Attacks Against Captcha Systems - DefCamp 2012

1,299 views
1,098 views

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,299
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
29
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Attacks Against Captcha Systems - DefCamp 2012

  1. 1. Attacking CAPTCHAs explained Ioan – Carol Plangu
  2. 2. Whats a CAPTCHACompletelyAutomatedPublicTuring test to tellComputers andHumansApart
  3. 3. Three attack methods Implementation attack Automated recognition Manual labor
  4. 4. The implementation attackScenario 1 the image session id can be reused
  5. 5. The implementation attackScenario 1 the image session id can be reused id Restricted Captcha page form
  6. 6. The implementation attackScenario 2 the number of captcha tests is limited
  7. 7. The implementation attackScenario 2 the number of captcha tests is limited we just need to solve them all and store them in a hash table
  8. 8. The implementation attackScenario 3 hash of solution sent to client
  9. 9. The implementation attackScenario 3 hash of solution sent to client rainbow tables :)
  10. 10. Manual laborThere are two options:
  11. 11. Pay a bunch of monkeys
  12. 12. Or not... XXX Complete this captcha form to continue
  13. 13. Automated recognitionWere going to actually reproduce a human response for the given question
  14. 14. Can you understand my voice?
  15. 15. The sound sample is usually generated
  16. 16. Its hard to add noise to thegenerated speech without making it hard for the human
  17. 17. But can you read?
  18. 18. Sort of.....
  19. 19. The most common approach Greedy optimization – reverse engineer everything Character segmentation OCR
  20. 20. Possible security measures
  21. 21. Possible security measures Funky background image
  22. 22. Possible security measures Funky background image − usually can be removed with basic preprocessing
  23. 23. Possible security measures Funky background image − usually can be removed with basic preprocessing Text distortions
  24. 24. Possible security measures Funky background image − usually can be removed with basic preprocessing Text distortions − modern OCR techniques can beat it
  25. 25. Possible security measures Funky background image − usually can be removed with basic preprocessing Text distortions − modern OCR techniques can beat it Anti segmentation measures
  26. 26. Beating segmentation
  27. 27. Beating segmentation  If a character signature can be extracted from only the vertical signature, character segmentation becomes trivialA Low-cost Attack on a Microsoft CAPTCHA - Jeff Yan, Ahmad Salah El AhmadSchool of Computing Science, Newcastle University, UK
  28. 28. Beating segmentationWe can otherwise ignore it!
  29. 29. Beating segmentationWe can otherwise ignore it!The following slides are about an experiment about this approach
  30. 30. A Monte-Carlo experiment Note: for testing performance, the variance of the characters has been kept to a minimumf(x) → yx in binary( 0 - 2^3000 )y in 10^6
  31. 31. Training: − Select one character image at random − Select N black spots − Sort the points for uniqueness − Subtract the first point from all others for position independence − Assign it a weight for each character using the following formula: matched characters count / sample size − Assign it a score (indicates classification quality) selected digit weight / (1 + other digit weights)
  32. 32. Recognition: − Make a score map for all points − Select the most appropriate character for each column − Process the resulting string into a 6 digit string
  33. 33. An equivalent model input layer linear hidden layer (feature layer) threshold layers softmax layer
  34. 34. An equivalent model input layer OCR linear hidden layer (feature layer) without zero penalty == threshold layers No biases for the first layer (avoids the 2*binary - 1 effect) softmax layer
  35. 35. Hacking the OCR: To negate the effect the biases, for each image we add random noise in the white areas This will greatly improve the recognition in a noisy image
  36. 36. An more powerful model input layer Hacked OCR layer Score map output layer
  37. 37. Questions?
  38. 38. The demo source is hosted athttps://github.com/theshark08/howtobreakacaptcha01

×