1 / 12

IMAGINATION: A Robust Image-based CAPTCHA Generation System

IMAGINATION: A Robust Image-based CAPTCHA Generation System. ACM International Conference on Multimedia, November 2005. Ritendra Datta, Jia Li, and James Z. Wang The Pennsylvania State University – University Park. What are CAPTCHA s 1,2 ?.

rosine
Télécharger la présentation

IMAGINATION: A Robust Image-based CAPTCHA Generation System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IMAGINATION: A Robust Image-based CAPTCHA Generation System ACM International Conference on Multimedia, November 2005 Ritendra Datta, Jia Li, and James Z. Wang The Pennsylvania State University – University Park

  2. What are CAPTCHAs1,2 ? • Completely Automated Public Test to Tell Computers and Humans Apart. • Web-based protection mechanisms • Only humans allowed to perform certain tasks` • Opening E-mail accounts • Voting on-line, etc. • Prevent automated attacks by bots • To avoid eating up resources • To avoid biasing results, etc. • Most current systems - text-based. Text-based CAPTCHAs • L. von Ahn et al., CACM, 2004. • The CAPTCHA Project – http://www.captcha.net

  3. Why image-based CAPTCHAs ? • Computer vision techniques1,2,3 have broken text-based CAPTCHAs • Over 90% accuracy • Makes these systems vulnerable • Solution • More noise – harder for humans too • Natural image based CAPTCHAs • Present an image to the user • User labels content • Hard to attack • Image recognition is a hard problem • Hence more secure CAPTCHAs ! Image-based CAPTCHAs (Courtesy: The Captcha Project, CMU) • G. Mori et al., CVPR, 2003. • A. Thayananthan et al., CVPR, 2004. • G. Moy et al., CVPR, 2004.

  4. What’s the problem ? • CBIR (e.g. SIMPLIcity) and automatedannotation systems (e.g. ALIP) may attack • Solution: Generate CAPTCHA images that • Humans can easily label • Automated systems fail in most cases • How • Use systematic distortions on images. • Dithering, noise, quantizing etc. • Maintain low perceptual degradation • Test using state-of-the-art automated systems • Optimize attack rate & perceptual quality • Generate word choices systematically to reduce ambiguity and attack chance SIMPLIcity and ALIP (Pictures courtesy Corel)

  5. The IMAGINATION System • Image Generation for Internet Authentication. • Exploits the difference between human perception and current level of machine perception. • Generates a CAPTCHA based on a hard AI problem. • Breaking IMAGINATION, though highly unlikely, would in turn advance the state-of-the-art in AI. • Uses a two-phase click-and-annotate process to achieve very low chance of attack. Click Phase – Select center of an image Annotate Phase – Select best label from list

  6. The IMAGINATION System: Architecture

  7. Composite Image Generation Composite image generation by re-partitioning and dithering using different randomly chosen base colors

  8. Composite Distortion Selection • How to smartly choose distortions that can be applied to the images ? • Use state-of-the-art CBIR/related systems that can be potential attack weapons • Enforce probabilistic constraints on what is a good distortion • Make some realistic assumptions • Generate many distortions • Choose a subset that satisfies these constraints • Include in the IMAGINATION system A tiger image distorted by four acceptable composite distortions

  9. Composite Distortions: Probabilistic Constraints An image distortion is considered acceptable, if probabilistically, potential attack algorithms are unable to significantly reduce the uncertainty associated with the labeling of those images

  10. Composite Distortions in IMAGINATION Schematic view of the four composite distortions satisfying the probabilistic constraints and hence chosen for the IMAGINATION system

  11. Word Choice Generation • User choose instead of types: • Avoid spelling mistakes, polysemy etc. • More user-friendly (critical) • But leads to higher attack chance ! • Three issues with choice list generation • Ambiguity (e.g. Dog and Wolf) • Attack using word choices themselves (Odd-one-out) • Multiple valid labels • Solution • Use the WordNet ontology • Solve heuristically by constructing a word hyper-tetrahedron d1,2 W1 W2 d1,3 d1,4 d2,4, d1,3 W3 W4 d3,4 A word hyper-tetrahedron (K=4) Wk = word choice, k = {1, …, K} di,j = WordNet distance between Wi & Wj Constraint: di,j≈ δ, for all (i,j)

  12. Conclusions • New form of CAPTCHA • Likely to be more robust against attacks • Some issues • Need more rigorous testing against many attack scenarios • User-friendliness is critical – needs large-scale testing • Given these issues are somewhat addressed • Promise of a more secure Internet • Web servers more reliable • Potential for commercialization

More Related