at least have a camera Most humans are correct judgers.

Common CAPTCHA process I want to register What is the word It is ‘following’ Pass It can be other CAPTCHA questions

Gesture CAPTCHA process I want to register

Gesture CAPTCHA process I want to register Follow this gesture and take picture Make OK Sign

Gesture CAPTCHA process Follow this gesture and take picture Make OK Sign I want to register Click

Gesture CAPTCHA process Follow this gesture and take picture Make OK Sign Click I want to register Answer what is he doing in this Photo

Gesture CAPTCHA process Follow this gesture and take picture Make OK Sign Click I want to register Making thumb down Answer what is he doing in this Photo

Gesture CAPTCHA process Make V sign Make OK Sign Click I want to register Making thumb down I want to register Follow this gesture and take picture Click Follow this gesture and take picture Answer what is he doing in this Photo...

Gesture CAPTCHA process Make V sign Make OK Sign Click I want to register Making thumb down I want to register Follow this gesture and take picture Click Follow this gesture and take picture Answer what is he doing in this Photo... Make V Sign ≠ Make thumb Down

Gesture CAPTCHA process Make V sign Make OK Sign Click I want to register Making thumb down I want to register Follow this gesture and take picture Click Follow this gesture and take picture Answer what is he doing in this Photo Fail... Make V Sign ≠ Make thumb Down

Gesture CAPTCHA process Make V sign Make OK Sign Click I want to register Making thumb down Follow this gesture and take picture Answer what is he doing in this Photo....

Gesture CAPTCHA process Make V sign Make OK Sign Click I want to register Making thumb down Follow this gesture and take picture Answer what is he doing in this Photo.... Making OK sign

Gesture CAPTCHA process Make V sign Make OK Sign Click I want to register Making thumb down Follow this gesture and take picture Answer what is he doing in this Photo.... Making OK sign Make OK Sign = Make OK Sign

Gesture CAPTCHA process Make V sign Make OK Sign Click I want to register Making thumb down Follow this gesture and take picture Answer what is he doing in this Photo.... Making OK sign Make OK Sign = Make OK Sign Pass

A Sever and Clients model of Gesture CAPTCHA Touch your forehead.... CAPTCHA Server daemon What dose the server do ? 1.Send Gesture messages 2.Collect User Photos 3.Send User photos to judgers 4.Compare actual Gesture messages and Judger’s answer. 5. Decide ‘Pass’ or ‘Non-pass’ Make OK Sign Click

I want to register Check the CAPTCHA that server asked Understand The CAPTCHA and want to take Picture? N Y Request other CAPTCHA A user wants to register Waiting Daemon.. Send a Gesture Description. The user wants other Gesture? Y N For The Client For The Multi Thread Server FLOW CHART

Take picture. Want to send this picture? N Y Send picture. Sent well? N Y Waiting for users Photo sending… Save the photo and user info If photo is received, reply back message

Got a Question N time iteration. Y send answer Got a pass? N Y Waiting other’s evaluation….. Passed! Take a Photo from DB And make question and sends Waiting Users’ answers…. Send evaluation result. One CAPTCH Process is done Save a passed user data.

Start

Taking a photo

A question

Select one

PROBLEMS Project Gesture CAPTCHA System

A problem of HUMAN COMPUTATION Actually, he is a corrupt Cop!! What if the officer is a bad judger.

Counter Example. New Robot There is new robot which have collected all gesture questions. And prepared all right photos for questions. Smile Smiling Make a V sign Smile Touch your forehead Pinch your nose Show your palm ….. …...

Counter Example. New Robot New robot is also a bad judger The robot selects any answer. Biting a finger Make Ok sign ?

