Open Access Open Access  Restricted Access Subscription Access

Extended Security Analysis of Hollow Captchas

Haichang Gao,
Ping Wang,
Jeff Yan,
Mengyun Tang,
Fang Cao,

Abstract


Text-based Captchas are now most widely used security technology for differentiating between computers and humans. Hollow Captchas have emerged as one of the latest designs, and they have been deployed by more and more major companies. Besides Yahoo!, Tencent, Sina, China Mobile and Baidu, some other websites, especially for higher security requirement shopping websites are also using this scheme. A main feature of such schemes is to use contour lines to form connected hollow characters with the aim of improving security and usability simultaneously. It is hard for standard techniques to segment and recognize such connected characters, which are however easy for human eyes. In this paper, we provide a systematic security analysis of hollow Captchas. We show that with a simple but novel attack, we can break most hollow Captchas with a relatively high success rate, including those deployed by the major companies. Our attack for the first time combines segmentation and recognition in a single step. We also discuss lessons and guidelines for designing better Captchas.


Citation Format:
Haichang Gao, Ping Wang, Jeff Yan, Mengyun Tang, Fang Cao, "Extended Security Analysis of Hollow Captchas," Journal of Internet Technology, vol. 19, no. 4 , pp. 1075-1088, Jul. 2018.

Full Text:

PDF

Refbacks

  • There are currently no refbacks.





Published by Executive Committee, Taiwan Academic Network, Ministry of Education, Taipei, Taiwan, R.O.C
JIT Editorial Office, Library and Information Center, National Dong Hwa University
No. 1, Sec. 2, Da Hsueh Rd. Shoufeng, Hualien 97401, Taiwan, R.O.C.
Tel: +886-3-931-7017  E-mail: jit.editorial@gmail.com