CAP6135 - Malware and Software Vulnerability Analysis Term Project Proposal - Spring 2009 Professor: Dr. Zou Team members: Andrew Mantel & Peter Matthews.

Slides:

Advertisements

Similar presentations

PROTOTYPE Rehatch.com. Rehatch $35k total; dispersed evenly over 6 months. Captures the unique niche from the top 20 networking sites. Infused with instant.

Advertisements

Intisar O. Hussien Faculty of Computer Studies Arab Open University

Who: Jake Munson Company: Idaho Power Website: Location: Kuna, ID Attack of the spam bots.

Design, prototyping and construction

COMPUTER MALWARE FINAL PROJECT PROPOSAL THE WAR AGAINST CAPTCHA WITH IMPLEMENTATION OF THE WORLDS MOST ACCURATE CAPTCHA BREAKER By Huy Truong & Kathleen.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Computing Studies Is it for me? Click here to find out…

CAPTCHA: Using Hard AI Problems for Security 12 Jun 2007 Ohad Barak (a.k.a. jo) Luis Von Ahn, EuroCrypt 2003.

CAPTCHA Completely Automated Public Turing test to tell Computers and Humans Apart A Computer Program that can generate and grade test that: Most Humans.

A Low-cost Attack on a Microsoft CAPTCHA Yan Qiang,

CAPTCHA Presented by: Sari Louis SPAM Group: Marc Gagnon, Sari Louis, Steve White University of Illinois Spring 2006.

Breaking an Animated CAPTCHA Scheme

By: Ansuya Chauhan.

The ACCESS Project Jesse Hausler, UDL/Accessibility Coordinator Marla Roll, Director of the Assistive Technology Resource Center.

Competitive Algorithm Calculation Testing in a Unified System (CACTUS) Software Plan 9/23/ Presented By: ExoNET Solutions.

CAPTCHA Presented By Sayani Chandra (Roll )

Jeff Yan School of Computing Science Newcastle University, UK (Joint work with Ahmad Salah El Ahmad) Usability of CAPTCHAs Or “usability issues in CAPTCHA.

Web 2.0 Web 2.0 is the term given to describe a second generation of the World Wide Web (WWW) that is focused on the ability for people to collaborate.

Providing Trusted Paths Using Untrusted Components Andre L. M. dos Santos Georgia Institute of Technology

CAPTCHA Prabhakar Verma “08MC30”.

1 CAPTCHA Challenges for Massively Multiplayer Online Games 2010 International Conference on Cyberworlds Authors: Yang-Wai Chow, Willy Susilo, Hua-Yu Zhou.

Human Computation CSC4170 Web Intelligence and Social Computing Tutorial 7 Tutor: Tom Chao Zhou

1 Securing Passwords Against Dictionary Attacks Base on an article by Benny Pinkas & Tomas Sander 2002 Presented by Tomer Conforti.

IOTA Improved Design and Implementation of a Modular and Extensible Website Framework Andrew Hamilton – TJHSST Computer Systems Lab Abstract.

Social Media Facebook, Twitter, Google+, etc.. What is Social Technology?  Communication tools  Interactive tools  Examples?

CAPTCHA CAPTCHA is a contrived acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart“. A CAPTCHA is a challenge-response.

CAPTCHA 1 Are you Human? (Sorry, I had to ask). CAPTCHA 2 Agenda What is CAPTCHA? Types of CAPTCHA Where to use CAPTCHAs? Guidelines when making a CAPTCHA.

Part 2  Access Control 1 CAPTCHA Part 2  Access Control 2 Turing Test Proposed by Alan Turing in 1950 Human asks questions to another human and a computer,

Protecting Web 2.0 Services from Botnet Exploitations Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second Nguyen H Vo, Josef Pieprzyk Department.

SRS PRESENTATION Ronen Mendezitsky & Alon Weiss Website Protection System.

