Geo captcha - a novel personalized captcha using geographic
Introduction to CAPTCHA
Good CAPTCHA properties
Types of CAPTCHA
Advantages of existing CAPTCHA
Disadvantages of existing CAPTCHA
Geo-CAPTCHA Passing HIP test Condition
CAPTCHA -Completely Automated Public
Turing test to tell Computers and
CAPTCHA program generates the challenges.
It recognize the humans’ behaviours.
It tells humans and computers apart.
Security:The security dimension determines
its strength for preventing the variant attacks.
Usability: usability dimension determines the
necessity of ”user friendly” when CAPTCHA is
CATCHA has been used extensively in online
Online Ticket Reservation,
Web-based E-mail Service
It makes impossible for computers to pass
the CAPTCHA challenges.
It prevent Botnet attacks.
It prevents the spam attacks.
Existing CAPTCHA is vulnerable to :
The third Party Human Attack
Phishing, Session Hijacking, Relay Attacks
and Man in the Middle Attacks
Key-logger and Hidden Camera
Its personalized image base CAPTCHA.
It identifies Legitimate and Illegitimate users.
It generates lot of personalized challenges which
makes it suitable for cloud computing applications.
It non-recordable & OCR can’t defeat it.
Its specifically designed to deal with third party
It also prevents Automatic programming attacks.
Idea :To use a geographic scene image.
Image is privately known to each user.
Working : Generates a set of candidate
images for a location selected by each user.
User selects a geo-location image from the
This is registered private image to be used as
the correct answer to the challenges.
The challenges are vertically and horizontally
rotated images of the registered private
Fig(1)The random challenge
of any angle
Fig(2)The rotated solution
of correct angle street
Condition :Security threshold condition
if | GH(x)- GH(y) <= T | then pass HIP test.
GH(x)- denotes the function to calculate the hash
value of image x.
GH(y)- denotes the function to calculate the hash
value of image y.
T- we define a error threshold .
1. U User’s log-in account;
2. PW User’s log-in password;
3. A Pick a personalized Geo-location
image which only known to the user;
x and Qu
5. R G(Qu
6. S Pick a solution image from R;
7. Save the h, p , (Qu
y ), U and PW to
U User’s log-in account;
while U is true do
x and Qu
Broken by OCR
No Text-based: Yes
Fixed & Static Yes Yes
Geo-CAPTCHA Fixed & Dynamic No No
Fail Pass Pass
Pass Pass Fail
Geo-CAPTCHA Fail Pass Fail