Enhanced Image Captcha

Enhanced Image Captcha

Nikita Lemos

ME student Computer department

St Francis institute of technology Mumbai, India

Joanne Gomes

Assistant professor

I.T Department

St Francis institute of technology Mumbai, India

AbstractCaptcha stands for completely automated public turing test to tell computers and humans apart. Most of the websites today use captchas as a means to secure their site from scrappers, online polls, dictionary attacks and search engine bots etc. Usability and security both are to be balanced for improved security. In this paper text captcha is reviewed in short and the need for image captcha is put forth. Enhanced features of the image captcha are combined and a new captcha with improved capability is proposed

Keywords Enhanced Image Captcha, Text captcha, Website Security.

1. INTRODUCTION

   CAPTCHA was introduced in 2000 by a group of researchers at Carnegie Mellon University [1]. The need behind the creation of CAPTCHA is to prevent exploitation of the website security against spammers, scrappers, online and dictionary attack. Text based captcha was the first to be introduced. They are built on the recognition of words and letters in English. Optical Character Recognition (OCR) systems were used to crack them. The developers of text captcha tried to increase its complexity to protect against attack by manipulating fonts, adding noise and having overlapping letters. Even then this type of CAPTCHA usually is broken using letter segmentation and character recognition [2]

   The goal of a CAPTCHA is to attain usability and security both .Usability studies show a distinct difference in response times and error rates between different age groups in solving text based CAPTCHAs [3]. The flaws in the existing text captcha allow the malicious automated programs to pass the challenges .Due to these drawbacks of the text based captcha it is advisable to move towards a new range of captcha such as 3D captcha, on random field captcha, I capctha and image captcha etc .3D captcha proposes a scheme of captchas based on various factors like rotation, overlapping, obstacle, noise, background color, scaling, font, special character, background texture. The analysis of this type of captcha shows that it is secure because it provides resistance to preprocessing, dictionary attack, and OCR, CFS and pixel count [4].

   The on random field capctha is generated through random

   field simulation. An initial random field is chosen and Gibbs sampling is used to re-simulate portions of the field repeatedly using the conditional probabilities until the word becomes human readable. It results in a captcha that is unrecognizable to modern OCR but is recognized about 95% of the times in a human readability study [5]. I Captcha is implemented to defend against third party human attack. The

   advantage of this implementation is that on the server side session information is stored about the indices of the correct responses and the user clicks. When the sequence is complete it is compared with the user click index if there is a match captcha is decoded [6].

   Image captcha can be used over text captcha because it is based on the fact that human beings possess recognition capability of the real world objects from the physical photographs that are taken. Recognizing the image is a easier task for human beings over recognizing the distorted text.[4]

   In this paper image captcha will be discussed further as an alternative to text captcha.

2. RELATED WORK

   1. Image captcha

      Images are more informative over the text, this is a known fact. Moreover there are hard AI image recognition problems that are yet to be solved. Thus it is possible to exploit this area as there are lesser chances of the captcha being broken.[5]

      Existing image recognition captcha scheme

      Imagination captcha scheme consists of the following test click test. In the click test, a distorted composite image tiled with 8 images is presented. A user has to click a position close enough to the geometric center of any one of the 8 constituent images to pass the test. [5].

      But this imagination scheme can be cracked. The steps in cracking the scheme are as following [6]

      1. Detection of Candidate Rectangles

      2. Color Edge and Line Segment Detection

      3. Generating Candidate Rectangles

      4. Consistency Inference

         To improve the imagination scheme there are a few other capctha schemes that have been proposed. Few such schemes will be discussed in the next section

         IMAGE ENHANCED CAPTCHA

         1. Image Enhanced CAPTCHA for Web Security

            This CAPTCHA consists of three text phrases randomly located in a grid [7]. Each text phrase is next to an real-world image randomly selected from three categories: tree, animal, and manmade structure. A knowledge based question is asked

            to the user and the user submits the text phrase based on that question and completes the captcha challenge

         2. Captcha all

   Captcha all uses one single image and asks user to select one or more object from the image by putting forth a logical question [2].

   Steps in building captcha all are as following [8]

   1. Building database

   2. image annotation tool

   3. captcha all implementation

      1. Image CAPTCHA Based on Depth perception

         DeepCAPTCHA exploits the human ability of depth perception.[8] Human beings are able to perceive real world objects identify them and compare them based on their relative sizes. In Deep captcha users should arrange 3D objects in terms of size (or depth). The scaling of objects I done to the same size irrespective of their real world or actual sizes. This is done in order to avoid attack based on the image segmentation

         Following steps are used to build a deep captcha

         A.Object mining

         Objects are mined from the web, since it is a 3D capctha only 3D objects are mined from the various sources

         B.Object filtering

         Objects are filtered out as hard or easy based on the number of joints, edges the roughness. Easy objects are eliminated as they will be easier to guess and the complex objects are retained

         1. Object ordering

            Objects are ordered as per their real world sizes . A fixed or comparative method can be used for the same

         2. Appearance altering

         Transformations are applied to the objects so that they are not easily identifiable

         E.user interface

         Ultimately a grid of 3*2 tiles of images is presented to the user , where the objects are all resized

      2. Face d captcha

         To solve the CAPTCHA, users must correctly identify visually-distorted human faces embedded in a complex background without selecting any non-human faces.

