Comparative Analysis of CAPTCHA Based Techniques : A Review

Similar documents
Enhancing Cloud Security By: Gotcha (Generating Panoptic Turing Tests to Tell Computers and Human Aparts)

SK International Journal of Multidisciplinary Research Hub

An Efficient Windows Cardspace identity Management Technique in Cloud Computing

With the use of keyword driven framework, we can automate the following test scenarios for Gmail as under :-

INTERNET SAFETY: VIRUS: a computer program that can copy itself and infect your computer. CAPTCHAS: type the letters to set up an online account

Multifactor Graphical Password Authentication System using Sound Signature and Handheld Device

What is the Cloud? Computer Basics Web Apps and the Cloud. Page 1

Integration of Sound Signature in 3D Password Authentication System

Setting up a Personal Account

Infocomm Sec rity is incomplete without U Be aware,

You can learn more about Stick around by visiting stickaround.info and by finding Stick Around on social media.

Enhancing Security by CAPTCHA based Image Grid Master Password

CYBER SECURITY. II. SCANDALOUS HACKINGS To show the seriousness of hacking we have included some very scandalous hacking incidences.

International Journal of Software and Web Sciences (IJSWS)

Cyber Security. Maintaining Your Identity on the Net

BULLGUARD SPAMFILTER

Scams and Schemes. objectives. Essential Question: What is identity theft, and how can you protect yourself from it? Learning Overview and Objectives

Application Security Testing. Generic Test Strategy

Security Information Management System

A Low-cost Attack on a Microsoft CAPTCHA

MySpam filtering service Protection against spam, viruses and phishing attacks

Hosted VoIP Phone System. Admin Portal User Guide for. Enterprise Administrators

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data

Challenges in Android Application Development: A Case Study

The data which you put into our systems is yours, and we believe it should stay that way. We think that means three key things.

Welcome. 4 Common Security Best Practices. to the. Online Training Course

BE SAFE ONLINE: Lesson Plan

NEWSLETTERS FOR LEAD NURTURING LEADFORMIX BEST PRACTICES

INTERNET & COMPUTER SECURITY March 20, Scoville Library. ccayne@biblio.org

Setting up your first website

Getting Started With the APTA Learning Center. for PT CPI Course Participants. A Basic Overview

Cognos 10 Getting Started with Internet Explorer and Windows 7

The internet has opened up a virtual world to children that offers them amazing ways to learn, play and communicate.

Fig. 1 A model of cloud computing

Basics Webmail versus Internet Mail

Page 1 Basic Computer Skills Series: The Internet and the World Wide Web GOALS

About the Adventist Colleges Abroad Online Application Process

ERA6 OBJECTIVE QUSESTION

Computer Security Self-Test: Questions & Scenarios

Computer and Information Security End User Questionnaire

Marketing Features

How Poll Everywhere Works. You ask a question. Poll Everywhere - Simple SMS Voting. Pricing Take a Tour Help & FAQ.

For assistance with your computer, software or router we have supplied the following information: Tech Support , press 1

An Approach to Give First Rank for Website and Webpage Through SEO

OCR LEVEL 3 CAMBRIDGE TECHNICAL

Hybrid Approach to Search Engine Optimization (SEO) Techniques

Start to Finish: Set up a New Account or Use Your Own

How to Identify Phishing s

Voluntary Product Accessibility Template

CSC384 Intro to Artificial Intelligence

Recognizing Spam. IT Computer Technical Support Newsletter

Marketing Features

Network Traffic Monitoring With Attacks and Intrusion Detection System

Keyword: Cloud computing, service model, deployment model, network layer security.