Exploration Seminar 3 Human Computation Roy McElmurry.

8/22/12 Adapting and Access to Social Media for People with Disabilities.

IOTA Improved Design and Implementation of a Modular and Extensible Course Management System Andrew Hamilton 5 th Period.

CAPTCHA solving Tianhui Cai Period 3. CAPTCHAs Completely Automated Public Turing tests to tell Computers and Humans Apart Determines whether a user is.

Captcha Breaker 技巧很強壯的大叔隊. Workflow Outline Segmentation – Human Visual System Segmentation – Color Filling Segmentation – Distortion Estimation Optical.

IMAGINATION: A Robust Image-based CAPTCHA Generation System Ritendra Datta, Jia Li, and James Z. Wang The Pennsylvania State University – University Park.

Preventing Automated Use of STMP Reservation System Using CAPTCHA.

Presented By: Abirami Poonkundran Authors: Jeff Yan, Ahmad El Ahmad.

By Gianluca Stringhini, Christopher Kruegel and Giovanni Vigna Presented By Awrad Mohammed Ali 1.

Securing Passwords Against Dictionary Attacks Presented By Chad Frommeyer.

Team working in distributed environments M253 Communicating, Cooperating & Collaborating on Line Faculty of Computer Studies Arab Open University Kuwait.

Designing Human Friendly Human Interaction Proofs (HIPs) Kumar Chellapilla, Kevin Larson, Patrice Simard and Mary Czerwinski Microsoft Research Presented.

Iasonas Polakis, Panagiotis Ilia, Federico Maggi, Marco Lancini, Georgios Kontaxis, Stefano Zanero, Sotiris Ioannidis, and Angelos D. Keromytis. In Proceedings.

Graphical VS Textual Presented by Ding Li Nicholas Wright, Andrew S. Patrick, and Robert Biddle. “Do you see your password? Applying recognition to textual.

CAPTCHA solving Tianhui Cai Period 3. CAPTCHAs Completely Automated Public Turing tests to tell Computers and Humans Apart User is human or machine? Prevents.

Peter Matthews, Cliff C. Zou University of Central Florida AsiaCCS 2010.

By: Steven Baker.  What is a CAPTCHA?  History of CAPTCHA  Applications of CAPTCHAs  Accessibility  Examples of CAPTCHAs  reCAPTCHA  Vulnerabilities.

Separating man from machine since 2000….. ?. Agenda  Definition  History  Need  Types  Constructing CAPTCHAs  Breaking CAPTCHAs  Applications 

Introduction to Social Media October 28, 2010 Green County High School Vickie Buckman.

CAPTCHA What humans can do, But computers can not.

Usability of CAPTCHAs Or usability issues in CAPTCHA design Authors: Jeff Yan and Ahmad Salah El Ahmad Presented By: Kim Giglia CSC /19/2008.

Understanding Security Policies Lesson 3. Objectives.

● The most common website platform ● User friendly-easy to edit ● Constantly improving-updates, plugins, themes Why WordPress?

SUBMITTED TO:-SUBMITTED BY:- Ms.Kavita KhannaShruty Ahuja H.O.D(CSE DEPARTMENT)02/MT/10 PDM,BAHADURGARHCE(2 ND SEM)

Billy Vivian Dr. Oblitey COSC  What is CAPTCHA?  History  Uses  Artificial Intelligence Relationship  reCAPTCHA  Works Cited.

CAPTCHAs: Breaking & Building A Presentation of Academic Research r3dfish & dr_dave.

CAPTCHA Presented by: Md.R ahim 08B21A Agenda Definition Background Motivation Applications Types of CAPTCHAs Breaking CAPTCHAs Proposed Approach.

مباني امنيت شبكه CAPTCHA)) به نام خدا مدرس: شهرزاد گلستانی Website:

SANDEEP MEHTA (ECE, IV Year). CAPTCHA Completely Automated Public Turing test to tell Computers and Humans Apart Invented at CMU by Luis von Ahn, Manuel.

