Presentation is loading. Please wait.

Presentation is loading. Please wait.

CAP6135 - Malware and Software Vulnerability Analysis Term Project Proposal - Spring 2009 Professor: Dr. Zou Team members: Andrew Mantel & Peter Matthews.

Published byJeffery Stevens Modified over 8 years ago

Similar presentations

Presentation on theme: "CAP6135 - Malware and Software Vulnerability Analysis Term Project Proposal - Spring 2009 Professor: Dr. Zou Team members: Andrew Mantel & Peter Matthews."— Presentation transcript:

1 CAP6135 - Malware and Software Vulnerability Analysis Term Project Proposal - Spring 2009 Professor: Dr. Zou Team members: Andrew Mantel & Peter Matthews Image Tagging: An Alternative Approach to Current CAPTCHA Techniques

2 What is CAPTCHA? Computer Automated Turing Test for telling Computers and Humans Apart – A challenge-response test used by many websites to establish that a user is a human rather than a script or bot. Reliant on the fact that there are a number of tasks that are relatively easy for humans to perform, but difficult for computers. – For example, humans can easily read the distorted text shown below, but computer programs can not. Image Source: http://code.google.com/p/cool-php-captcha/Image Source: http://recaptcha.net/learnmore.html

3 CAPTCHA Uses Preventing spam/worm comments in blogs & posts on message boards Preventing automated user registration Preventing abuse of online polls Preventing dictionary / brute-force password attacks Used extensively by Google, YouTube, FaceBook, Yahoo, MySpace, and almost every other high-traffic website.

4 Text-Based CAPTCHA In very wide usage – Fairly easy to implement – Intuitive – Usable by speakers of other languages who are familiar with the Latin character set Advancements in optical character recognition (OCR) technology have required the distortions performed upon the text to become increasingly complicated and extreme. Making the CAPTCHA images more obscure and difficult for computers to read also makes the images also more difficult for humans to read. – User tolerance only extends so far.

5 Examples Produced by Google CAPTCHA Source: Usability of CAPTCHAs Or “Usability Issues in CAPTCHA Design” by Jeff Yan, School of Computing Science, Newcastle University, UK. Modern day text- based CAPTCHA images are becoming very difficult for even humans to read. This can only become worse as OCR technology improves.

6 Examples of cracked CAPTCHA systems Image Source: A Low-cost Attack on a Microsoft CAPTCHA, Jeff Yan, Ahmad Salah El Ahmad, CCS 2008. Image Source: http://network-security-research.blogspot.com/ Yahoo MSN

7 Alternative CAPTCHA Tests Audio-based – Require speech recognition to be performed via the playback of a distorted audio recording. – Useful for those with visual impairments. Image-based – Require recognition of the visual information conveyed by an image. – The core of our approach.

8 Image Tagging Basic idea behind image tagging: o Task the user with identifying a thing portrayed in an image Examples: Image sources: Sun: http://space.about.com/od/solarsystem/ss/visualtourss.htm)http://space.about.com/od/solarsystem/ss/visualtourss.htm Lion: http://www.purplemoon.com/http://www.purplemoon.com/ Basketball: http://www.designer-sports.com/http://www.designer-sports.com/

9 Image Tagging Attempt to prove the following features of image tagging: 1.Image tagging is easy for a human to solve reliably. 2.Image tagging has a sufficiently large solution surface to probabilistically avoid random computer attacks. 3.Image tagging is sufficiently difficult for current computers to solve. 4.Image tagging is scalable to adjust to advancements in computer technologies.

10 Scene Tagging Image tagging potentially vulnerable to data mining techniques Explore scene tagging as implementable realization of image tagging Scene tagging: o Same basic idea as image tagging o Task the user with identifying a single thing within an image with multiple things

11 Scene Tagging Example: (modified from source: http://wwwdelivery.superstock.com/)http://wwwdelivery.superstock.com/

12 Scene Tagging In respect to scene tagging, we will examine: 1.The same features mentioned above for image tagging. 2.Various ways to automatically generate scene tagging problems. 3.Various types of scene tagging problems.

13 References Jeff Yan, Ahmad Salah El Ahmad, A low-cost attack on a Microsoft captcha, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA.. Jeff Yan, Usability of CAPTCHAs Or “Usability Issues in CAPTCHA Design”,. Network Security Research and AI: Around the CAPTCHA,.

