Preventing Automated Use of STMP Reservation System Using CAPTCHA.

Slides:

Advertisements

Similar presentations

HTML II Formatting the Language of the Web Terry Bake

Advertisements

Support.ebsco.com EBSCOadmin Branding Tutorial. Welcome to the EBSCOadmin Skinning and Branding tutorial, where you will learn how to customize EBSCOhost.

Web Shift Booking System

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Your tool to help you build a list of Subscribers.

CAPTCHA Completely Automated Public Turing test to tell Computers and Humans Apart A Computer Program that can generate and grade test that: Most Humans.

CAPTCHA Presented by: Sari Louis SPAM Group: Marc Gagnon, Sari Louis, Steve White University of Illinois Spring 2006.

CAPTCHA Presented By Sayani Chandra (Roll )

Providing Trusted Paths Using Untrusted Components Andre L. M. dos Santos Georgia Institute of Technology

Screen guidelines For data entry. Screen Layout for Data Entry Identify screen (name and purpose). Keep number of screens to a minimum. Ensure that all.

CAPTCHA Prabhakar Verma “08MC30”.

Human Computation CSC4170 Web Intelligence and Social Computing Tutorial 7 Tutor: Tom Chao Zhou

WELCOME TO AD POST JOBS. INSTRUCTIONS HOW TO POST FREE ADS ON INTERNET.

Typography Font type Font size Font style (e.g., bold, italic) Color Font effects The first 3 of these can be set in the formatting toolbar, and all of.

Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.

Regal Web Booking Engine Group Booking User Guide.

Click to edit Master title style A tool designed to provide useful information and assist Propex Plus Partners!

IS1500: Introduction to Web Development

Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.

IOTA Improved Design and Implementation of a Modular and Extensible Website Framework Andrew Hamilton – TJHSST Computer Systems Lab Abstract.

Welcome to the University of West Florida Online Employment System Applicant Tutorial.

UNCLASSIFIED User Guide Applicant. UNCLASSIFIED Table of Contents What is the SAFETY Act? Applicant Guide Help Desk.

GFP in the IUID Registry – A Basic Look Walt Clark, CPPM Raytheon IIS.

0 UMN 2011 ERP Terapan ABAP Introduction Session # 8.

Design Specifications Prepared for: ____________ Date.

Programming with Microsoft Visual Basic 2012 Chapter 12: Web Applications.

Presented to: CDM By: Jeff Evans and Randy W. Carlson Date: September 14, 2006 Federal Aviation Administration CDM ESTMP Sub- Group 2006/2007 ESTMP Update.

An Accessible CAPTCHA Chad Killingsworth Web Projects Coordinator.

CAPTCHA 1 Are you Human? (Sorry, I had to ask). CAPTCHA 2 Agenda What is CAPTCHA? Types of CAPTCHA Where to use CAPTCHAs? Guidelines when making a CAPTCHA.

Part 2  Access Control 1 CAPTCHA Part 2  Access Control 2 Turing Test Proposed by Alan Turing in 1950 Human asks questions to another human and a computer,

CTS130 Spreadsheet Lesson 3 Using Editing and Formatting Tools.

Web Design Rules. #1 Easy to Read Includes: Includes: Navigation Navigation Color Color Text Text Graphics Graphics Backgrounds Backgrounds Borders Borders.

I/o inputs and outputs Disclaimer: This document is provided “as-is”. Information and views expressed in this document, including URL and other Internet.

 2008 Pearson Education, Inc. All rights reserved Introduction to XHTML.

CAPTCHA solving Tianhui Cai Period 3. CAPTCHAs Completely Automated Public Turing tests to tell Computers and Humans Apart Determines whether a user is.

Chapter 8 Collecting Data with Forms. Chapter 8 Lessons Introduction 1.Plan and create a form 2.Edit and format a form 3.Work with form objects 4.Test.

SQL INJECTIONS Presented By: Eloy Viteri. What is SQL Injection An SQL injection attack is executed when a web page allows users to enter text into a.

Presented By: Abirami Poonkundran Authors: Jeff Yan, Ahmad El Ahmad.

UFCEKS-20-2Multimedia Authoring Times Table Quiz.

Secure Online Payment Presented by Tom Hun Web Developer.

How to Create an Address How to Create a Free Account, Read and Answer your s. Yahoo! provides FREE . To create a free .

PHP Error Handling & Reporting. Error Handling Never allow a default error message or error number returned by the mysql_error() and mysql_errno() functions.

Indicator 13 Secondary Transition. Main Menu SPP13 has a navigation toolbar located at the top of each screen. If you use the toolbar to navigate to another.

Chapter 16 Designing Effective Input Systems Analysis and Design Kendall and Kendall Fifth Edition.

Adapted from  2012 Prentice Hall, Inc. All rights reserved. 5 th ed: Chapter 2 and th ed: 4.11 SY306 Web and Databases for Cyber Operations.

HTML Forms. A form is simply an area that can contain form fields. Form fields are objects that allow the visitor to enter information - for example text.

Chapter 27 Getting “Web-ified” (Web Applications) Clearly Visual Basic: Programming with Visual Basic nd Edition.

JavaScript Introduction and Background. 2 Web languages Three formal languages HTML JavaScript CSS Three different tasks Document description Client-side.

Working with the Window Object JavaScript considers the browser window an object, which it calls the window object.

CAP Malware and Software Vulnerability Analysis Term Project Proposal - Spring 2009 Professor: Dr. Zou Team members: Andrew Mantel & Peter Matthews.

Text Reader And Typer Project By: Brandon Smith. What it does ● First, a picture containing text is used as an input. ● The program scans it for distinct.

By: Steven Baker.  What is a CAPTCHA?  History of CAPTCHA  Applications of CAPTCHAs  Accessibility  Examples of CAPTCHAs  reCAPTCHA  Vulnerabilities.

