Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Drag and Drop A Better Approach to CAPTCHA A.D.PATEL INSTITUTE OF TECHNOLOGY By: Arpan Desai &  Pragnesh Patadia Presented...
CAPTCHA???..
 
CAPTCHA A PROGRAM THAT CAN TELL WHETHER ITS USER IS A  HUMAN OR A COMPUTER
Courtesy By: The Newyorker
CAPTCHA A. MOST HUMANS CAN PASS B. CURRENT COMPUTER PROGRAMS CANNOT PASS A  PROGRAM  THAT CAN GENERATE AND GRADE TESTS THAT:
CAPTCHA <ul><li>C OMPLETELY </li></ul><ul><li>A UTOMATED </li></ul><ul><li>P UBLIC </li></ul><ul><li>T URING test to tell ...
HUMAN JUDGE TURING MACHINE CAPTCHA Turing Test Vs. CAPTCHA
<ul><li>FREE E-MAIL SERVICES </li></ul><ul><li>DATA COLLECTION </li></ul><ul><li>PREVENTING WORMS AND SPAM </li></ul><ul><...
MAIL SIGNUP
URL ADDING
( FROM  WWW.SLASHDOT.ORG) QUICKVOTE Which is the best Computer Science Grad School in the US? CMU MIT vote Berkeley Stanfo...
POLL RESULTS… <ul><li>CMU – ABOVE 21500 </li></ul><ul><li>MIT – ABOVE 20000 TO 21000 </li></ul><ul><li>REST – LESS THAN 15...
DOS ATTACKS
TYPES OF CAPTCHA <ul><li>BAFFLE TEXT </li></ul><ul><li>GIMPY / EZ-GIMPY </li></ul><ul><li>GIMPY-r </li></ul><ul><li>TICKET...
TEXT BASED CAPTCHA
CAPTCHA  CAN   BE BROKEN!!!! BUT…..
STILL, WHY CAPTCHA?.. <ul><li>We believe that precisely stating unsolved AI problems can accelerate the development of Art...
Animated CAPTCHA
 
Implicit CAPTCHA
 
rot CAPTCHA
Q & A Thanks CAPTCHA ANNOYANCE
Q & A Thanks
AUDIO CAPTCHA
CAPTCHA ANNOYANCE
DRAG AND DROP CAPTCHA <ul><li>Here the user will be given a standard CAPTCHA image. </li></ul><ul><li>Here the user needs ...
DRAG AND DROP
Drag and Drop Objectives <ul><li>Operational ease </li></ul><ul><li>Easy for Humans </li></ul><ul><li>Difficult for Comput...
DRAG AND DROP- Model
Algorithm <ul><li>Algorithm: DnD CAPTCHA </li></ul><ul><li>input: IC 1...i , DC 1...j,  DB 1...i </li></ul><ul><li>output:...
CAPTCHA THREATS <ul><li>Optical Character Recognition </li></ul><ul><li>Laundry Attacks </li></ul><ul><li>CAPTCHA Redirect...
OCR
CAPTCHA  SWEAT SHOPS SPAM COMPANIES HIRE HUMANS TO SOLVE CAPTCHAS  ALL DAY LONG $2.50 PER HOUR FOR EACH HUMAN 720 CAPTCHAS...
CAPTCHA REDIRECTION
CAPTCHA REDIRECTION Type the word in the box if you want to see the next picture Free Nude Photos
DIFFICULTY VARIANCE & THREAT SOLUTIONS <ul><li>How DnD demolish CAPTCHA threats? </li></ul><ul><li>Can it be the replaceme...
DnD and Smartphone <ul><li>How DnD demolish CAPTCHA  </li></ul><ul><li>‘ I’, ‘l’, ‘1’ distinction </li></ul><ul><li>Langua...
DEMO
FEEDBACK
CONCLUSION <ul><li>Intellectual independent </li></ul><ul><li>Language independent </li></ul><ul><li>Solution for possible...
REFERENCES [1]. en.wikipedia.org [2]. “Protecting Websites with Reading Based CAPTCHAs” by Henry S. Baird and Mark Luk, Ca...
CONTACT arpanvdesai at hotmail dot com IMAGE FILE Questions ?
 
