Successfully reported this slideshow.

Attacks Against Captcha Systems - DefCamp 2012

1

Share

Dec. 17, 2012
1 like 2,183 views
Upcoming SlideShare
OpenLayers 3.0
OpenLayers 3.0
Loading in …3
×
1 of 41
1 of 41

Attacks Against Captcha Systems - DefCamp 2012

Dec. 17, 2012
1 like 2,183 views

1

Share

Download to read offline

Recommended

More Related Content

Similar to Attacks Against Captcha Systems - DefCamp 2012

Generate an Encryption Key by using Biometric Cryptosystems to secure transfe...
IOSR Journals
A MULTI-LAYER ARABIC TEXT STEGANOGRAPHIC METHOD BASED ON LETTER SHAPING
IJNSA Journal
SYLLABLE-BASED SPEECH RECOGNITION SYSTEM FOR MYANMAR
ijcseit
Autonomous Educational Testing System Using Unsupervised Feature Learning
IJITE
Anomalous payload based network intrusion detection
UltraUploader
5215ijcseit01
ijcsit
Autonomous Educational Testing System Using Unsupervised Feature Learning.
IJITE
An incremental learning based framework for image spam filtering
IJCSEA Journal
SYLLABLE-BASED SPEECH RECOGNITION SYSTEM FOR MYANMAR
ijcseit
A FRAMEWORK FOR DEVANAGARI SCRIPT-BASED CAPTCHA
ijait
Subjective evaluation answer ppt
Mrunal Pagnis
SYLLABLE-BASED SPEECH RECOGNITION SYSTEM FOR MYANMAR
ijcseit
Steganography presentation
BSheghembe
Image compression using negative format
eSAT Journals
A Novel Biometric Technique Benchmark Analysis For Selection Of Best Biometri...
CSCJournals
K0815660
IOSR Journals
IRJET- Secure Data Access on Distributed Database using Skyline Queries
IRJET Journal
Improved security system using steganography and elliptic curve crypto...
atanuanwesha
DB-OLS: An Approach for IDS1
IJITE
TEXT STEGANOGRAPHIC APPROACHES: A COMPARISON
IJNSA Journal

More from DefCamp

Remote Yacht Hacking
DefCamp
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
DefCamp
The Charter of Trust
DefCamp
Internet Balkanization: Why Are We Raising Borders Online?
DefCamp
Bridging the gap between CyberSecurity R&D and UX
DefCamp
Secure and privacy-preserving data transmission and processing using homomorp...
DefCamp
Drupalgeddon 2 – Yet Another Weapon for the Attacker
DefCamp
Economical Denial of Sustainability in the Cloud (EDOS)
DefCamp
Trust, but verify – Bypassing MFA
DefCamp
Threat Hunting: From Platitudes to Practical Application
DefCamp
Building application security with 0 money down
DefCamp
Implementation of information security techniques on modern android based Kio...
DefCamp
Lattice based Merkle for post-quantum epoch
DefCamp
The challenge of building a secure and safe digital environment in healthcare
DefCamp
Timing attacks against web applications: Are they still practical?
DefCamp
Tor .onions: The Good, The Rotten and The Misconfigured
DefCamp
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
DefCamp
We will charge you. How to [b]reach vendor’s network using EV charging station.
DefCamp
Connect & Inspire Cyber Security
DefCamp
The lions and the watering hole
DefCamp