         Steps in building the face d captcha are as following-

         1. Parameter selection

         2. Select a fake/face image

         3. Apply distortions to the image

         4. blend face/fake image with the distorted background

         5. Add extra noise to the captcha

   Enhanced features of captcha

   CAPTCHA	ENHANCED FEATURE OF CAPTCHA
   Captcha all	Knowledge based component is used
   Image Enhanced CAPTCHA for Web Security	Knowledge based component is used
   DeepCAPTCHA : An Image CAPTCHA Based on Depth perception	Human ability of identifing real world objects
   FaceDCAPTCHA: Face detection based color image CAPTCHA	Using available databases to extract images which cannot be easily cracked

3. PROPOSED SYSTEM

   Following is the sample image of how the proposed captcha would be like

   Fig 1 .Proposed enhanced image captcha

   A knowledge based question is presented along with images which the user has to select based on the same question and pass the captcha challenge

   Database creation steps in the database captcha-

   1 Initial database will be created by obtaining the images from the standard image hosting sites (eg.flickr).Since it has a large database brute force attack can be prevented

   1. Images are categorized into groups, here ten different groups can be formed each for a different flower and theflowers can be segregated as per the group in which they belong to

   2. To build a particular captcha challenge for eg rose as shown in the figure, three different images of rose are picked up to include in the grid. The remaining three images should be unique each from a different group

   3. A knowledge based question is then stored along with this challenge

4. SUMMARY

   A overview of captcha was presented, weaknesses of text captchas were discussed. Advantages of image captcha over text captcha were listed. Enhanced features of image captcha techniques were put forth. Finally extracting all the enhanced features a new image captcha was proposed.

   also the knowledge based component that it uses will be difficult to crack by machines. It uses a secure database, utilizes the human ability to recognize and differentiate between the real world objects . This type of captcha will prove to be more secure since it uses enhanced features of all the captchas that were put forth

5. FUTURE SCOPE

A larger database can be created using other objects besides flowers. A more interactive and user friendly captcha can be created in order to achieve usability and security both.

REFERENCES

1. Captcha: telling humans and computers apart automatically. On the web at http://www.captcha.net

2. Shaun-inn Wu and Hieu Trong Ho, Image Enhanced CAPTCHA for Web Security,CISR'14 Proceedings of the 9th Annual Cyber and Information Security Research Conference ACM, pp.29- 32,2014

3. Wai-Yun Ng, Jeff Yan and Ahmad El Ahmad ,Captcha design color usability, and security IEEE computer society , 1089- 7801/12, pp. 54-60, 2012

4. Montree Imsamai and Suphakant Phimoltares , 3D captcha : A Next Generation of the CAPTCHA, in proc, 978-1-4244-5943- 8/10, 2010

5. Michael A. Kouritzin, Fraser Newton and Biao Wu, On Randomly Filed Completely Automated Public Turing Test To Tell Computers And Humans Apart Generation, IEEE transactions on image processing , vol 22, no 4, pp. 1656-1666, April 2013

6. Huy D, Troung, Christopher F. Turner and Cliff C.Zou, i Captcha

   :The Next Generation Of Captcha Designed To Defend Against 3rd Party Human Attacks , proc on 2011 IEEE International conference on digital object identifier, 2011

7. J. Elson, J. Douceur, J. Howell and J. Saul. Asirra: a CAPTCHA that exploits interest-aligned manual image categorization. In Proc. of ACM CCS 2007,pp. 366-374

8. Datta, R., Li, J., and Wang, J. Z. 2005.IMAGINATION: A robust image-based CAPTCHA Generation System. In ACM Multimedia 2005, 331-334[6] Bin B. Zhu , Jeff Yan , Qiujie Li, Chao Yang, Jia Liu, Ning Xu, Meng Yi and Kaiwei Cai, Attacks and Design of Image Recognition CAPTCHAs,Proceedings of the 17th ACM 2010 conference and communications security,pp.187-200, 2010

9. Shaun-inn Wu and Hieu Trong Ho, Image Enhanced CAPTCHA for Web Security, CISR '14 Proceedings of the 9th Annual Cyber and Information Security Research Conference ACM, pp.29- 32,2014

10. Hossein Nejati, Ngai-Man Cheung and V, DeepCAPTCHA: An Image CAPTCHA Based on Depth perception,Proceedings of the 5th ACM multimedia systems conference ,pp.81-90,2014

11. Gaurav Goswamia, Brian M. Powell , Mayank Vatsa , Richa Singh and Afzel Nooreb, FaceDCAPTCHA: Face detection based color image CAPTCHA, Special Section: Advances in Computer Supported Collaboration: Systems and Technologies,volume 31 elsvier, pp.59-68, 2014