Upcoming SlideShare
Loading in …5
×

Drag And Drop CAPTCHA : A better Approach To CAPTCHA

11,200 views

Published on


Hi, This is the presentation which was delivered on Drag and Drop CAPTCHA, in IEEE International Conference Indicon 2009.
http://ewh.ieee.org/r10/gujarat/indicon2009/index.html

This paper basically displays new approach to CAPTCHA and avoid possible threats against the laundry attacks and OCRs.

You can find the Research Paper of IEEE at IEEE Xplore.

And for more information check the updates on: http://dndcaptcha.blogspot.com

For Educational or technical reason you may directly mail me on desaiguddu@gmail.com

Published in: Education

Drag And Drop CAPTCHA : A better Approach To CAPTCHA

  1. 1. Drag and Drop A Better Approach to CAPTCHA A.D.PATEL INSTITUTE OF TECHNOLOGY By: Arpan Desai & Pragnesh Patadia Presented At: IEEE Indicon 2009, DAIICT { arpanvdesai , prpatadia } [at] gmail [dot] com
  2. 2. CAPTCHA???..
  3. 4. CAPTCHA A PROGRAM THAT CAN TELL WHETHER ITS USER IS A HUMAN OR A COMPUTER
  4. 5. Courtesy By: The Newyorker
  5. 6. CAPTCHA A. MOST HUMANS CAN PASS B. CURRENT COMPUTER PROGRAMS CANNOT PASS A PROGRAM THAT CAN GENERATE AND GRADE TESTS THAT:
  6. 7. CAPTCHA <ul><li>C OMPLETELY </li></ul><ul><li>A UTOMATED </li></ul><ul><li>P UBLIC </li></ul><ul><li>T URING test to tell </li></ul><ul><li>C OMPUTERS and </li></ul><ul><li>H UMANS </li></ul><ul><li>A PART </li></ul>
  7. 8. HUMAN JUDGE TURING MACHINE CAPTCHA Turing Test Vs. CAPTCHA
  8. 9. <ul><li>FREE E-MAIL SERVICES </li></ul><ul><li>DATA COLLECTION </li></ul><ul><li>PREVENTING WORMS AND SPAM </li></ul><ul><li>PREVENTING DICTIONARY ATTACKS </li></ul><ul><li>PREVENT FAKE ONLINE POLLS </li></ul><ul><li>PREVENT DOS ATTACKS </li></ul>APPLICATIONS
  9. 10. MAIL SIGNUP
  10. 11. URL ADDING
  11. 12. ( FROM WWW.SLASHDOT.ORG) QUICKVOTE Which is the best Computer Science Grad School in the US? CMU MIT vote Berkeley Stanford Cornell Washington ONLINE POLLS
  12. 13. POLL RESULTS… <ul><li>CMU – ABOVE 21500 </li></ul><ul><li>MIT – ABOVE 20000 TO 21000 </li></ul><ul><li>REST – LESS THAN 1500 </li></ul>Reason For This Surprising Results ?? BOTS AND SPIDERS
  13. 14. DOS ATTACKS
  14. 15. TYPES OF CAPTCHA <ul><li>BAFFLE TEXT </li></ul><ul><li>GIMPY / EZ-GIMPY </li></ul><ul><li>GIMPY-r </li></ul><ul><li>TICKET MASTER </li></ul><ul><li>BONGO </li></ul><ul><li>PIX </li></ul><ul><li>MAILBLOCK etc… </li></ul>
  15. 16. TEXT BASED CAPTCHA
  16. 17. CAPTCHA CAN BE BROKEN!!!! BUT…..
  17. 18. STILL, WHY CAPTCHA?.. <ul><li>We believe that precisely stating unsolved AI problems can accelerate the development of Artificial Intelligence: most AI problems that have been precisely stated and publicized have eventually been solved (take chess as an example). </li></ul><ul><li>If the underlying AI problem is useful, a CAPTCHA implies a WIN-WIN situation: either the CAPTCHA is not broken and there is a way to differentiate humans from computers, or the CAPTCHA is broken and a useful AI problem is solved. </li></ul>