Featured

What to Upload to SlideShare
SlideShare
Be A Great Product Leader (Amplify, Oct 2019)
Adam Nash
Trillion Dollar Coach Book (Bill Campbell)
Eric Schmidt
APIdays Paris 2019 - Innovation @ scale, APIs as Digital Factories' New Machi...
apidays
A few thoughts on work life-balance
Wim Vanderbauwhede
Is vc still a thing final
Mark Suster
The GaryVee Content Model
Gary Vaynerchuk
Mammalian Brain Chemistry Explains Everything
Loretta Breuning, PhD
Blockchain + AI + Crypto Economics Are We Creating a Code Tsunami?
Dinis Guarda
The AI Rush
Jean-Baptiste Dumont
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
Carol Smith
10 facts about jobs in the future
Pew Research Center's Internet & American Life Project
Harry Surden - Artificial Intelligence and Law Overview
Harry Surden
Inside Google's Numbers in 2017
Rand Fishkin
Pinot: Realtime Distributed OLAP datastore
Kishore Gopalakrishna
How to Become a Thought Leader in Your Niche
Leslie Samuel
Visual Design with Data
Seth Familian
Designing Teams for Emerging Challenges
Aaron Irizarry
UX, ethnography and possibilities: for Libraries, Museums and Archives
Ned Potter
Winners and Losers - All the (Russian) President's Men
Ian Bremmer

Related Books

Free with a 14 day trial from Scribd

See all
Hot Seat: What I Learned Leading a Great American Company Jeff Immelt
(4.5/5)
Free
Ladies Get Paid: The Ultimate Guide to Breaking Barriers, Owning Your Worth, and Taking Command of Your Career Claire Wasserman
(5/5)
Free
The Ministry of Common Sense: How to Eliminate Bureaucratic Red Tape, Bad Excuses, and Corporate BS Martin Lindstrom
(4/5)
Free
Believe IT: How to Go from Underestimated to Unstoppable Jamie Kern Lima
(4.5/5)
Free
We Should All Be Millionaires: A Woman’s Guide to Earning More, Building Wealth, and Gaining Economic Power Rachel Rodgers
(4.5/5)
Free
How to Lead: Wisdom from the World's Greatest CEOs, Founders, and Game Changers David M. Rubenstein
(4.5/5)
Free
Ask for More: 10 Questions to Negotiate Anything Alexandra Carter
(4/5)
Free
Bezonomics: How Amazon Is Changing Our Lives and What the World's Best Companies Are Learning from It Brian Dumaine
(4/5)
Free
No Filter: The Inside Story of Instagram Sarah Frier
(4.5/5)
Free
Inclusify: The Power of Uniqueness and Belonging to Build Innovative Teams Stefanie K. Johnson
(0/5)
Free
How I Built This: The Unexpected Paths to Success from the World's Most Inspiring Entrepreneurs Guy Raz
(4.5/5)
Free
Blue-Collar Cash: Love Your Work, Secure Your Future, and Find Happiness for Life Ken Rusk
(4/5)
Free

Related Audiobooks

Free with a 14 day trial from Scribd

See all
Larger Than Yourself: Reimagine Industries, Lead with Purpose & Grow Ideas into Movements Thibault Manekin
(5/5)
Free
The One Week Marketing Plan: The Set It & Forget It Approach for Quickly Growing Your Business Mark Satterfield
(4.5/5)
Free
Your Work from Home Life: Redefine, Reorganize and Reinvent Your Remote Work (Tips for Building a Home-Based Working Career) M.J. Fievre
(4/5)
Free
Full Out: Lessons in Life and Leadership from America's Favorite Coach Monica Aldama
(4/5)
Free
Outstanding Leadership Stan Toler
(4/5)
Free
Four Thousand Weeks: Time Management for Mortals Oliver Burkeman
(5/5)
Free
The Power of Conflict: Speak Your Mind and Get the Results You Want Jon Taffer
(2.5/5)
Free
You're Cute When You're Mad: Simple Steps for Confronting Sexism Scribd Originals Audio
(4/5)
Free
Twelve and a Half: Leveraging the Emotional Ingredients Necessary for Business Success Gary Vaynerchuk
(5/5)
Free
Disrupting the Game: From the Bronx to the Top of Nintendo Reggie Fils-Aimé
(5/5)
Free
Subtract: The Untapped Science of Less Leidy Klotz
(4/5)
Free
The Three Happy Habits: Techniques Leaders Use to Fight Burnout, Build Resilience and Create Thriving Workplace Cultures Beth Ridley
(4.5/5)
Free
Own the Arena: Getting Ahead, Making a Difference, and Succeeding as the Only One Katrina M. Adams
(5/5)
Free
Just Work: How to Root Out Bias, Prejudice, and Bullying to Build a Kick-Ass Culture of Inclusivity Kimberly Scott
(3.5/5)
Free
Pressure Makes Diamonds: Becoming the Woman I Pretended to Be Valerie Graves
(4.5/5)
Free
Nailing the Interview: A Comprehensive Guide to Job Interviewing Imran Afzal
(4.5/5)
Free