Threshold Based Kernel Level HTTP Filter (TBHF) for DDoS Mitigation

Kentico CMS security facts

Web Forms for Marketers 2.3 for Sitecore CMS 6.5 and

How to register and use our Chat System

Setting up an Apple ID

Website Accessibility Under Title II of the ADA

Cyber Security Using Arabic CAPTCHA Scheme

SECUDROID - A Secured Authentication in Android Phones Using 3D Password

U.S. Bank Secure Quick Start Guide

APPLICATION OF CLOUD COMPUTING IN ACADEMIC INSTITUTION

A puzzle based authentication method with server monitoring

STOP. THINK. CONNECT. Online Safety Quiz

Vishal Kolhe, Vipul Gunjal, Sayali Kalasakar, Pranjal Rathod Department of Computer Engineering, Amrutvahini Collage of Engineering, Sangamner

How to stay safe online

Class Outline. Part 1 - Introduction Explaining Parts of an address Types of services Acquiring an account

Internet basics 2.3 Protecting your computer

Marketing Features

SECURING CLOUD DATA COMMUNICATION USING AUTHENTICATION TECHNIQUE

[Ramit Solutions] SEO SMO- SEM - PPC. [Internet / Online Marketing Concepts] SEO Training Concepts SEO TEAM Ramit Solutions

To learn more about social networking, see the handout titled Know Social Networking.

Search Engine Optimization for Higher Education. An Ingeniux Whitepaper

BUILDING WEB JOURNAL DIRECTORY AND ITS ARTICLES WITH DRUPAL

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

SmallBiz Dynamic Theme User Guide

Securing Your Business s Bank Account

CONTENTM WEBSITE MANAGEMENT SYSTEM. Getting Started Guide

Trusteer Rapport. User Guide. Version April 2014

An Electronic Journal Management System

Marketing Glossary of Terms

Software Requirements Specification

Transcription:

79 Comparative Analysis of Based Techniques : A Review Jaswinderkaur Department of Computer Engineering Punjabi University, Patiala jaswinderkaur.jassi.jassi@gmail.com Lal Chand Panwar Department of Computer Engineering Punjabi University, Patiala lc_panwar@yahoo.com Abstract:(Completely Automatic Public Turing test to tell Computers and Humans Apart ) is used by every website on the internet to prevent unauthorized user or bots to use the bandwidth and resources of the network. At the present time every user has to register on the website to access any type of information or resources so he/she has to pass the test. If the user has passed the test he/she is assumed to be legitimate user and can access resources or information from that site otherwise he/she is attacker or bots. So due to more attack on the web sites is used to prevent these attacks. This is more popular technique used in present scenario. This paper focus on the scope of,various types of and its techniques. Keywords:, Time variant, Text based, Gimpy,Bongo, MSN,i, color based. I.INTRODUCTION stands for Completely Automatic Public Turing test to tell Computers and Humans Apart. It is simple test which is solved by human easily but it is difficult for Bots that are automated scripts. has been broadly used in commercial websites such as web-based email providers, yahoo, Gmail, and Facebook etc. to protect their resources or bandwidth from attackers [1]. is developed in 2000 by luis von Ahn, Manuel Blum, Nicholas J.Hopper and Jhon Langford. s are puzzles based technique used to determine whether a user is human or not. In other words a is a program that can generate tests that most humans can pass but computer programs cannot pass. Main motive of is to block form submission, comment spamming, email spamming etc from the bots. s should have three basic properties: a) Easy for humans to pass. b) Easy for a tester machine to generate and grade. c) Hard for a software programs to pass. [1][2] II. TYPES OF s A. Text s: Text s are very simple. Thissimplest approach is to ask the user with some questions which only a human user can solve. Examples of such questions are: What are two multiply three? What is the third letter in college? Which of Red, Monday and Mohan is a color? There are other types Of Text as: 1. Gimpy: Gimpy is very reliable and secure. In this ten random words from the dictionary are fetched, display these words in overlap and distorted manner. Then Gimpy ask the user to enter at least three words from those ten words. The human user can do so but computer bots can t. Gimpy is developed by CMU collaboration with

