Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.



Published on

  • Be the first to comment

  • Be the first to like this


  1. 1. Presented by Srirupa Das (14300211048) Subhajit Karmakar (14300211049) Sumadhura Biswas (14300211051) Suman Bose (14300211052) IT Dept. GNIT 1
  2. 2. “ Completely Automated Public Turing Test to tell that Computer and Human are Apart ” WHAT IS CAPTCHA ? IT Dept. GNIT 2
  3. 3.  A program that can tell whether its user is a human or a computer.  It is administered by a machine and targeted to a human.  Contrast to the standard Turing test that is typically administered by a human and targeted to a machine The Turing test is a proposal for a test of a machine's capability to demonstrate intelligence. CONTD… IT Dept. GNIT 3
  4. 4. BACKGROUND  First concept of Turing test was described by Alan Turing in 1950.  Automated tests for controlling access to web services were first discussed in 1996.  Primitive CAPTCHAs was developed by Andrei Broder and his colleagues at AltaVista in1997.  Research to make images resistant to OCR.  In 2000, Luis von Ahn and Manuel Blum developed and publicized the notion of a CAPTCHA. IT Dept. GNIT 4
  5. 5. CONTD… CAPTCHAs are based on open AI problems. Breaking CAPTCHAs help advance AI by solving these open problems. Improving CAPTCHAs help telling computers and human apart. IT Dept. GNIT 5
  6. 6. APPLICATION  Email services.  Online Polls.  Dictionary attacks.  Protecting website registration.  SPAM.  Newsgroup , Blogs etc. IT Dept. GNIT 6
  7. 7. TYPES OF CAPTCHA 1. Text based captcha a) Gimpy , ez-gimpy b) Gimpy-r , Google captcha c) Simard ‘s HIP 2. Graphics based captcha a) Bongo b) Pix 3. Audio based captcha IT Dept. GNIT 7
  8. 8. TEXT BASED CAPTCHA :  Gimpy :Initially used by yahoo. In this captcha two steps are followed as: 1. Pick a word or words from small dictionary. 2. Distort them and add noise and background.  Gimpy-r :This was used by Google. Steps followed are : 1. Pick random letters. 2. Distort them , add noise and background. IT Dept. GNIT 8
  9. 9. CONTD…  Simard’s :Here further advancements are been made . steps are as follows: 1. Pick random letters and numbers. 2. Distort them and add arc. IT Dept. GNIT 9
  10. 10. GRAPHICS BASED CAPTCHA :  Bongo : Following steps are- 1) Display two series of blocks. 2) User must used characteristic. 3) User is asked to determine the series.  Pix : Steps followed in its usage are : 1) Create a large database of labeled images. 2) Pick a concrete object. 3) Pick four images of the object from database. 4) Distort the images. 5) Ask the user to pick the object for a list of words. IT Dept. GNIT 10
  11. 11. AUDIO BASED CAPTCHA : These are based on human ability to depict sound , that may be distorted . Steps are: 1) Pick a word or a sequence of numbers at random. 2) Render them into an audio clip. 3) Distort the audio clip. 4) Ask the user to identify and type the word. IT Dept. GNIT 11
  12. 12. BREAK: INSECURE IMPLEMENTATION  Re-using the session ID of a known CAPTCHA image.  Other CAPTCHA use a hash of the solution as a key passed to the client to validate. Often it is small enough size that it can be cracked.  Other implementations use only a small fixed pool of CAPTCHA images (Asirra – 3 millions). 12 IT Dept. GNIT
  13. 13. BREAK: CHARACTER RECOG.(OCR)  OCR have the following functions:  Extraction of the image from the web page  Pre-processes images to improve the chances of successful recognition.  Segmentation, i.e. splitting the image into regions each containing a single letter;  Identifying the letter for each region. 13 IT Dept. GNIT
  14. 14. BREAK: HUMAN SOLVERS Attacks that uses humans to solve the puzzles. Approaches:  relaying the captchas to a sweatshop of human operators who can solve CAPTCHAs.  copying the CAPTCHA images and using them as CAPTCHAs for a high-traffic site owned by the attacker. 14 IT Dept. GNIT
  15. 15. RECAPTCHA  The words displayed to the user come directly from old books that are being digitized.  Words that OCR could not identify.  Pairs an unknown word with a known one.  Distorts them both and puts a line through them and then sent them to be proofread. 15 IT Dept. GNIT
  16. 16.  Things to keep in mind :- Don’t store CAPTCHA solution in web page’s metadata. A CAPTCHA is no good if it doesn’t distort. Need a large database of different CAPTCHA questions. Avoid repetition of question. IT Dept. GNIT 16
  17. 17.  Present the question to the user.  Evaluate the answer, if incorrect start again - Generate a different CAPTCHA.  Persist the correct answer.  If correct , allow the access to the user.  Generate the question. IT Dept. GNIT 17
  18. 18. CONCLUSION Captchas are an effective way to and reduce spam. They serves dual purpose- help advance AI knowledge. Applications are varied from stopping bots to character reorganization and pattern matching. IT Dept. GNIT 18