Download ppt "CAP6135 - Malware and Software Vulnerability Analysis Term Project Proposal - Spring 2009 Professor: Dr. Zou Team members: Andrew Mantel & Peter Matthews."

Similar presentations

PROTOTYPE Rehatch.com. Rehatch $35k total; dispersed evenly over 6 months. Captures the unique niche from the top 20 networking sites. Infused with instant.

PROTOTYPE Rehatch.com. Rehatch $35k total; dispersed evenly over 6 months. Captures the unique niche from the top 20 networking sites. Infused with instant.
Intisar O. Hussien Faculty of Computer Studies Arab Open University

Intisar O. Hussien Faculty of Computer Studies Arab Open University
Who: Jake Munson Company: Idaho Power Website: Location: Kuna, ID Attack of the spam bots.

Who: Jake Munson Company: Idaho Power Website: Location: Kuna, ID Attack of the spam bots.
Design, prototyping and construction

Design, prototyping and construction
COMPUTER MALWARE FINAL PROJECT PROPOSAL THE WAR AGAINST CAPTCHA WITH IMPLEMENTATION OF THE WORLDS MOST ACCURATE CAPTCHA BREAKER By Huy Truong & Kathleen.

COMPUTER MALWARE FINAL PROJECT PROPOSAL THE WAR AGAINST CAPTCHA WITH IMPLEMENTATION OF THE WORLDS MOST ACCURATE CAPTCHA BREAKER By Huy Truong & Kathleen.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Computing Studies Is it for me? Click here to find out…

Computing Studies Is it for me? Click here to find out…
Social Media.

Social Media.
CAPTCHA: Using Hard AI Problems for Security 12 Jun 2007 Ohad Barak (a.k.a. jo) Luis Von Ahn, EuroCrypt 2003.

CAPTCHA: Using Hard AI Problems for Security 12 Jun 2007 Ohad Barak (a.k.a. jo) Luis Von Ahn, EuroCrypt 2003.
CAPTCHA Completely Automated Public Turing test to tell Computers and Humans Apart A Computer Program that can generate and grade test that: Most Humans.

CAPTCHA Completely Automated Public Turing test to tell Computers and Humans Apart A Computer Program that can generate and grade test that: Most Humans.
A Low-cost Attack on a Microsoft CAPTCHA Yan Qiang, 2008-12-9.

A Low-cost Attack on a Microsoft CAPTCHA Yan Qiang,
563.10.3 CAPTCHA Presented by: Sari Louis SPAM Group: Marc Gagnon, Sari Louis, Steve White University of Illinois Spring 2006.

CAPTCHA Presented by: Sari Louis SPAM Group: Marc Gagnon, Sari Louis, Steve White University of Illinois Spring 2006.
Breaking an Animated CAPTCHA Scheme

Breaking an Animated CAPTCHA Scheme
By: Ansuya Chauhan.

By: Ansuya Chauhan.
The ACCESS Project Jesse Hausler, UDL/Accessibility Coordinator Marla Roll, Director of the Assistive Technology Resource Center.

The ACCESS Project Jesse Hausler, UDL/Accessibility Coordinator Marla Roll, Director of the Assistive Technology Resource Center.
Competitive Algorithm Calculation Testing in a Unified System (CACTUS) Software Plan 9/23/2011 1 Presented By: ExoNET Solutions.

Competitive Algorithm Calculation Testing in a Unified System (CACTUS) Software Plan 9/23/ Presented By: ExoNET Solutions.
CAPTCHA Presented By Sayani Chandra (Roll - 09127106017)

CAPTCHA Presented By Sayani Chandra (Roll )
Jeff Yan School of Computing Science Newcastle University, UK (Joint work with Ahmad Salah El Ahmad) Usability of CAPTCHAs Or “usability issues in CAPTCHA.

Jeff Yan School of Computing Science Newcastle University, UK (Joint work with Ahmad Salah El Ahmad) Usability of CAPTCHAs Or “usability issues in CAPTCHA.
Web 2.0 Web 2.0 is the term given to describe a second generation of the World Wide Web (WWW) that is focused on the ability for people to collaborate.

Web 2.0 Web 2.0 is the term given to describe a second generation of the World Wide Web (WWW) that is focused on the ability for people to collaborate.
Providing Trusted Paths Using Untrusted Components Andre L. M. dos Santos Georgia Institute of Technology

Providing Trusted Paths Using Untrusted Components Andre L. M. dos Santos Georgia Institute of Technology

Similar presentations

Ads by Google