国产精品99一区二区三_免费中文日韩_国产在线精品一区二区_日本成人手机在线

AI can easily break text CAPTCHA: new research

Source: Xinhua| 2018-12-24 09:51:08|Editor: mmm
Video PlayerClose

XI'AN, Dec. 24 (Xinhua) -- A new study suggested that text-based CAPTCHAs, one of the most widely used website security mechanisms, are no longer safe when facing smarter artificial intelligence.

Text-based CAPTCHA uses a jumble of distorted or blurred letters, characters and numbers to distinguish humans from computer programs, to block the latter from accessing polls and auctions disguised as a human user. This reverse Turing test builds on the belief that people are more adept at recognizing these symbols than machines.

But researchers from China's Northwest University, Peking University, and Lancaster University in Britain said they developed a new algorithm, based on machine learning, that can break most text-based CAPTCHAs within 0.05 seconds.

The research was published in a paper presented at the ACM Conference on Computer and Communications Security (CCS) 2018 in Toronto. It described the algorithm as "generic, low-effort yet effective" compared with previous attacks on CAPTCHAs that could be laborious and scheme-specific.

Fang Dingyi, co-author of the paper at Northwest University, said the program had been tested on CAPTCHA schemes used by 50 popular websites including those operated by Google, Wikipedia, Microsoft, Baidu, Alibaba, and Tencent.

Overall, the program had a success rate of over 50 percent of decoding CAPTCHAs on most websites within 0.05 seconds. Its success rate of decoding certain Google CAPTCHAs, considered to be the most difficult, stood at 3 percent.

"It is widely believed that a CAPTCHA scheme is ineffective if the decoding rate is above 1 percent," said Tang Zhanyong, co-author of the paper at Northwest University.

The AI tool draws on a technique known as the "generative adversarial network," or GAN. It teaches a CAPTCHA generator program to produce large numbers of training CAPTCHAs, which are then used to train a solver to break real CAPTCHAs.

"This research suggests one can easily launch an attack on a new CAPTCHA scheme using AI. It means that this first defense of many websites is no longer reliable," said Fang.

The researchers advised website owners to consider deploying alternative multiple-layer security mechanisms. Fang said his team is looking at ways to develop a more reliable CAPTCHA system.

"We want to offer an alternative to the current text-based CAPTCHA scheme. The alternative should improve its security without compromising the user experience," Fang said.

TOP STORIES
EDITOR’S CHOICE
MOST VIEWED
EXPLORE XINHUANET
010020070750000000000000011100001376950661
主站蜘蛛池模板: 紫阳县| 衡山县| 阿坝县| 光山县| 昭通市| 乌兰县| 开江县| 太湖县| 定日县| 开封县| 稻城县| 九江县| 白河县| 滦南县| 台州市| 洪湖市| 彰武县| 新野县| 什邡市| 金塔县| 昌平区| 云和县| 正宁县| 崇信县| 施甸县| 安丘市| 金山区| 陵川县| 英吉沙县| 伽师县| 凤冈县| 临猗县| 五指山市| 兴山县| 晋宁县| 福鼎市| 西和县| 东乌珠穆沁旗| 深州市| 天长市| 乐平市|