80 yahoo for their Messenger Services.[5]Example as shown in fig.1 Fig1. Gimpy Image[11] 2 Ez Gimpy:Ez-Gimpy is simplified version of Gimpy. In this, a single dictionary word is taken then make it distorted, noisy and present to the user. Then ask the user to identified the word correctly. This is adopted by yahoo in their signup page. As Show in Fig.2 Fig. 2.Ez-Gimpy[11] 3. Baffle Text:Baffled text is simple type of. To create the baffle text, the random alphabets are chosen to create nonsense word. Then make it distorted and ask the user to guess the word and enter in textbox. Baffled text don t use dictionary word so it overcome the drawback of Gimpy i.e. dictionary attacks.in Baffled Text it is assumed that humans are very good to fill the missing portions of an image as shown in Fig. 3 while computers are not.[9][10] 4. MSN :MSN is also known as Passport service. It is used by the Microsoft. This contain eight upper case characters and digits that are dark blue in color and background in grey. Wrapping is used to distort the characters and for ripple effect., which makes computer recognition very difficult.[9][10] Fig4. MSN [11] B. Audio-based s Audio based is mainly developed for visually disabled people. In the Audio based distorted sound clip, sequence of number or word at random and renders the word or the numbers into a downloadable sound clip and distorts the sound clip using TTS software is used. Then this audio is presented to the user and asks users to enter its contents. User listens & enters the spoken word. It helps visually disabled users.fig.5 shownbelow is the Google s audio enabled Fig5. Audio-based [11] Fig 3. Baffle Text[11] C. Video-based s:in The Video,animation or video are used. In which a user must provide three words that describes a video. Then the user has to see the video and guess the words. This

81 approach may provide greater security and better usability than text-based and image-based s..[9][10] Fig6. Video-based s[11] D. GRAPHIC-Based s Bongo: BONGO asks the user to solve a visual pattern recognition problem. It displays two series of blocks, the leftand the right.these two sets are different because everything on the left is drawn with thick lines and those on the right are in thin lines. After seeing the two blocks,the user is presented with a single block and asked todetermine to which group the block belongs to.the user passes the test if he determines correctly to which set the blocks belong to.[9][10] using a, only humans can enter comments on the blogs. 2. Protecting Website Registration: A few years ago companies such as Yahoo, Microsoft etc. that offers free email services suffered from bots attacksthat consume the bandwidth of network. So is used to protect them. 3. Preventing Unauthorized Access: To prevent a hacker who tries to crack a password using Brute force method or any other password cracking method. method is used. 4. Worms and Spam: provides a solution against worms and spam i.e., it receives mail only if it is sure that there is human behind it not the computer bots. 5. Online Games: It is the another application of where it is preventing web Robots from playing games 6. Phishing Attack: Phishing is attempting to get information such as bank details, usernames, passwords, and credit card details by masquerading as a trustworthy entity. prevent these attacks.[9][10] IV. Techniques on Fig 7. Bongo[11] III. APPLICATIONS 1. Preventing Comment Spam in Blogs: Most bloggers submit fake comments, usually for the purpose of raising search engine ranks of their website. This is called comment spam. By 1. Hybrid collage Hybrid collage is a method in which there are different types of image along with distorted text on the right hand side of the screen. There is one image among these images on the left hand side of screen. Now the computer program ask the user to choose the correct picture with correct text name, then user is asked to enter the text name on that image in provided text box[1] As shown in figure 8.

82 character buttons is displayed, the user must click on the button corresponding to the first character in the image. Upon each click, a new set of buttons is rendered. This input sequence continues until one click has been performed for each character of the image.[4] As shown in fig.10 2. Hybrid In this technique both picture and text with multiple fonts are used to build secure. There is an Image on screen and many text are labeled on it with multiple fonts. The user is asked to identify the correct name of the underlying image among the text label that are scattered over it.[7]. As shown in fig.9 Fig. 10i[4] 4. Time Variant This is a technique in which is rendered over the webpage for a fixed time period. After this time period new image will display until the final is filled by user.[3] As shown in fig.11a and 11b Fig.9 Hybrid 3. i Interactive technology defends the 3 rd party human attacks. In this technique the user has to solve the test while interacting multiple times with this test. In this the time difference between legitimate user and attacker is find which is used for better attack Detection. In i there is a normal image that is randomly generated and when user clicks on the imageto begin i, several buttons with obfuscated characters appear below the image. Once the set of Fig.11.a when form loaded[3] Fig.11.b changed after 20 sec[3]