Etsy clone Script - Marketplace script - Marketplace software

Etsy Script, Etsy clone, Marketplace script, Buy and Sell Script

Introduction to Machine Learning, its potential usage in network area,

Authentication Schemes for Session Passwords using Color and Images

3.6 Fundamentals of cyber security

Are you Human?.

Web Programming Week 11 Old Dominion University

A novel probabilistic language-based CAPTCHA system

Inaccessible CAPTCHA: updating W3C advisory note

Inaccessible CAPTCHA: updating W3C advisory note

Presentation transcript:

CAP Malware and Software Vulnerability Analysis Term Project Proposal - Spring 2009 Professor: Dr. Zou Team members: Andrew Mantel & Peter Matthews Image Tagging: An Alternative Approach to Current CAPTCHA Techniques

What is CAPTCHA? Computer Automated Turing Test for telling Computers and Humans Apart – A challenge-response test used by many websites to establish that a user is a human rather than a script or bot. Reliant on the fact that there are a number of tasks that are relatively easy for humans to perform, but difficult for computers. – For example, humans can easily read the distorted text shown below, but computer programs can not. Image Source: Source:

CAPTCHA Uses Preventing spam/worm comments in blogs & posts on message boards Preventing automated user registration Preventing abuse of online polls Preventing dictionary / brute-force password attacks Used extensively by Google, YouTube, FaceBook, Yahoo, MySpace, and almost every other high-traffic website.

Text-Based CAPTCHA In very wide usage – Fairly easy to implement – Intuitive – Usable by speakers of other languages who are familiar with the Latin character set Advancements in optical character recognition (OCR) technology have required the distortions performed upon the text to become increasingly complicated and extreme. Making the CAPTCHA images more obscure and difficult for computers to read also makes the images also more difficult for humans to read. – User tolerance only extends so far.

Examples Produced by Google CAPTCHA Source: Usability of CAPTCHAs Or “Usability Issues in CAPTCHA Design” by Jeff Yan, School of Computing Science, Newcastle University, UK. Modern day text- based CAPTCHA images are becoming very difficult for even humans to read. This can only become worse as OCR technology improves.

Examples of cracked CAPTCHA systems Image Source: A Low-cost Attack on a Microsoft CAPTCHA, Jeff Yan, Ahmad Salah El Ahmad, CCS Image Source: Yahoo MSN

Alternative CAPTCHA Tests Audio-based – Require speech recognition to be performed via the playback of a distorted audio recording. – Useful for those with visual impairments. Image-based – Require recognition of the visual information conveyed by an image. – The core of our approach.

Image Tagging Basic idea behind image tagging: o Task the user with identifying a thing portrayed in an image Examples: Image sources: Sun: Lion: Basketball:

Image Tagging Attempt to prove the following features of image tagging: 1.Image tagging is easy for a human to solve reliably. 2.Image tagging has a sufficiently large solution surface to probabilistically avoid random computer attacks. 3.Image tagging is sufficiently difficult for current computers to solve. 4.Image tagging is scalable to adjust to advancements in computer technologies.

Scene Tagging Image tagging potentially vulnerable to data mining techniques Explore scene tagging as implementable realization of image tagging Scene tagging: o Same basic idea as image tagging o Task the user with identifying a single thing within an image with multiple things

Scene Tagging Example: (modified from source:

Scene Tagging In respect to scene tagging, we will examine: 1.The same features mentioned above for image tagging. 2.Various ways to automatically generate scene tagging problems. 3.Various types of scene tagging problems.

References Jeff Yan, Ahmad Salah El Ahmad, A low-cost attack on a Microsoft captcha, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA.. Jeff Yan, Usability of CAPTCHAs Or “Usability Issues in CAPTCHA Design”,. Network Security Research and AI: Around the CAPTCHA,.