loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Carlos Javier Hernández-Castro ; Arturo Ribagorda and Yago Saez

Affiliation: Carlos III University, Spain

Keyword(s): CAPTCHA, HumanAuth, Image labeling, Watermarking, Automatic classification.

Related Ontology Subjects/Areas/Topics: Human Factors and Human Behaviour Recognition Techniques ; Identification, Authentication and Non-Repudiation ; Information and Systems Security ; Information Assurance ; Phishing, Adfraud, Malware, and Countermeasures

Abstract: We propose a new scheme of attack on the HumanAuth CAPTCHA which represents a significant shortcut to the intended attacking path, as it is not based in any advance in the state of the art on the field of image recognition. After analyzing the HumanAuth image database with a new approach based on statistical analysis and machine learning, we conclude that it cannot fulfill the security objectives intended by its authors. Then, we analyze which of the studied parameters for the image files seem to disclose the most valuable information for helping in correct classification, arriving at a surprising discovery. We also analyze if the image watermarking algorithm presented by the HumanAuth authors is able to counter the effect of this new attack. Our attack represents a completely new approach to breaking image labeling CAPTCHAs, and can be applied to many of the currently proposed schemes. Lastly, we investigate some measures that could be used to increase the security of image labeling CAPTCHAs as HumanAuth, but conclude no easy solutions are at hand. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 44.195.47.227

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Javier Hernández-Castro, C.; Ribagorda, A. and Saez, Y. (2010). SIDE-CHANNEL ATTACK ON THE HUMANAUTH CAPTCHA. In Proceedings of the International Conference on Security and Cryptography (ICETE 2010) - SECRYPT; ISBN 978-989-8425-18-8; ISSN 2184-3236, SciTePress, pages 59-65. DOI: 10.5220/0002994000590065

@conference{secrypt10,
author={Carlos {Javier Hernández{-}Castro}. and Arturo Ribagorda. and Yago Saez.},
title={SIDE-CHANNEL ATTACK ON THE HUMANAUTH CAPTCHA},
booktitle={Proceedings of the International Conference on Security and Cryptography (ICETE 2010) - SECRYPT},
year={2010},
pages={59-65},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002994000590065},
isbn={978-989-8425-18-8},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography (ICETE 2010) - SECRYPT
TI - SIDE-CHANNEL ATTACK ON THE HUMANAUTH CAPTCHA
SN - 978-989-8425-18-8
IS - 2184-3236
AU - Javier Hernández-Castro, C.
AU - Ribagorda, A.
AU - Saez, Y.
PY - 2010
SP - 59
EP - 65
DO - 10.5220/0002994000590065
PB - SciTePress