Attacks Against Captcha Systems - DefCamp 2012

  1. 1. Attacking CAPTCHAs explained Ioan – Carol Plangu
  2. 2. What's a CAPTCHA Completely Automated Public Turing test to tell Computers and Humans Apart
  3. 3. Three attack methods  Implementation attack  Automated recognition  Manual labor
  4. 4. The implementation attack Scenario 1 the image session id can be reused
  5. 5. The implementation attack Scenario 1 the image session id can be reused id Restricted Captcha page form
  6. 6. The implementation attack Scenario 2 the number of captcha tests is limited
  7. 7. The implementation attack Scenario 2 the number of captcha tests is limited we just need to solve them all and store them in a hash table
  8. 8. The implementation attack Scenario 3 hash of solution sent to client
  9. 9. The implementation attack Scenario 3 hash of solution sent to client rainbow tables :)
  10. 10. Manual labor There are two options:
  11. 11. Pay a bunch of monkeys
  12. 12. Or not... XXX Complete this captcha form to continue
  13. 13. Automated recognition We're going to actually reproduce a human response for the given question
  14. 14. Can you understand my voice?
  15. 15. The sound sample is usually generated
  16. 16. It's hard to add noise to the generated speech without making it hard for the human
  17. 17. But can you read?
  18. 18. Sort of.....
  19. 19. The most common approach  Greedy optimization – reverse engineer everything  Character segmentation  OCR
  20. 20. Possible security measures
  21. 21. Possible security measures  Funky background image
  22. 22. Possible security measures  Funky background image − usually can be removed with basic preprocessing
  23. 23. Possible security measures  Funky background image − usually can be removed with basic preprocessing  Text distortions
  24. 24. Possible security measures  Funky background image − usually can be removed with basic preprocessing  Text distortions − modern OCR techniques can beat it
  25. 25. Possible security measures  Funky background image − usually can be removed with basic preprocessing  Text distortions − modern OCR techniques can beat it  Anti segmentation measures
  26. 26. Beating segmentation
  27. 27. Beating segmentation  If a character signature can be extracted from only the vertical signature, character segmentation becomes trivial A Low-cost Attack on a Microsoft CAPTCHA - Jeff Yan, Ahmad Salah El Ahmad School of Computing Science, Newcastle University, UK
  28. 28. Beating segmentation We can otherwise ignore it!
  29. 29. Beating segmentation We can otherwise ignore it! The following slides are about an experiment about this approach
  30. 30. A Monte-Carlo experiment  Note: for testing performance, the variance of the characters has been kept to a minimum f(x) → y x in binary( 0 - 2^3000 ) y in 10^6
  31. 31. Training: − Select one character image at random − Select N black spots − Sort the points for uniqueness − Subtract the first point from all others for position independence − Assign it a 'weight' for each character using the following formula: matched characters count / sample size − Assign it a 'score' (indicates classification quality) selected digit weight / (1 + other digit weights)
  32. 32. Recognition: − Make a score map for all points − Select the most appropriate character for each column − Process the resulting string into a 6 digit string
  33. 33. An equivalent model input layer linear hidden layer (feature layer) threshold layers softmax layer
  34. 34. An equivalent model input layer OCR linear hidden layer (feature layer) without zero penalty == threshold layers No biases for the first layer (avoids the 2*binary - 1 effect) softmax layer
  35. 35. Hacking the OCR: To negate the effect the biases, for each image we add random noise in the white areas This will greatly improve the recognition in a noisy image
  36. 36. An more powerful model input layer Hacked OCR layer Score map output layer
  37. 37. Questions?
  38. 38. The demo source is hosted at https://github.com/theshark08/howtobreakacaptcha01

×