Abstract
The online websites are accessed by millions of people and the information present on it holds value. To secure them from attacker, one such mechanism is “Completely Automated Public Turing Test to keep the Computers and Humans Apart”. They are used to ensure that internet user’s activity is performed by humans only and not the bots. CAPTCHAs are solved by people every day to prevent Denial of Service attack and online spam attack. But unfortunately, it is now possible to break them by using Machine Learning. This paper presents, the Vulnerabilities related to Text-based CAPTCHA System, compromised system using Machine Learning and proposed Algorithm. A Threat Modeling was performed on the website using a Text-based CAPTCHA System in order to discover various Attack Vectors with the help of a Tool and performs detailed analysis on affected areas. Lastly, a solution is provided to the website service provider to overcome the exsisting system flaws and also to make them even more strong and secure.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Chandavale, A.A., Sapkal, A.M., Jalnekar, R.M.: Algorithm to break visual CAPTCHA. In: 2009 2nd International Conference on IEEE Emerging Trends in Engineering and Technology (ICETET) (2009)
Moradi, M., Keyvanpour, M.: CAPTCHA and its alternatives: a review. Secur. Commun. Networks 8(12), 2135–2156 (2015)
Lee, Y.-L., Hsu, C.-H.: Usability study of text-based CAPTCHAs. Displays 32(2), 81–86 (2011)
Zhang, T., Zheng, H., Zhang, L.: Verification CAPTCHA based on deep learning. In: 2018 37th Chinese Control Conference (CCC), Wuhan, pp. 9056–9060 (2018)
Lung, J.: Ethical and legal considerations of reCAPTCHA. In: 2012 Tenth Annual International Conference on Privacy, Security and Trust (PST). IEEE (2012)
Darnstädt, M., Meutzner, H., Kolossa, D.: Reducing the cost of breaking audio CAPTCHAs by active and semi-supervised learning. In: 2014 13th International Conference on Machine Learning and Applications (ICMLA). IEEE (2014)
Sharma, S., Seth, N.: Survey of text CAPTCHA techniques and attacks. Int. J. Eng. Trends Technol. 22(6) (2015)
Al-Fannah, N.M.: Making defeating CAPTCHAs harder for bots. arXiv preprint arXiv:1704.02803 (2017)
Sharma, P., Tyagi, N., Singhal, D.: CAPTCHAs: vulnerability to attacks. Int. J. Emerg. Trends Technol. Comput. Sci. 2(2) (2013)
Azad, S., Jain, K.: CAPTCHA: attacks and weaknesses against OCR technology. Global J. Comput. Sci. Technol. 13, 14–18 (2013)
Singh, V.P., Pal, P.: Survey of different types of CAPTCHA. Int. J. Comput. Sci. Inf. Technol. 5(2), 2242–2245 (2014)
Yan, J., El Ahmad, A.S.: Breaking visual CAPTCHAs with naive pattern recognition algorithms. In: Twenty-Third Annual Computer Security Applications Conference, ACSAC 2007. IEEE (2007)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Suvarna, D., Pathak, S. (2020). Threat Modeling for Breaking of CAPTCHA System. In: Pandian, A., Ntalianis, K., Palanisamy, R. (eds) Intelligent Computing, Information and Control Systems. ICICCS 2019. Advances in Intelligent Systems and Computing, vol 1039. Springer, Cham. https://doi.org/10.1007/978-3-030-30465-2_12
Download citation
DOI: https://doi.org/10.1007/978-3-030-30465-2_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30464-5
Online ISBN: 978-3-030-30465-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)