Attacks Against Captcha Systems - DefCamp 2012

1. Attacking CAPTCHAs explained Ioan – Carol Plangu

2. Whats a CAPTCHACompletelyAutomatedPublicTuring test to tellComputers andHumansApart

3. Three attack methods Implementation attack Automated recognition Manual labor

4. The implementation attackScenario 1 the image session id can be reused

5. The implementation attackScenario 1 the image session id can be reused id Restricted Captcha page form

6. The implementation attackScenario 2 the number of captcha tests is limited

7. The implementation attackScenario 2 the number of captcha tests is limited we just need to solve them all and store them in a hash table

8. The implementation attackScenario 3 hash of solution sent to client

9. The implementation attackScenario 3 hash of solution sent to client rainbow tables :)

10. Manual laborThere are two options:

11. Pay a bunch of monkeys

12. Or not... XXX Complete this captcha form to continue

13. Automated recognitionWere going to actually reproduce a human response for the given question

14. Can you understand my voice?

15. The sound sample is usually generated

16. Its hard to add noise to thegenerated speech without making it hard for the human

17. But can you read?

18. Sort of.....

19. The most common approach Greedy optimization – reverse engineer everything Character segmentation OCR

20. Possible security measures

21. Possible security measures Funky background image

22. Possible security measures Funky background image − usually can be removed with basic preprocessing

23. Possible security measures Funky background image − usually can be removed with basic preprocessing Text distortions

24. Possible security measures Funky background image − usually can be removed with basic preprocessing Text distortions − modern OCR techniques can beat it

25. Possible security measures Funky background image − usually can be removed with basic preprocessing Text distortions − modern OCR techniques can beat it Anti segmentation measures

26. Beating segmentation

27. Beating segmentation  If a character signature can be extracted from only the vertical signature, character segmentation becomes trivialA Low-cost Attack on a Microsoft CAPTCHA - Jeff Yan, Ahmad Salah El AhmadSchool of Computing Science, Newcastle University, UK

28. Beating segmentationWe can otherwise ignore it!

29. Beating segmentationWe can otherwise ignore it!The following slides are about an experiment about this approach

30. A Monte-Carlo experiment Note: for testing performance, the variance of the characters has been kept to a minimumf(x) → yx in binary( 0 - 2^3000 )y in 10^6

31. Training: − Select one character image at random − Select N black spots − Sort the points for uniqueness − Subtract the first point from all others for position independence − Assign it a weight for each character using the following formula: matched characters count / sample size − Assign it a score (indicates classification quality) selected digit weight / (1 + other digit weights)

32. Recognition: − Make a score map for all points − Select the most appropriate character for each column − Process the resulting string into a 6 digit string

33. An equivalent model input layer linear hidden layer (feature layer) threshold layers softmax layer

34. An equivalent model input layer OCR linear hidden layer (feature layer) without zero penalty == threshold layers No biases for the first layer (avoids the 2*binary - 1 effect) softmax layer

35. Hacking the OCR: To negate the effect the biases, for each image we add random noise in the white areas This will greatly improve the recognition in a noisy image

36. An more powerful model input layer Hacked OCR layer Score map output layer

37. Questions?

38. The demo source is hosted athttps://github.com/theshark08/howtobreakacaptcha01