Counter Example. New Robot New robot is also a bad judger The robot selects any answer. Biting a finger Make Ok sign ? Fail An innocent user gets a fail

Counter Example. New Robot New robot is also a bad judger The robot selects any answer. Biting a finger Make Ok sign ? FailPass No mater what the judgment was, new robot gets a pass An innocent user gets a fail

MULTI QUESTIONS SYSTEM Upgraded Gesture CAPTCHA This idea from below paper : von Ahn, L., Maurer, B., McMillen, C., Abraham, D., and Blum, M. reCAPTCHA: Human-Based Character Recognition via Web Security Measures. Science. pp (2008)

Upgraded Gesture CAPTCHA Now, each user has to answer 3 questions. First question is USER CHECKER. A User needs to answer other’s gestures (same as before). Second question is JUDGE CHECKER. Server knows what the answer is. If a judge selects the wrong answer, then the system would consider the user as a ‘BAD JUDGER’. Failure’s USER CHECKER answer is not considered as judgment. Third question is STATISTICAL COLLECTOR. Users’ answers of the photo are counted. Eventually, if the system gets ‘Enough’ same answer, then it becomes, a photo for JUDGE CHECKER.

STATISTICAL COLLECTOR POOL JUDGE CHECKER POOL Process of Questions A User takes his gesture picture. USER CHECKER POOL

STATISTICAL COLLECTOR POOL USER CHECKER POOL Process of Questions Another user’s photo comes from the USER CHECKER POOL. The user answers,“He is Making a thumb up” JUDGE CHECKER POOL

STATISTICAL COLLECTOR POOL Process of Questions USER CHECKER POOL This Picture statistic - 0 : Make thumb down - 1 : Make thumb up - 0 : show your palm - 0 : make ok sign. - 0 : make One sign …… sum : 1 JUDGE CHECKER POOL

STATISTICAL COLLECTOR POOL Process of Questions USER CHECKER POOL Next question comes from JUDGE CHECKER POOL but the user does not know which question is. This Picture’s answer is - Make a thumb down The user answers,“He is Making a thumb down” Make a thumb down = Make a thumb down This User is a good judger

STATISTICAL COLLECTOR POOL Process of Questions USER CHECKER POOL Last question is from STATISTIC COLLECTION POOL This Picture statistic - 3 : Make thumb down - 2 : Make thumb up - 0 : show your palm - 5 : make ok sign : make One sign …… sum : 99 JUDGE CHECKER POOL

STATISTICAL COLLECTOR POOL Process of Questions USER CHECKER POOL Last question is from STATISTIC COLLECTION POOL The user answers,“He is Making One sign” This Picture statistic - 3 : Make thumb down - 2 : Make thumb up - 0 : show your palm - 5 : make ok sign : make One sign …… sum : 99 JUDGE CHECKER POOL

STATISTICAL COLLECTOR POOL Process of Questions USER CHECKER POOL This Picture statistic - 3 : Make thumb down - 2 : Make thumb up - 0 : show your palm - 5 : make ok sign : make One sign …… sum : 100 This Picture’s answer is - Make One Sign JUDGE CHECKER POOL

STATISTICAL COLLECTOR POOL Process of Questions USER CHECKER POOL This is a Completely Automated endless Questions Collecting System JUDGE CHECKER POOL

If a Judger Checker proves insufficient Example A Robot needs 1$ for an attack. A Judger Checker has 5 selections. Statistically, the robot can penetrate this system after attacking 5 times. 1$ X 5 times = 5$ 5$ is needed for one penetration probabilistically.

If there are two Judger Checkers Example A Robot needs 1$ for an attack. A Judger Checker has 5 selections. Number of attacks to achieve one penetration is, 5 times X 5 times = 25 times 5$ X 5$ = 25$ 25$ is needed for one penetration probabilistically.

If there are three Judger Checkers Example A Robot needs 1$ for an attack. A Judger Checker has 5 selections. Number of attacks to achieve one penetration is, 5 X 5 X 5 = 125 times 5$ X 5$ 5$ = 125$ 125$ is needed for one penetration probabilistically.

Exponential graph: How many JUDGE CHEKER are needed Cost for one penetration. 0% Number of JUDGE CHECKERS. Profit horizon

What is an Ideal CAPTCHA? It has endless sources. The source should be collected automatically with almost zero labor costs. Created questions must be difficult enough for modern robots but easy for humans. Most importantly, Ideal CAPTCHA must provide high rate correction. It is… Having automatically collectable cheap cost questions and providing highly correct results.

Conclusion It has endless sources. The source are collected automatically with almost zero labor costs. Created questions can be difficult enough for modern robots but easy for humans. Most importantly, This CAPTCHA can provide high rate correction.

Q & A