iCAPTCHA: The Next Generation of CAPTCHA Designed to Defend Against 3rd Party Human Attacks

Free registration required

Executive Summary

CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) is a simple test that is easy for humans but extremely difficult for computers to solve. CAPTCHA has been widely used in commercial websites such as web-based email providers, TicketMaster, GoDaddy, and Facebook to protect their resources from attacks initiated by automatic scripts. By design, CAPTCHA is unable to distinguish between a human attacker and a legitimate human user. This leaves websites using CAPTCHA vulnerable to 3rd party human CAPTCHA attacks. In order to demonstrate the vulnerabilities in existing CAPTCHA technologies the authors develop a new streamlined human-based CAPTCHA attack that uses Instant Messenger infrastructure.

  • Format: PDF
  • Size: 679.6 KB