Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Attacking CAPTCHAs explained Ioan – Carol Plangu
Whats a CAPTCHACompletelyAutomatedPublicTuring test to tellComputers andHumansApart
Three attack methods Implementation attack Automated recognition Manual labor
The implementation attackScenario 1 the image session id can be reused
The implementation attackScenario 1 the image session id can be reused id Restrict...
The implementation attackScenario 2 the number of captcha tests is limited
The implementation attackScenario 2 the number of captcha tests is limited we just need to solve them all and store them i...
The implementation attackScenario 3 hash of solution sent to client
The implementation attackScenario 3 hash of solution sent to client rainbow tables :)
Manual laborThere are two options:
Pay a bunch of monkeys
Or not... XXX Complete this captcha form to continue
Automated recognitionWere going to actually reproduce a human response for the given question
Can you understand my voice?
The sound sample is usually generated
Its hard to add noise to thegenerated speech without making it hard for the human
But can you read?
Sort of.....
The most common approach Greedy optimization – reverse engineer everything Character segmentation OCR
Possible security measures
Possible security measures Funky background image
Possible security measures Funky background image − usually can be removed with basic preprocessing
Possible security measures Funky background image − usually can be removed with basic preprocessing Text dist...
Possible security measures Funky background image − usually can be removed with basic preprocessing Text dist...
Possible security measures Funky background image − usually can be removed with basic preprocessing Text dist...
Beating segmentation
Beating segmentation  If a character signature can be extracted from only the vertical signature, charac...
Beating segmentationWe can otherwise ignore it!
Beating segmentationWe can otherwise ignore it!The following slides are about an experiment about this approach
A Monte-Carlo experiment Note: for testing performance, the variance of the characters has been kept to a minimumf(...
Training: − Select one character image at random − Select N black spots − Sort the points for uniqueness − Sub...
Recognition: − Make a score map for all points − Select the most appropriate character for each column − Pro...
An equivalent model input layer linear hidden layer (feature layer) threshold layers ...
An equivalent model input layer OCR linear hidden layer (feature l...
Hacking the OCR: To negate the effect the biases, for each image we add random noise in the white areas This will gre...
An more powerful model input layer Hacked OCR layer Score map output layer
Questions?
The demo source is hosted athttps://github.com/theshark08/howtobreakacaptcha01
Attacks Against Captcha Systems - DefCamp 2012
Attacks Against Captcha Systems - DefCamp 2012
Attacks Against Captcha Systems - DefCamp 2012
Upcoming SlideShare
Loading in …5
×

Attacks Against Captcha Systems - DefCamp 2012

1,934 views

Published on

no profile picture user

  • Be the first to comment

Attacks Against Captcha Systems - DefCamp 2012

  1. 1. Attacking CAPTCHAs explained Ioan – Carol Plangu
  2. 2. Whats a CAPTCHACompletelyAutomatedPublicTuring test to tellComputers andHumansApart
  3. 3. Three attack methods Implementation attack Automated recognition Manual labor
  4. 4. The implementation attackScenario 1 the image session id can be reused
  5. 5. The implementation attackScenario 1 the image session id can be reused id Restricted Captcha page form
  6. 6. The implementation attackScenario 2 the number of captcha tests is limited
  7. 7. The implementation attackScenario 2 the number of captcha tests is limited we just need to solve them all and store them in a hash table
  8. 8. The implementation attackScenario 3 hash of solution sent to client
  9. 9. The implementation attackScenario 3 hash of solution sent to client rainbow tables :)
  10. 10. Manual laborThere are two options:
  11. 11. Pay a bunch of monkeys
  12. 12. Or not... XXX Complete this captcha form to continue
  13. 13. Automated recognitionWere going to actually reproduce a human response for the given question
  14. 14. Can you understand my voice?
  15. 15. The sound sample is usually generated
  16. 16. Its hard to add noise to thegenerated speech without making it hard for the human
  17. 17. But can you read?
  18. 18. Sort of.....
  19. 19. The most common approach Greedy optimization – reverse engineer everything Character segmentation OCR
  20. 20. Possible security measures
  21. 21. Possible security measures Funky background image
  22. 22. Possible security measures Funky background image − usually can be removed with basic preprocessing
  23. 23. Possible security measures Funky background image − usually can be removed with basic preprocessing Text distortions
  24. 24. Possible security measures Funky background image − usually can be removed with basic preprocessing Text distortions − modern OCR techniques can beat it
  25. 25. Possible security measures Funky background image − usually can be removed with basic preprocessing Text distortions − modern OCR techniques can beat it Anti segmentation measures
  26. 26. Beating segmentation
  27. 27. Beating segmentation  If a character signature can be extracted from only the vertical signature, character segmentation becomes trivialA Low-cost Attack on a Microsoft CAPTCHA - Jeff Yan, Ahmad Salah El AhmadSchool of Computing Science, Newcastle University, UK
  28. 28. Beating segmentationWe can otherwise ignore it!
  29. 29. Beating segmentationWe can otherwise ignore it!The following slides are about an experiment about this approach
  30. 30. A Monte-Carlo experiment Note: for testing performance, the variance of the characters has been kept to a minimumf(x) → yx in binary( 0 - 2^3000 )y in 10^6
  31. 31. Training: − Select one character image at random − Select N black spots − Sort the points for uniqueness − Subtract the first point from all others for position independence − Assign it a weight for each character using the following formula: matched characters count / sample size − Assign it a score (indicates classification quality) selected digit weight / (1 + other digit weights)
  32. 32. Recognition: − Make a score map for all points − Select the most appropriate character for each column − Process the resulting string into a 6 digit string
  33. 33. An equivalent model input layer linear hidden layer (feature layer) threshold layers softmax layer
  34. 34. An equivalent model input layer OCR linear hidden layer (feature layer) without zero penalty == threshold layers No biases for the first layer (avoids the 2*binary - 1 effect) softmax layer
  35. 35. Hacking the OCR: To negate the effect the biases, for each image we add random noise in the white areas This will greatly improve the recognition in a noisy image
  36. 36. An more powerful model input layer Hacked OCR layer Score map output layer
  37. 37. Questions?
  38. 38. The demo source is hosted athttps://github.com/theshark08/howtobreakacaptcha01

×