  18. 19. Animated CAPTCHA
  19. 21. Implicit CAPTCHA
  20. 23. rot CAPTCHA
  21. 24. Q & A Thanks CAPTCHA ANNOYANCE
  22. 25. Q & A Thanks
  23. 26. AUDIO CAPTCHA
  24. 27. CAPTCHA ANNOYANCE
  25. 28. DRAG AND DROP CAPTCHA <ul><li>Here the user will be given a standard CAPTCHA image. </li></ul><ul><li>Here the user needs to drag and drop the correct alphabets or numbers in correct sequence, instead of typing them. (Continue….) </li></ul>
  26. 29. DRAG AND DROP
  27. 30. Drag and Drop Objectives <ul><li>Operational ease </li></ul><ul><li>Easy for Humans </li></ul><ul><li>Difficult for Computers </li></ul><ul><li>Bandwidth Criteria </li></ul><ul><li>Implementation </li></ul><ul><li>Maintenance </li></ul>
  28. 31. DRAG AND DROP- Model
  29. 32. Algorithm <ul><li>Algorithm: DnD CAPTCHA </li></ul><ul><li>input: IC 1...i , DC 1...j, DB 1...i </li></ul><ul><li>output: Done </li></ul><ul><li>Four actions: </li></ul><ul><li>1. Place upward. </li></ul><ul><li>2. Bring back </li></ul><ul><li>3. Exchange </li></ul><ul><li>4. Submit </li></ul>
  30. 33. CAPTCHA THREATS <ul><li>Optical Character Recognition </li></ul><ul><li>Laundry Attacks </li></ul><ul><li>CAPTCHA Redirection </li></ul>
  31. 34. OCR
  32. 35. CAPTCHA SWEAT SHOPS SPAM COMPANIES HIRE HUMANS TO SOLVE CAPTCHAS ALL DAY LONG $2.50 PER HOUR FOR EACH HUMAN 720 CAPTCHAS PER HOUR PER HUMAN 1/3 CENT PER ACCOUNT LAUNDRY ATTACKS
  33. 36. CAPTCHA REDIRECTION
  34. 37. CAPTCHA REDIRECTION Type the word in the box if you want to see the next picture Free Nude Photos
  35. 38. DIFFICULTY VARIANCE & THREAT SOLUTIONS <ul><li>How DnD demolish CAPTCHA threats? </li></ul><ul><li>Can it be the replacement to current approaches? </li></ul>
  36. 39. DnD and Smartphone <ul><li>How DnD demolish CAPTCHA </li></ul><ul><li>‘ I’, ‘l’, ‘1’ distinction </li></ul><ul><li>Language independent </li></ul>
  37. 40. DEMO
  38. 41. FEEDBACK
  39. 42. CONCLUSION <ul><li>Intellectual independent </li></ul><ul><li>Language independent </li></ul><ul><li>Solution for possible threats </li></ul><ul><li>Definite way for distinguish Computer and Human </li></ul>
  40. 43. REFERENCES [1]. en.wikipedia.org [2]. “Protecting Websites with Reading Based CAPTCHAs” by Henry S. Baird and Mark Luk, California [3]. “Telling Humans And Computers Apart Automatically OR How Lazy Cryptographers Do AI” by Luis von Ahn, Manuel Blum, and JohnLangford. [4]. “Visual Reverse Turing Tests: A False Sense of Security” by Miroslav Ponec in 7th Annual IEEE Information Assurance Workshop, New York, 2006 5]. “Using Machine Learning to Break Visual Human Interaction Proofs” by Kumar Chellapilla and Patrice Y. Simard. [6]. “Recognizing Objects in Adversarial Clutter: Breaking a Visual CAPTCHA” by Jitendra Malik And Greg Mori [7]. “Enhanced CAPTCHAs: Using Animation to Tell Humans and Computers Apart” by Elias Athanasopoulos and Spiros Antonatos.
  41. 44. CONTACT arpanvdesai at hotmail dot com IMAGE FILE Questions ?

×