Separating man from machine since 2000….. ?. Agenda  Definition  History  Need  Types  Constructing CAPTCHAs  Breaking CAPTCHAs  Applications 

CAPTCHA What humans can do, But computers can not.

Usability of CAPTCHAs Or usability issues in CAPTCHA design Authors: Jeff Yan and Ahmad Salah El Ahmad Presented By: Kim Giglia CSC /19/2008.

Windows Vista Configuration MCTS : Internet Explorer 7.0.

The Next Step Hudson Fare Files 102 – Import & upload Rev. 10/14.

CAPTCHA Presented by: Md.R ahim 08B21A Agenda Definition Background Motivation Applications Types of CAPTCHAs Breaking CAPTCHAs Proposed Approach.

مباني امنيت شبكه CAPTCHA)) به نام خدا مدرس: شهرزاد گلستانی Website:

SANDEEP MEHTA (ECE, IV Year). CAPTCHA Completely Automated Public Turing test to tell Computers and Humans Apart Invented at CMU by Luis von Ahn, Manuel.

EAuthentication What is it? What is needed for FFAVORS?

THE ESP GAME, AND OTHER STUFF

Play Framework: Introduction

Web Programming Week 11 Old Dominion University

Check the buttons at the bottom of your Alert

Welcome to Day One!.

Create a Test Session The first step in administering a test is to create a test session. This should be done less than 20 minutes prior to starting the.

Data Types Every variable has a given data type. The most common data types are: String - Text made up of numbers, letters and characters. Integer - Whole.

Presented By Vibhute J.B. Class : M.Sc. (CS)

Presentation transcript:

Preventing Automated Use of STMP Reservation System Using CAPTCHA

Introduction The ATCSCC Intranet/internet has a web interface for making arrival/departure reservations for Special Traffic Management Programs (STMP). The ATCSCC Intranet/internet has a web interface for making arrival/departure reservations for Special Traffic Management Programs (STMP).

Purpose We are looking for ways to prevent automated tools from getting large number of reservations. We are looking for ways to prevent automated tools from getting large number of reservations.

Proposed Solution A website security solution designed with CAPTCHA image is proposed to prevent automated STMP reservations. A website security solution designed with CAPTCHA image is proposed to prevent automated STMP reservations.

What is CAPTCHA? A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a program that can generate and grade tests that most humans can pass, but current computer programs and automated tools can't pass. For example, humans can read distorted text as the one shown here, but current computer programs can't. A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a program that can generate and grade tests that most humans can pass, but current computer programs and automated tools can't pass. For example, humans can read distorted text as the one shown here, but current computer programs can't.

Gimpy CAPTCHA GIMPY CAPTCHA is a methodology where a word is randomly selected from a dictionary and a rendering of a distorted image of the word is shown. GIMPY CAPTCHA is a methodology where a word is randomly selected from a dictionary and a rendering of a distorted image of the word is shown. The user is then asked to type in the word. The user is then asked to type in the word. While human users have no problems typing the words displayed, current bots are simply unable to do the same. While human users have no problems typing the words displayed, current bots are simply unable to do the same.

Process User logs in. User logs in. User fills in the reservation form. User fills in the reservation form. At the bottom of the form, user is shown a CAPTCHA image and asked to enter the characters in the image. At the bottom of the form, user is shown a CAPTCHA image and asked to enter the characters in the image. User submits the reservation request. User submits the reservation request. The web server processes the information. If the user response is correct, the reservation process is continued. If not, the user is shown an error page. The web server processes the information. If the user response is correct, the reservation process is continued. If not, the user is shown an error page.

STMP Reservation form (current)

STMP Reservation form with CAPTCHA

STMP Reservation form

Reservation form with error message

STMP Reservation form with color CAPTCHA

Pop-up message

CAPTCHA examples 7-letter CAPTCHA – 7-letter CAPTCHA – 6-letter CAPTCHA- 6-letter CAPTCHA- 5-letter CAPTCHA – 5-letter CAPTCHA – Color CAPTCHA- Color CAPTCHA- CFX Captcha CFX Captcha

CAPTCHA Customization Text producer: Defaults to a random character generator. But there is a name generator as well. Text producer: Defaults to a random character generator. But there is a name generator as well. The characters that will create the string can be configured. The characters that will create the string can be configured. No of characters in the captcha image: 3,4,5,6,7 etc. No of characters in the captcha image: 3,4,5,6,7 etc. Captcha Font (Arial, Helvetica, Courier, Times New Roman) Captcha Font (Arial, Helvetica, Courier, Times New Roman) Font Size Font Size Font color Font color Distortion Distortion Background Background Border around captcha Border around captcha Color of the border Color of the border Thickness of the border around captcha Thickness of the border around captcha

Notes ESTMP users are required to enter CAPTCHA input for each reservation request. ESTMP users are required to enter CAPTCHA input for each reservation request. If the user input is wrong, an error message is shown and the reservation form is reloaded with new CAPTCHA image. If the user input is wrong, an error message is shown and the reservation form is reloaded with new CAPTCHA image. The reservation request is NOT processed by the server until the user enters correct CAPTCHA characters. The reservation request is NOT processed by the server until the user enters correct CAPTCHA characters. If reservation for the requested time is not available, the user is redirected to a page that shows reservation availability for different times. Users can select new reservation time but do not need to enter the CAPTCHA input in this page. If reservation for the requested time is not available, the user is redirected to a page that shows reservation availability for different times. Users can select new reservation time but do not need to enter the CAPTCHA input in this page. No CAPTCHA input needed for Confirm, Cancel or Update operations. No CAPTCHA input needed for Confirm, Cancel or Update operations.