The Robustness of Google Captchas
Date: May 2011
Publisher: School of Computer Science, Newcastle University
Source 1: https://prof-jeffyan.github.io/google.pdf
Source 2: https://pdfs.semanticscholar.org/b827/c8780ecdb361823232ff192d6608bfb8c9df.pdf
Abstract or Summary:
We report a novel attack on two CAPTCHAs that have been widely deployed on the Internet, one being Google's home design and the other acquired by Google (i.e. reCAPTCHA). With a minor change, our attack program also works well on the latest ReCAPTCHA version, which uses a new defence mechanism that was unknown to us when we designed our attack. This suggests that our attack works in a fundamental level. Our attack appears to be applicable to a whole family of text CAPTCHAs that build on top of the popular segmentation-resistant mechanism of "crowding character together" for security. Next, we propose a novel framework that guides the application of our well-tested security engineering methodology for evaluating CAPTCHA robustness, and we propose a new general principle for CAPTCHA design.
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.