83 5. Advanced Color based Image This is new technique in which color based imagesare provided to the human user and ask different question like color of the image, number of color in the image etc. These color based images can have single color, multi-color, or number of object with different colors.this is very easy and secure technique. An accuracy of 100%, 95% and 90% is observed with single color, multi color and color image based s respectively. [8] Fig.12 b Multi color [8] V. Advantages of Distinguishes between a human and a machine. Makes online polls more legitimate. Reduces spam and viruses. Makes online shopping safer. Diminishes abuse of free email account service VI. Disadvantages of Various techniques Fig.12a Color based image [8] Sometimes very difficult to read. These are not compatible with users with disabilities Time-consuming to decipher. Technical difficulties with certain internet browsers. Tabel I. Comparison of Techniques Usability Techniques Security Easy or Difficult to use Usable for visual impaired person Easy for motor skilled persons i Good Easy NO Easy Hybrid Good Easy NO Easy

84 Time-variant Good Easy NO Easy Hybrid Collage Good Easy NO Easy Color Based Image Good Easy NO Average CONCULISION is a method to block form submission, comment spamming, email spamming etc from the botsthat are automated scripts..this paper describes the various types of and techniques. It is simple and easy method which is used by most of the web sites but has many problems. Researchers are trying to mitigate these problems by building a best technique to defend application layer attacks. REFERENCES 1. DivyaShanker, Prashant Gupta, Aditya Jaiswa Hybrid Collagecaptcha international journal of scientific & engineering research, volume 4, issue 1, january-2013 issn 2229-5518 2. Er. VivekKumar ander. PremShankerYadava Position Based : Changing Place Restriction Minimize the Automatic Access International Journal of Advanced Research in Computer Science and Software Engineering 3. PremShankerYadava, Chandra Prakash Sahu, Sanjeev Kumar Time-Variant Captcha: Generating Strong Captcha Security by ReducingTime to Automated Computer Programs Journal of Emerging Trends in Computing and Information Sciences VOL. 2, NO. 12, December 2011 4. Huy D. Truong, Christopher F. Turner, Cliff C. Zou i: The Next Generation of Designed to Defend Against 3rd Party Human Attacks This full text paper was peer reviewed at the direction of IEEE Communications Society subject matter experts for publication in the IEEE ICC 2011 proceedings 5. School of Computer Science. (2009, Dec.). Gimpy. Carnegie Mellon.[Online]. Available: http://www.captcha.net/captchas/gimpy/ 6. Moin Mahmud Tanvee, Mir TafseerNayeem, Md. MahmudulHasanRafee Move & Select: 2-Layer International Journal of Video & Image Processing and Network Security IJVIPNS-IJENS Vol: 11 No: 05 7. Shouket Ahmad Kouchay, Abdullah Aljumah,Yasir Ahmad SECURED ARCHITECTURE STRATEGY FOR FIGHTING AGAINST BOTS GESJ: Computer Science and Telecommunications 2013 No.4(40)

85 8. Mandeep Kumar, RenuDhir Design and Comparison of Advanced Color based Image s International Journal of Computer Applications (0975 8887) Volume 61 No.15, January 2013 9. Kiranjot Kaur, Sunny Behal Captcha and Its Techniques: A Review Kiranjot Kaur et al, / (IJCSIT) International Journal of Computer Science and Information Technologies, Vol. 5 (5), 2014, 6341-6344 10. Kumary R Soumya1, Rose Mary Abraham2, Swathi K V3 A Survey on Different Techniques International Journal of Advances in Computer Science and Technology Volume 3, No.2, February 2014 11. Various images https://www.google.co.in/?gfe_rd=cr&ei =B65kVJvjE4vC8geu64CwCw&gws_rd= ssl#q=captcha+images

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information